We are currently attempting to deploy a wireless guest network that is segregated from our internal network. We are using a Cisco 4404 wlan controller w/ 1142n wireless access points broadcasting a guest wlan on a separate vlan/subnet from all other wireless and wired traffic. When connected to it, I am able to access the Internet, as well as anything on our internal network. The WAPs connect to 3560 and 3750 POE switches which are trunked to our core switch, a Cisco 6509.
There is a route in our core switch that states:
ip route 0.0.0.0 0.0.0.0 10.0.0.1 (10.0.0.1 being the lan interface on our firewall)
and I think it might be the problem? Either that our a setting in our hardware firewall.
Is there a way to segregate this traffic via routing in the 6509? Perhaps with an ACL or a specific route? Any ideas would help. Thanks!