My client has a WAP321 Wireless N POE AP. It is connected to port g0/2 on an ESW-520-24 cisco switch. I have a Cisco 5505 firewall with an unlimited user base license. Is it possible to setup a guest network that is on a different subnet than my internal LAN. If so can someone please direct me to doing so.
I believe what you are describing is possible, although it will mostly come down to configuration on the ASA. I know you mentioned you have an unlimited users license, but do you also have trunking in your license? By default the 5505 only allows three VLANs, and they are used in a way that there isn't an extra one for you to use unless you have the Security Plus license (which raises your VLAN limit to 20).
You may be able to get around this by configuring the ESW to run in Layer 3 mode, and have it do all of the routing between the two VLANs, however there would still be quite a bit of config to be done on the ASA to get it to NAT and route for the VLANs behind it.
I can't really offer too much assistance on the ASA, since it isn't a Small Business device, so you may need to speak to TAC about setting that up. However we can help setup the ESW to handle multiple VLANs, but I would check on your ASA before we move forward with that.
As for the AP, it is capable of multiple SSIDs on different VLANs, and on the ESW you would configure a trunk port going to the AP to pass both VLANs to it, but again I'd advise against doing any of that until you find out how/if your ASA will be able to handle multiple VLANs.
Hope that helps point you in the right direction,
Christopher Ebert - Advanced Network Support Engineer
With the latest release of firmware for the WAP 561, 551, 371, 351 a new
feature was added that would allow customers to upgrade the firmware for
their clustered access points from the main access point.The basic steps
to accomplish this is:1) Download th...
Special thanks to Alex McDonald for sharing his favorite tip:My favorite
tip is the ‘write default’ command on autonomous wireless access points,
it simplifies manual conversion of a WAP with a static ip address to a
LAP with a DHCP address.This saved a l...