<div dir="auto">Hand out IPs to known stuff on lan1 (static dhcp after wireless authentication) and guests on lan2. <a href="http://192.168.2.0/24">192.168.2.0/24</a> for guest and <a href="http://10.10.15.0/24">10.10.15.0/24</a> for lan1. Gateway box can have dual lan Nics or a vip on a single nic. Lan2 only goes to interwebs via NAT. Lan1 devices block lan2 IPs (and everything else from new connection).</div><div class="gmail_extra"><br><div class="gmail_quote">On Jan 2, 2017 7:39 PM, "Robert L. Harris" <<a href="mailto:robert.l.harris@gmail.com">robert.l.harris@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><br><div> One of the things I want to do is create 2 wifi lans using my Meraki. It'll create a guest lan based on vlans. It should be able to handle multiple subnets, I'll just have to look into that instead. I want to make sure someone on the guest lan can't get to my file server which is on a common switch though.</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Jan 2, 2017 at 5:07 PM Jim Kinney <<a href="mailto:jkinney@jimkinney.us" target="_blank">jkinney@jimkinney.us</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="m_-3969508865471308420gmail_msg">Many home switches don't understand vlan tagging. To get actual partitioning of the network with vlan tagging, you need to use addressable switches so certain ports are allowed certain vlans while others are not.<br class="m_-3969508865471308420gmail_msg">
<br class="m_-3969508865471308420gmail_msg">
Use different IP networks and control the gateway. It's the same thing in the end and costs less.</div><div class="m_-3969508865471308420gmail_msg"><br class="m_-3969508865471308420gmail_msg"><br class="m_-3969508865471308420gmail_msg"><div class="gmail_quote m_-3969508865471308420gmail_msg">On January 2, 2017 6:55:33 PM EST, "Robert L. Harris" <<a href="mailto:robert.l.harris@gmail.com" class="m_-3969508865471308420gmail_msg" target="_blank">robert.l.harris@gmail.com</a>> wrote:<blockquote class="gmail_quote m_-3969508865471308420gmail_msg" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr" class="m_-3969508865471308420gmail_msg"><br class="m_-3969508865471308420gmail_msg"><div class="m_-3969508865471308420gmail_msg"> Anyone actually converted an existing "home" network to a VLAN'd network? I want to segment some traffic which crosses common dumb switches and think that the best way might be to use vlan tagging on my Linux firewall to break out the devices I don't want touching my default network.</div><div class="m_-3969508865471308420gmail_msg"><br class="m_-3969508865471308420gmail_msg"></div><div class="m_-3969508865471308420gmail_msg">-R<br class="m_-3969508865471308420gmail_msg"><br class="m_-3969508865471308420gmail_msg"></div></div>
</blockquote></div><br class="m_-3969508865471308420gmail_msg"></div><div class="m_-3969508865471308420gmail_msg">
-- <br class="m_-3969508865471308420gmail_msg">
Sent from my Android device with K-9 Mail. Please excuse my brevity.</div>______________________________<wbr>_________________<br class="m_-3969508865471308420gmail_msg">
Ale mailing list<br class="m_-3969508865471308420gmail_msg">
<a href="mailto:Ale@ale.org" class="m_-3969508865471308420gmail_msg" target="_blank">Ale@ale.org</a><br class="m_-3969508865471308420gmail_msg">
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" class="m_-3969508865471308420gmail_msg" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo/ale</a><br class="m_-3969508865471308420gmail_msg">
See JOBS, ANNOUNCE and SCHOOLS lists at<br class="m_-3969508865471308420gmail_msg">
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" class="m_-3969508865471308420gmail_msg" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo</a><br class="m_-3969508865471308420gmail_msg">
</blockquote></div>
<br>______________________________<wbr>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo</a><br>
<br></blockquote></div></div>