You have a wireless system in place however you would like to separate a guest wireless network using your existing infrastructure and separate internet connection

Equipment :

• Router for Guest Internet E.g. Draytek 2820
• Layer 2 Managed Switch for the VLANing
• Netgear Wireless Controller E.G. Netgear WMS5316
• Access Points to Work with the Wireless Controller

These can be changed , but for example , lets say the following has been done:

• Draytek Plugs Into Port 5 on the Layer 2 Managed Switch
• Wireless Controller Plugs into Port 23 on the Managed Switch
• Access Points Plug into 6 – 8 on the Managed Switch

Configuration

• Create 2 VLANS on the Switch and Wireless Controller, Create 2 SSIDS and assign a VLAN ID to them e.g. VLAN 1 is the main company network and VLAN 2 is the Guest Network
• On the Managed Switch UNTAG ALL Ports for VLAN 1
• Tag Ports 6 – 8 ( Access Points ) and 23 ( Wireless Controller ) on VLAN 2 ( As these will need to access both VLAN for both wireless networks )
• Untag Port 5 VLAN Port for VLAN 2
• Set the PVID of port 5 to VLAN 2 ( Force VLAN 2 ONLY )
• Settings on the draytek can be left as default as long as it’s got a working internet connection and DHCP enabled

Tagged means that the vlan information is added to the frame before it is sent over a trunk link.

Access ports are typically untagged, meaning only one vlan passes via the interface.