How do I create a public wifi network that is separate from our corporate network while using the same internet connection?
I would like to provide wireless internet access for our public visitors in the near future but I'm having a bit of trouble figuring out how to separate the public wifi from the corporate network. My problem: I would like to run both networks through the same internet connection.
My current network setup is a cable internet connection going into a router running Endian UTM
(a linux based firewall/anti-virus/spam filter distribution). Workstations and our wireless routers (linksys WRT54Gs running DD-WRT
) connecting to our main router through unmanaged switches.
If I separate the traffic at the wireless router then I still have a security risk by allowing public wifi traffic to flow over the corporate network. If I try to separate the traffic physically then I'll need to do a whole bunch more wiring and add a second router and switch to my network.
From what I understand the best way forward on this front is to have separate wireless routers for the public and private wireless networks and then segregate these devices via VLANs on the Endian device. If I go this route then I believe I would need to purchase managed switches for the network rather than use the unmanaged ones I have right now. Is that correct?
Is there any better way to do this?