Ok, here's my networking nightmare scenario: We have two offices owned by the same company on different floors in the same building (we'll call them upstairs and downstairs). The upstairs office is just administrative, while the downstairs office sees public visitors who might want to use their own wifi devices. As a result, the set-up that we'd like is for there to be two separate wireless networks - wireless network A which is available both upstairs and downstairs to staff (with a wifi WPA password) that allows them to access internal network resources, such as network shares, printers, etc. - and wireless network B (basically a guest network) which is definitely available downstairs (and possibly upstairs, but not absolutely necessary), has no password, and is isolated so that it can't access anything on the LAN or wireless network A but can still access the Internet.
The current set-up right now is that the ISP (cable modem) comes in upstairs, then connects to a Netgear N900 WNDR4500 wireless router (which is running stock firmware right now but is capable of running DD-WRT I believe), and then connects outward from there to the following:
- W2K8 R2 Server
- numerous desktop devices via a switch and patch panel in the upstairs office
- some desktop devices via a switch and patch panel in the downstairs office
- a Netgear N750 WNDR4300 wireless router (acting as an access point only) in the downstairs office (which is also running stock firmware, but is also capable of running DD-WRT I believe).
Now, some add'l caveats:
- It'd be nice if we could allow the W2K8 R2 server to do DNS and DHCP, but is not absolutely necessary if we have to allow the N900 device to do DHCP.
- When using the stock firmware wireless AP isolation mode on the Netgear devices, it seems that you have to let them be the DHCP server, since if you let the W2K8 R2 server be the DHCP server, those connecting to wireless network B (and being isolated from the rest of the network) wouldn't be able to see the server to get an IP address.
- Right now, the upstairs N900 is providing DHCP, which means that I'm able to enable the wireless AP isolation mode for wireless network B upstairs and split the wireless networks how I want there, but I believe if I then try to enable wireless AP isolation mode on the downstairs N750, the wireless network B (guest) network doesn't get an IP address, since I guess it would only work if the N750 was the DHCP server.
- I suppose I could set it up so that the N750 provides DHCP for the entire network (including both wireless networks), enable wireless AP isolation on the N750 so that I can get the wireless network B to work downstairs, and just go with that - but not sure if there were any better solutions out there?
So, if anyone can offer some help, guidance, or add'l things to try, it'd be greatly appreciated!! We'd be open to getting other devices if necessary as long as we don't have to spend that much money. One thing I was trying to look at maybe getting to work was using DD-WRT on one or both devices in conjunction with something like this: http://www.dd-wrt.com/wiki/index.php/Multiple_WLANs. Using that guide I have multiple WLAN's on my home DD-WRT device that work great (although still trying to figure out how to allow printing through from one WLAN to another), but the guide doesn't really cover how to make it work on multiple devices.