Device 1: Cisco E3000 in church office. Serves as router, gateway and DHCP server.
Device 2: Cisco E2500 in remote building connected via single fiber line with single fiber/copper converter.
Device 3: Same as Device 2 but in a third building, also connected to church office with single fiber line with single fiber/copper converter.
1. All LAN ports on all devices have full access to primary network (subnet 192.168.1.0/25)
2. Primary WAN users (secured) has have full access to primary network (subnet 192.168.1.0/25)
3. Secondary WAN (vLAN? With different subnet from primary network) set up for guest access to internet only. Must be isolated from primary subnet/network.
4. Regardless of where user first connects to either WAN they are issued a valid IP address and can roam from one building to another without losing connection. Buildings are close enough this should work.
Using only two devices I was able to partially achieve my goal. I successfully created two separate WANs using bridging and vLAN. I was never able to restrict the guest users from accessing the primary domain. Roaming worked fine by using same SSID and password on the two devices I was testing with.
I'm open to changing equipment (I currently only have one E2500 and one of the crappy versions of the WRT54G). I've been working with DD-WRT at this site and it's time to move to Tomato. I'll install whatever version you all recommend.
Please share your thoughts so that I can order the equipment and get this set up quickly.
Thanks a million!