Device 1: Cisco E3000 in church office. Serves as router, gateway and DHCP server.
Device 2: Cisco E2500 in remote building connected via single fiber line with single fiber/copper converter.
Device 3: Same as Device 2 but in a third building, also connected to church office with single fiber line with single fiber/copper converter.
1. All LAN ports on all devices have full access to primary network (subnet 192.168.1.0/25)
2. Primary WAN users (secured) has have full access to primary network (subnet 192.168.1.0/25)
3. Secondary WAN (vWAN? With different subnet from primary network) set up for guest access to internet only. Must be isolated from primary subnet/network.
4. Regardless of where user first connects to either of the two WANs they are issued a valid IP address and can roam from one building to another without losing connection. The buildings are close enough this should work.
Using only two devices running DD-WRT I was able to partially achieve my goal. I was never able to restrict the vWAN traffic from accessing the main WAN/LAN. Roaming worked fine by using same SSID and password on the two devices I was testing with.
I'm VERY open to changing equipment as I currently only have one E2500 and one of the crappy versions of the WRT54G. I've been working with DD-WRT and, though I have very little experience with Tomato, I'm pretty sure I'm done with DD-WRT. I'll install whatever version you all recommend.
Please share your thoughts so that I can order the equipment and get this set up quickly for these folks.
Thanks a million!