Question : Problem: Cisco 1100G multiple VLAN's

I have recently been asked my management of the company I work for to setup customer internet access in our showroom, since I do not have any free hardware I was hoping to be able to use a Cisco 1100G we have deployed with a second SSID.

I have run into problems setting up VLAN's as the Cisco 870 router already has a VLAN on our work subnet (172.16.1.0) and since employees still need to use it and access resources on that network I can't see how I can do that without a gateway in between the AP and my other servers.

My plan (sans the VLANs)

Customer laptop -> Cisco 1100G (SSID: customer-ap) -> Cisco Catalyst 2950 -> Cisco 870
Employees -> Cisco 1100G (SSID: glg-ap) -> Cisco Catalyst 2950 -> Work servers / Cisco 870

I'll admit I haven't had a lot of experience with the VLAN's so I might be looking at things the wrong way but I have endeavored to research the subject on Cisco's site and done a fair bit of googling.

I'm currently considering either a separate physical AP or re purposing the 1100G as it doesn't see a large amount of use at the moment but I would rather do the above if possible.

Any suggestions as to how I could segment the traffic from each SSID would be appreciated as that's my ultimate goal.

Answer : Problem: Cisco 1100G multiple VLAN's

No.

Since you have a router in the mix all VLANs can communicate with each other by default. So if you want to regulate traffic between VLANs then you will need to apply ACLs to block what traffic you dont want to pass.

This will only block traffic from VLAN3 (your customer wireless) from accessing any other VLAN (corporate VLANs). All other traffic on your corporate network and VLANs will pass normally.

Make sense?