We are trying to use a 3Com wireless router in one of our training rooms to allow public internet access when in that room. We have jacked it into a port in a Cisco Catalyst 3500XL, which is jacked directly into our Cisco Catalyst 4507R. We have 6 vlans in the 4507 switch. I had hoped to create a 7th vlan and give the users on the new vlan internet only access. So far, I've done everything but that. I created a vlan 700 on both switches and assigned the interface on the port in the 3500 to that vlan. I'm not sure what to do on the 4507 though. The firewall that the users need to go through to get to the internet is on the same vlan that I'm trying to avoid access to for vlan 700.
What I want to do is this:
Wireless router & dhcp addresses on 192.168.100.0 network = internet only access All other networks: 172.16.0.0, 192.168.30,40,50,60 = all access except 192.168.100.0
I think I need to create a few acl's, but nothing I've tried so far has worked.