Sorry i know this seems like a dupe post, but I can't see another post that exactly matches what I want to do.
I want to make a separate wifi guest network. It'll have access to the internet and maybe a printer or two, but not the rest of our LAN.
I have a Kerio Control appliance box 1110.
So the box has 4 ports. Two of the ports go upstream to a pair of DSL connections, setup with the Kerio handling load balancing between the two. The third port is the trusted local 'lan' port and it's connected to our switches. Into the switch, an Airport Extreme operating in bridging mode provides wifi for the building.
What I want to do is take the 4th (remaining) port on the kerio and connect it up to another Airport Extreme and use it to provide the guest network.
Is this the right/best approach? How exactly would i configure the kerio?
You shoud connect the Airport extreme to the 4th port and set it as "Other" type in the network interfaces. Then create a Trafic rule that the "Airport network" as source does NAT to the internet interfaces that you want (Destination Internet interfaces and Outgoing NAT). That way they will have internet but be separated to the Trusted Network.
You can also create a rule to allow traffic to the specific IP addresses of the printers in the LAN. (no NAT in that rule, only source with the "Other" network and destintation the IP addresses of the printes.
Remember to set up either the DHCP of Control or the airport.
Kerio Prefered Partner
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of