VLANs will not ensure security in your environment and are not used for security on a network. A VLAN will help you segment the switch to separate collision domains, but not with the equipment you have since you don’t have a router capable of understanding and routing VLAN ids. Look to use proxy servers and firewalls to create a security architecture based on your needs and secure the Wifi network as the last poster stated.

SF

I agree with astronomer and sonyfreek. VLANs are not the answer.

Instead – go to http://www.cisecurity.org and download the baseline security document for wireless security.

Bob

Thank you all for the reply.
I thougth VLAN would add another level of security to WLAN.

I do not disagree with the other posters.
that said VLAN’s can provide additional security if implemented properly. A VLAN for your wireless LAN coming to a second interface on a firewall, certainly helps to discourage casual netstumblers from becoming real criminals. even well implemented ACL’s on teh switches can do that. WLAN best practices indicate that a secured VLAN is an appropriate step for putting an additional layer of protection on your network.

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a008009478e.shtml
this is the link fo rthe cisco configuration examples for VLANs on their switches.

as long as the symbol can tag the packets by SSID for a specific VLAN you shoud be OK.
I would keep the access points themselves on a seperate management VLAN with the SSIDs you make available routing to other VLANs, this should also help keep the casual hacker from getting into the acess point and modifying its configuration.