To allow for the MES WIFI to be on its own network I created VLAN 241 (Marina-WIFI) and allowed over the trunk. I also added vlan 35 so that the clients could get TOF-Guest IP's in the 192.168.32.0/22 range and be routed directly to the Sonicwall. The DHCP scope is setup on the Sonicwall for all TOF guest clients. VLAN 241 (Marina-WIFI) was setup on the TH switches. The SSID "TOF-Marina" is hardcoded for VLAN 35 so clients are forced to route over the TOF Guest LAN. The only network setup on the MES network is TOF-Marina. This network is password protected and bandwidth restricted to 25MB. This can be adjusted if there are complaints when the boats come back in summer.
Update: I hardcoded IP address to each AP as follows: 172.16.41.50-172.16.41.53
