AC Mini, using two SSIDs, one without VLAN, one with VLAN 15. First VLAN is for in-house use, second is for guest network. Firewall is successfully using VLAN 15 for the guest network with another brand of access points. We know the firewall setup is correct. All traffic tagged with VLAN 15 will reach the correct subinterface on the firewall. DHCP clients work fine over the other brand access points to the DHCP pool associated with VLAN 15.
With the AC Mini we are testing, the first SSID works fine (the one not using VLAN tagging) while the one with tagging does not. The DHCP packets from a client connected to the second SSID do not reach the firewall.
The wireless security is WPA2-PSK. There is no access control per client or user involved. The SSID is supposed to just map to a VLAN.
Please, before blaming the firewall or otherwise telling me my network might be the fault, just don’t. As stated above, we have successfully set this up with another access point that handles VLAN tagging based on SSID. The issue here must be a misunderstanding on my part on how to map an SSID to a VLAN such that the packets received on that SSID are tagged with the VLAN ID I’ve specified (15) and that packets from the Ethernet with VLAN ID 15 are able to go out over the air on that SSID.