Here is my situation:
My company would like to provide wireless access to customers who are visiting so they can use their laptops without jacking in to the wall. Our internal network is flat, so I want the wireless AP somehow seperated from the rest of the network. I'd also like to use a captive portal to prevent people gaining access from outside the building, as well as to serve up an AUP.
I use m0n0wall as a router at home, and I know it has captive portal capability so I'll probably go that route. My main question is how do I seperate the wireless router from the rest of the network? I tried pinging one of our servers from a computer connected to the wireless router and wasn't able to, so does that mean it's fine, or is there something more I should do? It almost seems too simple.