I have 2 sites connected by an EAP215-Bridge pair.

                     SITE 1                                                                               SITE 2

ISP---ER7206--SG2008P ---- EAP215 = - - - - - - - - - - - - = EAP215 -- SG2008P----ER7206--ISP2

                               |    

                               |

                     EAP625-Outside

vlan      GW                          ER7206-1                           ER7206-2

  1     172.27.0.1                 172.27.0.2                            172.27.0.1

  2     192.168.0 1               192.168.0.1                          192.168.0.3

  3     192.168.1.1               192.168.1.2                          192.168.1.1

  5     172.29.0.1                 172.29.0.2                             172.29.0.1

vlan 1,2,3 access the internet   (1 & 3) go out ISP2     (2) goes out ISP1

Each VLAN only accesses the internet and other systems on the same vlan.

I am trying to setup a guest network vlan 5 can only access the DHCP server, the DNS server and the internet.

Would be going out ISP2 in the second second site.

I turn on "Guest network" in the WLAN config.  I still get DHCP working and a wired client on VLAN 5 can access the internet through ISP2

but a WiFi client cannot get to the internet.

Can I turn off "Guest network" and build an ACL that would allow this traffic.

Thank you for any assistance.