I am trying to accomplish this: That is, I have an existing network connecting an office to a colo to the internet. I have a range of public IP addresses assigned to the public interface of a firewall. I am trying to set up a "public" wireless access network in our office that is completely seperate from our corporate network that we can use for consultants, iPhones, etc that cannot in any way access resources on our corporate network without using VPN. I envision adding a second loop to our existing network that lives on a seperate VLAN on our switch at the colo that would not have access to our existing VLAN network. I would somehow pass that VLAN traffic across the gigE link to a seperate VLAN on our office switch that would connect to the WAPs of the public network. Any idea how do do this? I cannot figure out how to send separate VLAN traffic over the L2 point-to-point link.