For the most part, what you have drawn out looks very feasible, with one big concern. The R201 is intended for a residential environment and is, therefore, not designed to handle 150 clients at one time. I would not use it in an environment where it is required to hand out more than about 40 IP addresses via DHCP. If you expect to have as many as 150 at one time, you will want to use a router designed for that kind of load. If you never expect to have more than about 40 devices need an IP address from the R201 at one time, it should be OK.
It is also wise to configure your network so that guests do not have access to the AP management interface, or to each other, limiting them only to the Internet.
I have attached three different documents that should help you out.
- The first covers my recommendations for base configuration settings, with explanations of why.
- The second covers Mesh configuration, and is a bit of a primer on mesh and how we implement it as well.
- The third covers setting up a Guest WLAN without having to also configure VLANs or tunneling. You can use VLANs or Tunneling to separate traffic, but this method simplifies that process somewhat using the ACL capability built into the cnPilot APs.
Since you are using Mesh, I recommend configuring 3 different AP Groups for the e-series APs.
- The first AP Group would cover the configuration for the e500 AP that is connected via the Force 180. It will not have mesh enabled on it.
- The second AP Group would cover the 2 e500 APs that are configured for mesh and will be acting as the base APs. These are the ones directly connected to the Cisco switch.
- The third AP Group would cover the 2 e500 APs that are configured for mesh and will be acting as client APs. These are the 2 that connect via mesh back to the core network.
I suggest configuring everying in the following order, assuming you have already created an account on cnMaestro.
1. If you choose to use the Guest Portal feature on cnMaestro, configure a Guest Portal first.
2. Create 3 different WLANs.
- The first WLAN will be the one that everyone uses to connect to the Internet, just as you have done already. Typically, you would leave security settings to OPEN with no encryption. This makes it easy for users to connect. However, you could set it to WPA2-PSK and then give people the passphrase so that they can connect.
- The second WLAN will be set as a Mesh WLAN and be defined for the Base APs.
- The third WLAN will be set as a Mesh WLAN and be defined for the Client APs. The SSID name and security settings must match that of the Base Mesh WLAN.
3. Create the 3 different AP Groups. Nearly all of the settings will be the same for all three with one difference. The easy way to do this is to create the first AP Group and then clone it twice, making the changes as listed below to the two new ones.
- One will only have the Guest WLAN associated with it.
- One will have the Guest WLAN and the Mesh Base WLAN associated with it.
- One will have the Guest WLAN and the Mesh Client WLAN associated with it.
4. Add the appropriate APs to each AP Group.
Based on the information you provided, it sounds like you don't need to make any changes to the Hotspot APs.
I hope this helps.