Sorry if this sounds a bit silly but I am playing around with creating some VLANs on a switch and using a trunk port to connect to our SSG5-Serial-WLAN and I understand that the concept is as follows:
1. Create a layer 3 zone for each VLAN
2. Find an empty, unused, physical port that has no IP or Zone assigned to it
3.Create a sub-interface using one of the layer 3 zones created for the VLANs, assign it to the physical port, and assign the VLAN Tag as well as an IP/Netmask
4. Repeat for each VLAN and assign each sub-interface a different zone
5. Configure policies and routes accordingly
Please correct if these steps are wrong or missing something. Aside from that, my question is, is there any way to include the built in wireless to be part of one of these VLANs. I suppose that the tagging happens at the switch so I'm not sure how the Juniper could interject with the tagging on its own wireless. I'm just wondering if there is a way to have one of the built-in wireless interfaces to be on the same subnet as one of the VLANs. Is the only way out of this to connect a WAP to the switch doing the tagging? I also noticed that I am able to make a sub-interface on a bgroup but I have no idea what that can be used for. Sorry if this sounds confusing. Let me know if anything needs more clarity and thank you in advance for your time!