    Default Split isolated guest network clients by user?

    I'm setting up the following network in a small hotel...

    DSL modem
    -> untangle (bridge)
    -> switch
    -> office computers, printers, etc
    -> Ubiquiti unifi access points

    The AP are set up with two SSID, one for internal usage, and one for guest usage.

    My desire is to have each guest room log in with a different userid/password for each room so that I can monitor and limit data usage per room. However, if the unifi AP provides guest isolation, the untangle box only sees the NAT'd connections from the AP itself.

    How do I set this up?

    Unifi allows you to tag a SSid with a VLAN. Do that, and then have Untangle direct that VLAN to a different rack or something, based on capture rules.

    How many rooms with unique user/password you need to manage?
    One option is captive portal, other can be assign a specific ip address subrange to guest.
