I’ve been happily running my Apple Airport Extreme as m home router for the past few years (since my debian router died, and I’ve been too lazy to replace it). One of the cool features was the ability to create a guest network (SSID) to access the internet without being able to access your trusted network. One feature I wanted was the ability to throttle the speed guests can access the internet at. While I couldn’t do this with the Airport Extreme alone, Add a Juniper SRX100 into the mix that the awesome Cooper Lees gave me into the mix and problem solved.
In not so many words, performing these actions will do a number of things. The gig ethernet switch on the back of the airport will be bridged with the WAN port. Any traffic from your normal SSID(s) and switchports will be sent out the WAN port untagged. Traffic from your guest network will be sent .1q tagged with vlan 1003.
I popped this into fe-0/0/1 on my SRX100 and the following config works the magic.
And there you have it! A really simple way of limiting the bandwidth of guest users on your network using the power of Junos with an Airport Extreme!