I have a case where I need to setup two RAP3-WNs to work with (unsupported) 3G/4G modems, send them to world and have them connect to 650 Controller with VPN. I was thinking that I'd like to these work in IAP mode in case VPN cannot be established or somebody needs to tweak the modem settings locally. I'm new to IAP's and looking advices for VPN configuration. What I've done so far:
- Setup IAP WLAN to have Virtual Controller assigned IP's
- Configured VPN and whitelisted AP from controller. VPN status is UP
From Controller I can ping IP address of remote IAP, so I think VPN is OK. And I'm testing this now over wired internet, usb modem is not configured yet. I want to get VPN working before moving to USB.
The thing I cannot figure out, how do I configure IAP clients have their own subnet behind IAP NAT, where I make split tunnel to corporate network? I tried use the default network which IAP makes and make route in VPN settings but traffic to that network is not routed to VPN tunnel at all.