12-22-2011 11:11 AM - edited 12-22-2011 11:16 AM
Bridge mode is specifically when you want the subnets local to the Access point to determine client traffic flow, specifically. Split-tunneling is when you want the access point to determine what is tunneled, as opposed to what gets sent out locally. In Bridge mode, the local subnet determines that flow, entirely.
The stragegy is that split-tunneled mode is used to connect clients where a private WAN does not exist, because the ipsec connectivity is required for clients to reach the headend. Bridge is used where there is a private WAN, just to get the clients on the wired network at that location.
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.