Hi guys, quick question for you, i have this config (below), so i have a GRE l2 tunnel to a dmz controller, now when the users connect to the guest ssid they will go to vlan 888 and the traffic will go to the tunnel, they will fall into the "Guest" role ..... here is my question, if i apply access-list guest-control to the Guest role everything below access-list session guest-control won't matter right, because when they hit the access-list session guest-control all the traffic will be redirected to the DMZ controller and fall into whatever the wired profile is in there right?
user-role Guest
captive-portal "default"
access-list session global-sacl
access-list session apprf-Guest-PreAuth-sacl
access-list session ra-guard
access-list session guest-control
access-list session logon-control
access-list session captiveportal
!
guest-control
-------------
Priority Source Destination Service Application Action TimeRange Log Expired Queue TOS 8021P Blacklist Mirror DisScan ClassifyMedia IPv4/6 Contract
-------- ------ ----------- ------- ----------- ------ --------- --- ------- ----- --- ----- --------- ------ ------- ------------- ------ --------
1 any any any redirect tunnel 101 Low 4
interface tunnel 101
description "Tunnel Interface To DMZ"
tunnel mode gre 0
tunnel source 1.1.1.1
tunnel destination 3.3.3.3
trusted
mtu 1400
tunnel vlan 888
!