1. the controller got his default gateway in vlan 1 (which is internal lan). vlan 2 is a single internet access with own router
2. the clients are wireless devices, but iphones etc. where i can't add any route etc. i do the
testing with a laptop, whe i add a route to use the controller as gateway it works
3. the clients in vlan2 should access 1 server in vlan 1
vlan1 got now route to vlan 2, therefore i need to nat at the wireless controller. i think i need some interception like the captiv portal does its redirect