Wireless Access

We have a Master and 5 locals, each local is at a geographically disparate location.

The HQ has the Master and a local controller. All other locations have just a local controller.

Each location has an AP-group of its own.

We've set up a guest SSID and VLAN here at the HQ (in the HQ AP-group), and it's working as hoped/expected.

Now we want to extend the guest network to the remote offices. I can probably make it work by building a VLAN/routing network at each location and back-haul traffic using the LAN/WAN infrastructure, but it seems to make sense to use the Aruba overlay infrastructure to do this.

It seems to me that we could use IP Mobility to do this, but I'm not sure if I have an adequate grasp of its operation.

1. Enable IP Mobility everywhere

2. Create the guest domain and enable it everywhere as well

3. What now?

Will I have to create the SSID in each AP group?

It all made perfect sense until I started to set it up, now it seems fuzzy...

Am I on the right track?

I think what you need to do is to create a GRE tunnel between the local with the guest network enabled and the other locals, then have the guest SSID forward it's traffic into this tunnel.  

That way, all guest traffic would be centralized and you can filter it in one place.

IP mobility is used when a client needs to roam from one AP to another and those APs terminate their tunnels on different controllers.  I don't think it would accomplish what you want (and if it did, it would be sort of a non-standard use for the feature, IMHO).