Well, this is properbly not so hard, but i can´t figure it out. I think it has to do with a missing gateway.
We got a new installation of a single 7220 (in the longrun it will be 3 with Mobility Master). Right now we trying to figure things out and test a bit.
OK. We are trying to connect a RAP-109 to the 7220 from "outside". It has been connected to the controller from the inside as an AP so we know it worked. We then converted it to a RAP and tried to connect it. No luck we thought. Then we did the "show datapath session | 4500" command and there it was, it connected to the controller BUT the RAP didn´t get any data back. Tested to Factory reset the RAP and tried to connect it : VPN connection failed. No surprice there.
We have a 10 gig interface connected to our corp network and we trying to get the GE-0/0/0 interface to connect to our DMZ with a static nat address on a dmz vlan. The port is configured as Access and Access vlan is set to 20 (DMZ). In the IP Routes menu we got a static Default Gateway that points to the corp.inside. 10.200.23.254
I have tried and added a Ip route 192.168.1.0/255.255.255.0 192.168.1.1 The DMZ ip-address for the controler is set to 192.168.1.253.
I can see that the traffic comes to the wan address in the FW (an address just for RAP) then it´s translated and comes to the controller, Yay! So far so good.
But when it is time to go back it comes out by the 10 GB interface.
So the data takes the wrong way when it´s trying to go back to the RAP and the FW stops it.
How do i set the DMZ gateway for vlan 20 (DMZ) so that data takes that way?
I hope you can understand my "floppy" english.
Regards
Mathias