anupam.ramco@gmail.comwrote:
In a typical IAP cluster at branch location with MPLS connectivity to Data Center... As per my understanding i will only need controller at data center for the traffic which i want to send it to data center i.e Guest Traffic (Tunneled) via a DMZ controller? Can someone please help? also i can switch the local traffic for the corp ssid which i want to be locally switched at the branch office.
Correct.
If you are using IAPs at the branch, they operate independent of any dedicated wireless controller. Traffic on the corp SSID can be switched locally.
Likewise, an SSID can be configured to tunnel traffic back to a controller using the IAP-VPN functionality. It sounds as though this is the method you'd like to use for your guest users.
This is a common deployment architecture.