Is there a way to do that for VLANs that don't exist on the controller? Some sort of catch-all profile? I did create a profile and assigned it to the VLAN and made the port untrusted but everything not "homed" on the 7005 disappeared.
For example:
My network is setup like this (not to scale):
Internet <-- --> 7005 <-- Gi0/0/2 -- Gi0/0/1--> L3 switch
/ | \ / | | \
10 11 12 10 100 101 102
- The 7005 and L3 switch are peered via OSPF on VLAN 10
- VLANs 10,11,12 exist and are "homed" on the 7005
- VLAN 10 exists and VLANs 100,101,102 exist and are "homed" on the L3 switch
- L3 gets its default gateway from the 7005 via OSPF
I want all the traffic to be permitted but also to be visible in all the traffic/client reporting. When I make the port untrusted I can see the details of the local VLANs (10,11,12) but lose reachability to anything behind the L3 switch.