Hi,
I am facing issue in one POC.
Customer Network
Controller ACCESS port -VLAN 10
Controller Internet port -VLAN 20
FIrewall LAN port -VLAN 10
Guest users -VLAN 20
Requirement : Guest SSID
Customer requires controller and WAPs should be in VLAN 10 (Management VLAN)
Internet port is connected to firewall port through layer 3 switch
Here guest users (access controlled) are able to reach every other vlan connected to layer 3 switch except vlan 10.
So there are not able to get internet.
Is this right behaviour..?
My explanation : when access controlled packets destined to vlan 10 reaches controller it will look to routing table and it will find a connected route in access port.Since its a tunneled user , packet will be dropped (stateful firewall will not allow tunneled user to go to access port network )
Is this right explanation ...?