Security

I'm still trying to move my thinking from Cisco to Aruba, so my apologies for what may be a silly question...:(

I have a network with two DHCP servers, one "inside" the network, for corporate client addressing, and one "outside" the network(border firewall) for Guest.

I want to centralise DHCP service from the two separate servers to 1(+1 backup) inside the network. If I place the DHCP server "inside" the network/firewall, then the APs will get their IP information OK, because everything is "inside". So will the corporate clients, as they are "inside" the net. 

However, the Guest clients will be on an isolated VLAN with only access to the Internet. That is, unless I can feed/filter the DHCP requests back through the controller firewall to the "inside" DHCP server.

Is this how its done? Or is there another way, perhaps like the Cisco (sorry to speak of the devil) DHCP proxy, where all guest DHCP is served by the controller proxying the requests to the DHCP controller "inside" the network.

Thanks for any advice

Jim

You should be able to create a dhcp scope in your Aruba Controller or in Instant(VC) for your guest network and still keep it on a separate VLan. You can use the default DHCP pool or create your own pools as needed but I would not use the DHCP server built in for a medium/large deployment or where I need to additional DHCP options but for a small business or for my guest network it should work out great.

I could use the controller's internal DHCP server, but this is a very "public facing" network, with a very large Guest scope, so I want to use an external server. I understand wht you propose, its just not quite what I want to do for this network.