Probably a simple answer, but hey, I can't find it!
Scenario: 7200 Controller with APs configured in Tunnel Mode, SSID configured for 802.1x authentication.
Multiple users will connect to the same SSID but be allocated Server derived roles on the controller based on authentication parameters.
My question is how are the client's IP addresses assigned?
Will users devices in different roles be assigned IP addresses in different IP subnet ranges, or doesn't it matter as I understand that the Roles will be placed into VLANs that only exist on the controller side.
Could a client allocated to Role A be allocated an IP Address in the same subnet as a client assigned Role B?
What is best practice?