Hi all,
I'm just making sure I've designed this implementation correctly. My site has a guest vlan that is not routed internally in anyway. It only grants users access to the external net. To implement a guest wireless network, I need to be able to have my guest users authenticate via a captive portal. To make this portal available on a isolated network, I'd need to make the controller publicly available, right? in my mind the workflow should operate like this:
User connects to guest network -> controller redirects to guest captive portal -> redirect sends them to public DNS/IP of controller (mycontroller.contoso.com) -> controller forwards request to CPPM -> CPPM returns captive portal back to client -> client authenticates against captive portal
Does this make sense or am I going off the rails?