12-05-2018 07:09 PM - edited 12-05-2018 07:12 PM
I spoke to Aruba Support regarding Policy Based Routing. The instructions that I found were not showing up when trying to implement the policy.
Aruba support informed me that for my situation a PBR was not necessary and actually was overcomplicating the confguration. Aruba Support informed me that static routing for 0.0.0.0 / 0.0.0.0 DMZ_IP is all I need to do for internet routing.
I should proceed with teh DHCP Pools and the VLANs as was previously planned.
Re: How to setup a guest SSID to distribute DHCP from the local controller
12-06-2018 03:55 AM
sure, you can point the default route of the controller to the DMZ firewall. But keep in mind to create static routes for the internal networks as well, to make sure that the controller is reachable from within the internal network, if not possible using the DMZ firewall.
In this case, you need also to make sure, that you deny access to internal networks for guests.
That's why I would go with PBR. but doing it the other way around works as well.
Please visit my personal blog as well: