@Koala wrote:
- I suppose I have to change the AP native vlan to 1 since those cheap modem/router combo’s from ISPs don’t speak dot1q. Is that correct?
yes, or just leave it blank/clear it.
- I suppose I need to set the SSIDs into ‘tunnel’ forward mode. Besides that no changes. Is that correct?
It is not required to use tunnel mode, you can still use split tunnel if you desire to allow home RAP users to use corp resources
- I need to provision the AP as a RAP, fill in the external address of our main site and set it to receive an IP address via DHCP. Correct?
The AP will get it's IP from DHCP by default, so nothing to change there. You can either plug the AP into a network so it comes up in campus mode on the controller, the reprovision it as RAP, or, use the AP serial port and just provision the following
setenv master <ip or fqdn of the controller>
setenv remote_ap 1
saveenv
- DHCP for the clients: Can I leave the DHCP Server and DHCP Pool blank so the clients get their IP from the modem/switch (problem is that I cannot specify beforehand – we have two local ISPs and one uses 192.168.0.0/24 as subnet and the other only uses 192.168.1.0/24)
If you want to use split tunnel, then the corporate DHCP will be doing the client dhcp allocation (ditto for tunnel mode). In the case of split-tunnel there is no need to worry about the subnet in use by the residential gateway (router/modem box) as all client IPs will be src-natted to the AP IP address on vlan 1 in this case.
hth.