I am trialling RAP to use in "pop-up" type areas where we may have an ISP cabled connection or may just use the 4G dongle attached to the RAP.
We have 3 SSID's that we want to publish which work perfectly fine on Campus. The first 2 use 802.1x machine authentication in the 1st case. The other SSID is a captive portal. The CP works fine on the RAP when off campus. It seems the other 2 don't work when trying to machine authenticate. They will work on a non-domain machine where user credentials are used.
At this stage all traffic will go back to the controller so the forward mode for the VAP's is tunnel.