Customer uses remote APs with 3G to connect to the controller. Today he uses a split-tunnel vap but this requires an initial connection from AP to the controller for the SSID to be broadcasted.
When the remote AP is booted on a location where there is no 3G reception, he wants the clients to connect to an SSID where they can communicate with eachouter.
Seems like the only option to broadcast a PSK SSID without initial controller connection = bridge mode.
If you chose bridge mode, all the traffic is bridged out locally. Which means for situation where there is controller connectivity, the traffic is not tunneled back to the controller hence he cannot remotely takeover these devices.
I have tried to work my way around that with 2 VAPs: one main split tunneled with rap operation persistent and one backup ssid with rap operation backup. The main issue here is there cannot be SSIDs with the same name in the same ap-group, regardless of their "rap operation". So this would require the clients to be reconfigured each time there is/isn't controller connection.
Is there no option to boot the split tunnel PSK SSID without initial controller connection? Or can this be solved otherwise?