I have a remote facility with a single Aruba controller (650) and 2 redundant firewalls that auto-switch if one is unavailable. I would like to set up a guest wireless network that only has access to the internet with no access to my internal networks.
I am doing this at my primary facility that has 2 Aruba controllers (master & local) and 2 redundant firewalls. I have port 3 on the master and port 3 on the local configured for my guest VLAN, and those are plugged into a small switch. Both of the firewalls are also plugged into the switch, so no matter which firewall is active, the guest VLAN has access to the internet. Access is then controlled via the firewall settings.
At my remote facility, I'd like to accomplish the same thing, without the use of a small switch. So I'm thinking that I set up 2 ports on the Aruba controller that are both configured for the guest VLAN. I plug one of those ports into the "active" firewall and one into the "backup" firewall.
My question is what, if anything, do I need to do on these ports to make them act as redundant/failover ports instead of them both being active at the same time?
Thanks for your help.