Finally some 5.0 chat showing up so I'll add this nugget. All controllers migrated from 4.2 to 5.0.48. All site (foreign) controllers = MOBGRP-CORP, anchor controller in central dmz = MOBGRP-DMZ..
Found that my first site where I implemented Guest via anchor mobility worked ok. Tried to bring up 2 new sites with their own foreign controller against same (working) anchor. NO GO. All debugs & shows indicate mobgroup, mobgroup anchor, etc all good. Debugs reveal mobility anchoring messages never being initated by foreign to anchor.
Reviewed with TAC for 3 hours last night. Finally found a bugID that related against 5.0.48.
Bottom line is that our site that was working had 2 foreign controllers. Site that wouldn't come up only had 1 foreign. Weird bug that if site has only 1 mobility member (beside anchor definition) then mob anchor plumbing messages won't exchange from foreign to anchor. Instead, debugs show foreign as anchor. Workaround = move anchor controller into same mobility group as the internal (foreign) controllers. All good now.
Hope this helps someone avoid 3 hrs w/ TAC. (And I felt I had a GOOD tac guy).
Now if I could just figure out how to have multiple profile/wlan definitions on anchor controller but have the same ssid on them all so that our guest ssid @ sites can be uniform. Currently won't let me define multiple wlans on anchor with same ssid, even if profile name is unique. Guess despite it not running APs it's still checking wlans for uniqueness. Not very 'enterprise' as we want to have each site a) Have standard guest ssid and b) Have their own IP address space for firewall log purposes, etc. A & B seemingly mutually exclusive in current situation, assuming central anchor controllers of course.