Here is the design.
4402 internal controller in data center
4402 DMZ Guest controller in data center
1242AP behind firewall at remote sites
I had this working, and then all of a sudden DHCP stops working for the clients.
The DHCP scope is defined on the DMZ controller. The DMZ controller is the anchor for the WLAN that the clients are connecting to. When this first started working, I assumed the DHCP requests from the internal controller were being sent accross the EoIP tunnel between the two controllers. When the clients stopped getting DHCP IP assignments, I have tracked it down to the initial request from the client is now being sent outside the EoIP tunnel. I opened up the DMZ firewall to allow the UDP 67 traffic from the internal controller and I see the packets arrive at the DMZ controller, but are dropped with the following message.
Jul 13 12:31:06.399 dhcpd.c:167 DHCP-6-SCOPE_NOT_FOUND: Dropping packet from 172.18.140.210 (unable to match to a dhcp scope)
I am not sure how I changed anything to have the DHCP/Bootps request to stop traversing the EoIP tunnel, but I think that is the root of my problem.
Anyone ever seen this, or have insight as to how to fix?