I know this is impossible, however, the client I am working with is running a layer 3 interface at his gateway, pointing inside, with a primary and secondary IP address. Is there some way, even with utilizing a controller, that I can add multiple WLAN interfaces, with the intent of running multiple security suites on each SSID. Here is where my brain is going.
1. Router interface primary IP - 192.168.1.1/24 secondary IP - 10.0.0.1/24 tertiary - 172.16.0.1/24
2. Set up in the controller - V Interface one - 192.168.1.2, V Interface 2 - 10.0.0.2 - V Interface 3 - 172.16.0.2 assign ssid's to each utilizing different security suites (leap on one, wpa2 psk on one, open on one)
3. Tag them as Vlan 2,3,4 (for instance)
4. Set all switches (2950's and 3560's) at the access and disti layer to trunk ports where accessing AP's, uplinks to other switches, the controller, and the router
I guess my question is, will the controller place the traffic directly on the layer 3 network since I am operating it in layer 3 mode, with no need for a true layer 2 vlan'd network. The client absolutely does not want to take on the task of Vlaning the network right now.
If this works, can I also set it up the same in autonomous mode? Just standard creating v interfaces and assigning tags to each, or do the autonomous ap's tag at layer 2 and send it to where it needs to go?
Have to meet with the client on November 30th with a solution.