I have an access controller called an IP3. The device is used to control user access to the Internet. It is a typical device you would find in a hotel to give user’s access to the Internet. When you attempt to access Google or another site you would get a welcome page and have to complete a logon. I heavily use VLAN’s in my network and I have a specific VLAN I use just for guest Internet access. The VLAN is 10.0.255.0 with a subnet mask of 0.255.0.255. I have 20+ remote locations and in each location they have a guest VLAN just for Internet access. Examples: 10.2.255.0/24, 10.3.255.0/24, 10.4.255.0/24, etc… By using ACL’s I have isolated this traffic so it does not cross onto the corporate network. Internet access is via my main corporate office for all remote locations. The access controller is designed to be an inline device. The problem I am trying to solve is how can I deploy this access controller in my main corporate office so all guest Internet traffic will pass through it for authentication without interfering with corporate traffic. I thought perhaps using GRE tunnels might allow me to achieve this?
Any suggestions anyone would have would be greatly appreciated.