I am currently working on a demo box which Cisco sent me of an integrated 3750 / WLC.
I am testing out as a solution for remote sites which need wireless guest access on non-cisco APs (aruba Xirrus etc).
Here's what i have so far,
WLC/3750 is configured as a remote WLC with an anchor tunnel (carrying guest traffic) back to the anchor WLC in our data center, which then drops the traffic into the guest authentication DMZ.
The anchor tunel is functioning properly, but my question is specifically related to the integrated device. How do i configure the switch to allow one of it's ports to take this guest traffic (vlan 10 for conversation's sake) and then drop it directly onto the anchor tunel of the WLC?
Any information specific to working with the integrated appliance would be very helpful, as documentation on this is scarce.
Thanks in advance
So... Here is what should be done:
Vlan 10 should be created on the switch as a Layer 2 vlan only. Do not make a SVI (interface vlan 10) on the switch.
Now, as long as the SWITCHPORTS going to the WLC (typically Po40 and gi1/0/27-28) are allowing vlan 10 through the trunk, and you have an interface vlan 10 for the guest access, then everything should work great.
For any client device that gets in to vlan 10 (any switchport that is access vlan 10, or any device that will egress traffic to vlan 10), the client should do its typical broadcast behavior to arp for DHCP/gateway/etc.... these broadcasts will make it in to the WLC, the WLC will get them to the ANCHOR and your client should get DHCP from the anchor. Once this has been established, all of your clients unicast traffic should be switched into the WLC on vlan 10 and then sent to the anchor. Does that make sense?
Bottom line: Make sure vlan 10 has no layer 3 point. As long as vlan 10 is completely seperated from the other networks and it that it trunks into the WLC, then any client traffic that is in vlan 10 should go into the WLC and then the WLC will take that traffic and get it where it needs to go.
Does this help any?