It doesn't matter if you're just using a single physical link to your WLC or not, enable Etherchannel. It'll be easier to do it now than later.
do cisco recommend to have WLC and AP in the same VLAN in campus setup.
If you have a very small network, it's not "best practice", but some people have done it.
I would recommend that your Management IP address of your WLC be in the same subnet as the Management IP address of your switch and you don't need to put that particular subnet in a DHCP pool. You want Management IP address to manage your network equipment to be statically assigned IP address. You put the managment IP address of your AP in a DHCP pool, like VLAN 5.
any recommended software version. currently loaded version 126.96.36.199
Stay with 188.8.131.52 and load the latest FUS code. This will save you precious upgrade time in the future.
How to secure Guest traffic from internal network.
The default-gateway of your Guest Wireless VLAN is your FW. And your FW will punt all traffic from the Guest Wireless VLAN straight out the internet.
I just gone through your query, and appreciate that Leo just provide you the accurate answer what was needed.
As far as your Guest traffic is concerned ,it souldn't have any issue ,as you can terminate Guest on L3 swtich on specific VLAN as the traffice is already segregated because of VLAN and then from there you can route from the GW to the internet.
For your Enterchannel Configuration please refer to the link stated below.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...