I have an MSM 720 configured with two VSCs. One is for employees and one is for guests (using the centralized / tunneled mode). The 720 acts as a DHCP relay for both VSCs.
One port on the 720 is configured on VLAN 1 for management and access to the DHCP servers. This is using the access port on the controller.
A second port is tagged with VLAN 8 for the employee WiFi and 53 for the guest WiFi. The switch port is tagged for both as well. VLAN 53 only has the controller and the two firewall units on it.
The 720 is configured with an IP on the 53 VLAN (10.53.1.40). NAT is configured here and the gateway IP is the firewall--10.53.1.253.
The employee VSC works just fine. A workstation associated to the guest VSC receives its IP address, mask, gateway and DNS (IP=10.50.10.101, Mask=24 bits, GW=10.50.1.253, DNS=8.8.8.8 & 8.8.4.4). Traffic from the guest workstation goes nowhere. I can't ping the default gateway, but that is not a big surprise because I have not configured that IP address anywhere. The controller management and implementation guide does not say where the DHCP scope's IP address should be configured. I presume it should be configured on the controller since all guest traffic is tunneled to the controller, then the controller is supposed to NAT it and send it out to the firewall.
Does anyone have a suggestion on what is supposed to be configured as the guest DHCP scope default gateway?
#DHCP