Extreme Networks

For each scope in DHCP (for each vlan) you need to define the controllers IP, that's all you need to do, after that normal IP routing will do the rest. Once the AP learns the controller it will remember it, but it's still best practice to define dynamic discovery, this makes for easier adds/moves/changes.

As you say, tagged for ap, untagged for user, is fine, keep in mind when provisioning the AP you will need to define the vlan before deployment; for that reason, often it's easier to do things the other way round, untagged for ap, tagged for user, either method is fine.

Oh great got it. finally one question......if I keep access points in different vlan how will the ap's know the controller.....as far as I know it is a better practice to keep ap's and controller in same vlan.

and what about switch port to which ap is connected. ap vlan as tagged and user vlan as untagged will do right !

Saiprasad

If you are only using B@AP then there is no need to use more than 1 port on the controller if you do not wish to. Once authenticated, user traffic does not need to reach the controller with B@AP.

There are different ways to place traffic into different topologies, the most elegant would be to use NAC (or radius) to return a role that maps to the required topology, that way you could potentially have just 1 SSID (wireless service), 1 VNS, 20 topologies + 20 roles (mapped to appropriate topology depending on location.)

You can then manage the AP's in a separate vlan as required.

Hope this helps.

-Gareth

Ok say if I want to have 20 VNS, with same SSID, with multiple vlans , I only have 4 ports then what would we need to do ? i want to use only one interface of the controller, which will be having route to management IP default gateway (on core).