Hi Heroes community.
A topic that I have been discussing with a few colleagues is around XIQ Wireless network design (on the network part), when looking at:
The typical requirement for guest traffic is to isolate it from the network and only give it some internet access. From a network design, with Wing and XCC guest is easy, bridge the SSID at the controller into some isolated vlan that is directly connected to a router of some sort. The guest vlan only lives in the core between the controller and router. When looking at a XIQ AP deployment in a small environment this is easy enough to handle by either just tagging a guest vlan to every AP port or using a policy that denies all traffic to internal recourses.
When we look at a bigger campus that involves various layer 3 boundaries the option for tagging a guest vlan to each AP is not available. We could still use the option of applying a policy that blocks traffic to internal resources. Or another option is to tunnel the traffic with a GRE tunnel to something.
The question is "what is best design, on the network side, for guest networks when deploying a XIQ wireless network.
Could be a topic to discuss in one of the Hero Tech talks.
