In Cisco Wireless Guest Anchor deployments, traffic between foreign and anchor controllers is typically tunneled using CAPWAP (Control and Provisioning of Wireless Access Points).
The CAPWAP tunnel operates over IP and can traverse MPLS VPN or VRF-Lite Layer 3 segmentation to maintain logical separation across different segments or geographic sites.
This allows end-to-end isolation of guest traffic from the enterprise network into the DMZ anchor location, as shown in the diagram.
Why other options are incorrect:
B: Unencapsulated traffic would expose guest traffic inside the enterprise network.
C: EoIP is not a standard Cisco wireless tunneling method.
D: IPinIP or IPsec tunnels are not typically used between WLCs for guest anchor tunneling.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit