Hi Scott, let me check on this.. For sure I've configured the vWLC Data Port in promiscuous mode.

What I'm not sure of is if they are sitting on the same Virtual Switch..

I'll let you know then.. Thanks.

Thanks Scott, you are correct. My VM Network was incorrectly configured.

But what I don't understand is that, the working config of my vWLC Data Port was mapped to vSphere Standard Switch whereas not working was at vSphere Distrubuted Switch and they have the same configuration (promiscuos mode - accept). I didn't touch the vWLC Service Port which is right now connected to a vSphere Distrubuted Switch with different uplink and is disconnected.

I'm not an ESXi expert too.. Anyway, it looks like you are using vSphere Standard Switch.

Yes that is correct. I can test it our later if you need me to.

Sent from Cisco Technical Support iPhone App

Greatly appreciated. Well if its ok with you to test.. I would love to hear the results..

Hi Scott, when you say "I created networks for each of my centrally switched vlans", what do you mean by this?

Are you not using the trunk port 4095? Please see my snapshot.

Did you create them on the vWLC. The SSID that these users are associating to, what interface are they mapped to?

Sent from Cisco Technical Support iPhone App

Yes. Its mapped in VLAN120 interface. Here's the screenshot.

Internet Firewall at my remote site is messing up with my CAPWAP tunnel.

I really don't know which port has been blocked. Afterall FlexAPs at remote site might need to unblock more ports other than UDP 5246/5247. Weird!!!