Have a read of thos document i wrote to set this up.. Ruckus and guest access post 43. It might help you out.
I’ve got the following set up:
- Core network switch (HP ProCurve 5412zl)
- Smoothwall (default gateway) – Port 1 connected to the network 10.10.8.1 255.255.252.0
- Ruckus ZoneDirector ZD3050
- Ruckus 7363 Access points
The VLANS on main switch:
- VLAN 1 – Main network = 10.10.8.1 – 10.10.11.254 | 255.255.252.0
- VLAN 2 – BYOD = 10.10.16.1 – 10.10.19.254 | 255.255.252.0
- VLAN 3 – Guest = 10.10.24.1 – 10.10.27.254 | 255.255.252.0
The switch configuration is as below:
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 5 type J8705A
module 6 type J8705A
module 7 type J8705A
trunk D1-D4 Trk10 LACP
ip address 10.10.8.50 255.255.252.0
no ip address
no ip address
snmp-server community "public" unrestricted
spanning-tree Trk10 priority 4
spanning-tree priority 0
I’ve created 2 virtual interfaces on Smoothwall:
Networking > Interfaces
Name: Port 1-2_BYOD
VLAN Tag: 2
IP address: 10.10.16.1
VLAN Tag: 3
IP address: 10.10.24.1
Smoothwall is to give out IPs on the above interfaces:
Services > DHCP Server
Primary DNS: 10.10.16.1
Default Gateway: 10.10.16.1
Primary DNS: 10.10.24.1
Default Gateway: 10.10.24.1
The problem is that our devices can’t connect to Guest/BYOD networks. They keep trying to connect, but they don’t get an IP address from Smoothwall. When I left Win7 laptop in a “trying to connect” state, it kept sending DHCP discover packets, and eventually after a long time it got a correct IP and displayed Ruckus welcome page. Once authenticated all works fine, but it’s taking so long to connect. No other device (iPad, Android) been able to connect yet, although from time to time I can see a new DHCP lease on Smoothwall (which means that device was able to connect to DHCP, but then quickly dropped the connection).
Anyone have any ideas why it is not working??
SNewt (8th May 2014)
Effectively what you should have is your ruckus controller and APs on a seperate VLAN untagged.
All you ruckus wifi networks (staff,students,guests) etc on seperate individual VLANs and TAGGED!!
Can you test to make sure a device can get an IP address from the VLAN DHCP? Have you got a spare port on the core switch that you can use so that you can untag this port to a VLAN to see if a DHCP address is actually been used?
How many switches do you have? Have you got any edge switches connecting back to the core switch? Are you able to do the same test on the edge switches?
Are you able to tell us what ports on the main switch your ZD and APs are plugged into?
Last edited by timbo343; 6th May 2014 at 11:55 AM.
APs are on E6 & E20
It seems that you have everything working right on the smoothwall if you are sble to get a DHCP address to a laptop connected directly to the switch. If its taking a while its got to be something on the ZD. Have you got route all traffic to the zone director ticked. This maybe causing a problem. Also are all the ports on the switch a Gig connection?
How come you have got 2 ports going to the ZD on the core switch? You only need one unless you are load balancing or running a redundant ZoneDirector.
It's all working now. For future reference, the above configuration is correct, just make sure that you won't miss out any of the Access Points when tagging VLANs( ).
Thank you for your help.
There are currently 1 users browsing this thread. (0 members and 1 guests)