Not sure which method is the best for this one, here's my setup...
- Ruckus 1100 with 12 APs
- primary wireless I need is for my Teaching Network, same VLAN as our desktops i.e. desktops and laptops give exactly the same access and user experience
- will also be creating additional VLANs for guest wireless etc with appropriate segmentation and firewall policies
- Teaching wireless clients to be authenticated by RADIUS
- RADIUS server being in the Teaching Network suggests that my ZD needs to be on the same network (or have access to it)
I have the Ruckus APs on gigabit uplink ports on my switches... this is where it gets interesting. The Ruckus ZD sits on our Teaching Network on an untagged port as any other client \ server would. Which of these would you go for (using HP Procurve btw)...
a) set AP switch port as untagged for Teaching Network and therefore WLAN setting as no VLAN tag
b) set AP switch port as tagged for Teaching and change Ruckus AP management VLAN
c) segment Ruckus management into entirely separate VLAN (but this will probably need to be routed for Ruckus to be able to speak to the RADIUS server?)
Option a) is neater from a switch config point of view in that the uplink ports stay tagged for all networks but makes Ruckus auto provisioning more difficult (doesn't really matter as all the APs are in now)
Option b) is easier for any future additions or AP resets.
Option c) is part of a grander future plan but not taking on a network redesign whilst changing over to new desktop OS and VLE version this summer
Probably not much in it I guess?
Last edited by gshaw; 30th May 2012 at 12:29 PM.
I would have the unit in the network management vlan and then I would have all traffic form the unit in the client vlan.
There are currently 1 users browsing this thread. (0 members and 1 guests)