I have APs (R710) behind a cable modem connecting to a ZD (1200). The APs connect and upgrade their firmware just fine, and with SSH tunneling enabled on the WLANs, they're able to broadcast the WLANs, but clients are not receiving IPs from the DHCP server. Here's my layout:
Router v10 - Management IP/24 v90 - Public IP/28 v100 - WLAN 1 - Public IP/30
Firewall / NAT Device v10 - Management IP/24 v90 - Public IP/28 - Outdoor APs/MESH will use this LAN for IP connectivity v100 - WLAN 1 - Public IP/30 v101 - WLAN 1 - 10.20.1.1/16
DHCP servers for v90 and V101 LAN live here.
ZD1200 v10 - Management IP/24 v90 - Public IP/28
Modems -> APs out in the field.
Feel like I'm missing something simple to get this to work. Should the DHCP servers be outside these networks with their own public IPs, and then enabling DHCP relay for the WLAN, for this to work?
The current setup is leftover from on older Cisco setup that we're upgrading. Maybe I just need to redesign all of this so it'll work with Ruckus. Any tips/ideas are welcome. Thanks.
If you are tunneling the WLAN's to the ZD and have configured the WLAN's to tag into specific VLAN's then the AP's will add the configured tag to customer traffic on those SSID's/WLAN's which will be carried through the tunnel and egress the ZD into the network
You need to make sure the ZD is connected to switch ports that carry these additional service VLAN's (as tagged) and that the VLAN's have DHCP services, either by direct DHCP server on the VLAN or using DHCP relays with the correct subnets.
DHCP services must be provided remotely as the ZD does not provide DHCP services except on a limited basis for lab work, and only on its management/default VLAN.
I was not sure where the AP's fit in the diagram you provided. but if the WLAN's are tunneled through the ZD, then the client service VLAN's only need to exist on the ZD port, so tunneled and tagged traffic egresses the ZD bound for the correct networks. Only the AP management VLAN of 90 needs to exists from the AP's to the ZD (hopefully untagged at the AP side for ease of deployment - but that is another topic!)