H500 disconnects from (remote) ZoneDirector

Hi all!

We have a few sites that we moved from our vSZ to a Zonedirector (due to ap's not being supported on newer vSZ version).

Zonedirector is running build 318, newest one supporting the ap's in question, a mix of R300/R700/H500.

Everything is working fine, except for one site. All sites are remote and tunnel to ZD over the internet.

This one site the issue is that ap's keep dropping off all the time, there are in total 83 ap's on the site, majority is H500.

But at any given time the number of connected ap's is typically around 50 (we can hit the refresh button in ZD every ten seconds and the number will go up and down all the time).

Site is running an Aruba firewall and HP procurve switches.

The site has been running without issues for about 5 years, but then of course after migrating it to ZD these issues started appearing.

ZD has a public ip but is behind a firewall, and yes the correct ports are open (at the moment all ports are opened from the site with issues, just to eliminate).

Question is how to migitage/fix this, we have several other sites with exactly same ap's connected remotely as well without issues.

Same switches, not a PoE issue as far as we can tell, PoE budget is fine.

Tried to play with MTU and every other thing I can think of.

So really open for suggestions.


The vSZ on 5.2.2 has the ability to upload AP patch 3.6.2 to support H500 on the same controller. You just need to create a different AP Zone for that version.

6.0 can't support this yet but in one of the future release, unless you had to use this version and not 5.2.2 which supports most of the newer Wi-Fi 6 APs.

Might be a little late now that you have gotten the ZDs installed.

ONe thing to look for between a ZD AP and ZD Controller is the latency. The AP to ZD's round-trip should be less than 100ms and probably can be pushed to about 150ms , before they are considered "offline".

ZD's tolerance is not as good as SZ. Also ZD uses LWAPP protocol and are chattier, so if the throughput is not great, that means after converting to ZD firmware, those APs uses more bandwdith and might affect latency also.

Yes, I know. The reason these old sites were moved was due to version 6.0.

Latency should be fine, ping from site to ZD is around 20ms, so this should be fine. 

And we have two other sites on same controller with same ap's and same latency which works fine.

Also tried with this fix:

Doesn't seem to help either.

There is definitely something strange here in regards to connection issues.

Tried to factory reset an ap and flash it with standalone software and then connect it to ZD again.

AP joins and downloads firmware, but then it is stuck, it never completes. 

Only way to get it to work is to reset it again, remove it from ZD and then have it join again. 

Then it completes the process and is online and ok.

@thomas_oppyen This sounds like packet loss or MTU issues between those 2 sites.