CommScope RUCKUS Community Forums

dillon_deduonni · ‎05-05-2016

Hello All,

Just to get the formalities out of the way:

vSG

Controller Version 3.2.1.0.139
AP Firmware Version 3.2.1.0.640

vSG private IP: 192.168.1.100

vSG public facing IP: 123.123.123.123

Client site - DHCP server enabled for Option 43 to 123.123.123.123

I have provisioned a Ruckus R500 access point at the office, access point is added into the correct Zone/Group and fully provisioned.

When I install this access point off site (e.g. not on the same network), the access point fails to find and connect to my vSG back at the office (located at public IP 123.123.123.123).

I ssh into this access point, issue a "get scg" command and the following is displayed:

SCG Service is enabled.
AP is managed by SCG.
AP is registered in SCG.

I then have to manually update the server list to include my vSG's public ip:

"set scg ip 123.123.123.123,192.168.1.100"

"reboot"

Upon restart the access point connect successfully back to my vSG and all is good, this last UNTIL my access point is turned off for a period of time (~2 hours), then it looses all knowledge of the external IP of the vSG.From my understanding, that option 43 on the sites DHCP server SHOULD force the R500 unit to phone "home" and be successfully implemented off-site.

When I issues a "factory reset" on that access point, ssh into it and "set scg ip ...", the access point connect to my vSG and pulls down a new configuration/places it self into its correct Zone then restarts, upon reboot "get scg" shows the list devoid of my vSG's public IP and only has entries for the "local" IP of the vSG. Do I have something incorrectly set in my vSG??and why is the Access point not respecting my DHCP option 43?

Any insight would be much appreciated and thanks in advance,

Dillon

dionis_taveras · ‎05-05-2016

Two things, first, option 43 should be a url like this, https:///wsg/ap.

Second, on the vZSZ, go to configuration, system, click the control plane there, under NAT IP put in the public IP you are listing here as the public IP being used for outside interface of your NAT device.

The problem is, if you don't put this IP on the vSZ control plane and tell the vSZ who his public IP is, when the AP connect, his server list will be overwritten with the IP configured on the control plane. Which in this case appears to be the 192 IP you see in the server list when you issue the get scg command.

Putting the public IP in this interface at the vSZ under system will tell the vSZ to send the public IP to the AP and not the private. This way, the AP can connect over the internet and maintain a tunnel.

Have fun.

martin_martin · ‎05-06-2016

Yes,

Like Dionis, is saying we have a control NAT IP address you can configure, that should be the public ip address, like 123.123.123.123 and your AP should ONLY get the 123.123.123.123 address via dhcp or manual, as 192.168.x.x it cannot route over the internet.

kind regards
Martin

dillon_deduonni · ‎05-06-2016

Hello Dionis and Martin,

I have updated the control plane NAT IP on my vSZ, connected the R500 access points to the network > pulled down new configurations and restarted.

Now when i take them off site (e.g. different subnets) they are still in communication with my vSZ and everything works as intended.

Thanks for solving my issue!
-Dillon

dionis_taveras · ‎05-06-2016

Glad it worked out. That's what we are here for 🙂

CommScope RUCKUS Community Forums

Provisioned access point failes to connect to vSG on power loss, manuall entry needed.