VSZ-H for SSID Tunneling
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2020 10:20 AM
I know that if I have VSZ-E and VSZ-D I can setup tunneled SSID's from the branch locations back to the Data Center.
What I am trying to see is is VSZ-D an absolute must requirement? Because all the tunneling options seem to be available in VSZ-H can I accomplish the same without buying VSZ-D?
Thank you
What I am trying to see is is VSZ-D an absolute must requirement? Because all the tunneling options seem to be available in VSZ-H can I accomplish the same without buying VSZ-D?
Thank you
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2020 10:55 AM
Hi Ali,
Yes, you need either vSZ-D or SZ100-D (appliance version of vSZ-D using SZ100 hardware).
The vSZ-H controller only manages the AP's over an SSH tunnel to each AP. The vSZ-H never handles data traffic.
When configuring an SSID/WLAN to tunnel traffic the AP will actually have 2 tunnels - SSH (port 22) from AP to vSZ-H controller for configuration and management of the AP and then a Ruckus GRE (rgre) tunnel from AP to vSZ-D data plane. All client device traffic will be transparently tunneled to the vSZ-D and egress onto the network where the vSZ-D is located. If you configure WLAN to use VLAN tags (or Dynamic VLAN's) then the traffic will egress the vSZ-D tagged as configured so the Switch port connecting to the vSZ-D for data traffic needs to handle those VLAN's (tagged ingress). There is no need to have those VLAN's on the AP switch network
I hope this information is helpful.
Thanks
Albert
Yes, you need either vSZ-D or SZ100-D (appliance version of vSZ-D using SZ100 hardware).
The vSZ-H controller only manages the AP's over an SSH tunnel to each AP. The vSZ-H never handles data traffic.
When configuring an SSID/WLAN to tunnel traffic the AP will actually have 2 tunnels - SSH (port 22) from AP to vSZ-H controller for configuration and management of the AP and then a Ruckus GRE (rgre) tunnel from AP to vSZ-D data plane. All client device traffic will be transparently tunneled to the vSZ-D and egress onto the network where the vSZ-D is located. If you configure WLAN to use VLAN tags (or Dynamic VLAN's) then the traffic will egress the vSZ-D tagged as configured so the Switch port connecting to the vSZ-D for data traffic needs to handle those VLAN's (tagged ingress). There is no need to have those VLAN's on the AP switch network
I hope this information is helpful.
Thanks
Albert
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2020 01:05 PM
Got it thanks so much. On the VLAN tagging I meant the vSZ-D side. Do I need to actually specify the VLANs? Can I not just allow all?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2020 04:13 PM
Hi Ali,
No VLAN is not needed... if you do not specify a VLAN in the WLAN configuration then the traffic will egress the vSZ-D data plane untagged (into the native/untagged VLAN where the vDP is connected).
cheers
Albert
No VLAN is not needed... if you do not specify a VLAN in the WLAN configuration then the traffic will egress the vSZ-D data plane untagged (into the native/untagged VLAN where the vDP is connected).
cheers
Albert
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2020 05:35 AM
Awesome thanks so much for the information and confirming/elaborating.
![](/skins/images/9005211F6EA5B4426010DF12A800E799/responsive_peak/images/icon_anonymous_message.png)
![](/skins/images/9005211F6EA5B4426010DF12A800E799/responsive_peak/images/icon_anonymous_message.png)