This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ZD 1200 Guest network connection

mick_duffin
New Contributor

‎11-16-2020 01:52 AM

Hi there,

We have a ZD 1200 with a number of AP's currently this is configured just for our internal corporate network, this is working well. in the past we have separate AP's for our guest network that connected to a separate port on our firewall so all traffic was just routed out to the internet with no contact with our network.

What I'm looking to do is to add the guest network onto the Ruckus system but also maintaining the distance from our internal network. my initial thought was to some how connect the guest SSID to the second ethernet port on the ZD which would in turn connect to the guest port on our firewall.

I'm not sure if the above is possible? if not what is the best way to setup the guest network? I've looked at the ZD settings to create a guest network but I'm not sure its going to work for us, but I'm open to ideas/help.

Thanks in advance,

Mick.

0 Kudos
6 REPLIES 6

syamantakomer
Community Admin
Community Admin
In response to mick_duffin

‎11-18-2020 05:05 AM

Hi Caveman,

Thanks for the suggestion!

Setting an ACL from controller to a WLAN adds it to APs WLAN interface. This means a wireless client connected to that SSID cannot reach restricted subnet.

Steps provided by me are for most of the standard wired network setup, however, using different routing rules one can always play with the traffic, so general config procedure may help specific use cases but not all.


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn
0 Kudos

itdept_head_me
Contributor

‎11-16-2020 04:54 PM

LOL...

you don't need to be an "expert" just have a clear head in what you want to  accomplish.

Obviously you will need

TWO zones for DNS & DHCP....

don't do like some people i've seen....

set   DNS resolvers to their internal  AD server on another subnet...

also  DON'T "break out"  the VLAN on the switch with an IP address, or you can have a very bad day where a mis-configured switch routes the traffic via 0.0.0.0 into your  existing infrastructure... 

also watch your "trunk" statements

for sanity...

re-arrange your switch so that all the AP's come into a section of the switch as far away from other ports as possible and then "group" those ports...

too many times have I seen mis-labelled infrastructure cross route traffic due to a badly placed cable.

0 Kudos
Copyright © 2024 Khoros, LLC