cancel
Showing results for 
Search instead for 
Did you mean: 

ZD1100 remote AP's upgrade problem

yuval_ben_ari
New Contributor II
We have ZD1100 managing 8 AP's, few are connected on the same LAN as the ZD, and the others are on remote site and reach the ZD via IPSec VPN.

I upgraded the ZD from 9.5.1 to 9.7.1, it seemed to work well and the directly connected AP's upgraded fine to 9.7.1. The problem is that all remote AP's got stuck in the state: "Upgrading firmware" and did not pass this stage (they were still reachable but did not connect any clients).

I did a rollback of ZD to 9.5.1 and all AP's were back online.

The remote AP's has full access to the ZD over the VPN and normally act with no problem. Any idea why the firmware upgrade of remote AP's might fail? Anyone with a similar setup?

Thanks
8 REPLIES 8

monnat_systems
Valued Contributor II
Hello Yuval Ben Ari,

this sounds like a possible MTU issue. Take a look at a different post for something related to MTU.

https://forums.ruckuswireless.com/ruc...

how to do it, see the screenshot -- http://prntscr.com/3mg4jc

ZD GUI - configure - AP - AP policies - Tunnel mode.

I hope this helps.

yuval_ben_ari
New Contributor II
Thanks
The support person I talked with try to change that to 1200 with no help, but maybe it needs a reboot of AP's to apply?

monnat_systems
Valued Contributor II
Hello Yuval Ben Ari,

Could you please post here the log messages on ZD GUI for those remote AP's?

I have couple of suggestions to ponder up:

if number of remote AP's impacted are just few and you don't want the trouble of finding out what's causing it then just upgrade those AP's as standalone to same new version as ZD and then connect them to ZD.

check the router/firewall at the remote site at the time of upgrade to see if any fragmentation or error happening which is causing this trouble. this shall give some hint.

few questions:

did you miss any intermediate firmware version between 9.5.1 to 9.7.1?
which router/switch you have between?

I hope this helps.

yuval_ben_ari
New Contributor II
Hi,
I'm afraid I can't find the logs anymore, it might have been cleared.

All remote AP's were impacted (those not in the same LAN as the ZD). Upgrading as standalone is not a good option for me as those are remote sites.

I planned to check the firewall next time I try it but it should not be causing any problem. It is a Juniper SRX and the VPN is used for various traffic with no problem. Also tcp-mss is configured to lower MSS so I don't see a reason for MTU problem to arise but it's still possible.

I did the upgrade directly from 9.5.1 to 9.7.1 which should have been supported according to the release notes.

The support recommended I go through 9.6 so I will try it.