I’m in Ruckus support and will provide you with best effort as the product is EOL and there is no support entitlement. However, you can still purchase support for the product for a full suite of support options. See EOL doc, https://support.ruckuswireless.com/documents/1060-zoneflex-zf7055-end-of-life-eol-notification, for your purchasing support options. The product is EOL but you can still purchase support till 2021. I will also suggest upgrading the AP to the last stand-alone available SW = 126.96.36.199.1347 = https://support.ruckuswireless.com/software/1017-zoneflex-solo-access-point-104-0-0-0-1347-ga-softwa...Answer to your questions:
1. Is there a way to backup the config of the AP.
--I saw a couple backup options but when I tried to restore after a factory reset the restore failed to set some values. This would be a timesaver if I screwup the config again.
Answer = there is no way to do a straight backup of the APs. You can do screen caps, of course, get the support info file (under Maintenance / Support Info) and see the configuration from the RPM keys within the support info file for future configuration reference.
2. Is a walled garden/portal setup possible with this model AP?
--I got it close to working once then lost connection when I
changed a setting. I've never been able
to get back that close. I've tried a
couple version of software but I'm not sure which is the best for hotspot.
Answer = you can definitely use Radius and Clearpass for the 802.1x certification. As you know, you have to create the 802.1x WLAN and work with a Hotspot configuration. Within the hotspot, you can definitely create a walled garden and allow your network elements for pre-authentication access. This with accordance of having the latest SW running in the AP(s). Also, would recommend to use Firefox or Chrome.
3. How does
whitelisting walled garden work?
-- I've whitelisted our dns,dhcp,and portal servers but this
doesnt seem to allow traffic to these servers.
At least pings and dns lookups fail, packet captures show no corresponding
traffic at the switchports.
Answer = you also have to define the radius server, the clearpass cert server, gateway, etc (any elements that your AP will need to communicate to on behalf of your client for authentication). Also, you will need to ping the gateway, clearpass server, radius server from the AP (unless you have statics routes defined within your network).
4. On the SSID screen
there is an access vlan field. Is this
an actual untagged vlan on the switchport or can I just trunk all vlans to the
--I'd like to have vlan 1 as management for ap, vlan 2 for
portal, vlan 3 for 802.1x, vlan 4 for mac-auth or no auth (I'll deal with this
after I get above working).
Answer = under Configure / Internet is where you find the AP management VLAN. AP Management VLAN is for AP access. By default, management VLAN is 1. For client traffic VLAN assignments, you do that at the WLAN/ SSID configuration option (Configuration / Radio 2.4G, Configuration / Radio 5G), the access vlan fill in within the WLAN configuration.