CommScope RUCKUS Community Forums

Yarenis · ‎10-16-2023

Connecting an ICX to the Ruckus controller vSZ or cloud Pre-requisites

In this document will be found the best practice and support documentation to add a new ICX to the controller for the first time.

1: Your running version must be UFI, can be checked with the next command:

ICX#show version | include UFI

(33554432 bytes) from Primary SPR08095h.bin (UFI)

2: The next 3 processes nginx, wmsgi and PySzAgtSrv.py must be Oper. State: Up and can be checked with the next command: hmon client status all-clients, However if the processes are down, we recommend ensuring the IMAGE you are using is UFI if not, upgrade to the UFI image, however if the image is UFI already, we require performing a reload or a factory reset in case the issue still persisted after reload, but if the issue persisted please contact our TAC team.

Working

No working:

3: Time must be configured, can be set manually or with NTP server

ICX#show clock

ICX# clock set 11:22:00 10-11-2023

ICX# configure terminal

ICX(config)# clock timezone us mountain

ICX# configure terminal

ICX(config)# ntp

ICX(config-ntp)# server 1.2.3.4

4: The Switch must be enabled to be discovered by the controller if not must be enabled.

ICX#show running-config | include registrar

ICX# configure terminal

ICX(config)# manager registrar

5: DNS must be configured can be checked with the next command: show running-config | include dns, however if there is not DNS, the public DNS must be configured.

ICX# configure terminal

ICX(config)# ip dns server-address 8.8.8.8

6: The Controller must be reachable as well the DNS

vSZ

ping registrar.ruckuswireless.com

Cloud:

ping device.ruckus.cloud

DNS test

ping x.x.x.x (DNS server IP address)

7: The Certificate must be installed, with the next command can be checking, and the message must be always Successfully verified, if not For ICX 7250, 7450, or 7750 models we can re-install the certificate, however a reload is required, and is recommended to have console access, for the other models we can factory reset, but if the issue persisted please contact our TAC.

ICX(config)# crypto device-key-zeroize

ICX(config)# crypto device-cert-zeroize

ICX(config)#crypto key generate

ICX(config)#write memory

ICX(config)#reload

8: Now the unit is ready to be added, now if you are still having issue, make sure the IP address listed is the address to which the switch should connect, if not can be manually deleted and added.

ICX#show manager status

ICX(config)# no manager registrar

ICX(config)# no manager active-list

ICX(config)# manager active-list x.x.x.x

ICX(config)# manager registrar

ICX(config)# exit

ICX#manager connect

Firewall open ports

https://docs.commscope.com/bundle/ruckuscloud-userguide/page/GUID-7B79A19A-2419-4AE8-A4C7-329FF6C34A...

Set up DNS

https://docs.commscope.com/bundle/fastiron-08095-managementguide/page/GUID-7CF29E61-55F8-4578-A630-D...

Set up the clock manually.

https://docs.commscope.com/bundle/fastiron-08095-managementguide/page/GUID-E670EE11-FBD6-4D1E-9099-6...

dparker · ‎11-29-2023

when I run dm verify-device-certs I get

Failed: Check TCSD_PS Files.

what would my step from here?

Yarenis · ‎11-29-2023

For ICX 7250, 7450, or 7750 models we can re-install the certificate, this information is on steps #7

ICX(config)# crypto device-key-zeroize

ICX(config)# crypto device-cert-zeroize

dparker · ‎11-29-2023

so far I have one 7150 c12p that has failed to connect and one 7450 that has failed to connect

Yarenis · ‎11-29-2023

If your issue is the certificate, you can re-generate them, for ICX7450 and for ICX7150 please get in touch with the TAC to open a case, and take into consideration that if the ICX7450 keeps failing with the certificate, same please get in touch with the TAC.