CommScope RUCKUS Community Forums

elujobasegun · ‎05-20-2025

Background :

We currently used a ZoneDirector 1200 with 8 R650 AP all on a flat network. (No VLANS)

We bought a Virtual Smart Zone (runningfirmware version 7.1.0000) and 8 R750 AP.

Our current setup looks like this :

Fortigate Firewall FG101 running version 6.2 firmware with three VLANS - VLAN 10-OT(172.16.x.1/255.255.255.0)

VLAN 20-Corporate (192.168.x.1/255.255.255.0) and VLAN 100- BYOD (10.10.X.1/255.255.255.0). Fortigate runs DHCP for VLAN 10 and VLAN 100 while Windows server runs DHCP for VLAN 20 which is the current LAN (cable switch).

There is a trunk configured between the fortigate and the FortiSwitch.

Fortigate Switch 224E POE : also running the same VLANS as the fortigate and have a few ports dedicated to VLAN 10, VLAN 20 and VLAN 100. All receiving DHCP on all VLANS. I intend to put all 8 AP on this forti switch.

DHCP Config for VLAN 20 - gateway: 192.168.x.1 , DHCP Server : 192.168.X.150 (a windows server VM), DNS :192.168.X.150

DHCP Config for Vlan 10 - gateway : 172.16.X.1 , DHCP Server:172.16.X.1, DNS ::192.168.X.150

DHCP Config for Vlan 100 - gateway : 10.10.x.1, DHCP Server : 10.10.X.1, DNS ::192.168.X.150

What am trying to achieve.

Am trying to get a scenario whereby I have 3 VLANs -

VLAN 20 Corporate - Clients on this SSID will recieive DHCP address from the windows server in this subnet. But will need to authenticated VIA Active directory username and password.

VLAN10 OT - Clients connecting to this SSID will recive DHCP address from the Firewall DHCP in this subnet. Only requires a passphrase

VLAN100 - Clients connecting to this SSID will recive DHCP address from the Firewall DHCP in this subnet. Only requires a passphrase.

Current work done :

Ive installed the Virtual Smart Zone and AP are online. Virtual Smart Zone is on VLAN 20 and has an ip of 192.168.x.254/255.255.255.0

However , I need 3 SSIDs based on the VLANs 10,20,100 networks.

Once a client connect to the SSID, they should hit the DHCP for the respective VLAN associated with the SSID just like it works when on LAN.

How can I go about this , am fairly new to Ruckus configuration.

Thanks and happy to provide more information that can assist.

If you are able to i wouldnt mind to get more information about the following details:

How do I associate the VLAN with the SSID?

How will the DHCP get to the client on each SSID?

Is there a need to configure a port settings on the fortiswitch ?

How does the traffic travel between DHCP, Virtual Smart Zone and the Clients connecting to the AP.

MA · ‎05-21-2025

Hi elujobasegun,

You need to tag VLANs 10, 20, and 100 on the switch port connecting to the APs. The clients should get their IP addresses in the respective VLANs.

To associate VLAN ID with SSID- configure access VLAN ID under the advanced options on the SSID.

AP will tag the client traffic in the configured VLAN and forward it to the uplink switch port.

Regards,

Modassir

View solution in original post

MA · ‎05-21-2025