The problem is when i create WLAN and tagged it with DATA VLAN ID 234 , (i used Tunnel WLAN traffic to the controller) my client can't get IP address from DATA VLAN, try it with static IP address assignment, my device still can't ping my DATA VLAN Gateway 10.26.0.1 I look around the configuration and still not working. What i am missing Vsz-H version 18.104.22.168.862 Vsz-D version 22.214.171.124.862 AP-R700 Router Cisco DHCP-SERVER and Gateway
Virtual : Vsz-D Data interface IP 10.26.0.5 MGMT interface IP 10.1.115.16 Vsz-H MGMT interface IP 10.1.115.15
I can see/understand your diagram, but it appears you are missing some things.
In VMware, you need to setup a new port group for the DataPlane. You need to make this port a trunk by allowing all VLANs. Enable Promiscuous mode and then, since you are running a vSwitch, you need to go to the vSZ-D Console, and configure the data interface to tag the data VLAN for it.
The Client WLAN VLAN should be different than the data VLAN from the data interface. You don't want your client having access to that VLAN I'd assume.
1 - Create new portgroup with All VLANs allowed and promiscuous mode accept in the security tab. 2 - Console to the vSZ-D and go to configure, interface data, VLAN 234 to tagthe data interface VLAN. 3 - Create a new VLAN for the clients and then configure that on the AP so thatthey get their IPs from there. The vSZ-D data interface VLAN and theclient access VLAN should never be the same (not that they can't). 4 - Ensure the switch port allows the newly created client VLAN. 5 - Ensure DHCP is set for the new VLAN, not VLAN 234 as that is the interfaceof the vSZ-D Data Interface. 6 - Ensure the AP can talk to the vSZ-D Data interface and the controlinterface.
For reference, from the AP to the vSZ-D Data Interface, by default, you should allow ports 23233 on both TCP and UDP. From the AP to the control plane, you need port 22, 443, and any other port you may require for captive portals, see the firewall configuration guide on our support site under Best Practice Documents section. https://support.ruckuswireless.com/products/116-bpg_smartzone
Thank you Michael, this should be in the documention, very helpful !!! Can you clarify, because I not able to make my vSZ-DP, data interface be a trunk port... I can only "tag'' one vlan with the command vlan "X", and that is it, I tried different syntax but did not work.... So, how can I have differents ssid with differents vlan pools, and make it enter the data interface from my DP ?? I understand that I should have my vnic as a trunk port, but I do not understand how to make the data interface be a trunk port.