CommScope RUCKUS Community Forums

john_kay_k2wnou · ‎07-05-2018

I just got a new Ruckus ZD1200 and some r610 APs.

I am trying to set it up like this

port 1 has ip 192.168.10.254 that is for management only

port 2 is trunk for guest vlan and corp vlan

I don't see anyway to do this. Is this not possible? I don't want the ZD to have an IP on the guest or corp vlan.

Thank you

michael_brado · ‎07-05-2018

Hi John,

The two Eth ports on your ZD1200 are one logical interface to the controller,
so you can't "define" one on VLAN A with IP-subnet1 address, and one on VLAN
B with IP-subnet2 address. If you do not want the ZD/APs to be easily accessable
to either SSID clients, define a "Management" VLAN 0 for the ZD/APs, and use
unique VLANs for both of your SSIDs. You simply need to trunk the two VLANs
in addition to your management VLAN to the ZD/APs. Client dhcp requests will
go to the server on the specific VLAN. Does that make sense? You use ACLs
(on your switch/router) to limit access of the VLAN subnets to whatever targets
you want to permit/deny.

diego_garcia_de · ‎07-05-2018

In addition to the above, you can define a management vlan For the ZD itself.

michael_brado · ‎07-05-2018

Yes, the management VLAN for ZD/APs can be tagged, doesn't have to be 0.

john_kay_k2wnou · ‎07-05-2018

Thank you all for the replies.

so let me see if I have this right.

I could just use one of the ports on the ZD

Then on my switch

Untagged(access) vlan 10 for management
tag vlan 2,3,5 for Wireless networks and that's all? Will the ZD see the tagged vlans and I won't have to do anything other than assign the access vlan to each SSID?

CommScope RUCKUS Community Forums

Ruckus setup with VLANs ZD1200

Photos