CommScope RUCKUS Community Forums

craig_niedringh · ‎04-22-2019

Hello
New to Ruckus Wifi
We are setting up a new network, with Wifi using Ruckus ZoneDirector 1200 latest firmware and
ZF R500 Dual Band 802.11 AC Access points(40) We have HP switches all layer 2 routing is through a fortinet fortigate100d
We have setup one LWAP vlan for Access Points and ZD
It looks like the ZD1200 needs to be untagged in the LWAP vlan and Tagged for all other Vlans, Question Can the Access Points be untagged/access ports Example Aruba APs by default send all client traffic back to the controller and the controller puts it on the right VLANs
Any help or pointers appreciated

Craig

krishan_parasha · ‎04-22-2019

All port of ap should be tag if u want to pass vlan through ap make then untag

david_saez · ‎04-23-2019

Hi Craig,

You can manage APs on native VLAN 1 or in a different one.
- For managing APs on native VLAN 1, connect the ZD and all the APs in access ports with VLAN 1 (check APs are joined to the ZD and show connected under Monitor > Access Points on ZD GUI).

- To change to a different VLAN, follow the steps below:

Under Configure > Access Points go to Access Point Policies, select Management VLAN and select VLAN ID as 20 (this is an example). When applied all the APs will get disconnected.
Under Configure > System go to Device IP Settings and change ACCESS VLAN* to 20 and Apply
Now connect the ZD to a trunk port with VLAN 1 untagged and 20 tagged
Connect APs to trunk ports in which VLAN 1 is untagged and 20, 21 , 22.. are tagged
- Here 21, 22 .. are for configuring WLAN/SSIDs with corresponding VLANs
Now the APs will join back to ZD and will show connected.

NOTE: Make sure there is Inter VLAN routing Enabled between VLAN 1 and VLAN 20 , if you want to access the ZD or the APs from VLAN 1.

Best Regards.
David.

Ankush_Chandan · ‎04-23-2019

Hi Craig,

From your question: "Can the Access Points be untagged/access ports Example Aruba APs by default send all client traffic back to the controller and the controller puts it on the right VLANs", I understand that you would like to keep your AP's on untagged VLAN, however you would like ZD(controller) to pass Client traffic to the respective VLANs.

For this you would need to assign desired VLAN under WLAN Advance Options and enable Tunnel Mode on the WLAN.

Image_ images_messages_5f91c45b135b77e247a4102d_6302cb86c4c008e9ede4fb8339c28e65_RackMultipart20190423108891ddv-013cac04-229a-4846-96e5-390766578e03-1026647158.png1556015372

You would further need to tag the same VLAN on the ZD uplink port and if you like to add more WLANs with different VLANs, those VLANs should be tagged on the ZD uplink port.

I hope this answers your concern.

Regards,
-Ankush

michael_brado · ‎04-23-2019

Ankush describes our mechanism to replicate the behaviour you describe.

Connect APs on untagged VLAN1, and on your Controller's switch port, have a trunk with VLAN1 (untagged) and your required client VLANs (tagged).

Under your WLAN configurations, Advanced Settings, click that Tunnel Mode box and Client traffic will tunnel their traffic back to the controller, and then go out on the correct VLANs.

The alternative, called Local Break Out (LBO), will drop your client traffic at the AP switch port, and in that case, you would need trunks with the client VLANs on each of your AP switch ports.
[ This is the default behavior, if you do not choose to use Tunnel Mode. ]

CommScope RUCKUS Community Forums

ZD 1200 and ZF R500 Dual Band 802.11 AC Tagged or Untagged