This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ZoneDirector failure mitigation questions & feature request

daniel_googe
New Contributor II

‎07-20-2014 09:37 PM

I'm new to the Ruckus setup and am configuring a ZD 3000 for deployment next week. I would love to take advantage of some of the fancy security and accounting features but I am also concerned about a ZD failure and losing the wireless network. For cost reasons, I want to avoid buying a second ZD 3000 for an HA setup.

It is my understanding that using the Zero-IT and AD-integration options require the ZD to be available at all times, so if the ZD went down then so do WLAN authentications. Am I correct in this assumption? Now, with the new option in 9.8 to create autonomous WLANs with basic authentication, I think it would be great to have the Zero-IT WLAN active at all times but also a "dormant" autonomous WLAN, and if an AP cannot contact the ZD it then turns on the autonomous WLAN. You have decreased security during the outage but clients can still access the network. Think of it as a "fail-open" option. I would only want the less secure autonomous WLAN to be on during the failover situation. Can this be done now, or is there another way to get the desired effect? If it can't then I think this would be a useful feature to have. It would make the autonomous WLANs much more useful and bridge the gap with controller-less WLANs
2 REPLIES 2

michael_brado
Esteemed Contributor II

‎07-21-2014 04:15 PM

You have accurately described the purpose of Autonomous WLAN, to be available to provide local resource access to wireless clients when the link to ZD is down. You must use an Open Auth or WPA-PSK for this type of WLAN.
0 Kudos

daniel_googe
New Contributor II

‎08-08-2014 06:46 AM

I understand that. My point was that it would be a great feature to configure an autonomous LAN, have it inactive on APs by default and use a more secure authentication method. If the ZoneDirector failed or was unreachable then the APs would "fail-open" and activate their autonomous WLANs for use in a disaster-recovery scenario. 99% of the time you would be using very secure authentication when the ZD is available, but only 1% of the time (in an outage scenario) would you be exposing plain WPA2-PSK.
0 Kudos
Copyright © 2024 Khoros, LLC