p_tech's profile

13 Messages

 • 

200 Points

Tue, Feb 20, 2018 8:58 PM

ICX 7150 to Ruckus ZD1200 w/H510 WAP

hello Newbie question.
I am trying to connect a ZD1200 via an ICX 7150 switch to H510 APs.
 vlan 1 is native /Vlan 20 public ssid /Vlan 30 for members / Vlan 40 for media and Vlan  100 for wired connections.

I have the following config but unable to get the ZD on port 1/1/1 to connect to the APs on ports 1/1/3 - 1/1/12.

The source internet port is 1/2/1

-------------------------------------------------------------------
!
ver 08.0.61aT213
!
stack unit 1
  module 1 icx7150-24p-poe-port-management-module
  module 2 icx7150-2-copper-port-2g-module
  module 3 icx7150-4-sfp-plus-port-40g-module
!
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
!
vlan 10 by port
 tagged ethe 1/1/1 ethe 1/1/11
!
vlan 20 by port
 tagged ethe 1/1/1 ethe 1/1/3
 router-interface ve 20
!
vlan 30 by port
 tagged ethe 1/1/1
 router-interface ve 30
!
vlan 40 by port
 tagged ethe 1/1/1
 router-interface ve 40
!
vlan 100 by port
 tagged ethe 1/1/1 ethe 1/1/7
 untagged ethe 1/1/8 to 1/1/9
 router-interface ve 100
!
!
!
aaa authentication web-server default local
aaa authentication login default local
boot sys fl sec
no ip dhcp-client auto-update enable
ip dhcp-server enable
no ip dhcp-server mgmt
!
ip dhcp-server pool public
 dhcp-default-router 172.16.1.1
 dns-server 8.8.8.8
 excluded-address 172.16.1.1
 lease 0 1 0
 network 172.16.1.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool members
 dhcp-default-router 172.16.2.1
 dns-server  8.8.8.8
 lease 0 12 0
 network 172.16.2.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool media
 dhcp-default-router 172.16.3.1
 dns-server  8.8.8.8
 lease 0 4 0
 network 172.16.3.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool vlan100
 dhcp-default-router 10.10.64.1
 dns-server 10.10.64.1 8.8.8.8
 excluded-address 10.10.64.1 10.10.64.50
 lease 1 0 0
 network 10.10.64.0 255.255.254.0
 deploy
!
ip default-network 10.10.64.0/23
ip dns domain-list CI_LA
ip dns server-address 10.10.64.1 8.8.8.8
ip route 10.10.64.0/23 ethernet 1/2/1
ip route 172.16.1.0/24 ethernet 1/2/1
!
!
!
!
!
!
!
!
!
!
interface ethernet 1/1/1
 dual-mode  10
!
interface ethernet 1/1/3
 inline power
!
interface ethernet 1/1/4
 inline power
!
interface ethernet 1/1/5
 inline power
!
interface ethernet 1/1/6
 inline power
!
interface ethernet 1/1/7
 inline power
!
interface ethernet 1/1/8
 inline power
!
interface ethernet 1/1/9
 inline power
!
interface ethernet 1/1/10
 inline power
!
interface ethernet 1/1/11
 inline power
!
interface ethernet 1/1/12
 inline power
!
interface ethernet 1/3/2
 speed-duplex 1000-full
!
interface ethernet 1/3/4
 speed-duplex 1000-full
!
interface ve 20
 ip address 172.16.1.1 255.255.255.0
!
interface ve 100
 ip address 10.10.64.1 255.255.254.0
!
!
interface ve 30
 ip address 172.16.2.1 255.255.255.0
!
interface ve 40
 ip address 172.16.3.1 255.255.255.0
!
!
!
!
!
!
!
end

 

Responses

Official Rep

 • 

946 Messages

 • 

13.7K Points

3 y ago

Hi,

Could you please confirm what VLAN you wish to use for AP and ZDs?

It seems you want to use VLAN 100 for ZD and AP (Since you have mentioned VLAN 100 for wired), if that is the case then the only missing configuration for VLAN 100 is:

-        Set the interface 1/1/1 and 1/1/3 to 1/1/12 in dual mode with VLAN 100

For VLAN 100 you already configured a VLAN interface, a DHCP pool, and IP route to gateway interface 1/2/1.

VLAN 10 is not even configured on any of the VLAN interface, so I think above should work.

Hope this will work.

Regards

Regards,

Syamantak Omer

20 Messages

 • 

290 Points

3 y ago

The port for the ZD does not need to be tagged in any VLAN. It only needs to be untagged in your management VLAN (I assume VLAN 10). It will work the way it is setup, but it is not a best practice.

For the H510, You need to tag ports 1/1/3 to 1/1/11 on VLANs for the wireless, management, and wired ports on the AP. You will need to set the VLAN for the wired ports on the H510 as your Dual-mode VLAN, and configure the management VLAN in the AP configuration of the ZD.

Example:

VLAN 10 (Assumed Management)
untagged e 1/1/1 - ZD Port

VLAN 10 20 30 40 100
tagged e 1/1/3 to 1/1/11

int e 1/1/3 to 1/1/11
dual-mode 100

Configure management VLAN of the AP in ZD to 10

2 Messages

 • 

90 Points

3 y ago

Hi P-Tech

Another thing I notice is you have routes defined on interface 1/2/1 but no IP address assigned. This will be insufficient to work. You need to either assign an IP address to eth 1/2/1 which will make it a routed port (consider use of route-only command in that case on 1/2/1) or preferably use another VLAN and asign it untagged on eth 1/2/1 with the routes pointing to the corresponding VE.

For extra brownie points, consider
int eth 1/1/3 to 1/1/12
port-name WAPs

int eth 1/1/1
port-name "SZ1200 ctrlr"

or similar.
This will make it easier to follow in the future what you intended.
Also, use
show vlan
or show vlan eth x/y/z to understand better what your current config is achieving. The output is a little hard to follow at first but it is comprehensive.

btw the dual-mode 10 on eth  1/1/1 was perfectly valid but as David Ellis says, you don't need any other VLAN so untagged or dual mode much of a muchness.

Also maybe the below
vlan 10 by port
 tagged ethe 1/1/1 ethe 1/1/11
was supposed to be
vlan 10 by port
 tagged ethe 1/1/1 to 1/1/12
What about a management ve for VLAN 10 so you can talk to the controller and what of address assignment for APs? These are not in align atm.

Hope this helps.

13 Messages

 • 

200 Points

3 y ago

Apologies for the delayed response due to illness . Thank you all for your assistance and will update you shortly

13 Messages

 • 

200 Points

3 y ago

still having an issue. I made the amendments but still not getting  the ZD to connect to the APs
ZD is set to VLAN 10


vlan 10 name MGMT by port
 tagged ethe 1/1/3 to 1/1/12
 untagged ethe 1/1/1
 router-interface ve 10
!
vlan 20 name Public by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 20
!
vlan 30 name Members by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 30
!
vlan 40 name Media by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 40
!
!
no ip dhcp-client auto-update enable
ip dhcp-server enable
ip dhcp-server server-identifier 172.31.255.1
no ip dhcp-server mgmt
!
ip dhcp-server pool public
 dhcp-default-router 172.31.20.1
 dns-server  8.8.8.8
 excluded-address 172.31.20.1
 lease 0 1 0
 network 172.31.20.0 255.255.255.0
!
!
ip dhcp-server pool members
 dhcp-default-router 172.31.30.1
 dns-server  8.8.8.8
 excluded-address 172.31.30.1
 lease 1 0 0
 network 172.31.30.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool media
 dhcp-default-router 172.31.40.1
 dns-server  8.8.8.8
 excluded-address 172.31.40.1
 lease 1 0 0
 network 172.31.40.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool mgmt_1
 dhcp-default-router 172.31.255.1
 dns-server 172.31.255.1
 excluded-address 172.31.255.1 172.31.255.99
 lease 0 6 0
 network 172.31.255.0 255.255.255.0
 deploy
!
ip default-network 10.10.64.0/23
ip route 0.0.0.0/0 192.168.1.1
!
!
!
interface ethernet 1/1/3
 port-name WAPs
 dual-mode  10
 inline power
!
interface ethernet 1/1/4
 port-name WAPs
 dual-mode  10
 inline power
!
interface ethernet 1/2/2
 ip address 192.168.1.250 255.255.255.252
!
interface ve 10
 ip address 172.31.255.1 255.255.255.0
!
interface ve 20
 ip address 172.31.20.1 255.255.255.0
!
interface ve 30
 ip address 172.31.30.1 255.255.255.0
!
interface ve 40
 ip address 172.31.40.1 255.255.255.0
!
!
end

Official Rep

 • 

946 Messages

 • 

13.7K Points

If I look on the VLAN 10 configuration by port then there is one issue.
ZD's interface 1/1/1 is set to untagged VLAN 10 and rest AP ports 1/1/3 to 1/1/12 are set to tagged VLAN, ZD-AP will not communicate with each other in this case.

vlan 10 name MGMT by port
 tagged ethe 1/1/3 to 1/1/12
 untagged ethe 1/1/1
 router-interface ve 10

To resolve this please put all the interface into dual mode VLAN 10.

Now APs and ZD will get IP on Untagged VLAN 10 on same subnet and if you have additional VLANs then you can tag them on these interface for WLAN traffic (e.i. VLAN 30 member, VLAN 20 public and VLAN 40 for media).

Now talk about the AP/ZD discovery, if both AP and ZD are in same VLAN/Same IP subnet then there is no requirement for option 43, L2 discovery will work and APs will discover the controller without any extra efforts.

Regards,

Syamantak Omer

13 Messages

 • 

200 Points

To resolve this please put all the interface into dual mode VLAN 10.
would this be same as connecting the ZD to port  1/1/4 ?

Official Rep

 • 

946 Messages

 • 

13.7K Points

Yes, since all the other interfaces 1/1/3 to 1/1/12 will be on dual mode on VLAN 10 (assuming you made changes as advised in my previous comment), ZD should pull the IP on VLAN 10.

It should work on any interface where interface has VLAN 10 in dual mode.

Regards,

Syamantak Omer

13 Messages

 • 

200 Points

I thought so but no joy.  
As a test a plugged a laptop into the port and got an ip 
  172.31.255.103    d4c9.ef53.7e99   000d:05h:02m:09s   Automatic

on switch the ZD is given

 172.31.255.101    d838.fc02..e80   000d:05h:59m:58s   Automatic

but on the ZD I see this

13 Messages

 • 

200 Points

PORT-VLAN 10, Name MGMT, Priority level0, Spanning tree Off
 Untagged Ports: (U1/M1)   1
   Tagged Ports: None
   Uplink Ports: None
 DualMode Ports: (U1/M1)   3   4   5   6   7   8   9  10  11  12

20 Messages

 • 

290 Points

3 y ago

Are you getting DHCP Addresses on the APs? What VLAN is DHCP Server on? Are you using an Option 43 or DNS for the APs to find the controller?

13 Messages

 • 

200 Points

Not using option 43. 

on the switch I get 

MAC-Address     Port                 Type         VLAN
34fa.9f03..b10  1/1/7                Dynamic      10
d838.fc02..e80  1/1/1                Dynamic      10
34fa.9f03..8f0  1/1/3                Dynamic      10

#sho ip dhcp-ser bind
        IP Address    Client-ID/        Lease expiration Type
                      Hardware address
 
    172.31.255.100    34fa.9f03..8f0   000d:06h:00m:00s   Automatic
    172.31.255.101    d838.fc02..e80   000d:05h:59m:50s   Automatic
    172.31.255.102    34fa.9f03..b10   000d:05h:59m:58s   Automatic


but  on the ZD I still see the factory default ip in the management interface.

Employee

 • 

61 Messages

 • 

956 Points

Hi P-Tech,

Could you please ssh into the AP and enter the below command ?

Set director ip  
reboot

13 Messages

 • 

200 Points

not sure how this would work.

The ZD is still showing the default factory ip address even though it is set to DHCP. the switch has issued the new ip address but the ZD ( d838.fc02..e80 ) is not showing it. ZD has been restarted several times.


Official Rep

 • 

946 Messages

 • 

13.7K Points

Connect a laptop on port 1/1/1 and check if it gets an IP address.

Make sure switch port is configured as access port with VLAN 10 untagged (Only for testing).

Regards,

Syamantak Omer

13 Messages

 • 

200 Points

laptop:

d4c9.ef53.7e99  1/1/1                Dynamic      10



 172.31.255.103    d4c9.ef53.7e99   000d:05h:58m:56s   Automatic

but cannot ping any of the other addresses