Assign DHCP uniquely to a particular SSID?

  • 1
  • Question
  • Updated 4 months ago
  • Acknowledged
Current setup: 
  • 6 APs in an unleashed network, serving up 4 separate SSIDs.  
  • DHCP turned off on Rukus, and managed by non-Ruckus routing infrastructure.
Requirement:
  • We would like to route for clients that come in on a particular SSID (call this SSID-4) differently.  Need to find a way to "mark" those clients on SSID-4 so that the router can do the right things.
  • One concept we had was for the Ruckus wireless to have DHCP turned on for just SSID-4, and assign IP's in a specific/known range so that the router could treat route these differently.
Question:

  • Can the DHCP be turned on for just one of the SSIDs?
  • Can we set the range of IPs that that DHCP serves?
  • If not, any other ideas for how to "mark" these clients/packets for the upstream router to handle?
Note: We are okay using CLI if that is the only way.  Thanks!
Photo of Neeraj Gupta

Neeraj Gupta

  • 3 Posts
  • 0 Reply Likes

Posted 5 months ago

  • 1
Photo of Fabian Garzon Baquero

Fabian Garzon Baquero, Employee

  • 8 Posts
  • 6 Reply Likes
Hello Neeraj,

According to your needs, the best way to do this is use different VLANs to match the right services according to the need of each SSID, as by default LAN port of AP is Trunk, you can create on your Switch a Mixed or Hybrid Cofiguration, using access VLAN for management and Tagged VLANs for services, in this case you tag the VLAN with the proper configuration and DHCP scope and in the WLAN configuration you click on show Advanced Options and go to WLAN Priority TAB and type the number of the corresponding VLAN for that SSID in Access VLAN, by default is 1.


Once you do this and Apply the CHanges, your devices connected to this SSID will be able to get the IP address from the pool configured for this VLAN, and the traffic can be configured according to the Policies for this VLAN.

Regards,

FABIAN GARZON
(Edited)
Photo of Neeraj Gupta

Neeraj Gupta

  • 3 Posts
  • 0 Reply Likes
Thanks.  To be clear though, in this approach, I'd have to have a second ethernet cable from each AP to the switch (tagged ports) to be able to use the second tagged VLAN.  Is there a way to avoid the second ethernet cable (why we were considering a conditional DHCP server for just that one SSID).
Photo of Victor Cenac

Victor Cenac

  • 50 Posts
  • 16 Reply Likes
The purpose of a tagged network or VLAN is to transport multiple networks over a single wire. If there multiple wires involved, then the separation of the networks is physical, no need for tagging.

Your switch should be set to use a trunked port, and each VLAN will have a network-id or vlan-id. Your AP connected to that port will tag each WLAN traffic with the corresponding VLAN tag. For example, WLAN-1, -2 and -3 will have tag (or vlan-id) 3 and WLAN-4 will have tag 4.

Thus, on the switch and further upstream, on the router, vlan 4 will have its own router IP (or gateway) and you can enable DHCP on it, defining a subnet on that VLAN.
Photo of Neeraj Gupta

Neeraj Gupta

  • 3 Posts
  • 0 Reply Likes
Ah - got it - color me ignorant, this makes complete sense.
Photo of Michael Brado

Michael Brado, Official Rep

  • 3089 Posts
  • 444 Reply Likes
Please let us know if this works.  Unleashed is not designed for multi-VLAN, only single LAN deployment.  Switches assigning VLAN by WLAN priority tag would be a workaround solution.
Photo of thomas fankhauser

thomas fankhauser

  • 71 Posts
  • 22 Reply Likes
hi Michael,
i did not know that. but i use vlan on unleashed with success.
what i doing wrong?
Photo of Victor Cenac

Victor Cenac

  • 50 Posts
  • 16 Reply Likes
Ooops! I didn't know that about Unleashed.... Is the ACL available on Unleash? If so, he could simply block traffic from WLAN-4 to the networks he'd like to keep private.