ICX 7150 to Ruckus ZD1200 w/H510 WAP

  • 1
  • Question
  • Updated 8 months ago
hello Newbie question.
I am trying to connect a ZD1200 via an ICX 7150 switch to H510 APs.
 vlan 1 is native /Vlan 20 public ssid /Vlan 30 for members / Vlan 40 for media and Vlan  100 for wired connections.

I have the following config but unable to get the ZD on port 1/1/1 to connect to the APs on ports 1/1/3 - 1/1/12.

The source internet port is 1/2/1

-------------------------------------------------------------------
!
ver 08.0.61aT213
!
stack unit 1
  module 1 icx7150-24p-poe-port-management-module
  module 2 icx7150-2-copper-port-2g-module
  module 3 icx7150-4-sfp-plus-port-40g-module
!
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
!
vlan 10 by port
 tagged ethe 1/1/1 ethe 1/1/11
!
vlan 20 by port
 tagged ethe 1/1/1 ethe 1/1/3
 router-interface ve 20
!
vlan 30 by port
 tagged ethe 1/1/1
 router-interface ve 30
!
vlan 40 by port
 tagged ethe 1/1/1
 router-interface ve 40
!
vlan 100 by port
 tagged ethe 1/1/1 ethe 1/1/7
 untagged ethe 1/1/8 to 1/1/9
 router-interface ve 100
!
!
!
aaa authentication web-server default local
aaa authentication login default local
boot sys fl sec
no ip dhcp-client auto-update enable
ip dhcp-server enable
no ip dhcp-server mgmt
!
ip dhcp-server pool public
 dhcp-default-router 172.16.1.1
 dns-server 8.8.8.8
 excluded-address 172.16.1.1
 lease 0 1 0
 network 172.16.1.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool members
 dhcp-default-router 172.16.2.1
 dns-server  8.8.8.8
 lease 0 12 0
 network 172.16.2.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool media
 dhcp-default-router 172.16.3.1
 dns-server  8.8.8.8
 lease 0 4 0
 network 172.16.3.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool vlan100
 dhcp-default-router 10.10.64.1
 dns-server 10.10.64.1 8.8.8.8
 excluded-address 10.10.64.1 10.10.64.50
 lease 1 0 0
 network 10.10.64.0 255.255.254.0
 deploy
!
ip default-network 10.10.64.0/23
ip dns domain-list CI_LA
ip dns server-address 10.10.64.1 8.8.8.8
ip route 10.10.64.0/23 ethernet 1/2/1
ip route 172.16.1.0/24 ethernet 1/2/1
!
!
!
!
!
!
!
!
!
!
interface ethernet 1/1/1
 dual-mode  10
!
interface ethernet 1/1/3
 inline power
!
interface ethernet 1/1/4
 inline power
!
interface ethernet 1/1/5
 inline power
!
interface ethernet 1/1/6
 inline power
!
interface ethernet 1/1/7
 inline power
!
interface ethernet 1/1/8
 inline power
!
interface ethernet 1/1/9
 inline power
!
interface ethernet 1/1/10
 inline power
!
interface ethernet 1/1/11
 inline power
!
interface ethernet 1/1/12
 inline power
!
interface ethernet 1/3/2
 speed-duplex 1000-full
!
interface ethernet 1/3/4
 speed-duplex 1000-full
!
interface ve 20
 ip address 172.16.1.1 255.255.255.0
!
interface ve 100
 ip address 10.10.64.1 255.255.254.0
!
!
interface ve 30
 ip address 172.16.2.1 255.255.255.0
!
interface ve 40
 ip address 172.16.3.1 255.255.255.0
!
!
!
!
!
!
!
end

 
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes

Posted 8 months ago

  • 1
Photo of Syamantak Omer

Syamantak Omer, Employee

  • 9 Posts
  • 0 Reply Likes

Hi,

Could you please confirm what VLAN you wish to use for AP and ZDs?

It seems you want to use VLAN 100 for ZD and AP (Since you have mentioned VLAN 100 for wired), if that is the case then the only missing configuration for VLAN 100 is:

-        Set the interface 1/1/1 and 1/1/3 to 1/1/12 in dual mode with VLAN 100

For VLAN 100 you already configured a VLAN interface, a DHCP pool, and IP route to gateway interface 1/2/1.

VLAN 10 is not even configured on any of the VLAN interface, so I think above should work.

Hope this will work.

Regards

Photo of David Ellis

David Ellis, Employee

  • 20 Posts
  • 2 Reply Likes
The port for the ZD does not need to be tagged in any VLAN. It only needs to be untagged in your management VLAN (I assume VLAN 10). It will work the way it is setup, but it is not a best practice.

For the H510, You need to tag ports 1/1/3 to 1/1/11 on VLANs for the wireless, management, and wired ports on the AP. You will need to set the VLAN for the wired ports on the H510 as your Dual-mode VLAN, and configure the management VLAN in the AP configuration of the ZD.

Example:

VLAN 10 (Assumed Management)
untagged e 1/1/1 - ZD Port

VLAN 10 20 30 40 100
tagged e 1/1/3 to 1/1/11

int e 1/1/3 to 1/1/11
dual-mode 100

Configure management VLAN of the AP in ZD to 10
Photo of Bruce O'Donnell

Bruce O'Donnell, Employee

  • 2 Posts
  • 1 Reply Like
Hi P-Tech

Another thing I notice is you have routes defined on interface 1/2/1 but no IP address assigned. This will be insufficient to work. You need to either assign an IP address to eth 1/2/1 which will make it a routed port (consider use of route-only command in that case on 1/2/1) or preferably use another VLAN and asign it untagged on eth 1/2/1 with the routes pointing to the corresponding VE.

For extra brownie points, consider
int eth 1/1/3 to 1/1/12
port-name WAPs

int eth 1/1/1
port-name "SZ1200 ctrlr"

or similar.
This will make it easier to follow in the future what you intended.
Also, use
show vlan
or show vlan eth x/y/z to understand better what your current config is achieving. The output is a little hard to follow at first but it is comprehensive.

btw the dual-mode 10 on eth  1/1/1 was perfectly valid but as David Ellis says, you don't need any other VLAN so untagged or dual mode much of a muchness.

Also maybe the below
vlan 10 by port
 tagged ethe 1/1/1 ethe 1/1/11
was supposed to be
vlan 10 by port
 tagged ethe 1/1/1 to 1/1/12
What about a management ve for VLAN 10 so you can talk to the controller and what of address assignment for APs? These are not in align atm.

Hope this helps.
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
Apologies for the delayed response due to illness . Thank you all for your assistance and will update you shortly
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
still having an issue. I made the amendments but still not getting  the ZD to connect to the APs
ZD is set to VLAN 10


vlan 10 name MGMT by port
 tagged ethe 1/1/3 to 1/1/12
 untagged ethe 1/1/1
 router-interface ve 10
!
vlan 20 name Public by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 20
!
vlan 30 name Members by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 30
!
vlan 40 name Media by port
 tagged ethe 1/1/3 to 1/1/12
 router-interface ve 40
!
!
no ip dhcp-client auto-update enable
ip dhcp-server enable
ip dhcp-server server-identifier 172.31.255.1
no ip dhcp-server mgmt
!
ip dhcp-server pool public
 dhcp-default-router 172.31.20.1
 dns-server  8.8.8.8
 excluded-address 172.31.20.1
 lease 0 1 0
 network 172.31.20.0 255.255.255.0
!
!
ip dhcp-server pool members
 dhcp-default-router 172.31.30.1
 dns-server  8.8.8.8
 excluded-address 172.31.30.1
 lease 1 0 0
 network 172.31.30.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool media
 dhcp-default-router 172.31.40.1
 dns-server  8.8.8.8
 excluded-address 172.31.40.1
 lease 1 0 0
 network 172.31.40.0 255.255.255.0
 deploy
!
!
ip dhcp-server pool mgmt_1
 dhcp-default-router 172.31.255.1
 dns-server 172.31.255.1
 excluded-address 172.31.255.1 172.31.255.99
 lease 0 6 0
 network 172.31.255.0 255.255.255.0
 deploy
!
ip default-network 10.10.64.0/23
ip route 0.0.0.0/0 192.168.1.1
!
!
!
interface ethernet 1/1/3
 port-name WAPs
 dual-mode  10
 inline power
!
interface ethernet 1/1/4
 port-name WAPs
 dual-mode  10
 inline power
!
interface ethernet 1/2/2
 ip address 192.168.1.250 255.255.255.252
!
interface ve 10
 ip address 172.31.255.1 255.255.255.0
!
interface ve 20
 ip address 172.31.20.1 255.255.255.0
!
interface ve 30
 ip address 172.31.30.1 255.255.255.0
!
interface ve 40
 ip address 172.31.40.1 255.255.255.0
!
!
end
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
PORT-VLAN 10, Name MGMT, Priority level0, Spanning tree Off
 Untagged Ports: (U1/M1)   1
   Tagged Ports: None
   Uplink Ports: None
 DualMode Ports: (U1/M1)   3   4   5   6   7   8   9  10  11  12
Photo of Syamantak Omer

Syamantak Omer, Employee

  • 9 Posts
  • 0 Reply Likes
Still I do not see interface 1/1/1 in Dual port mode for VLAN 10.

Kindly correct this or plug the ZD on any interface 3-12 for testing and it should get an IP and should be reachable from switch.

You may also factory reset the ZD once to see if it gets an IP then.
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
thanks for your assistance so far.

Still no joy.  I didn't factory reset the ZD yet but did get this when I changed the vlan from 10 to 1

Photo of Syamantak Omer

Syamantak Omer, Employee

  • 9 Posts
  • 0 Reply Likes
Hi P-Tech,

Ruckus ZD and APs works on default VLAN 1 as untagged. If you change the VLAN from 1 to any other VLAN, this will become a tagged VLAN.

I am again giving you the requirements for ZD AP VLAN configuration.

Switch port config for ZD:
Port should be trunk with VLAN 10 in dual mode and rest VLANs as tagged.

Switch port config for ZD:
Port should be trunk with VLAN 10 in dual mode and rest VLANs as tagged.

ZD:
It should be set to DHCP and VLAN set to 1.

If above configurations are correct on switch port/ZD then AP and ZD both will get the IP on VLAN 10 and will auto connect without any further intervention.

I can see that ZD is getting an IP now from DHCP but it is getting a incorrect gateway.

Double check if DHCP configured correctly on switch.

If you still see the issue, I will advise to raise a case with support.
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
this the output when I show vlan 10 on the switch

PORT-VLAN 10, Name MGMT, Priority level0, Spanning tree Off
 Untagged Ports: None
   Tagged Ports: None
   Uplink Ports: None
 DualMode Ports: (U1/M1)   1   3   4   5   6   7   8   9  10  11  12
 Mac-Vlan Ports: None
     Monitoring: Disabled
Photo of David Ellis

David Ellis, Employee

  • 20 Posts
  • 2 Reply Likes
Are you getting DHCP Addresses on the APs? What VLAN is DHCP Server on? Are you using an Option 43 or DNS for the APs to find the controller?
Photo of Abilash P R

Abilash P R, Employee

  • 60 Posts
  • 13 Reply Likes
Hi P-Tech,

Could you please ssh into the AP and enter the below command ?

Set director ip <ip address of ZD> 
reboot
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
not sure how this would work.

The ZD is still showing the default factory ip address even though it is set to DHCP. the switch has issued the new ip address but the ZD ( d838.fc02..e80 ) is not showing it. ZD has been restarted several times.


Photo of Syamantak Omer

Syamantak Omer, Employee

  • 9 Posts
  • 0 Reply Likes
Connect a laptop on port 1/1/1 and check if it gets an IP address.

Make sure switch port is configured as access port with VLAN 10 untagged (Only for testing).
Photo of P-Tech

P-Tech

  • 13 Posts
  • 0 Reply Likes
laptop:

d4c9.ef53.7e99  1/1/1                Dynamic      10



 172.31.255.103    d4c9.ef53.7e99   000d:05h:58m:56s   Automatic

but cannot ping any of the other addresses
Photo of Syamantak Omer

Syamantak Omer, Employee

  • 9 Posts
  • 0 Reply Likes
This is because switch port 1/1/1/ is set to Untagged VLAN 10, hence this will be untagged traffic and none of the tagged VLAN 10 devices can be reached. Either both the devices should be on tagged VLAN 10 or untagged for inter reachability.