New site no documentation

  • 1
  • Question
  • Updated 4 weeks ago
I have inherited a site with a Zone Director 1200 and 10 access points. The previous "IT guy" documented absolutely nothing and registered almost everything in his own name. He has gone out of business surprisingly and does not return calls.
 These folks are using a simple ISP gateway device to a HP procurve (unmanaged) and a Dlink DES-1228P for the APs' POE. I'm not seeing evidence of any pre-existing VLANs. Pretty simple setup. The ISP gateway device had failed and was replaced by the ISP. Now there is no connectivity to the internet for any of the APs. Nether the subnet nor the gateway IP was changed on the replacement device. Is there a simple reason why the Access Points have no internet after the change? Does the Zone Director register the MAC address of the gateway for some reason? Seems unlikely.
I have only remoted into a local PC for initial forensics :) It looks like the ISP enabled the native wireless AP on the replacement gateway device and this is what office staff are currently using. He may have used the Ruckus AP SSID names provided by the staff because the main one is called corporate something..same scheme no? Could it be this that is causing the issue?
I will be onsite tomorrow.
In the long run, I feel like I'm going to have to hard reset the ZD anyway. No one has a clue what the password might be. I tried admin/admin and super/sp-admin with no luckI think from reading here that I will also have to hard reset all of the APs as well because they will all be protected with the same password? Is there a recommended order of operations to ensure the reset process goes smoothly? 

Sorry, complete newblet to all things Ruckus.

Thanks in advance for any assistance, 

Jeff
Photo of Jeff MacIntosh

Jeff MacIntosh

  • 5 Posts
  • 0 Reply Likes

Posted 4 weeks ago

  • 1
Photo of Sandeep Gupta

Sandeep Gupta, Employee

  • 13 Posts
  • 3 Reply Likes
Hi there..  Definitely contact TAC (1-855-RUCKUS-1) and hopefully your ZD is under a valid contract??  they may be able to help you get in to the controller without having to factory default, but I don't know for sure.

There really should be no issue with connectivity outbound if nothing changed.  i suspect that a different internal subnet is probably set up on the inside.  ie. the default of 192.168.0.0 but the previous guy was using a 10.0.0.0 range.  in this case, the ZD can't get out.

I suggest trying to connect a device directly to the switch (like a laptop) and seeing what IP address details you get.  have an IP Ping scanner ready and search for the ZD management IP (unless you already know what that is) and ensure they are reachable and on the same subnet.  It would be a lot easier if you could just log in to the controller.

Assuming the above is all the way it is supposed to be, there really should be no issues going outbound to the internet.
Photo of Jeff MacIntosh

Jeff MacIntosh

  • 5 Posts
  • 0 Reply Likes
Thanks for the unbelievably fast reply!

I am unsure of the contract status so will be avoiding firmware updates etc until that can be determined.

I had an employee hook a laptop directly to the ZD and it's IP is known and part of the existing subnet. This is how we tried the passwords to login and failed of course. The IP is 192.168.2.240 and did not show up in the DHCP clients list on the gateway device so I assumed it was statically set previously. The access points do all show up in the DHCP clients list on the gateway as unknown devices, all receiving addresses from the pool on the gateway. Is this unusual?

Thanks again, 

Jeff
Photo of Sandeep Gupta

Sandeep Gupta, Employee

  • 13 Posts
  • 3 Reply Likes
From the laptop, can you reach the Gateway IP, and the Internet?  an easy test is to ping 8.8.8.8 which is google's DNS server.  if you can ping it you have internet access, if not there is a network issue with the ISP device, probably the interface that connects through to the ZD.
Photo of Jeff MacIntosh

Jeff MacIntosh

  • 5 Posts
  • 0 Reply Likes
I can reach the ZD and the internet while plugged into the switch from a laptop. There appears to be only the one subnet at play here. Is there any value to rebooting all of the APs manually in this case? Maybe I have made an incorrect assumption. Maybe the ZD has received the 2.240 IP from the DHCP on the gateway and I missed it. Seems odd to get an IP from the end of the pool first but I have seen it before. If the gateway device was on a different subnet prior to the gateway change would the APs still be able to connect to the ZD after the change if it was DHCP? Would they just work or have to be reconnected to the ZD? Is it a bad idea to reboot the APs?

Thanks,

Jeff


Photo of Sandeep Gupta

Sandeep Gupta, Employee

  • 13 Posts
  • 3 Reply Likes
Probably wouldn't hurt to reboot the APs.  if both the laptop which can reach the internet and the ZD are on the same subnet the ZD should be able to get out -- unless its possible the gateway IP is different than it was before?  sometimes its .1 other times i've seen .254 as the gateway IP (though in theory it could be any IP in the range).  Probably wouldn't hurt to reboot the ZD as well.

Given that its only 10 APs, at the end of the day rebuilding from factory default is not a big task.  That might be your best bet since you will need access to the controller at some point, even if the system is running while you're locked out, right?

Seems like an odd problem with likely a simple issue but tough to get a pinpoint on it running blind.  In theory, everything should work just the same if the settings are truly just the same...

Sorry i could not be of more help!
Photo of Jeff MacIntosh

Jeff MacIntosh

  • 5 Posts
  • 0 Reply Likes
Thanks for the input. Still unsure of best practice or the correct order of operations to properly reset everything and gain control of the ZD. Tomorrow should be fun! :)

Thanks ,

Jeff
Photo of Diego Garcia del Rio

Diego Garcia del Rio

  • 25 Posts
  • 6 Reply Likes
I'm guessing the aps might have configured the client isolation option which requires the gateway Mac and IP to be configured (otherwise traffic will be dropped). Check under the advanced settings of the wlan config.

Good luck.
Photo of Jeff MacIntosh

Jeff MacIntosh

  • 5 Posts
  • 0 Reply Likes
This! You were absolutely correct. I got the password. All is good. Thanks again Diego.
Photo of Diego Garcia del Rio

Diego Garcia del Rio

  • 25 Posts
  • 6 Reply Likes
Glad to hear so! Welcome to the world of ruckus. It's great gear, you'll see!
Photo of thomas fankhauser

thomas fankhauser

  • 57 Posts
  • 14 Reply Likes
if you really have no idea what the user name and password are, then you probably will not get around a factory setting. you may be able to revive the wlan but you can change settings without access data never again.
I would not even try to revive it.
maybe you can still try to get the access data, but otherwise simply factory setting.
I think that the AP's connect themselves with the ZD, but I am not sure, but I can check that if nobody else knows this.

I wish you success