Ruckus Unleashed AAA Server route problem

  • 1
  • Question
  • Updated 2 months ago
Following an upgrade from 200.0.9.9.608 to 200.4.9.13.47 I am no longer able to connect to the AAA server used for RADUIS/802.1X network auth. The AAA server is on a different subnet to the Access points. I can connect to the AAA server on radius port from other devices on the same network as the Ruckus Access points, just not from the Ruckus devices.

A ping from the Ruckus devices shows request time out and a trace route show the request taking a patch via a non-existent IP address. I've had to disable 802.1X until we can get this resolved. 

What's happened and how can I make it work? I can't even see a way to roll back the firmware to the one that worked. 
Photo of Richard Marshall

Richard Marshall

  • 3 Posts
  • 0 Reply Likes
  • sad, anxious, confused AND frustrated!

Posted 2 months ago

  • 1
Photo of Stanley Zhou

Stanley Zhou

  • 3 Posts
  • 2 Reply Likes
Hi Richard:
     Can you save your master's debug info, and get the master AP's support info to me?
     And send to my email: [email protected]
     If you can goto master's shell, it will be better, you can run:
     1.  route
     2.  ip route get x.x.x.x   x.x.x.x is your radius server IP.
     3. ifconfig
     It maybe route problem, Or whether you can reboot the master to check whether it can recovery?
Photo of Richard Marshall

Richard Marshall

  • 3 Posts
  • 0 Reply Likes
Hi,

Thanks for the pointers. Unfortunately, the command you gave me to run doesn't work. I did eventually manage to find a 'show static-route all' option, but there were none set, only the default which I found through 'show config'. 

In the end, I rebooted the device from the command line, which left the 3 online controller fighting to become a master, with none of them winning and the wifi becoming unavailable. I finally unplugged all but one which did eventually build a wireless network as master. I then added 2 more back in which joined this network. 

I could also verify that I am now able to reach the AAA servers so my 802.1X issue is resolved. 

I'm now just left with my 4th AP failing to join the others. It appears to be stuck in a failed firmware upgrade reboot loop. It shows in the list of access points but as disconnected. It also still shows the old firmware version. When I connected directly to the interface of that device, it shows the old firmware is still installed and asks if I want to join a Ruckus cloud. When I prompt it to rejoin the existing network, it fails. 

If I ping it's IP address, I see it going through a ping/failing-ping cycle, I.E> apparently rebooting every few minutes or so. 

Regards

Rich
Photo of Richard Marshall

Richard Marshall

  • 3 Posts
  • 0 Reply Likes
Actually, We can ignore that last point. Having taken the 4th AP off the wall and pressing the reset button, it continued with the reboot cycle, but after about 60 minutes of doing this it's finally joined the network successfully and I now have all 4 APs back online, on the upgraded firmware with AAA working. 

Glad it's all working, but by no means the smooth upgrade process I would have expected! Let's just hope it solves the random auth and connection problems we'd been seeing in the past!