VPN between 2 office with one ZD

  • 1
  • Question
  • Updated 4 years ago
Im going to set up a site-to-site vpn between two offices that we have.
Is there any best practice how to arrange this?

Im need the APs on office 2 to be managed by the ZD in office 1
Is it possible to change that all WLAN users in office 2 will get IP from office1:s DHCP server ?

Office1
DHCP server
Ruckus Zonedirector ZD3025
Ruckus 7363 AP

Office 2
Ruckus 7363 AP
Photo of Emil Skoglund

Emil Skoglund

  • 2 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Harish

Harish, Employee

  • 21 Posts
  • 4 Reply Likes
Hi Emil,

DHCP is not routable by default, and DHCP is always a broadcast packets. so the the DHCP request will be dropped in office 2's Router by default.

If you enable DHCP Relay agent in the router's then the Broadcast packets which are received in the routers are converted into uni-cast and directed to the DHCP server in office 1.

So the clients /AP in office 2 can use the same DHCP services which is available in office 1.

I hope this is helpful.
Photo of Emil Skoglund

Emil Skoglund

  • 2 Posts
  • 0 Reply Likes
Thanks for the reply.

Will the ZD in office 1 find the APs in office2 with out any problems?
Do we need to open any specific ports to make this work when using a VPN tunnel?
Photo of Ram

Ram

  • 29 Posts
  • 5 Reply Likes
Emil, you have to make sure if AP is crossing L3 boundaries then you need to fix the ZD IP in AP via CLI using below command so AP will find the ZD for sure.

set director ip primaryip secondaryip

Example: set director ip 0.0.0.0
take a look at this KB article - https://support.ruckuswireless.com/an... for more info

About ports: you need to have LWAPP UDP ports open on your firewall/router.
Also ensure that latency of your VPN is less than 100ms.
Photo of Ram

Ram

  • 29 Posts
  • 5 Reply Likes
To answer your original question:

Is it possible to change that all WLAN users in office 2 will get IP from office1:s DHCP server ?

I think it is doable if VLAN id is tagged to WLAN which is being broadcasted at office 2 and WLAN Tunnel mode are used.

How to enable tunnel mode on WLAN --

ZD GUI --> WLAN --> configure --> SSID--> advanced options

Hope it helps.
Photo of Emil Skoglund

Emil Skoglund

  • 2 Posts
  • 0 Reply Likes
The vpn is up and running and i configured the ap:s to find my ZD.
But i have a big issue.

When using WLAN i get massive latency. Everywhere from 70ms-1500ms.
This is both laptop and handheld computer.

When using the lan-cable i get around 40ms to my ZD over vpn.

Any idea?
Photo of Harish

Harish, Employee

  • 21 Posts
  • 4 Reply Likes
Hi Emil,,

The most popular problem with VPN connections are MTU issues. Try a ping -l 1500 internal-ip. If that doesn’t work, you have an MTU issue.
Try to decrease MTU size to 1300 and see if that makes any difference.

The next step is to test the raw speed – copying a file with FTP to and from a server. Is the speed okay? If the speed is according to the lines used, your problem probably isn’t with the VPN connection.

All the best.