ZoneDirector 3000, AP R700, and 3com 5500 switches

  • 1
  • Question
  • Updated 2 years ago
We are in the process of having a Ruckus wireless network installed. There has been some delays, so I am looking to get switch configurations in place to try and speed up the overall install process. We are looking to have 4 SSID's setup. We have one SSID in place with our current wireless network that we are replacing. The VLAN is setup, pulling dhcp addresses from the scope configured on the windows dhcp server and all current access points are configured on trunk ports. The ports are untagged with VLAN 15(current wireless network) and all other VLANS are tagged on the port.Seems simple enough to just replace our current AP's and controller with the ZoneDirector and configure with same IP settings and should be good to go I believe?  If that will work, I am not sure what to do about the additional 3 SSID's. I believe I will have to create additional VLANS for the other 3 SSID's. I'm not sure if these VLANS should be tagged, untagged. Trying to figure out this whole network port setup.

Thank you,
Photo of techyche

techyche

  • 5 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 2114 Posts
  • 297 Reply Likes
If you put the ZoneDirector and APs on untagged VLAN 15, leave the ZD System and AP Policies page configured with VLAN 1 (considered the untagged VLAN by Ruckus).

The ZoneDirector does not need to be a Trunk port, unless you tunnel any WLAN traffic.

The AP switch ports need to be configured as Trunk, with VLAN 15 untagged, and tag the additional VLANs required for your other SSID client traffic.
The client VLANs need DHCP servers, default-gateway routers, etc on those other VLAN sub-nets.
Assign the client VLAN from Advanced Options under your WLAN configuration.

I'm ex-Cisco, but translate the above to 3COM 5500 switch configuration.
Photo of techyche

techyche

  • 5 Posts
  • 0 Reply Likes
Thank you for your reply. Looking at our current wireless setup that we will be replacing with Ruckus. I think we should be pretty much good to go. Our current controller is on an access port untagged for vlan 15. Our access points are all on trunk ports untagged for vlan 15 and other vlans tagged on the ports. If I setup scopes on our dhcp server for the vlans that are going to correspond to the new ssid's we will be setting up, we should be ready? Blocking wireless users accessing other network subnets, etc.. can be done through the zonedirector controller correct?
Photo of Michael Brado

Michael Brado, Official Rep

  • 2114 Posts
  • 297 Reply Likes
Yes, you do have your network infrastructure setup it sounds, and yes, the ZD managment of your WLANs will offer many options.

Use different VLANs/subnets for your trusted and guest users, and use your Router ACLs to control which subnets access what
resources is the fundamental security.  On top of that, you have certain wireless client controls (ie client isolation, application
recognition and filtering) from your Ruckus management perspective.