Ruckus Wireless ZoneDirector 1200, ZoneDirector 3000, ZoneDirector 5000 User Manual
Ruckus Wireless ZoneDirector™
Release 10.0 User Guide
Part Number: 800-71463-001 Rev A
Published: 02 May 2017
www.ruckuswireless.com
Copyright Notice and Proprietary Information
Copyright 2017. Ruckus Wireless, Inc. All rights reserved.
No part of this documentation may be used, reproduced, transmitted, or translated, in
any form or by any means, electronic, mechanical, manual, optical, or otherwise, without
prior written permission of Ruckus Wireless, Inc. (“Ruckus”), or as expressly provided
by under license from Ruckus.
Destination Control Statement
Technical data contained in this publication may be subject to the export control laws
of the United States of America. Disclosure to nationals of other countries contrary to
United States law is prohibited. It is the reader’s responsibility to determine the applicable
regulations and to comply with them.
2
Disclaimer
THIS DOCUMENTATION AND ALL INFORMATION CONTAINED HEREIN (“MATERIAL”)
IS PROVIDED FOR GENERAL INFORMATION PURPOSES ONLY. RUCKUS AND ITS
LICENSORS MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH
REGARD TO THE MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A
PARTICULAR PURPOSE, OR THAT THE MATERIAL IS ERROR-FREE, ACCURATE OR
RELIABLE. RUCKUS RESERVES THE RIGHT TO MAKE CHANGES OR UPDATES TO
THE MATERIAL AT ANY TIME.
Limitation of Liability
IN NO EVENT SHALL RUCKUS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL OR CONSEQUENTIAL DAMAGES, OR DAMAGES FOR LOSS OF PROFITS,
REVENUE, DATA OR USE, INCURRED BY YOU OR ANY THIRD PARTY, WHETHER
IN AN ACTION IN CONTRACT OR TORT, ARISING FROM YOUR ACCESS TO, OR USE
OF, THE MATERIAL.
Trademarks
Ruckus Wireless, Ruckus, the bark logo, BeamFlex, ChannelFly, Dynamic PSK,
FlexMaster, Simply Better Wireless, SmartCell, SmartMesh, SmartZone, Unleashed,
ZoneDirector and ZoneFlex are trademarks of Ruckus Wireless, Inc. in the United States
and other countries. All other product or company names may be trademarks of their
respective owners.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
2
Contents
Copyright Notice and Proprietary Information.............................................................................2
1 About This Guide
Document Conventions.......................................................................................................11
Related Documentation.......................................................................................................12
Documentation Feedback...................................................................................................12
Online Training Resources...................................................................................................13
2 Introducing ZoneDirector
Overview of ZoneDirector....................................................................................................15
ZoneDirector Physical Features...........................................................................................15
ZoneDirector 1200........................................................................................................15
ZoneDirector 3000........................................................................................................17
ZoneDirector 5000........................................................................................................19
Introduction to the Ruckus Wireless Network......................................................................23
Installing ZoneDirector.........................................................................................................24
Ensuring That APs Can Communicate with ZoneDirector....................................................25
How APs Discover ZoneDirector on the Network...........................................................25
How to Ensure that APs Can Discover ZoneDirector on the Network.............................27
Firewall Ports that Must be Open for ZoneDirector Communications.............................35
Accessing ZoneDirector's Command Line Interface............................................................36
Using the ZoneDirector Web Interface.................................................................................37
Navigating the Dashboard.............................................................................................38
Registering Your Product....................................................................................................39
3 Configuring System Settings
System Configuration Overview...........................................................................................41
Changing the System Name..........................................................................................41
Changing the Network Addressing......................................................................................41
IPv6 Configuration.........................................................................................................42
Enabling an Additional Management Interface...............................................................43
Creating Static Route Entries..............................................................................................45
Static Route Example....................................................................................................45
Enabling Smart Redundancy...............................................................................................46
Configuring ZoneDirector for Smart Redundancy...........................................................47
Managing Smart Redundancy AP License Pools...........................................................49
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
3
Configuring the Built-in DHCP Server..................................................................................51
Enabling the Built-in DHCP server.................................................................................51
Viewing DHCP Clients...................................................................................................52
Controlling ZoneDirector Management Access....................................................................53
Setting the System Time.....................................................................................................54
Setting the Country Code....................................................................................................55
Channel Optimization....................................................................................................55
Channel Mode...............................................................................................................56
Changing the System Log Settings.....................................................................................57
Reviewing the Current Log Contents.............................................................................57
Customizing the Current Log Settings...........................................................................58
Setting Up Email Alarm Notifications...................................................................................61
Customizing Email Alarms.............................................................................................63
Configuring SMS Settings for SMS Guest Pass Delivery......................................................64
Enabling Login Warning Messages......................................................................................65
Enabling Network Management Systems............................................................................65
Enabling SmartCell Insight Communication....................................................................65
Enabling Management via FlexMaster............................................................................66
Enabling Northbound Portal Interface Support...............................................................68
Configuring SNMP Support...........................................................................................69
Enabling Telnet..............................................................................................................75
4 Configuring Security and Other Services
Self Healing.........................................................................................................................77
Automatically Adjust AP Power......................................................................................77
Automatic Channel Selection.........................................................................................77
Load Balancing...................................................................................................................81
To disable Load Balancing on a per-WLAN basis..........................................................82
Band Balancing...................................................................................................................82
Radar Avoidance Pre-Scanning..........................................................................................82
AeroScout RFID Tag Detection...........................................................................................82
Ekahau Tag Detection.........................................................................................................83
Active Client Detection........................................................................................................83
Tunnel Configuration...........................................................................................................84
Packet Inspection Filter.......................................................................................................85
Ethernet Port Redundancy..................................................................................................85
Using an External AAA Server.............................................................................................87
Active Directory.............................................................................................................88
LDAP............................................................................................................................90
RADIUS /RADIUS Accounting.......................................................................................93
TACACS+...................................................................................................................104
4
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Testing Authentication Settings...................................................................................106
Controlling Network Access Permissions..........................................................................106
Creating Layer 2/MAC Address Access Control Lists..................................................107
Creating Layer 3/Layer 4/IP Address Access Control Lists..........................................108
Configuring Precedence Policies.................................................................................109
Blocking Client Devices...............................................................................................110
Configuring Client Isolation White Lists........................................................................112
Application Recognition and Filtering...........................................................................114
Configuring Floorplan Maps..............................................................................................120
Configuring Wireless Intrusion Prevention..........................................................................122
DoS Protection............................................................................................................122
Intrusion Detection and Prevention..............................................................................123
Rogue DHCP Server Detection....................................................................................124
DHCP Relay......................................................................................................................126
To enable DHCP Relay for a WLAN:............................................................................127
Bonjour Gateway..............................................................................................................128
Bridge Service Rules...................................................................................................128
Bridge Service Records...............................................................................................128
Creating a Bonjour Gateway Rule - ZD Site.................................................................129
Creating a Bonjour Gateway Rule AP Site...................................................................131
Applying a Bonjour Policy to an AP..............................................................................132
Example Network Setup..............................................................................................133
Bonjour Fencing................................................................................................................133
Configuring Bonjour Fencing Policies...........................................................................134
Applying a Bonjour Fencing Policy to an AP or AP Group............................................135
SPoT Location Services....................................................................................................136
5 Managing a Wireless Local Area Network
Overview of Wireless Networks.........................................................................................139
About Ruckus Wireless WLAN Security.............................................................................140
Creating a WLAN..............................................................................................................141
General Options..........................................................................................................142
WLAN Usage Types....................................................................................................142
Authentication Method................................................................................................157
Fast BSS Transition.....................................................................................................157
Encryption Options......................................................................................................157
Options.......................................................................................................................158
Advanced Options.......................................................................................................160
Creating a Copy of an Existing WLAN for Workgroup Use.................................................166
Customizing WLAN Security.............................................................................................167
Reviewing the Initial Security Configuration..................................................................167
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
5
Fine Tuning the Current Security Mode........................................................................168
Switching to a Different Security Mode........................................................................168
Using the Built in EAP Server.......................................................................................169
Authenticating with an External RADIUS Server...........................................................169
If You Change the Internal WLAN to WEP or 802.1X...................................................170
Working with WLAN Groups.............................................................................................170
Creating a WLAN Group..............................................................................................171
Viewing a List of APs That Belong to a WLAN Group...................................................172
Deploying ZoneDirector WLANs in a VLAN Environment...................................................172
Tagging Management Traffic to a VLAN......................................................................174
How Dynamic VLAN Works.........................................................................................175
Working with VLAN Pools............................................................................................177
Working with Hotspot Services.........................................................................................179
Creating a Hotspot Service..........................................................................................180
Assigning a WLAN to Provide Hotspot Service............................................................183
Common WISPr Attribute Abbreviations......................................................................183
Creating a Hotspot 2.0 Service.........................................................................................184
Create a Service Provider Profile..................................................................................185
Create an Operator Profile...........................................................................................186
Create a Hotspot 2.0 WLAN........................................................................................188
Bypass Apple CNA...........................................................................................................189
Customizing the Web Portal Logo.....................................................................................190
6 Managing Access Points
Adding New Access Points to the Network.......................................................................193
Connecting the APs to the Network............................................................................193
Verifying/Approving New APs......................................................................................194
Working with Access Point Groups...................................................................................194
Modifying the System Default AP Group......................................................................195
Creating a New Access Point Group...........................................................................197
Modifying Access Point Group Membership................................................................197
Modifying Model Specific Controls...............................................................................198
Configuring AP Ethernet Ports...........................................................................................200
DHCP Option 82.........................................................................................................202
Designating Ethernet Port Type...................................................................................204
Using Port Based 802.1X............................................................................................205
Viewing AP Ethernet Port Status..................................................................................208
Reviewing Current Access Point Policies...........................................................................209
Using Limited ZD Discovery for N+1 Redundancy.......................................................211
Importing a USB Software Package..................................................................................212
To provision a SmartPoint Access Point with USB software:.......................................213
6
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Managing Access Points Individually.................................................................................213
Configuring Hotspot 2.0 Venue Settings for an AP......................................................216
Optimizing Access Point Performance..............................................................................217
Assessing Current Performance Using the Access Point Table....................................217
Adjusting AP Settings..................................................................................................218
Prioritizing WLAN Traffic..............................................................................................218
7 Managing User Access
Enabling Automatic User Activation with Zero-IT...............................................................219
Clients that Support Zero-IT........................................................................................220
Self-Provisioning Clients with Zero-IT...........................................................................220
Self-Provisioning Clients without Ethernet Ports...........................................................222
Provisioning Clients that Do Not Support Zero-IT.........................................................222
Working with Dynamic Pre-Shared Keys...........................................................................222
Enabling Dynamic Pre-Shared Keys on a WLAN..........................................................223
Setting Dynamic Pre-Shared Key Expiration................................................................224
Generating Multiple Dynamic PSKs.............................................................................225
Adding New User Accounts to ZoneDirector.....................................................................228
Internal User Database................................................................................................228
Managing Current User Accounts.....................................................................................229
Changing an Existing User Account.............................................................................229
Deleting a User Record...............................................................................................230
Creating New User Roles..................................................................................................230
Role Based Access Control Policy...............................................................................231
Managing Automatically Generated User Certificates and Keys.........................................233
Using an External Server for User Authentication...............................................................233
Enabling Web Authentication............................................................................................235
Captive Portal Redirect on Initial Browser HTTPS Request..........................................236
8 Managing Guest Access
Configuring Guest Access.................................................................................................237
Creating a Guest Access Service......................................................................................237
Using Guest Pass Self-Service....................................................................................238
Configuring Guest Subnet Restrictions..............................................................................246
Creating a Guest WLAN....................................................................................................247
Using the BYOD Onboarding Portal..................................................................................248
Working with Guest Passes..............................................................................................251
Generating a Guest Pass from the Monitor Page.........................................................252
Configuring Guest Pass Generation.............................................................................254
Generating and Delivering a Single Guest Pass...........................................................257
Generating and Printing Multiple Guest Passes at Once..............................................262
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
7
Monitoring Generated Guest Passes...........................................................................264
Creating a Custom Guest Pass Printout......................................................................265
Delivering Guest Passes via Email...............................................................................267
Delivering Guest Passes via SMS................................................................................267
9 Monitoring Your Wireless Network
Reviewing the ZoneDirector Monitoring Options................................................................269
Monitoring Access Points..................................................................................................269
Using the AP Status Overview Page............................................................................269
Monitoring Individual APs............................................................................................273
Moniting WLAN Status......................................................................................................280
Reviewing Current User Activity.........................................................................................281
Active Client Action Icons............................................................................................282
Viewing Application Usage Statistics...........................................................................282
Monitoring Individual Clients........................................................................................285
Monitoring Wired Clients...................................................................................................288
Monitoring AAA Server Statistics.......................................................................................288
Reviewing Current Alarms.................................................................................................288
Reviewing Recent System Events.....................................................................................289
Monitoring Location Services............................................................................................290
Monitoring Mesh Status....................................................................................................291
Real Time Monitoring........................................................................................................291
Real Time Monitoring Widgets.....................................................................................292
Detecting Rogue Access Points........................................................................................292
Monitoring System Information..........................................................................................295
Monitoring System Ethernet Port Status......................................................................295
10 Deploying a Smart Mesh Network
Overview of Smart Mesh Networking................................................................................297
Smart Mesh Networking Terms.........................................................................................297
Supported Mesh Topologies.............................................................................................298
Standard Topology......................................................................................................298
Wireless Bridge Topology............................................................................................299
Hybrid Mesh Topology................................................................................................300
Deploying a Wireless Mesh via ZoneDirector.....................................................................301
Step 1: Prepare for Wireless Mesh Deployment...........................................................301
Step 2: Enable Mesh Capability on ZoneDirector.........................................................302
Step 3: Provision and Deploy Mesh Nodes..................................................................303
Step 4: Verify That the Wireless Mesh Network Is Up..................................................304
Understanding Mesh-related AP Statuses.........................................................................304
Using the ZoneFlex LEDs to Determine the Mesh Status...................................................305
8
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
On Single-band ZoneFlex APs.....................................................................................305
On Dual-band ZoneFlex APs.......................................................................................307
Using Action Icons to Configure and Troubleshoot APs in a Mesh.....................................308
Setting Mesh Uplinks Manually..........................................................................................310
Troubleshooting Isolated Mesh APs..................................................................................311
Understanding Isolated Mesh AP Statuses..................................................................311
Recovering an Isolated Mesh AP.................................................................................312
Best Practices and Recommendations.............................................................................314
11 Setting Administrator Preferences
Changing the Web Interface Display Language.................................................................315
Changing the ZoneDirector Administrator User Name and Password................................315
Using an External Server for Administrator Authentication............................................316
Setting Administrator Login Session Timeout...............................................................318
Working with Backup Files................................................................................................318
Backing Up a Network Configuration...........................................................................318
Restoring Archived Settings to ZoneDirector...............................................................319
Restoring ZoneDirector to Default Factory Settings...........................................................321
Alternate Factory Default Reset Method......................................................................323
Upgrading ZoneDirector and ZoneFlex APs.......................................................................323
Importing an AP Firmware Patch.................................................................................324
Enabling Secure AP Image Upgrade............................................................................325
Performing an Upgrade with Smart Redundancy.........................................................325
Working with SSL Certificates...........................................................................................326
Basic Certificate Installation.........................................................................................326
Generating a Certificate Signing Request.....................................................................326
Importing an SSL Certificate........................................................................................328
SSL Certificate Advanced Options...............................................................................330
Upgrading the License......................................................................................................335
Support Entitlement..........................................................................................................336
12 Troubleshooting
Troubleshooting Failed User Logins..................................................................................337
Fixing User Connections...................................................................................................337
If WLAN Connection Problems Persist.........................................................................338
Measuring Wireless Network Throughput with SpeedFlex.................................................339
Using SpeedFlex in a Multi-Hop Smart Mesh Network.................................................342
Allowing Users to Measure Their Own Wireless Throughput........................................344
Starting a Radio Frequency Scan......................................................................................345
Using the Ping and Traceroute Tools................................................................................346
Generating a Debug File....................................................................................................347
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
9
Viewing Current System and AP Logs...............................................................................347
To view AP logs:..........................................................................................................347
Packet Capture and Analysis............................................................................................348
Local Capture..............................................................................................................349
Streaming Mode..........................................................................................................349
AP Diagnostic Information.................................................................................................352
Importing a Script.............................................................................................................352
Enabling Remote Troubleshooting.....................................................................................353
Restarting an Access Point...............................................................................................353
Restarting ZoneDirector....................................................................................................353
13 Mesh Networking Best Practices
Calculating the Number of APs Required..........................................................................355
Placement and Layout Considerations..............................................................................355
Signal Quality Verification..................................................................................................356
Mounting and Orientation of APs.......................................................................................357
Indoor APs - Typical Case: Horizontal Orientation........................................................357
Indoor APs - Vertical Orientation..................................................................................357
Outdoor APs - Typical Horizontal Orientation...............................................................359
Elevation of RAPs and MAPs.......................................................................................359
Mesh Best Practice Checklist............................................................................................359
10
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
11
About This Guide
This User Guide describes how to install, configure and manage the Ruckus Wireless™
ZoneDirector™ version 10.0
This guide is intended for use by those responsible for managing Ruckus Wireless
network equipment. Consequently, it assumes a basic working knowledge of local area
networking, wireless networking and wireless devices.
NOTE If release notes are shipped with your product and the information there differs
from the information in this guide, follow the instructions in the release notes.
Most user guides and release notes are available in Adobe Acrobat Reader Portable
Document Format (PDF) or HTML on the Ruckus Wireless Support website at
https://support.ruckuswireless.com/documents.
NOTE By downloading this software and subsequently upgrading the ZoneDirector to
version 10.0, please be advised that the ZoneDirector will periodically connect to Ruckus
and Ruckus will collect the ZoneDirector serial number, software version and build
number. Ruckus will transmit a file back to the ZoneDirector and this will be used to
display the current status of the ZoneDirector Support Contract. Please also be advised
that this information may be transferred and stored outside of your country of residence
where data protection standards may be different.
1
Document Conventions
The following tables list the text and notice conventions that are used throughout this
guide.
Table 1: Text conventions
ExampleDescriptionConvention
monospace
as it appears on screen
user input
that you enter
UI control
software buttons, and
field names
screen name
menu or section names
ruckus#Represents information
ruckus# set ipaddr 10.0.0.12Represents information
On the Start menu, click All Programs.Keyboard keys,
The Configure > WLANs page appears.Screen or page names,
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
11
About This Guide
Related Documentation
Table 2: Notice conventions
DescriptionNotice Type
NOTE
CAUTION!
WARNING!
Information that describes important features or instructions
Information that alerts you to potential loss of data or potential
damage to an application, system, or device
Information that alerts you to potential personal injury
Related Documentation
In addition to this User Guide, each ZoneDirector documentation set includes the
following:
• Release Notes: Provide information about the current software release, including new
features, enhancements, and known issues.
• Online Help: Provides a web-based subset of the content contained in the User
Guide. The online help is accessible from the web interface and is searchable.
• Command Line Reference Guide: Provides a list of CLI commands, their usage syntax
and examples.
• SNMP Reference Guide: Provides a list of supported Simple Network Management
Protocol (SNMP) Management Information Base (MIB) objects.
• Syslog Alarms and Events Reference Guide: Provides a list of Syslog alarms and
events.
12
Documentation Feedback
Ruckus Wireless is interested in improving its documentation and welcomes your
comments and suggestions. You can email your comments to Ruckus Wireless at
docs@ruckuswireless.com
When contacting us, please include the following information:
• Document title
• Document part number (on the cover page)
• Page number (if appropriate)
For example:
• ZoneDirector 10.0 User Guide
• Part number: 800-71463-001 Revision A
• Page 88
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
About This Guide
Online Training Resources
Online Training Resources
To access a variety of online Ruckus Wireless training modules, including free introductory
courses to wireless networking essentials, site surveys, and Ruckus Wireless products,
visit the Ruckus Wireless Training Portal at: https://training.ruckuswireless.com.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
13
About This Guide
Online Training Resources
14
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
15
Introducing ZoneDirector
Overview of ZoneDirector
Ruckus Wireless ZoneDirector serves as a central control system for Ruckus ZoneFlex
Access Points (APs). ZoneDirector provides simplified configuration and updates, wireless
LAN security control, RF management, and automatic coordination of Ethernet-connected
and mesh-connected APs.
Using ZoneDirector in combination with Ruckus Wireless ZoneFlex APs allows deployment
of a Smart Mesh network, to extend wireless coverage throughout a location without
having to physically connect each AP to Ethernet. In a Smart Mesh network, the APs
form a wireless mesh topology to route client traffic between any member of the mesh
and the wired network. Meshing significantly reduces the cost and time requirements
of deploying an enterprise-class WLAN, in addition to providing much greater flexibility
in AP placement.
ZoneDirector also integrates network monitoring, sophisticated user access controls,
integrated Wi-Fi client performance tools, highly configurable guest access features and
advanced security features within a single system.
User authentication can be accomplished using an internal user database, or forwarded
to an external Authentication, Authorization and Accounting (AAA) server such as RADIUS
or Active Directory. Once users are authenticated, client traffic is not required to pass
through ZoneDirector, thereby eliminating bottlenecks when higher speed Wi-Fi
technologies, such as 802.11ac, are used.
2
This user guide provides complete instructions for using the Ruckus Wireless web
interface, the wireless network management interface for ZoneDirector. With the web
interface, you can customize and manage all aspects of ZoneDirector and your ZoneFlex
network.
ZoneDirector Physical Features
Three models of ZoneDirector are currently available:
• ZoneDirector 1200 on page 15
• ZoneDirector 3000 on page 17
• ZoneDirector 5000 on page 19
The following section describes the physical features of these ZoneDirector models.
ZoneDirector 1200
This section describes the following physical features of ZoneDirector 1200:
• Buttons, Ports, and Connectors on page 16
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
15
Introducing ZoneDirector
ZoneDirector Physical Features
• Front Panel LEDs on page 16
Figure 1: ZoneDirector 1200
Buttons, Ports, and Connectors
The following table describes the buttons, ports and connectors on ZoneDirector 1200.
Table 3: ZoneDirector 1200 front panel elements
DescriptionLabel
Use the Reset button to restart ZoneDirector.Reset
Two auto negotiating 10/100/1000Mbps Ethernet ports.10/100/1000 Ethernet
Console
F/D
RJ-45 Console port for accessing the ZoneDirector command
line interface.
Factory Default button. To reset ZoneDirector to factory default
settings, press and hold the F/D button for at least five (5)
seconds. For more information, refer to
Alternate Factory Default Reset Method on page 323.
NOTE Resetting ZoneDirector to factory default settings will
erase all configuration changes that you made, except for AP
licenses and SSL certificates.
Front Panel LEDs
The following table describes the LEDs on the front panel of ZoneDirector 1200.
Table 4: ZoneDirector ZoneDirector 1200 LED descriptions
MeaningStateLED Label
16
ZoneDirector is receiving power.Solid GreenPower
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Introducing ZoneDirector
ZoneDirector Physical Features
MeaningStateLED Label
Ethernet Link
Off
Flashing Green
Red
Amber
Amber
Off
GreenEthernet Rate
ZoneDirector is NOT receiving power. If the
power cable or adapter is connected to a
power source, verify that the power cable
is connected properly to the power jack on
the rear panel of ZoneDirector.
Normal state.Solid GreenStatus
ZoneDirector has not yet been configured.
Log into the web interface, and then
configure ZoneDirector using the setup
wizard.
ZoneDirector has shut down (but is still
connected to a power source).
ZoneDirector is starting up or shutting down.Flashing Red
The port is connected to a device.Solid Green or
The port is transmitting or receiving trafficFlashing Green or
The port has no network cable connected
or is not receiving a link signal.
The port is connected to a 1000Mbps
device.
The port is connected to a 100Mbps device.Amber
The port is connected to a 10Mbps device.Off
ZoneDirector 3000
This section describes the following physical features of ZoneDirector 3000:
• Buttons, Ports, and Connectors on page 18
• Front Panel LEDs on page 18
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
17
Introducing ZoneDirector
ZoneDirector Physical Features
Figure 2: ZoneDirector 3000
Buttons, Ports, and Connectors
The following table describes the buttons, ports and connectors on ZoneDirector 3000.
Table 5: ZoneDirector 3000 front panel elements
MeaningLabel
Power
F/D
Reset
Console
(Located on the rear panel) Press this button to power on
ZoneDirector.
To reset ZoneDirector to factory default settings, press the F/D
button for at least five (5) seconds. For more information, refer
to
Restoring ZoneDirector to Default Factory Settings on page 321.
NOTE Resetting ZoneDirector to factory default settings will
erase all configuration changes that you have made, except for
AP licenses and SSL certificates.
To restart ZoneDirector, press the Reset button once for less
than two seconds.
For Ruckus Wireless Support use only.USB
RJ-45 port for accessing the ZoneDirector command line
interface.
Two auto negotiating 10/100/1000Mbps Ethernet ports.10/100/1000 Ethernet
Front Panel LEDs
The following table describes the LEDs on the front panel of ZoneDirector 3000.
Table 6: ZoneDirector 3000 LED descriptions
18
Off
Flashing Green
MeaningStateLED Label
ZoneDirector is receiving power.GreenPower
ZoneDirector is NOT receiving power. If
the power cable or adapter is connected
to a power source, verify that the power
cable is connected properly to the power
jack on the rear panel of ZoneDirector.
Normal state.Solid GreenStatus
ZoneDirector has not yet been
configured. Log into the web interface,
and then configure ZoneDirector using
the setup wizard.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Introducing ZoneDirector
ZoneDirector Physical Features
MeaningStateLED Label
Solid Red
Flashing Red
Amber
Off
AmberEthernet Rate
Green
Off
ZoneDirector has shut down (but is still
connected to a power source).
ZoneDirector is starting up or shutting
down.
The port is connected to a device.Solid Green or AmberEthernet Link
The port is transmitting or receiving traffic.Flashing Green or
The port has no network cable connected
or is not receiving a link signal.
The port is connected to a 1000Mbps
device.
The port is connected to a 100Mbps
device.
The port is connected to a 10Mbps
device.
ZoneDirector 5000
This section describes the following physical features of ZoneDirector 5000:
• Front Panel Features on page 20
• Front Panel (Bezel Removed) on page 20
• Control Panel on page 21
• Rear Panel Features on page 22
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
19
Introducing ZoneDirector
ZoneDirector Physical Features
Figure 3: ZoneDirector 5000 Front Panel
Front Panel Features
Table 7: ZoneDirector 5000 front panel features
DescriptionFeature
See Control Panel description below.Control Panel
RJ45 Serial Port
Front Bezel Lock
COM 2 / Serial B port for accessing the ZoneDirector
command line interface.
Not used.USB Port
Remove this bezel lock to remove the front bezel and gain
access to the hard drive bays.
Front Panel (Bezel Removed)
Figure 4: ZoneDirector 5000 front panel (bezel removed)
Table 8: ZoneDirector front panel elements
FeatureNumber
20
ESD ground strap attachment1
Hard drive bays (not used)2
Control panel3
4
RJ45 serial port for accessing the ZoneDirector command line
interface
USB port (not used)5
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Control Panel
Introducing ZoneDirector
ZoneDirector Physical Features
Figure 5: Control panel buttons and indicators
Table 9: ZoneDirector 5000 control panel
FeatureNumber
Power button1
System reset button2
System status LED (see System status LED definitions Table)3
Fan status LED4
Critical alarm (not used)5
MJR alarm (not used)6
NMI pin hole button (factory reset button)7
Chassis ID button8
NIC 1 / NIC 2 activity LED9
HDD activity LED (not used)10
PWR alarm LED (not used)11
MNR alarm (Amber: system unavailable; OFF: system available)12
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
21
Introducing ZoneDirector
ZoneDirector Physical Features
Table 10: System status LED definitions
DefinitionLED Status
Off
Green On
Green Blinking
Amber On
Rear Panel Features
No power supply detected, or two power supplies detected
and system is off
System ready/normal operation, two power supplies
detected
1. System ready but degraded
2. One power supply connected
3. One fan failure detected
1. Critical or non-recoverable condition
2. Power up in progress, only one power source detected
3. More than one fan failure detected
Non-critical alarmAmber Blinking
Figure 6: ZoneDirector 5000 rear panel features
Table 11: Rear panel features
2
3
FeatureNumber
Alarms cable connector (not used)1
Two low-profile PCIe add-in cards (not
used)
Three full-length PCIe add-in cards (not
used)
Power supply 2 (backup AC power)4
Power supply 1 (primary AC power)5
RJ45 serial port (COM2/serial B)6
Video connector (not used)7
22
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Introducing ZoneDirector
Introduction to the Ruckus Wireless Network
FeatureNumber
USB 0 and 1 (#1 on top)8
USB 2 and 3 (#3 on top)9
GbE NIC #1 connector10
GbE NIC #2 connector11
12
Two ground studs (used for DC-input
system)
Table 12: NIC status LEDs
NIC StateLED StateLED Color
10MbpsOffGreen/Amber (Left)
100MbpsGreen
1000MbpsAmber
Active connectionOnGreen (Right)
Transmit / Receive activityBlinking
Introduction to the Ruckus Wireless Network
Your new Ruckus Wireless network starts when you disperse a number of Ruckus
Wireless access points (APs) to efficiently cover your worksite. After connecting the APs
to ZoneDirector (through network hubs or switches), running through the Setup Wizard
and completing the "Zero-IT" setup, you have a secure wireless network for both
registered users and guest users.
NOTE "Zero-IT" refers to ZoneDirector's simple setup and ease-of-use features, which
allow end users to automatically self-configure wireless settings on Windows and Mac
OS clients as well as many mobile devices including iOS, Windows Phone and Android
devices.
After using the web interface to set up user accounts for staff and other authorized users,
your WLAN can be put to full use, enabling users to share files, print, check email, and
more. And as a bonus, guest workers, contractors and visitors can be granted limited
controlled access to a separate “Guest WLAN” with minimal setup.
You can now fine-tune and monitor your network through the web interface, which
enables you to customize additional WLANs for authorized users, manage your users,
monitor the network's security and performance, and expand your radio coverage, if
needed.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
23
Introducing ZoneDirector
Installing ZoneDirector
Installing ZoneDirector
Basic installation instructions are included in the Quick Start Guide that shipped with
your ZoneDirector. The steps are summarized below:
1. Connect and discover ZoneDirector using UPnP (Universal Plug and Play). On
Windows 7 and Windows 8, you may need to turn on network discovery in the
Network and Sharing Center > Advanced Sharing Settings.
2. Double-click the ZoneDirector icon when UPnP displays it, or
3. Point your web browser to ZoneDirector's IP address (default: 192.168.0.2).
4. Run the Setup Wizard to create an internal and (optionally) a guest WLAN
5. Distribute APs around your worksite, and connect them to power and to your LAN.
6. Begin using your ZoneFlex network.
24
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Figure 7: Discover ZoneDirector using UPnP
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
Figure 8: ZoneDirector Setup Wizard
Ensuring That APs Can Communicate with
ZoneDirector
Before ZoneDirector can start managing an AP, the AP must first be able to discover
ZoneDirector on the network when it boots up. This requires that ZoneDirector's IP
address be reachable by the AP (via UDP/IP port numbers 12222 and 12223), even
when they are on different subnets.
This section describes procedures you can perform to ensure that APs can discover
and register with ZoneDirector.
NOTE This guide assumes that APs on the network are configured to obtain IP
addresses from a DHCP server. If APs are assigned static IP addresses, they must be
using a local DNS server that you can configure to resolve the ZoneDirector IP address
using zonedirector.{DNS domain name} or zonedirector if no domain name
is defined on the DNS server.
How APs Discover ZoneDirector on the Network
1. When an AP starts up, it sends out a DHCP discovery packet to obtain an IP address.
2. The DHCP server responds to the AP with the allocated IP address. If you configured
DHCP Option 43 (or DHCPv6 Option 17) (see Option 2: Customize Your DHCP Server
on page 27), the DHCP offer response will also include (among others) the IP
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
25
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
addresses of ZoneDirector devices on the network along with the address of the
DNS server that can help resolve the ZoneDirector IP addresses.
3. After the AP obtains an IP address, it first attempts to contact a ZoneDirector whose
IP address has been pre-configured on the AP. If an AP has a pre-configured
ZoneDirector IP address, it will always use an L3 LWAPP (lightweight access point
protocol) discovery message to attempt to discover the pre-configured
primary/secondary ZoneDirector.
• An AP with a pre-configured ZoneDirector IP address will only attempt to discover
the pre-configured ZoneDirector(s) and will skip the DHCP/DNS/last joined
ZoneDirector steps. If it is unable to contact its pre-configured ZoneDirector, it
will enter “sulk” state, and will remain in an idle/discover/sulk loop until it receives
a response from a pre-configured primary or secondary ZoneDirector.
4. If a primary/secondary ZoneDirector IP address has not been configured on the AP,
the AP next attempts to build a list of candidate ZoneDirectors by sending an L3
discovery request (IPv4 subnet broadcast/IPv6 multicast packet) to each candidate
address received from DHCP and DNS at the same time, and waits for a response
from any ZoneDirector that can respond.
• The AP may receive multiple responses from DHCP and DNS if multiple
ZoneDirector IP addresses have been configured on the DHCP server or DNS
server.
5. If the AP receives a response from a single ZoneDirector device, it will attempt to
register with that ZoneDirector device.
6. If the AP receives responses from multiple ZoneDirector devices, it will attempt to
register with the ZoneDirector that it previously registered with (if any).
• This ZoneDirector can be on the same local IP subnet or a different subnet. The
AP will have a preference for a ZoneDirector device that it previously registered
with.
7. If this is the first time that the AP is registering with ZoneDirector, it will attempt to
register with the ZoneDirector device that has the lowest AP load. The AP computes
the load by subtracting the current number of APs registered with ZoneDirector from
the maximum number of APs that ZoneDirector is licensed to support.
If the AP does not receive a response from any ZoneDirector device on the network, it
goes into idle mode. After a short period of time, the AP will repeat this discovery cycle
until it successfully registers with a ZoneDirector.
26
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
How to Ensure that APs Can Discover ZoneDirector on the Network
If you are deploying the APs and ZoneDirector on different subnets, you have three
options for ensuring successful communication between these two devices:
• Option 1: Perform Auto Discovery on Same Subnet then Transfer the AP to Intended
Subnet on page 27
• Option 2: Customize Your DHCP Server on page 27
• Option 3: Register ZoneDirector with a DNS Server on page 32
NOTE If the AP and ZoneDirector Are on the Same Subnet: If you are deploying
the AP and ZoneDirector on the same subnet, you do not need to perform additional
configuration. Simply connect the AP to the same network as ZoneDirector. When the
AP starts up, it will discover and attempt to register with ZoneDirector. Approve the
registration request (if auto approval is disabled).
Option 1: Perform Auto Discovery on Same Subnet then Transfer the AP to Intended Subnet
If you are deploying the AP and ZoneDirector on different subnets, let the AP perform
auto discovery on the same subnet as ZoneDirector before moving the AP to another
subnet.
To do this, connect the AP to the same network as ZoneDirector. When the AP starts
up, it will discover and attempt to register with ZoneDirector. Approve the registration
request if auto approval is disabled. After the AP registers with ZoneDirector successfully,
transfer it to its intended subnet. It will be able to find and communicate with ZoneDirector
once you reconnect it to the other subnet.
NOTE If you use this method, make sure that you do not change the IP address of
ZoneDirector after the AP discovers and registers with it. If you change the ZoneDirector
IP address, the AP will no longer be able to communicate with it and will be unable to
rediscover it.
Option 2: Customize Your DHCP Server
NOTE The following procedure describes how to customize a DHCP server running
on Microsoft Windows. If your DHCP server is running on a different operating system,
the procedure may be different.
NOTE For ZD discovery using IPv6, see IPv6 Configuration for ZoneDirector Discovery
Using DHCPv6 on page 30.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
27
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
Configuring the DHCP Server for ZoneDirector-AP Communication
To customize your DHCP server, you need to configure DHCP Option 43 (043 Vendor
Specific Info) with the IP address of the ZoneDirector device on the network.
When an AP requests an IP address, the DHCP server will send a list of ZoneDirector
IP addresses to the AP. If there are multiple ZoneDirector devices on the network, the
AP will automatically select a ZoneDirector to register with from this list of IP addresses.
RFC 2132 describes DHCP Option 60 and Option 43. DHCP Option 60 is the Vendor
Class Identifier (VCI). The VCI is a text string that identifies a vendor/type of a DHCP
client. All Ruckus Wireless Access Points are configured to send “Ruckus CPE” as the
Vendor Class Identifier in option 60, and expect ZoneDirector IP information to be provided
in DHCP option 43 (Vendor Specific Info), encapsulated with sub-option code 03 (the
sub-option code for ZoneDirector).
The RFC describes how vendors can encapsulate vendor-specific sub-option codes
(ranging from 0 to 255). Sub-options are embedded in option 43 as TLV (type, length,
value) blocks.
Ruckus Wireless Access points support non-TLV format option 43 values with comma
separated IP address strings for discovering ZoneDirectors, and also TLV based option
43 encapsulation as specified in RFC 2132.
For ZoneDirector information (sub-option code 03)
• Type: 0x03
• Length: Count of the characters in the ASCII string. (Length must include the commas
if there is more than one ZoneDirector specified.)
• Value: A non-null terminated ASCII string that is a comma-separated list of
ZoneDirector IP addresses
Example: If the there are two ZoneDirectors with IP addresses 192.168.0.10 and
192,168.0.20, then the value will be "192.168.0.10,192.168.0.20" and the length
is 25 (hex value 0x19).
For FlexMaster information (sub-option code 01)
• Type: 0x01
• Length: Count the number of characters in the ASCII string. (Length must include
"http", plus all colons, slashes and decimals in the complete URL.)
• Value: A non-null terminated ASCII string that is a URL.
Example: If the Flex Master URL is http://192.168.10.1/intune/server, the length is 33
(hex value 0x21).
You will need this information when you configure DHCP Option 43 for both FlexMaster
and ZoneDirector. To calculate the length field conversion from decimal to hexadecimal,
you can use an online conversion website, such as
http://www.easycalculation.com/decimal-converter.php, to perform the conversion.
28
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
The table below lists the sub-option code, FlexMaster URL and ZoneDirector IP address
that are used as examples in this procedure, along with their lengths in decimal and
hexadecimal values.
URL / IP Address
Decimal
Length
Hexadecimal
Length
Sub-option
Code
012133http://192.168.10.1/intune/server (URL)FlexMaster
030C12192.168.10.2 (IP Address)ZoneDirector
Most commonly used DHCP servers such as Microsoft DHCP and ISC DHCP support
vendor class DHCP option spaces and mapping of those option spaces to option 60.
While you can achieve encapsulating TLVs in option 43 by hard coding the DHCP option
43 value, Ruckus Wireless recommends using vendor class option spaces - especially
when you have more than one vendor type on the network and need option 43 to be
supported for different vendor type DHCP clients.
The following example describes how you can encapsulate option 43 using DHCP vendor
class option spaces to provide two ZoneDirector IP addresses: 192.168.0.10 and
192.168.0.20.
Configure Vendor Class Identifier and Vendor Specific Info sub-options on Microsoft DHCP server
Configure vendor class for Ruckus Wireless Access Points:
1. In the Server Manager window, right-click the IPv4 icon, and choose Define Vendor
Classes from the menu.
2. In the DHCP Vendor Classes dialogue, click Add to create a new vendor class.
3. Enter the value to describe the option class/space, (e.g., RuckusWirelessAP).
Optionally, you can also enter a description.
4. Add the VCI string in the ASCII field and click OK. The new vendor class is created
Close to close the dialogue.
5. Right-click the newly created vendor class and select Set Predefined Options...
6. Predefine the ZoneDirector sub-option type for the newly created vendor class. This
section defines the code and format of the sub-option (code for ZoneDirector and
comma separated IP addresses in ASCII text string).
7. Configure the option with a value either at the server level, scope level or at Configure
Options > Advanced
NOTE You can also optionally configure DHCP Option 12 (Host Name) to specify host
names for APs. Then, when an AP joins ZoneDirector and ZoneDirector does not already
have a device name for this AP, it will take the host name from DHCP and display this
name in events, logs and other web interface elements. See your DHCP server
documentation for instructions on Option 12 configuration.
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
29
Introducing ZoneDirector
Ensuring That APs Can Communicate with ZoneDirector
IPv6 Configuration for ZoneDirector Discovery Using DHCPv6
Beginning with release 9.13, ZoneDirector also supports AP discovery using IPv6 DHCP
Option 17 (in addition to IPv4 DHCP Option 43).
NOTE The following instructions assume isc-dhcp-server as the Linux DHCP server.
For other DHCP servers, refer to the relevant documentation for instructions on
customizing the DHCPv6 Option 17 sub-options.
To configure a DHCPv6 server for AP controller discovery, use the following procedure:
1. Install radvd
yum radvd
2. Install isc-dhcp-server:
yum isc-dhcp-server
3. Edit the “/etc/radvd.conf” file as follows:
interface eth1
{
AdvSendAdvert on;
AdvOtherConfigFlag on;
prefix 2001:db8:0:2::/64
{
};
};
4. Edit the “dhcp6.conf file” as follows:
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet6 2001:db8:0:2::/64 {
# Range for clients
range6 2001:db8:0:2::129 2001:db8:0:2::254;
# Additional options
option dhcp6.name-servers fec0:0:0:1::1;
option dhcp6.domain-search "domain.example";
option dhcp6.vendor-opts 00:00:61:dd:
00:06:<-- suboption code 6 for SmartZone List
00:20:<-- suboption length, 2 IP addresses in the list,
so value is 0x20
20:01:19:20:01:cf:00:00:00:00:00:00:00:00:00:01:<-- IP
address
20:01:19:20:01:cf:00:00:00:00:00:00:00:00:00:02:<-- IP
address
00:03:<-- suboption code 3 for ZD List
30
Ruckus Wireless ZoneDirector™ Release 10.0 User Guide
Loading...