SUPPORT STORE CONTACT SIGN IN
Overview
System
Network
Services
Identities
Policies
Billing
Archives
Instruments
Installation
Lab Manual
Portal Customization
RESTful API
Miscellaneous
View as one page

SoftGRE Tunnels

Ruckus SmartZone Configuration (12/11/2023)

Overview

The following steps will guide you through configuring a SoftGRE tunnel between a Rucks AP and a rXg.

Environment

This document was written and tested using the following components from the RG Nets and RUCKUS ecosystem.

Manufacturer Component Version
RG Nets rXg 13.2 - 15.251
RUCKUS Virtual SmartZone Essentials 6.1.1.0.959
RUCKUS R650 6.1.1.0.1274

Important Notes:

  1. SoftGRE tunnels are a licensed feature with RUCKUS. A demo license or SoftGRE license is required for this application.
  2. It is recommended to only use SoftGRE tunnels over the LAN as the traffic is currently unencrypted.

Prerequisites

This document assumes the following has already been configured: 1. IP Address for the SmartZone, AP, and rXg are all in the same subnet. 2. The subnet has been tied to an IP group and policy called Management. 3. The AP has already been discovered by the SmartZone 4. While not required, in the case of this lab, a functional eDPSK configuration has already been deployed and tested using config sync.

Configuration

SmartZone

All required configuration changes to the SmartZone will be applied using config sync from the rXg.

rXg WLAN Configuration

Network >> Wireless >> WLANs

The modifications in the WLAN profile are quite simple. On an existing WLAN, you can check the box for tunnel, set the tunnel type to SoftGRE, and then add the IP address for the interface on the rXg that will be the endpoint for the tunnel.

  1. The Tunnel checkbox instructs access points to build a tunnel to the controller instead of locally bridging the client traffic. In the case of Ruckus, this checkbox will create a SoftGRE tunnel between the APs and the rXg. This capability does require that the Ruckus controller has an appropriate SoftGRE license.
  2. The GRE Tunnel Type field allows you to select between RuckusGRE and SoftGRE. RuckusGRE is for use with the Ruckus virtual data plane. SoftGRE allows for tunnel creation to the rXg as the endpoint.
  3. The GRE Tunnel GW IP should be the IP address of the interface on the rXg that the tunnel will connect to.

rXg Pseudo Interfaces

Network >> LAN >> Pseudo Interfaces

  1. Name for the SoftGRE tunnel interface.
  2. Select an interface type of SoftGRE.
  3. Select the interface to be used for untagged traffic.
  4. Select the VLANs that will be allowed over the SoftGRE tunnel.
  5. Select the policy that contains the APs that will establish a tunnel.

Troubleshooting

Confirm the presence of interface bridges.

In the GUI this can be confirmed by browsing to Instruments >> System Info >> Interface Configurations and checking that there is a bridge for each VLAN that should be carried over the tunnel. The bridge number will be the same as the VLAN with an extra 1 at the beginning. For example if vlan2000 should be carried over the tunnel, you should also have a bridge12000.

This can also be seen via SSH with a command like ifconfig | grep bridge12000

Confirm the traffic is flowing over the bridge interface.

This can be done by using tcpdump to confirm that you see unicast traffic over the interface. For example, have a client connect and ping 4.2.2.2.

Continuing the use of bridge12000, I will use the following tcpdump statement tcpdump -ni bridge12000 and confirm that I can see unicast traffic from my client device.

About

RG Nets is the premium provider of gateways and centralized-authentication appliances designed to manage, provision, and protect revenue-generating networks. Our mission is to create tools that are so good, we would use our own money to buy them.
316 California Ave.
Suite 331
Reno, NV 89509
+1 (408) 441 0100
[email protected]

Company Links

Copyright 2024 RG Nets, Inc.
v2024.05-61-g71529
Cookies help us deliver our services. By using our services, you agree to our use of cookies.