Posted on 26 Feb, 2020, in Uncategorized
Hello everyone,I cannot get my switch to boot. I’ve tried re-flashing the uboot and the software via TFTP, which flash successfully. But but I run into errors each time I try to boot. I believe it might be completely bricked. Please assist if possible.Log output:Bootloader Version: 10.1.05T310 (Mar 19 2015 – 16:39:59)Unable to read Model ID – Pastebin.com
Posted on 26 Feb, 2020, in Uncategorized
Greetings,
Ruckus Unleashed Development Engineering and Quality Assurance teams have just
provided a new and important 200.8 (GA) Software Release. Features now include up to
128 APs and 2048 clients, the R750 AP support, ICX Switch Monitoring and Management,
enhanced Application Recognition, remote Syslog, and WPA3 encryption, to name a few.
Find all Unleashed 200.8 (GA) documentation here:
https://support.ruckuswireless.com/products/82-unleashed-and-multi-site-manager#documents
Consisting of Release Notes, What’s New, Upgrade Guide, R750 Quick Setup Guide, User Guide,
Troubleshooting Guide, and SNMP Reference Guide.
The Unleashed 200.8.10.3.243 (GA) SNMP MIBs and AP Firmware have been posted here:
https://support.ruckuswireless.com/products/82-unleashed-and-multi-site-manager#firmwares
With images for C110, E510, H320, H510, M510, M510-JP, R320, R510, R610, R710, R720, R750,
T310c, T310d, T310n, T310s, T610, T610s, T710, T710s model APs. Note: 802.11ac Wave1 APs
are no longer supported as of this release: R310,R500, R600, T300, T300e, T301n, T301s.
Our Cloud based Online Upgrade server has been updated, and customers can Upgrade Online
from Unleashed 200.7, or via Local Upgrade on Unleashed networks running 200.2, 200.3, 200.4,
or 200.5 releases.
Please feel free to share these links and this information with your Unleashed Customers and
Partners. Thanks and best regards,
Posted on 21 Feb, 2020, in Uncategorized
A summary of known-issue FI-194362, how to identify it and how to resolve the issue
Posted on 19 Feb, 2020, in Uncategorized
This Article explain how we can turn Ruckus AP as an Air Monitor when we do not have a macbook in customers premises to run OTA.
Posted on 16 Feb, 2020, in Uncategorized
Hi guys,We have a pair of ICX 6610 stacked and both of them are running version 08.0.30tT7f3 (latest).We are facing a very strange behavior with these boxes. The latency for all IPs configured in it, when we ping, returns with high latency even locally.Below you can find two examples of the problem that we are facing.##########################marceloaraujo@CT-REDES-02[19:55][~]: ping 191.252.191.1PING 191.252.191.1 (191.252.191.1) 56(84) bytes of data.64 bytes from 191.252.191.1: icmp_seq=1 ttl=60 time=90.6 ms64 bytes from 191.252.191.1: icmp_seq=2 ttl=60 time=230 ms64 bytes from 191.252.191.1: icmp_seq=3 ttl=60 time=1.69 ms64 bytes from 191.252.191.1: icmp_seq=4 ttl=60 time=3.59 ms64 bytes from 191.252.191.1: icmp_seq=5 ttl=60 time=0.753 msPING 191.252.203.1 (191.252.203.1) 56(84) bytes of data.64 bytes from 191.252.203.1: icmp_seq=1 ttl=60 time=1.00 ms64 bytes from 191.252.203.1: icmp_seq=2 ttl=60 time=1.49 ms64 bytes from 191.252.203.1: icmp_seq=3 ttl=60 time=121 ms64 bytes from 191.252.203.1: icmp_seq=4 ttl=60 time=106 msAnother strange thing is the CPU usage. The 1 second statistic show us spikes, may be this is the reason of latency.###########################65 percent busy, from 1 sec ago1 sec avg: 65 percent busy5 sec avg: 1 percent busy60 sec avg: 1 percent busy300 sec avg: 1 percent busyspcrdc2ita001#sh cpu-utilization Less than a second from the last call, abort1 sec avg: 1 percent busy5 sec avg: 1 percent busy60 sec avg: 1 percent busy300 sec avg: 1 percent busyspcrdc2ita001#sh cpu-utilization 1 percent busy, from 1 sec ago1 sec avg: 1 percent busy5 sec avg: 1 percent busy60 sec avg: 1 percent busy300 sec avg: 1 percent busySspcrdc2ita001#sh cpu-utilization 1 percent busy, from 39 sec ago1 sec avg: 73 percent busy5 sec avg: 1 percent busy60 sec avg: 1 percent busy300 sec avg: 1 percent busyspcrdc2ita001#sh cpu-utilization Less than a second from the last call, abort1 sec avg: 7 percent busy5 sec avg: 3 percent busy60 sec avg: 1 percent busy300 sec avg: 1 percent busyWhen we run a “show cpu tasks” the number seems to be good, as below.spcrdc2ita001#show cpu tasks … Usage average for all tasks in the last 1 second …==========================================================Name %idle 9 con 0 mon 0 flash 0 dbg 0 boot 0 main 0 stkKeepAlive 0 keygen 0 itc 0 poeFwdfsm 0 tmr 0 scp 0 appl 91 snms 0 rtm 0 rtm6 0 rip 0 bgp 0 bgp_io 0 ospf 0 ospf_r_calc 0 openflow_ofm 0 openflow_opm 0 mcast_fwd 0 mcast 0 msdp 0 ripng 0 ospf6 0 ospf6_rt 0 mcast6 0 ipsec 0 dhcp6 0 snmp 0 rmon 0 web 0 acl 0 flexauth 0 ntp 0 rconsole 0 console 0 ospf_msg_task 0 ssh_0 0 All the interfaces are fine (bandwidth consumption is low) and we have no problems with PPS (Packets per second) rate.You can find an image from our monitoring tool with CPU,Memory usage and response time.Did anynone experience this? Do you have any suggestions for tourbleshooting/fix that?Thanks,Marcelo Tadeu
Posted on 16 Feb, 2020, in Uncategorized
I have a 2 member 7450 stack and I need to install an ICX7400-4X10GF module into each unit in the stack. I know each switch stack unit needs to be powered off to insert the module, but my question is: Does the entire stack need to be powered off and both modules installed at once OR can I maintain as much uptime as possible by installing the modules one at a time as follows:Power off unit 1Install ICX7400-4X10GF module in unit 1Power up unit 1Confirm unit 1 recognizes the new module and is active in the stackPower off unit 2Install ICX7400-4X10GF module in unit 2Power up unit 2Confirm unit 2 recognizes its new module, all is happy, and the stack is fully functionalIf this will work, the switch stack never totally goes down and the dual-homed devices connected to the stack will continue to function. Does this sound like it will work or will the stack get upset that one member has a module while the other does not? In the end, the hardware configuration will match, but there would be a short time where one unit has an ICX7400-4X10GF module and the other unit does not.
Posted on 14 Feb, 2020, in Uncategorized
Needing a little help here please. We have an environment with no router, but we do have a layer 3 switch. Please refer to the diagram; we have a server with IP address 192.168.1.3 connected to Ethernet port 1 of the Brocade Ruckus ICX 7150 switch. We have a fiber link on port 9 that goes out to a layer 2 switch. On port 9 we have virtual interfaces for vlan 51 at 10.174.241.99 and vlan 351 at 11.174.246.99. From the Brocade Ruckus we can ping the Camera at 11.174.246.30, so we are routing traffic as intended from the Brocade through the layer 2 switch (that has tagging) to the camera at 11.174.246.30. What we need to do is have the server connect from its IP address of 192.168.1.3 to the camera at 11.174.246.30. What configuration method would work best to achieve this goal?
Posted on 14 Feb, 2020, in Uncategorized
If you solve this, you could be the one! We have a closed network environment with NO ROUTER, but we do have a layer 3 switch. Please refer to the diagram; we have a server with IP address 192.168.1.3/24 with gateway of 192.168.1.1 The server is connected to Ethernet port 1/1/1 of the Brocade Ruckus ICX 7150 switch which has vlan 192 untagged with ve 192 on IP address of 192.168.1.1. We have a fiber link on port 1/3/1 that goes out to a layer 2 switch. On port 1/3/1 we have vlan 51 tagged with ve 51 on IP address 10.174.241.99 and vlan 351 with tagged ve on IP address 11.174.246.99. From the Brocade Ruckus we can ping the Layer 2 switch at 10.174.241.20, the Camera at 11.174.246.30, and the server at 192.168.1.3. From the server we cannot ping or communicate with the camera at 11.174.246.30.On the server we even added static routes: route add 10.174.241.0 mask 255.255.255.0 192.168.1.1route add 11.174.246.0 mask 255.255.255.0 192.168.1.1 What are we missing?I’ll be happy to share our running config if you’re interested in making someone’s week.
Posted on 13 Feb, 2020, in Uncategorized
If basic reachability is verified and Firewall is not blocking port 22 and 443 between ICX and VSZ communication, the offline status could be related to a known ICX reverse ssh tunnel defect
Posted on 13 Feb, 2020, in Uncategorized
Posted on 13 Feb, 2020, in Uncategorized
I tried to enable POE on ICX 7450-24P, but it doesn’t show any output.Core#show po poe inline power information port Show port security power-savings-statistics Power savings statisticsCore#show poe DECIMAL UNIT-ID STACKID/SLOT/PORT debug-info show inline power debug information detail show inline power detailed information emesg Event Trace Logging messages pd show pd ports powerCore#show poeCore#show in inline inline power information interfaces Port statusCore#show inline power power show inline powerCore#show inline power DECIMAL UNIT-ID STACKID/SLOT/PORT debug-info show inline power debug information detail show inline power detailed information emesg Event Trace Logging messages pd show pd ports power | Output modifiers <cr>Core#show inline power 1/1/1Core#I tried to upgrade the POE firmware on this switch, but the Switch reboots and doesn’t upgrade the firmware. I am running latest 8090.Stack unit 1: Compressed Pri Code size = 32454872, Version:08.0.90T213 (SPR08090.bin) Compressed Sec Code size = 32454872, Version:08.0.90T213 (SPR08090.bin) Compressed Pri Boot Code size = 786944, Version:10.1.15T215 (spz10115) Compressed Sec Boot Code size = 786944, Version:10.1.15T215 (spz10115) Code Flash Free Space = 1578074112Core#Any help appreciated.Regards,Abilash PR.
Posted on 10 Feb, 2020, in Uncategorized
We are able to capture the switch command and log in the Ruckus Web auth via Clearpass now.But there are some minor issues and might be related to Ruckus itself.Please advise if below issues might be adjusted via Ruckus switch CLI:If I log out and log in the windows again, I still able to access the internet but not asking for authenticating again. Is that possible to trigger to have reauthentication again in this case?If I unplug the Lan then plug it back to the PC or just reboot the PC windows, I need to clear the Browser cookies to let the auth page come up again. Any solution?What is the default log on cache time / Auth-time out after successful login the web auth? Also please advise how to change it.Let says I log in the PC as Domain user A, then log in the Web auth as Domain user B.If there is a Firewall gateway with domain user lookup feature enabled already, what is the user name capture result in the Firewall traffic logging in this case?
Posted on 10 Feb, 2020, in Uncategorized
Hello,I want to use my own ssh key.I uploaded my own rsa key with 2048 bits with tftp. ip ssh pub-key-file tftp <ip_address> key_rsa2048.puband show up client-pub-key returns—- BEGIN SSH2 PUBLIC KEY —-ssh-rsa ….—- END SSH2 PUBLIC KEY —-And my verbose ssh debug messages:debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,passworddebug3: authmethod_lookup publickeydebug3: remaining preferred: keyboard-interactive,passworddebug3: authmethod_is_enabled publickeydebug1: Next authentication method: publickeydebug1: Offering public key: RSA …debug3: send_pubkey_testdebug3: send packet: type 50debug2: we sent a publickey packet, wait for replydebug3: receive packet: type 60debug1: Server accepts key: pkalg ssh-rsa blen 279debug2: input_userauth_pk_ok: fp …debug3: sign_and_send_pubkey: RSA …Enter passphrase for key ….:debug3: send packet: type 50debug3: receive packet: type 51debug3: receive packet: type 51debug1: Authentications that can continue: publickey,password,keyboard-interactivedebug2: we did not send a packet, disable methoddebug3: authmethod_lookup keyboard-interactivedebug3: remaining preferred: passworddebug3: authmethod_is_enabled keyboard-interactivedebug1: Next authentication method: keyboard-interactivedebug2: userauth_kbdintdebug3: send packet: type 50debug2: we sent a keyboard-interactive packet, wait for replydebug3: receive packet: type 60debug2: input_userauth_info_reqdebug2: input_userauth_info_req: num_prompts 1Password:debug3: send packet: type 61Also after the failed use of the ssh key the normal authentication with password doesn’t work too. But without the ssh key the password authentication works .I don’t understand this behaviour.I use the 08.0.70cT211 version. Sorry for the bad layout. I tried to improve it but doesn’t work.Update 1: I upgrade to the version 08.0.90dT221. But it doesn’t help.Update 2: I run ip ssh key-authentication yes. It would be helpful to add this to the documentation.But I have still the problem that it asks after my password.
Posted on 09 Feb, 2020, in Uncategorized
Can’t login using AAA radius to a ICX 7450-24. It displays the error when enter credentials and press return/enter: “AAA: udp listner not initialized, AAA not operational”. I can login with local user. The Radius server (Win2012R2) is working correctly with other devices.
Posted on 03 Feb, 2020, in Uncategorized
Starting from vSZ/SZ 5.1 version, we can read/write/modify switch configuration like VLAN/ACL etc. but feature only works when ICX is running on a UFI image.