Ruckus SmartZone WLC Configuration

Ruckus WLC is configured as Radius Client where Ivanti Policy Secure is the Radius Server. The following figure illustrates the workflow of Guest Access on Ivanti Policy Secure for Ruckus WLC.

To configure SmartZone WLC:

1. Connect user/endpoint to the Ruckus Wireless network with open SSID over 802.1X with restricted access through ACLs.

2. Redirect Ruckus WLC guest to external (Ivanti Policy Secure) captive portal when guest tries to access a web-resource.

3. Enter credentials on captive portal page.

4. For guest access authentication, Ivanti Policy Secure provides guest user credentials to Ruckus SmartZone WLC’s management interface via REST API.

5. Ruckus WLC can encode the credentials and send it to a RADIUS server (Ivanti Policy Secure) through Radius Access Request.

6. The RADIUS server validates the credentials and sends a RADIUS response, which contains standard RADIUS attributes and Vendor Specific Attributes.

7. Ruckus WLC provides network access to the guest by changing VLAN based on Ivanti Policy Secure role-based policy.

.

To configure Hotspot (WISPr) service:

1. Select Configuration > AP Zone > Zone Name > Hotspot (WISPr)> Create New.
2. Configure Portal Name, Login URL text box with https://IPS-ip/guest.
3. Configure Northbound Interface password as Ruckus Request Password on Radius Client page in IPS.

To configure WLAN:

1. Select Configuration > AP Zone > Zone Name >WLAN > Create New.
2. Configure Name, SSID, Authentication type as “Hotspot (WIPSr) “, Authentication Method as “open” and Encryption as “None”.
3. Select Hotspot configured from drop down list and select Authentication Server.