I followed the Firewalla setup documentation and created a normal LAN that works fine. It has an unmanaged switch in front of 3 (originally 4) Ruckus Unleashed H550 APs. There is nothing wrong with that network and it's completely stable.
I wanted to add an IoT specific network with an AP that doesn't have access to any other LANs. I set up a new LAN on Port 2 with a rule to block traffic to and from other LANs, trying to get to example 3 in this document without cameras. I pulled the 4th Ruckus Unleased AP (an R510), factory reset it, and plugged it in to Port 2. It starts up in configuration mode, and I'm able to connect to its "Configure Me" network directly. After setting up an SSID and admin user, it restarts.
At no point does a device show up in Firewalla on the IoT network. It's as though nothing is plugged in to the port. The cable is the same one that worked on the other network. The activity lights on the port on both the AP and the Firewalla do turn on. The AP blinks lights indicating that it can't acquire an IP address, and the "Configure Me" network stays on. I connect to it again, login with the new admin user, and see that the AP recognizes something is plugged in to port 1, it has an IP of 192.168.0.1 (which is its default assigned by itself, the Firewalla IoT network starts at 192.168.64.50), and it failed to reach the gateway + DNS + internet. It's configured to use DHCP by default. I've tried manually setting its gateway and DNS to 192.168.64.1 (the IoT network value), but then "Configure Me" goes away, the correct SSID network shows up, and it's impossible to connect to (clients try to connect but can't acquire an IP) and a device still doesn't show up in Firewalla for the AP. I've factory reset the AP many times and gone through the setup process but it's always the same result when it's plugged in to this port.
Is there some configuration I'm missing on the AP to get it talking to Firewalla correctly? Why does this AP work fine on the Port 1 network but not the Port 2 network? Should I do the full AP setup unconnected, and only connect it to the Firewalla after it starts? Maybe there's a way to assign a static IP by MAC address to the AP, so I don't have to wait for it to show up in the device list (which it never does) before reserving one for it?
Please sign in to leave a comment.