Contents

WatchGuard RADIUS SSO with Ruckus AP Integration Guide

This document describes how to configure a WatchGuard Firebox for RADIUS SSO with a Ruckus access point (AP).

Platform and Software

The hardware and software used to complete the steps outlined in this document include:

  • Firebox T30 device installed with Fireware v11.12
  • Ruckus AP ZoneFlex R600 installed with 104.0.0.0.1347
  • FreeRADIUS server Version 2.2.3

Test Topology

This diagram shows the test topology for this integration.

Configuration

Configure the Firebox

  1. Log in to Fireware Web UI at https://<IP address of Firebox>:8080.
  2. From the navigation menu, select Authentication > Single Sign-On.
  3. Select the RADIUS tab.
  4. Select the Enable Single Sign-On (SSO) with RADIUS check box.

  1. In the IP Address text box, type the Ruckus AP IP address. In our example, the IP address is 10.0.1.2.
    By default, the Ruckus AP uses DHCP. On your Firebox, you must enable DHCP for the optional port connected to the Ruckus AP.
  2. In the Secret text box, type the secret.
  3. In the Confirm Secret text box, type the secret again. Leave all other settings at the default values.
  4. Click Save.

Configure the Ruckus AP

  1. Log in to the Ruckus AP Web Console interface at https://< Ruckus AP IP Address/>.
  2. From the navigation menu, select Configuration > Radio 2.4G.
  3. Select the Wireless 1 tab.

  1. For Wireless Availability, select Enabled.
  2. For Broadcast SSID, select Enabled.
  3. In the SSID type box, type Ruckus.
  4. From the Encryption Method drop-down list, select WPA.
  5. For WPA Version, select WPA2.
  6. For WPA Authentication, select 802.1X.
  7. For WPA Algorithm, select AES.
  8. In the Radius NAS-ID text box, type a number of your choice.
  9. In Authentication Server section, in the IP address text box, type the IP address of the RADIUS server.
  10. In the Port text box, type 1812.
  11. In the Server Secret text box, type the server secret . The secret must match the secret used on the RADIUS server.
  12. In Accounting Server section, type the IP address of the Firebox port in IP address text box.
  13. In the Port text box, type 1813.
  14. In the Server Secret text box, type the server secret. The secret must match the secret specified in the Configure Firebox procedure.
  15. Click Update Settings.

Configure the RADIUS Server

  1. Configure the secret used to communicate with the Ruckus AP. The secret must match the secret specified in in the Configure Ruckus AP procedure.
  2. Configure the client user name and password. These are the credentials used for the client login.

Test the Integration

  1. Use a client device such as a smart phone, laptop, or desktop computer to connect to the Ruckus Wi-Fi network.
  2. Type the user name and password stored in the RADIUS server, and determine whether the connection succeeds.
  3. Log in to Fireware Web UI at https://<IP address of Firebox>:8080.
  4. From the navigation menu, select System Status > Authentication List.
  5. In the Authenticated Users section, the RADIUS SSO information appears.

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search