Ruckus setup
Setting up Ruckus RADIUS with Foxpass
Many Foxpass customers use wireless access products by Ruckus. You are in good hands.
The Ruckus setup is very straight-forward.
1. Set your Foxpass password
In Foxpass, go to the "Password" settings page and enter a password.
2. Create a "RADIUS Client" entry on Foxpass
Visit this page: https://console.foxpass.com/settings/radclients/. Note our RADIUS IP addresses and the "secret" that was created for that entry.
3. Set up AAA
- Go to Wireless Networks in Ruckus. Enter IP address of your primary server. Be sure to set up both of our RADIUS IP address, as one or the other may be down for maintenance.The address can be found RADIUS Settings.
- Port - 1812
- Shared Secret - Secret from the RADIUS Settings page. Click Next.
- Activate the service for the desired venue.
- You will see your wireless networks configured.
- Click on your network > Edit Network > Advanced.
- VLAN ID - 20
- Check Dynamic VLAN
- Max rate - Unlimited
- Check Enable load balancing between all radios and enable load balancing between APs.
4. Don't push the test button!
This is very counter-intuitive. But even when the RADIUS servers are set up properly, the "Test" button on the Ruckus Dashboard will not work.
If you want to know why, see down below.
5. Create a test SSID
In your Ruckus dashboard, create a new SSID called (e.g.) "FoxpassTest"
Use the following settings:
Name = "FoxpassTest"
Type = Standard Usage
Authentication Method = 802.1x/EAP
Encryption Method = WPA2
Encryption Algorithm = AES
Authentication Server = Foxpass
6. Set up your client
If you have a Mac, go to this page: https://console.foxpass.com/settings/wifi/. Create an entry for (e.g.) "Foxpass Test", download the config file and install it. To configure other operating systems for TTLS-PAP, please see the "RADIUS clients" section to the left.
7. Try it out
Connect to your new network, and enter your username and password.
Why the test button doesn't work.
Here's why: Foxpass uses the most secure version of RADIUS that is available. That is called EAP-TTLS-PAP, which encapsulates login information inside of an SSL connection.
The "Test" button does not support EAP-TTLS-PAP, and instead assumes a less secure protocol. This doesn't matter, though, because ultimately the authentication conversation happens between a user's phone / laptop and the RADIUS server directly (the Access Point merely connects the two).
Android, Linux, Windows 8, Windows 10, and Windows 11 all support TTLS-PAP natively.
macOS and iOS will support TTLS-PAP with the addition of a config file, which Foxpass will generate for you.
Windows 7 will work if the computer has the Intel wireless chipset and you install the Intel drivers.
Updated 12 months ago