Thanks! Knowing that the R730 can actually be modded into an R850 really got me interested in learning more about Ruckus APs. Part of it’s because I’m a bit worried about potential issues during "hack to r850", but honestly, it’s mostly because I want full control over my own gear. I’m gonna order the connection cable right now!You shouldn't need a serial cable to do Ruckus AP modding, unless something's gone very wrong. My mods all work from the web UI and/or SSH CLI. The R730 Unleashed guide is here: Run Unleashed on the Ruckus R730 | ms264556.net
But to answer your question...
Yes, I have that cable and it seems to work reliably on all Ruckus APs.
Jon Sands shows the UART pins here:-
And Floris Brunet published a nice page with a picture showing which colours connect to which UART pins:-
Ruckus Wireless as an Unifi alternative?
- Thread starter pcmoore
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
Hey everyone! I’ve got two offices in different locations connected through a site-to-site VPN.
I’m wondering — is it possible to have all my Ruckus APs run on the same Unleashed system across both sites?
If yes, what do I need to make it work, and could anyone share a quick guide?
I was thinking it’d be cool if everyone could use the same DPSK list.
Thanks, guys!
I’m wondering — is it possible to have all my Ruckus APs run on the same Unleashed system across both sites?
If yes, what do I need to make it work, and could anyone share a quick guide?
I was thinking it’d be cool if everyone could use the same DPSK list.
Thanks, guys!
If your VPN link is setup with TAP interfaces, so everything's on one L2 network, then you will have a single Unleashed network.
Otherwise, traffic will be routed between your two locations. Standard mode Unleashed requires all APs to share a single L2 broadcast domain, so you won't be able to have a single standard Unleashed network in this case.
But what you can do instead...
Assuming your APs can all run Unleashed 200.13+ and you have a spare R750/R850/R770, then you can enable Dedicated Master mode. You choose an AP to act as the Dedicated Master, which then disables its WiFi radios and takes over controller duties. Now, member APs can be on any subnet (or even behind NAT) and still connect to the Dedicated Master controller. Since the Dedicated Master AP disables its radios, even the latest Unleashed releases can use a cheap hacked R730 as Dedicated Master, so this option can be very inexpensive.
But I remember you said you have R310s. These don't support modern Unleashed releases, so you can't use Dedicated Master.
You can instead use a ZoneDirector 1200. This supports a wide range of APs, but not recent Wifi 6E/7 models. The Access Network branded version (C120) is on eBay regularly for as little as $30, so buying one of these is a good alternative. You can contact me privately to sort out upgrade entitlements and licenses.
**Also of note, APs can tunnel traffic back to their ZoneDirector or Dedicated Master (on a per SSID/port basis), so that a dedicated VPN isn't required. This makes it very easy to add new locations by just shipping an AP. I have firewall configuration guides here, if this is interesting.
Last edited:
Woah — you really are a Ruckus master.
I'm still at the learning stage, and once I understand enough I'll make the right choice.
I want to ask about the performance of hacking an R730 into an R850 — are there any issues using it as a WAP with Unleashed? How does the performance look after the mod (can you compare it to an R510 — right now I'm seeing 390 Mbps download shown in the Ubiquiti WiFiman app on my Samsung A52s)?
Thanks a lot.
p/s:
Let me add one more question
— I want the wireless clients at the branch office to receive their IP address from the DHCP server and VLAN ID from the headquarters.
Can Unleashed do that?
I tried asking Copilot but its answer was quite vague. It said Unleashed can’t do it because the tunnel operates at Layer 3, and to achieve that I’d need a ZD1200 running in Layer 2 mode.
I’d really appreciate any guidance from everyone.
Thank you so much.
Last edited:
I call out the main issues on my mod page: the modded R730 only supports Unleashed versions with serious security vulnerabilities on the management interface; you must only run 80MHz channels; it needs PoE++ or 48V DC, and will use ~11-12W all the time.
If you look elsewhere on the internet, you'll see lots of dire FUD about the R730's terrible pre-standard chipset. My experience is that this is a non-issue for home use with Unleashed. The missing 802.11ax features are aimed at high-client-density or high-AP-density environments.
Because the R730 will be running 80MHz channels, clients will top-out at ~1200Mbps PHY. My client devices see ~1Gpbs speed tests connecting through my 1Gbps internet connection. There's a bit more headroom than this: I did iperf test across a bridged pair of R730s and got a few hundred Mbps more (sorry, can't remember the exact number, maybe ~1400 or 1500?).
As I said earlier, you will need to use Unleashed Dedicated Master to share one Unleashed network between two locations. So, assuming you're running an Unleashed Dedicated Master (or ZoneDirector; they work the same):-
The default for Ruckus APs is to dump all traffic out to the local network. So yes: the headquarters Dedicated Master will be controlling all remote APs including assignment of VLANS, but remote clients' traffic will stay on the remote network.
You have the option of tunneling (on a per-SSID basis) traffic back to the Dedicated Master's network. So you can e.g. set things up so head-office staff can take their laptop to remote branches and automatically connect to the head-office network.
Thanks a lot. I’ve searched all over the internet trying to learn more about WLAN tunnel on a dedicated master AP, but there’s really not much information out there.
With the ZD1200 (version 10.5), I can see the DHCP relay settings for WLAN tunnel in the user guide. But for Unleashed, there’s nothing — even in the latest 200.18 documentation.
Here’s the scenario I want to achieve:
- There will be one Unleashed network shared across multiple branches.
- Possibly two dedicated masters located at two different sites for high availability.
- A single SSID across the entire network.
- Users are assigned DPSKs, each mapped to different VLANs.
- WLAN tunneling is enabled, so the branches won’t have their own DHCP servers — all wireless traffic, including IP assignment, will come from the DHCP server at headquarters.
Can this setup actually be done?
I’d really appreciate confirmation from you and anyone with experience who can verify this.
If not, I might have to consider going with the ZD1200, though it’s already end-of-life, unfortunately.
This combination is not going to work. Tunneled AP traffic terminates at the Active controller, so if the headquarters controller goes down then traffic will exit at the branch controller. So right away the branch subnet needs a device to provide DHCP. And VLANs aren't magic: you need something to route traffic between the VLANS. So your branch subnet also needs a device to do VLAN routing.
Same-cluster Ruckus controllers generally don't like high latency. But ignoring this, connecting any system's active/standby cluster nodes over WAN is generally very bad.
If the link experiences any significant packet loss then it's very easy for your cluster to be unusable, with nodes ping-ponging between active/standby roles (which can take many minutes per-failover).
AP <=> Controller latency isn't a problem. I had APs in different cities from my ZoneDirector and everything was great. There might be occasional packet loss, but local traffic continued just fine.
So...
I'd personally aim to have a headquarters controller/cluster, and enable DHCP on whatever box is connecting your remote site to the internet/WAN.
Edit:
(If money is no object, SmartZone (or Ruckus One + Edge) does a very nice job of this scenario).
Last edited:
Yes, what I want to understand first is whether I can use DPSK with multiple VLANs for a branch’s WLAN tunnel — so that it can relay IP addresses from the DHCP server at the headquarters, right?
Regarding the backup Dedicated Master AP — I know I’m thinking a bit far ahead, but if I need a fallback option, placing it in the same site as the main AP should be fine, right?
I have multiple VLANs in that tunnel, and I still don’t fully understand what options are available for IP assignment via DHCP.
In the ZD1200 10.5 documentation, there’s a DHCP relay option in the WLAN tunnel settings, but the Unleashed documentation doesn’t mention it at all.
It’s a bit of a shame — I just want to understand how it works before trying to apply it to my home and small business setup.
I really trust Ruckus, and I believe their cloud and SmartZone products can handle this well, but for now I’d like to experiment with more budget-friendly options like Unleashed and a second-hand ZD1200.
thankyou
Last edited:
Yes, DPSK lets you assign dynamic VLANs.
And yes, the tunnel passes DHCP traffic. So if DHCP is correctly functioning for a VLAN at your headquarters then it should function correctly for the same VLAN at the remote end of the tunnel.
DHCP relay is an L3 thing. The tunnel is L2, so you just want to make sure it's not blocking DHCP. You can see here, that even blocking broadcast traffic doesn't block DHCP.
Yes, placing at the same site is fine. Ideally place it on the same subnet, and assign a management interface.
SmartZone is free to download and trial, for up to 5 APs, for 90 days. And they have videos on youtube to walk you through the initial setup.
If you need a longer 'trial' then just backup your config, reinstall vSZ, then restore your config backup. Ad infinitum if you can be bothered.
Ruckus One is free to trial for up to 100 APs, for 90 days. And they'll generally give you a second trial if you run out of time.
An advantage of these controllers is that you get very fine-grained control over where DHCP happens, and which traffic goes over the tunnel vs local breakout (so e.g. your APs could directly hand out DHCP addresses, tunnel internal-app traffic back to headquarters, but dump printer and internet traffic out to the branch network).
Last edited:
Wow, awesome — so my desired scenario can be implemented.
Haha, you mentioning it just made me remember the printer.
Having the WLAN tunnel traffic go to headquarters and then back to the printer is a bit roundabout.
Do you have any ideas for this?
I’m using an Ethernet network printer.
Does Ruckus One require a service contract, or is registration enough? The 180-day trial sounds really appealing.
Thanks.
With Unleashed/ZoneDirector, if you tunnel everything then you'll just have to live with this. It'd probably be simpler to just enable DHCP and not tunnel anything.
Apologies, I was daydreaming when I wrote that. The trial is 90 days (so 180 days if you ask for a renewal). You register here.
Can you please clarify what you mean by “just enable DHCP”?
Thanks!
I’ve learned a lot from the information you shared.
What impressed me the most is that Ruckus WLAN Tunnel can greatly simplify branch network deployment — no need for static IPs and even makes it possible to skip site-to-site VPN (though I might still need it for branch printers).
That could really reduce both networking costs and management overhead.
Ok I understand the question now.
So, if you install a ZD1200 INSTEAD of a VPN then you can configure any ethernet port on any AP to also tunnel traffic back to the ZD1200.
Ruckus removed this functionality from the Unleashed web configurator. I'll have a check later in the week to see if it can be enabled by using the AJAX endpoint.
If you need a dedicated master then the advantage of the R730 is that it's very cheap.
If you don't need any dedicated master functionality then installing an R730 dedicated master is just throwing money away.
If 200.14 is worrying you then it's worth setting up a VLAN or two on your router and putting the SSIDs onto VLANs so they can't see the management interface.
Or I'm happy to set you up with a partner domain on my SmartZone, and you can run supported R730 firmware.
Be patient and persistent. I've picked up several R750 and R850 on eBay for 200-225 USD...