Adding and Managing a Regular Switch Configuration Profile

From the RUCKUS One web interface, you can add a regular switch configuration profile and apply it to one or more venues.

This task lets you pre‑define VLANs, ACLs, ICX Port Profiles, and Trusted Ports for selected switch families and models. Configure ICX Port Profiles (including MAC OUI and LLDP TLV) before you begin. Refer to Adding and Managing an ICX Port Profile and Adding MAC OUI and LLDP TLV Matching Entries for more information.
Complete the following steps to add a regular switch configuration profile.
  1. On the navigation bar, select Wired > Wired Network Profiles > Configuration Profiles.
    The Wired Network Profiles page is displayed, defaulting to the Configuration Profiles tab.
    Wired Network Profiles - Configuration Profiles Tab
  2. Click Add Regular Profile.
    The Add Switch Configuration Profile page is displayed, defaulting to the General tab.
    Note: These profiles allow you to pre-define configuration for switches including VLANs, ACLs, Port Profiles and Trusted ports against selected switch models. Once defined, these profiles can be applied to one or more venues. Any switch(es) that are in factory-default condition when joining such a venue will inherit the configuration.
    Add Switch Configuration Profile - General
  3. Enter the Profile Name and Profile Description in the General tab.
  4. Click Next to proceed to the VLANs tab.
    Add Switch Configuration Profile - VLANs
  5. (Optional) Click Default VLAN settings.
    1. Modify the VLAN ID.
    2. (Optional) Select the Spanning tree protocol from the drop-down list.
    3. Click Save.
      Note: The default VLAN change is applied to all the switches linked to this profile. Changing the default VLAN may cause network disruption unless the VLAN ID already exists on the switches.
      Note: Beginning with RUCKUS FastIron 10.0.20a and later, if the Spanning tree protocol is set to STP, RUCKUS One will automatically apply RSTP to the device.
      Default VLAN settings
  6. Click Add VLAN.
    The Add VLAN sidebar is displayed.
    Add VLAN
    1. Specify a VLAN ID.
      The VLAN ID values range from 1 through 4095, except 4087 and 4090 through 4094. One or more VLAN IDs can be entered in the following ways:
      • Single VLAN ID: 20
      • Multiple VLAN IDs and ranges: 1-20, 22, 30-100
      • Combination of individual VLAN IDs and ranges: 1-20, 22, 30-100
      These alternatives allow you to create multiple VLANs simultaneously while applying common configurations. After establishing these VLANs, you can customize settings for each VLAN individually. Additionally, you can edit VLAN IDs within a range while ensuring that the original VLAN is included.
    2. (Optional) Enter a VLAN Name.
    3. (Optional) Toggle the IPv4 DHCP Snooping switch on to enable this feature.
      Note: If IPv4 DHCP Snooping is enabled, you must select trusted ports for each deployed switch model on the Trusted Ports page of the wizard.
    4. (Optional) Toggle the ARP Inspection switch on to enable this feature.
      Note: If ARP Inspection is enabled, you must select trusted ports for each deployed switch model on the Trusted Ports page of the wizard.
    5. (Optional) Select IGMP Snooping from the drop-down list. The options are NONE, Active, and Passive. The switch is disabled by default (drop-down option set to NONE). If Active or Passive is selected, then the Multicast Version option becomes active.
    6. (Optional) Select Multicast Version from the drop-down list depending on which version is supported by your network and the network devices with which it is compatible. The options are Version 2 or Version 3. The default value is Version 2.
    7. (Optional) Select Spanning tree protocol from the drop-down list. The options are NONE, RSTP, and STP.
      Note: Beginning with RUCKUS FastIron 10.0.20a and later, if the Spanning tree protocol is set to STP, RUCKUS One will automatically apply RSTP to the device.
    8. Click Add.
      The VLANs are created and listed on the VLANs page.
    9. Select the radio button next to the VLAN ID to edit or delete the configured VLAN.
  7. Click Next to proceed to the Ports tab.
  8. Click Set Ports.
    The Select Ports By Model dialog box is displayed, defaulting to the Select Model tab.
    Select Ports By Model - Select Model
    1. Select the device details:
      • Family
      • Model
        Note:
        • Support is available for ICX 8100 and ICX 8100‑X switch models, including AV‑capable models. You can select these models from the ICX 8100 family list when creating configuration profiles such as VLANs, Trusted Ports, and Port Profiles.
      • Module
    2. Click Next.
      The page loads port options specific to the selected switch model in the Set Ports tab.
    3. Select the ports to configure VLANs for the selected model.
      The selected ports are ready for VLAN configuration.
      Select Ports By Model - Set Ports
    4. Select the Untagged VLAN and Tagged VLAN from the drop-down lists. If multiple ports are selected, enable the corresponding Untagged VLAN and Tagged VLAN checkboxes for selecting the VLAN values.
      Users can now add multiple tagged VLANs to a port using the Select All and Deselect All checkbox, eliminating the need to choose each VLAN individually.
      Note: Select All applies only to the VLANs currently visible in the web interface. VLANs added after using this option are not automatically selected.
      Note: The ability to select a specific range of VLANs is not supported.
    5. Click Add to save the port configuration.
  9. Click Next to proceed to the Voice VLAN tab.
  10. Click Set Voice VLAN.
    The Set Voice VLAN sidebar is displayed.
    1. Select one or more checkboxes next to the Tagged Ports column and click Edit.
      The Set Voice VLAN dialog box is displayed.
    2. Select the VLAN ID from the Voice VLAN drop-down list, then click Set.
      The configured VLAN ID and port values for the Voice VLAN are displayed in the Voice VLAN column.
      Set Voice VLAN
    3. Click Set.
  11. Click Next to proceed to the ACLs tab.
  12. Click Add ACL.
    The Add ACL sidebar is displayed.
    Add ACL
    1. Enter an ACL Name.
    2. (Optional) Select Standard or Extended in the Type field.
    3. (Optional) Click Add Rule.
      An Add Rule dialog box is displayed.
      • Enter a valid Sequence or use the arrows to select a value from 1 through 65,000 and perform the following settings, based on the ACL type you have selected.
        Add Rule
      • Action: Select an action. The options are Permit or Deny.
      • Source Network: Specify the source network as Any or Specific Subnet. If you select Specific Subnet, then enter the specific subnet IP address.

        The following fields are displayed only if you select the type Extended.

      • Protocol: Select IP, TCP, or UDP from the drop-down list.
      • Destination Network: Select the destination network, Any or Specific Subnet. If you select Specific Subnet, then enter the specific subnet IP address.
      • Source Port: Specify the source port. This option is activated only if the TCP or UDP protocol is enabled.
      • Destination Port: Specify the destination port. This option is activated only if the TCP or UDP protocol is enabled.
      • Click OK to add the rule.
    4. Click Add to add the ACL configuration to the ACLs table.
  13. Click Next to proceed to the Port Profiles tab.
  14. (Optional) Click Add Port Profile to apply an ICX port profile to one or more switch families and switch models.
    Note:
    • You cannot create ICX port profiles here, meaning, you must have already configured the ICX port profile and associated MAC OUI and LLDP TLV settings. Refer to Adding and Managing an ICX Port Profile and Adding MAC OUI and LLDP TLV Matching Entries for more information.
    • Configure the global ICX port profile, MAC OUI, and LLDP TLV settings from the Network Control > Policies & Profiles > Port Profiles > Switch tab. Refer to Adding and Managing an ICX Port Profile and Adding MAC OUI and LLDP TLV Matching Entries for more information.
    • Locally modified port profiles are overridden if their names match the global settings and are already applied to the related regular switch configuration profile.
    • Support has been added for ICX 8100 and ICX 8100-X switch models. You can select these models from the ICX 8100 family list, including variants such as 24, 48, 24P, 48P, 48PF, C08PF, C16P, and their “–X” versions. Once selected, the available configuration parameters are displayed dynamically based on the model.
    • An ICX port profile is supported on the following RUCKUS ICX model families: ICX 7550, ICX 7650, ICX 7850, ICX 8200, and ICX 8100. For detailed information, refer to the RUCKUS FastIron Management Configuration Guide.
    The Add Port Profile dialog box is displayed to configure the following settings:
    1. Select one or more RUCKUS ICX switch families and the required models on the Select Models page, and then click Next.
    2. Select one or more ICX port profiles from the drop-down list on the Port Profiles page, and then click Add to assign them to the selected switch models.
    The selected ICX port profiles are associated with the profile.
    Note:
    • After completing the remaining steps of the Add Switch Configuration Profile wizard, you will have to apply the ICX port profile to individual ports on a per-switch basis (refer to Editing a Switch Port for details). Subsequently, you can view the list of ICX port profiles assigned to a specific switch by clicking the Port Profiles sub-tab on the Overview tab for the switch.
    • Updates to an ICX port profile are automatically applied to all the switch ports that are using it.
  15. Click Next to proceed to the Trusted Ports tab.
    Note: The Trusted Ports tab appears only if IPv4 DHCP Snooping or ARP Inspection toggle switches are enabled on the VLAN tab.
    Add Switch Configuration Profile - Trusted Ports
  16. Click Please Select...
    The Select Ports By Model dialog box is displayed, defaulting to the Select Model tab.
    Note: Since the Model is already selected, the Family and Model are read-only.
    1. Click the Trusted Ports tab.
    2. Select up to four ports that should be treated as trusted ports for the selected switch model.
      Note: For stacked switches, Trusted Ports are configured on each unit based on the unit’s switch model. Port numbers are automatically expanded to include the unit number in the stack.
    3. Click Apply to apply the trusted port configuration for the selected switch model.
      The selected ports are marked as trusted ports for the specified switch model and are displayed on the Trusted Ports page.
    4. (Optional) Click Add Model if your deployment includes different switch models or if you did not define switch ports on the Ports page in the wizard. Each switch uses the trusted ports configured for its model. Select the required switch Family and Model on the Select Ports by Model page, click Next, select up to four Trusted Ports model, then click Add.
    5. (Optional) To modify trusted ports for an existing model, select the model and click Edit.
    6. (Optional) To remove a model, select the model and click Delete.
  17. Click Next to proceed to the Venues page.
    The Venues page is displayed.
    Add Switch Configuration Profile - Venues
    • (Optional) Toggle the Apply profile updates to existing switches switch on to apply the profile to both existing switches and newly installed Greenfield switches, or toggle it off to apply the profile only to newly installed Greenfield switches. For more information, refer to Apply Switch Configuration Profile Changes.
    • Select one or more checkboxes in the Venues column, and then click Activate, or toggle the switch in the Activated column on to activate the switch configuration profile for the selected venues.
  18. Click Next to proceed to the Summary tab.
    The Summary page is displayed.
    Add Switch Configuration Profile - Summary
  19. Review the Summary page.
    Note: The Summary page displays a limited preview of configuration details. VLANs are shown up to a maximum of 20 entries, Port Profiles up to 3 models, ACLs up to 10 entries, Venues up to 10 entries, and the Profile changes apply to list shows up to 25 switches.
  20. Click Add to add the switch configuration profile.
    A confirmation message is displayed indicating that proceeding with the profile update will result in configuration being updated on existing switches shown in the summary page. Click Proceed.

    The switch configuration profile is added in the Configuration Profiles page.

  21. Select the checkbox next to the Profile Name to display the Edit and Delete options.
  22. (Optional) Click Edit if you want to modify the configuration profile.

    While editing the switch configuration profile:

    1. Navigate through each tab (for example, VLANs, Ports, ACLs, Port Profiles, or Venues), select the required entry using the radio button, and then click Edit or Delete to modify or remove the configuration.

      If no entry exists, use the available option on the page to create a new entry.

    2. Review the Summary page.
      • The Added, Changed, and Removed change summary counters appear only when configuration differences exist; if there are no changes, these counters are not shown.
      • (Optional) Click the numeric count next to Added, Changed, or Removed to open the Change Log sidebar, which includes the Added, Changed, and Removed tabs listing the corresponding configuration changes.
        Edit Switch Configuration Profile
    3. Save the edited profile.
      Note: A confirmation dialog appears only if the Apply profile updates to existing switches option is enabled on the Venues page and the changes affect one or more existing switches.
      Note: If trusted ports are updated and the Apply profile updates to existing switches option is enabled, then when the profile is saved the changes are automatically applied to all units in the switch stack.
  23. (Optional) Click Delete to remove the configuration profile.

To search for a specific configuration profile, enter the partial or full configuration profile name in the Search field. All matching configuration profiles are displayed. You can filter the list of configuration profiles by Type.

You can sort the list of configuration profiles by profile name, type, or venues by clicking the associated column header.

You may navigate to Administration > Timeline > Activities to view the entries for these actions, such as the date and time of the actions, and whether it was a success or failure.