From the RUCKUS One web interface, you can add a regular switch configuration profile and apply it to one or more venues.

1. On the navigation bar, select Wired > Wired Network Profiles > Configuration Profiles.
   The Wired Network Profiles page is displayed, defaulting to the Configuration Profiles tab.

   

2. Click Add Regular Profile.
   The Add Switch Configuration Profile page is displayed, defaulting to the General tab.

   Note: These profiles allow you to pre-define configuration for switches including VLANs, ACLs, Port Profiles and Trusted ports against selected switch models. Once defined, these profiles can be applied to one or more venues. Any switch(es) that are in factory-default condition when joining such a venue will inherit the configuration.

   

3. Enter the Profile Name and Profile Description in the General tab.
4. Click Next to proceed to the VLANs tab.

   

5. (Optional) Click Default VLAN settings.
   1. Modify the VLAN ID.
   2. (Optional) Select the Spanning tree protocol from the drop-down list.
   3. Click Save.
      Note: The default VLAN change is applied to all the switches linked to this profile. Changing the default VLAN may cause network disruption unless the VLAN ID already exists on the switches.

      Note: Beginning with RUCKUS FastIron 10.0.20a and later, if the Spanning tree protocol is set to STP, RUCKUS One will automatically apply RSTP to the device.

      

6. Click Add VLAN.
   The Add VLAN sidebar is displayed.

   

   1. Specify a VLAN ID.
      The VLAN ID values range from 1 through 4095, except for 4087 and 4090 through 4094. One or more VLAN IDs can be entered in the following ways:

      • Single VLAN ID: 20
      • Multiple VLAN IDs and ranges: 1-20, 22, 30-100
      • Combination of individual VLAN IDs and ranges: 1-20, 22, 30-100
      These alternatives allow you to create multiple VLANs simultaneously while applying common configurations. After establishing these VLANs, you can customize settings for each VLAN individually. Additionally, you can edit VLAN IDs within a range while ensuring that the original VLAN is included.
   2. (Optional) Enter a VLAN Name.
   3. (Optional) Toggle the IPv4 DHCP Snooping switch on to enable this feature.
      Note: If IPv4 DHCP Snooping is enabled, you must select trusted ports for each deployed switch model on the Trusted Ports page of the wizard.
   4. (Optional) Toggle the ARP Inspection switch on to enable this feature.
      Note: If ARP Inspection is enabled, you must select trusted ports for each deployed switch model on the Trusted Ports page of the wizard.
   5. (Optional) Select IGMP Snooping from the drop-down list. The options are NONE, Active, and Passive. This setting is disabled by default (drop-down option set to NONE). If Active or Passive is selected, then the Multicast Version option becomes active.
   6. (Optional) Select Multicast Version from the drop-down list depending on which version is supported by your network and the network devices with which it is compatible. The options are Version 2 or Version 3. The default value is Version 2.
   7. (Optional) Select Spanning tree protocol from the drop-down list. The options are NONE, RSTP, and STP.
      Note: Beginning with RUCKUS FastIron 10.0.20a and later, if the Spanning tree protocol is set to STP, RUCKUS One will automatically apply RSTP to the device.
   8. Click Add.
      The VLANs are created and listed on the VLANs page.
   9. Select the radio button next to the VLAN ID to edit or delete the configured VLAN.
7. Click Next to proceed to the Ports tab.
   The page displays the Switches and Stacks sub‑tabs.
8. On the Ports tab, click Set Ports on the Switches sub-tab.
   The Select Ports By Model dialog box is displayed, defaulting to the Select Model tab.

   

   1. Select the device details:
      • Family
      • Model
        Note:

        • Support is available for ICX 8100 and ICX 8100‑X switch models, including AV‑capable models. You can select these models from the ICX 8100 family list when creating configuration profiles such as VLANs, Trusted Ports, and Port Profiles.
        • Support is also available for the ICX 8200 family, including AV‑capable models. ICX 8200 models appear in the ICX 8200 family list, and you can configure their port layouts in the Set Ports step.
      • Module
   2. Click Next.
      The page loads port options specific to the selected switch model in the Set Ports tab.
      Note: On ICX 8200‑AV switches, some port capabilities differ by model and by port range, and the ports shown in Set Ports reflect those differences.
   3. Select the ports to configure VLANs for the selected model.
      The selected ports are ready for VLAN configuration.

      

   4. Select the Untagged VLAN and Tagged VLAN from the drop-down lists. If multiple ports are selected, enable the corresponding Untagged VLAN and Tagged VLAN checkboxes for selecting the VLAN values.
      Users can now add multiple tagged VLANs to a port using the Select All and Deselect All checkboxes, eliminating the need to choose each VLAN individually.

      Note: Select All applies only to the VLANs currently visible in the web interface. VLANs added after using this option are not automatically selected.

      Note: The ability to select a specific range of VLANs is not supported.
   5. Click Add to save the port configuration.
9. On the Ports tab, click Set Ports on the Stacks sub-tab to add a new configuration.

   

   The Select The Model Family dialog box is displayed, defaulting to the Select Family tab.
   1. Select the Family you want to configure and click Next.
   2. On the Set Ports page, review the unit layout.
      • Unit 1 is displayed by default.
      • Click Add Unit to include additional units.
        Note: Units must be configured in sequence. If you add Unit 3, Unit 2 must also be present.
        Note: At least one port must be configured in any unit.
      • To remove a unit, click the next to the unit label. Removing a unit discards all VLAN selections associated with that unit.
   3. Select ports in the template to configure VLAN assignment.
      The port layout uses a standardized 48‑port model for the selected family. When switches in the stack use different models from the same family, VLANs are applied only to ports that exist on each switch.

      For Modules 2 and 3, the system will display the maximum number of ports supported across all models within the selected family.

   4. In the VLAN Configuration panel:
      • Select an Untagged VLAN from the drop‑down list.
      • Select one or more Tagged VLANs, as required.
      • Click Set to apply the VLAN settings for the selected units.
   5. Click Save.
      The Stacks sub‑tab now lists the configured entry, showing units, selected ports, untagged VLAN, and tagged VLANs. The configuration becomes part of the switch profile and is applied to stack‑capable switches during provisioning.
10. Click Next to proceed to the Voice VLAN tab.
    The page displays the Switches and Stacks sub‑tabs.
11. On the Voice VLAN tab, click Set Voice VLAN on the Switches sub-tab.
    The Set Voice VLAN sidebar is displayed.
    1. Select one or more checkboxes next to the Tagged Ports column and click Edit.
       The Set Voice VLAN dialog box is displayed.
    2. Select the VLAN ID from the Voice VLAN drop-down list, then click Set.
       The configured VLAN ID and port values for the Voice VLAN are displayed in the Voice VLAN column.

       

    3. Click Set.
12. On the Voice VLAN tab, click Set Voice VLAN on the Stacks sub-tab.
    The Set Voice VLAN sidebar is displayed.
    1. Select one or more checkboxes next to the Tagged Ports column and click Edit.
       The Set Voice VLAN dialog box is displayed.
    2. Select the VLAN ID from the Voice VLAN drop-down list, then click Set.
       The configured VLAN ID and port values for the Voice VLAN are displayed in the Voice VLAN column.
    3. Click Set.
13. Click Next to proceed to the ACLs tab.
14. Click Add ACL.
    The Add ACL sidebar is displayed.

    

    1. Enter an ACL Name.
    2. (Optional) Select Standard or Extended in the Type field.
    3. (Optional) Click Add Rule.
       The Add Rule dialog box is displayed.

       • Enter a valid Sequence or use the arrows to select a value from 1 through 65,000 and perform the following settings, based on the ACL type you have selected.

         

       • Action: Select an action. The options are Permit or Deny.
       • Source Network: Specify the source network as Any or Specific Subnet. If you select Specific Subnet, then enter the specific subnet IP address.

         The following fields are displayed only if you select the type Extended.

       • Protocol: Select IP, TCP, or UDP from the drop-down list.
       • Destination Network: Select the destination network, Any or Specific Subnet. If you select Specific Subnet, then enter the specific subnet IP address.
       • Source Port: Specify the source port. This option is activated only if the TCP or UDP protocol is enabled.
       • Destination Port: Specify the destination port. This option is activated only if the TCP or UDP protocol is enabled.
       • Click OK to add the rule.
    4. Click Add to add the ACL configuration to the ACLs table.
15. Click Next to proceed to the Port Profiles tab.
16. (Optional) Click Add Port Profile to apply an ICX port profile to one or more switch families and switch models.
    Note:

    • You cannot create ICX port profiles here, meaning that you must have already configured the ICX port profile and associated MAC OUI and LLDP TLV settings. Refer to Adding and Managing an ICX Port Profile and Adding MAC OUI and LLDP TLV Matching Entries for more information.
    • Configure the global ICX port profile, MAC OUI, and LLDP TLV settings from the Network Control > Policies & Profiles > Port Profiles > Switch tab. Refer to Adding and Managing an ICX Port Profile and Adding MAC OUI and LLDP TLV Matching Entries for more information.
    • Locally modified port profiles are overridden if their names match the global settings and are already applied to the related regular switch configuration profile.
    • Support has been added for ICX 8100 and ICX 8100-X switch models. You can select these models from the ICX 8100 family list, including variants such as 24, 48, 24P, 48P, 48PF, C08PF, C16P, and their “–X” versions. Once selected, the available configuration parameters are displayed dynamically based on the model.
    • An ICX port profile is supported on the following RUCKUS ICX model families: ICX 7550, ICX 7650, ICX 7850, ICX 8200, and ICX 8100. For detailed information, refer to the RUCKUS FastIron Management Configuration Guide.

    The Add Port Profile dialog box is displayed to configure the following settings:
    1. Select one or more RUCKUS ICX switch families and the required models on the Select Models page, and then click Next.
    2. Select one or more ICX port profiles from the drop-down list on the Port Profiles page, and then click Add to assign them to the selected switch models.
    The selected ICX port profiles are associated with the profile.

    Note:

    • After completing the remaining steps of the Add Switch Configuration Profile wizard, you will have to apply the ICX port profile to individual ports on a per-switch basis (refer to Editing a Switch Port for details). Subsequently, you can view the list of ICX port profiles assigned to a specific switch by clicking the Port Profiles sub-tab on the Overview tab for the switch.
    • Updates to an ICX port profile are automatically applied to all the switch ports that are using it.
17. Click Next to proceed to the Trusted Ports tab.
    The page displays the Switches and Stacks sub‑tabs.
    Note: The Trusted Ports tab appears only if IPv4 DHCP Snooping or ARP Inspection toggle switches are enabled on the VLAN tab.

    

18. On the Trusted Ports tab, click Please Select.. on the Switches sub-tab.
    The Select Ports By Model dialog box is displayed, defaulting to the Select Model tab.

    Note: Since the Model is already selected, the Family and Model are read-only.
    1. Select up to four ports that should be treated as trusted ports for the selected switch model.
       Note: For stacked switches, Trusted Ports are configured on each unit based on the unit’s switch model. Port numbers are automatically expanded to include the unit number in the stack.
    2. Click Apply to apply the trusted port configuration for the selected switch model.
       The selected ports are marked as trusted ports for the specified switch model and are displayed on the Trusted Ports page.
    3. (Optional) Click Add Model if your deployment includes different switch models or if you did not define switch ports on the Ports page in the wizard. Each switch uses the trusted ports configured for its model. Select the required switch Family and Model on the Select Ports by Model page, click Next, select up to four Trusted Ports, then click Add.
    4. (Optional) To modify trusted ports for an existing model entry, select the model and click Edit.
    5. (Optional) To remove a model, select the model and click Delete.
19. On the Trusted Ports tab, click Please Select.. on the Stacks sub-tab.

    The Select The Model Family dialog box is displayed. The dialog displays units based on a standardized 48‑port template.

    1. Configure trusted ports for each listed unit.
       All units are displayed one below the other. Configure at least one trusted port per stack if DHCP Snooping or ARP Inspection is enabled.
       • Select one or more ports from the Trusted Ports drop‑down list.

         The Selected Ports field displays the chosen ports for that unit.

         Trusted port availability depends on the switch family template. If a switch in the stack has fewer ports, the trusted ports are applied only to ports that physically exist on that device.

         The Trusted Ports configuration panel displays the selected units and available ports.

         

    2. Repeat trusted port selection for additional units, if needed.
    3. Click Apply.
       The selected ports are marked as trusted ports for the configured family and are displayed on the Trusted Ports page.
    4. (Optional) To modify trusted ports for an existing family entry, select the family and click Edit.
    5. (Optional) To remove a family entry, select the family, and click Delete.
       Note: If an untagged port associated with a trusted port is removed, the trusted port assignment may also be removed automatically. To delete an entire trusted port unit in the Stacks sub‑tab, you must first remove all untagged ports assigned to that unit.
20. Click Next to proceed to the Venues tab.
    The Venues page is displayed.

    

    • (Optional) Toggle the Apply profile updates to existing switches switch on to apply the profile to both existing switches and newly installed Greenfield switches, or toggle it off to apply the profile only to newly installed Greenfield switches. For more information, refer to Apply Switch Configuration Profile Changes.
    • Select one or more checkboxes in the Venues column, and then click Activate, or toggle the switch in the Activated column on to activate the switch configuration profile for the selected venues.
21. Click Next to proceed to the Summary tab.
    The Summary page is displayed.

    

22. Review the Summary page.
    Note: The Summary page displays a limited preview of configuration details. VLANs are shown up to a maximum of 20 entries, Port Profiles up to 3 models, ACLs up to 10 entries, Venues up to 10 entries, and the Profile changes apply to list shows up to 25 switches.

    Note: Additionally, the page includes Switches and Stacks sub‑tabs in the Profile changes apply to section.

    Note: When configuration exists in the Stacks sub‑tab, stack‑based settings are applied. If no settings are defined in the Stacks sub‑tab, RUCKUS One uses the model‑based configuration from the Switches sub‑tab.
23. Click Add to add the switch configuration profile.
    A confirmation message is displayed indicating that proceeding with the profile update will result in the configuration being updated on existing switches shown on the Summary page. Click Proceed.

    The switch configuration profile is added on the Configuration Profiles page.

24. Select the checkbox next to the Profile Name to display the Edit and Delete options.
25. (Optional) Click Edit if you want to modify the configuration profile.

    While editing the switch configuration profile:

    1. Navigate through each tab (for example, VLANs, Ports, ACLs, Port Profiles, or Venues), select the required entry using the radio button, and then click Edit or Delete to modify or remove the configuration.

       If no entry exists, use the available option on the page to create a new entry.

    2. Review the Summary page.
       • The Added, Changed, and Removed change summary counters appear only when configuration differences exist; if there are no changes, these counters are not shown.
       • (Optional) Click the numeric count next to Added, Changed, or Removed to open the Change Log sidebar, which includes the Added, Changed, and Removed tabs listing the corresponding configuration changes.

         Additionally, the Profile changes apply to section includes both Switches and Stacks sub‑tabs. These tabs show which standalone switches or stack units will receive the updated configuration. If no changes apply to either type, the tab displays None.

         

    3. Save the edited profile.
       Note: A confirmation dialog appears only if the Apply profile updates to existing switches option is enabled on the Venues page and the changes affect one or more existing switches.

       Note: If trusted ports are updated and the Apply profile updates to existing switches option is enabled, then when the profile is saved, the changes are automatically applied to all units in the switch stack.
26. (Optional) Click Delete to remove the configuration profile.