The school I work at used three WiFi Access Points (APs) when I first arrived. Two of these were very well provisioned with large external antennae and the third was located on a desk in the server room/admin. office. I could see that things were going to have to be improved just a bit!
The first thing I noticed with the configuration for these APs was the fact that they were all broadcasting on differnet network names (SSIDs). This means that if you ‘roam’ around the campus with your laptop or other WiFi device like a tablet or smartphone, you will have to manually choose to connect to the ‘different’ network name (SSID). So, after double checking my theory was correct and changing a dodgy old cable to one of the Access Points, I went ahead and made the necessary changes to make our network ‘roaming’. These are the steps:
- Log into each AP (usually using it’s web interface) and change the SSID to whatever you want all of them to use, make sure you have spelling and capitalisation of letters noted down correctly
- Make sure you’re using a different channel for each AP (or at least no overlap – see the next section for more information on this)
- Make sure the password is noted down and is exactly the same in its spelling for each AP
Once this is done, you should be able to move from the range of one AP to another without having to reconnect. It may momentarily stop as you reconnect via a different AP, but I’ve found this works flawlessly. Some people report problems with accessing network resources after they roam, but I have not experienced this from users at my workplace.
Getting this to work at the school was another landmark moment for me, but sadly, as is the way with most things an IT administrator does, very few people even notice it! I guess that’s a good thing, you know you’re doing well when your only support call out is about changing margins in a Word document <moan>ever heard of Google guys?</moan>.
Well, there are yet more things to consider when setting up your WiFi, especially when it comes to signal…
Signal – you need an inSSIDer
There’s an excellent tutorial by Andrew Hollister on a blog post here which helps illustrate what software you need and what channels are best for you. The main thing you will need is the excellent inSSIDer from metageek.com.
If you don’t want to download the software and are using Windows 7 or Vista, you can use the following:
- Click the Start button
- In the Search Programs and Files box type ‘cmd’
- At the command line type the following:
netsh wlan show networks mode=bssid
You should now be presented with a list of all of the available WiFi networks within range of your laptops Wi-Fi adapter. So, this kind of testing is best done from where you have or anticipate to place your WiFi AP. Basically, try and see which of the networks on channel 1, 6 or 11 have really strong signal in that area, then choose the appropriate channel for your AP. Remember, when setting up multiple APs with overlap, they cannot use the same channel. This is where things get complicated, because not only are you trying to use just one of three channels, you’re also avoiding neighbouring Wi-Fi networks as well as avoiding clashing channels within your own network! A bit of logical thinking and the use of something like inSSIDer will help get through this with minimum fuss though.
Where to locate your Access Points?
In my experience, the higher the AP is mounted the better, it provides the best LOS (Line Of Sight) to it’s users with minimum interruption. In the school’s case, by having the APs located at the same height as the ceiling of the ground floor, we’re able to provide signal to both floors. I don’t want to take credit for this, that belongs to the IT administrator who installed that bit of the school network. Sadly, a roof has been built over one of these units, so I had to install a 4th AP at the far end of the building from the server room, but this has added coverage to an area that was already pretty weak anyway so it had to happen sooner or later!
To PoE or not to PoE?
Remember when locating your APs to think about whether the device has Power over Ethernet (PoE), and if so, how far a cable length can it run down (i.e. what power is the PoE injector), if it’s not PoE, where are you going to get your mains current from that high up on a wall or ceiling? There are some prety nifty ‘smoke alarm’ style APs now, which offer PoE and can be ceiling mounted, so all of the LAN cables can run above the ceiling boards – perfect! I’d recommend PoE if you can get it, but I have a feeling (please, correct me if I’m wrong) that if you’re using an external antenna, that PoE won’t be able to use it to it’s full potential (depending on how big the antenna is and how powerful a PoE injector your AP can use).
If someone wants to hack your network, with enough time they’ll be able to crack it. However, you may notice them sitting outside your house or business for hours at a time!
I personally like to use WPA2-PSK – the PSK stands for Pre-Shared Key meaning a password you can tell people to give them access to your Wi-Fi. If you’re going to use this, then scheduling a password change is a good way to make sure disgruntled ex-employees cannot tap in the way they used to (this obviously if you’re using BYOD – Bring Your Own Device).
Another thing you can do using a hardware firewall like Smoothwall is set up your Wi-Fi network on a seperate subnet. This means restrictions can be placed on what computers connecting by Wi-Fi can access (in terms of network resources like file shares and network printers). Unfortunately, my workplace currently doesn’t have the resources to do this, but as Wi-Fi is for use by staff only, it’s not become a problem.
Machines from different countries
OK, so this could probably go in the signal section, but this is more for troubleshooting than anything else. Some of the users at my school were unable to connect to the WiFi in certain areas. Unfortunately, I had used the channel 13 which is fine to do here in Thailand, but when looking through the drivers for the machine in question, I realised that depending on what region your machine was manufactured for will affect what signals it can use. The best bet is to stick to channels 1-11, and as demonstrated in the excellent guide by Andrew Hollister, stick to channels 1, 6 or 11 if they are viable!
Well, that’s about it for this post – but if anybody has anything to expand on the above, please add it to the discussion below! I know I didn’t mention the different bandwidths for the newer versions of WiFi, but I prefer to talk about the stuff I have firsthand knowledge in. I imagine, though, that things will perform better outside of the 2.4GHz range, purely because it’s less busy, but for how long? As for performance, my experience with WiFi is that it’s great for accessing the internet and small stuff over a local network (when there is a small users base), maybe even torrenting and the like at home, but for real sharing of large data and for accessing large network resources with many users, nothing beats good old 10/100/1000 Ethernet.
If we’re talking about gaming, then avoid WiFi like the plague – extra latency is bad! This is why my Xbox 360 Slim uses ethernet only – in Thailand any extra latency is just adding insult to injury!