cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19006
Views
0
Helpful
11
Replies

Setting Minimum RSSI threshold for client connections

luisandreoni
Level 1
Level 1

Hi,

We are deploying a new wireless network for guest users of private lounges at airports, using a 5508 WLC and 3501 AP’s. The SSID uses open L2 authentication with a web auth passthrough login splash page.

We require preventing people outside these private areas to connect to the SSID, and we would like to do so by only allowing clients to connect if they exceeed the minimum RSSI guaranteed in the private areas (i.e. prevent connections below a certain level, such as -70dB). We tried to configure this by settings several parameters, for example the “Minimum RSSI” under “Client Roaming” without achieving the desired effect.

Can a minimum RSSI be set up so clients would not connect unless they receive the minimum specified signal level? If so, can anyone please advise how to set this up?

Many thanks in advance for your expert advise…

Regards

Luis A

11 Replies 11

Leo Laohoo
Hall of Fame
Hall of Fame

I doubt if this is do-able.

My reasoning is because not all wireless NIC are the same.  I mean put two or three laptops (of different Wireless NIC) 20 metres in front of you and RSSI signals will be different.  It ain't foolproof.

If you only want clients INSIDE the passenger lounge room to have access to the wireless then Lobby Administration is the only way to go.  This means you have a dedicated staff trained to create a temporary username/password for each passenger.  With the correct scripting, you can have the time of passenger X to be INSIDE the time he has before his flight boards.  In other words, if my flight leaves in 90 minutes, I don't want my access to be 2 hours, right?

George Stefanick
VIP Alumni
VIP Alumni

One way is to disable the LOWER phy rates. This will cause users to get closer to the AP while increasing their RSSI.

Make sense?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Just to add I this... Also lower the tx power.

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Thanks everyone for the quick replies.

Unfortunately setting username and passwords have been discarded as an option since they want to make it easier to travellers. Lowering power levels is what we are trying as a workaround, but even doing so leaks some signal to the public areas.

Looking forward to more ideas

Cheers,

Lower the PHY rate ... 1 meg PHY rates travel VERY far. If you disable 1,2,5,11,-- all the way up to 24 or so .. you will need to be right on top of the AP. 20 feet or so..

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

This one is an idea (but costly):  Faraday cage (aka Faraday mesh or Faraday shield)

If installed correctly, your wireless signal will be inside the four walls (don't know if you have those glass doors but if you do ...).

Out of curiousity, WHY did you purchase 3501 instead of 3502?

I mean 3501 means it only has 802.11b radio.  And 802.11b is long range and high penetration rates compared to 802.11a radio.

Lower the PHY rate ... 1 meg PHY rates travel VERY far. If you disable 1,2,5,11,-- all the way up to 24 or so .. you will need to be right on top of the AP. 20 feet or so..

What about clients with old portable devices?  That's a risk.

LOL... Or WiFI Paint

http://www.my80211.com/home/2009/10/25/wifi-security-paint-are-you-kidding-me-lol.html

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

LOL... Or WiFI Paint

Cool!

Time to get off 802.11b .. "Friends dont let friends use 802.11b"

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Time to get off 802.11b .. "Friends dont let friends use 802.11b"

Or do what one of our wifi "designers" designed:  Lower the bandwidth to 256 k

That way NO ONE will use the internet.  As to what the entire wireless design was for if the project was to follow this, he responded, "The boss wants wireless, he gets one.  He didn't specify that he expects people to USE the wireless.".

Saravanan Lakshmanan
Cisco Employee
Cisco Employee

unfortunately, what you're looking for is an RF/layer-1 firewall and it is not available on WLC. If coverage hole enabled on WLC, it traps to show those unintended clients at the public area are suffering to get good signal

disadvantage with open security and or webauth. any wifi enabled device crosses the public area would grab an ip, it could drain your dhcp pool. be sure to keep large dhcp pool or lower dhcp lease time.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: