Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Wireless Solutions with Cisco expert Sri Sundaralingham. Sri is a Technical Marketing Engineer for the Wireless Networking Business Unit at Cisco, Sri has extensive customer contact and is responsible for developing and marketing enterprise and carrier networking solutions using Cisco Aironet Series of wireless Local Area Network (LAN) products. Feel free to post any questions relating to Wireless Solutions. Remember to use the rating system to let Sri know if youve received an adequate response.
Sri might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through February 28. Visit this forum often to view responses to your questions and the questions of other community members.
Can you give more information about the roaming activity between Cisco radius and other WISP or Hot Spots, like iPass, for example?
How is technically the roaming is done?
Are you asking how hand-off is done between two different Public-Wireless LAN service providers? Are you concerned with 802.11 roaming only?
If the answer is yes to both of the above questions, currently this is dependent on the service providers. That is a service provider would have to integrate with others (authentication, billing, etc) in order to enable this. And yes, Cisco RADIUS server could be part of this solution.
Yes, I am searching on the roaming between two different Hotspots. If have a WLAN which is based on the Aironet AP1100 and using the Cisco Secure Server for Authentication and wants to integrate with other HotSpots that have different type of Authentication Server or/and Access Points. What is the procedure to handle the roaming between the two Hotspots? Do you have any case study that describe the roaming procedures and what type of additional software / Hardware we need?
Also, I am interested in the Authentication proccess with the GSM HLR, because we are a GSM Operator in different countries and we want to benifet from the integration between the WLAN (Hotspots) and the GSM in order to gain more revenue. I know that Cisco has the ITP solution, Do you have any case study that describe the above integration?
Thanks in advance
the user tries to login or pull up a web page. That event is trapped by the NAS. The NAS authenticates (lets say it uses RADIUS). The authenticate request is interceded by a RADIUS proxy server. The realm is gleaned from the userId@realm. And the realm string is used to redirect the authentication to the correct RADIUS server. From that time forward request reply messages go through the proxy.
There was a wireless connection between a omni directional antenna and a yagi antenna with Aironet 350 series bridge. It was working fine for more than four months. Unfortunately, it started giving us problem. It was going up aand down was not stable. The distance between two points is less than one kilometer. We tried to change all the equipments but failed . Also we tried those equipments from another working place, they were working fine.
So, the problem is why the same equipments are not working now when they were before from the vary same points ?
Please provide me the complete information and detailed answer to this problem.
Thanks and Regards
It seems from your trouble shooting exercise that the equipment is functioning ok. So, the problem could be due to the following reasons:
=> Possible obstruction to your bridged link (maybe a tree, new building, etc)
=> Possible interference (could be due to a neighbour's wireless link)
We suggest the following for further trouble-shooting:
=> From the the non-Root bridge, run the carrier test
=> From the the non-Root bridge, run the antenna alignment test
Both of the above tests will help you evaluate signal strenght, signal quality, and any interference on the 802.11 channels.
Good question. It depends on few factors, for example:
=> What type of applications do you plan to support? Are these low bandwidth consuming (ex: web browsing, email) or are they high-bandwidth intensive (ex: streaming video)?
=> Average and Peak bandwidth requirement per user?
Keep in mind that useable bandwidth per 802.11b radio is 6-6.5 Mbps and 802.11a radio is 20-24 Mbps. In the past, we have recommended 20-25 users per AP for 802.11b deployments. Hope this helps.
Some of my users want to use Dell laptops with the TrueMobile Mini-PCI WLAN card installed, running Windows XP. What WLAN security features would I forfeit, in this scenario, by not having all Cisco client adapters ?
With Windows XP, you should have the option to use EAP-TLS or PEAP for WLAN user authentication. So, you should be able to deploy TLS/or PEAP with dynamic WEP. Ideally, you should deploy TLS/or PEAP with Cisco TKIP (available only with Cisco NIC cards). But, TLS/or PEAP with dynamic WEP is a good start. You should contact the vendor for TrueMobile Mini-PCI to find out if they plan to support Wi-Fi Protected Access (WPA). Ideally, you should migrate to TLS/or PEAP with WPA once WPA is available. Hope this helps.
Can you expand a little bit more on the intended purpose of this setup? Is this to be used for rogue AP detection?
Upon follow-up discussion with a collegue of mine, mini-PCI card does not have external connectors to be used to connect to an external antenna. So the anwer is no, this is not possible.
On-line documentation is usually a good place to start ---
Specifically, take a look at:
Sri,please clarify this issue for me - scenario,central site with 3 satellite sites
omni bridge at central - 2 satellite sites are long way from central site so run at 2meg - the third site is close so CAN run at 11 meg - can you have 2 sites running with 2 meg links and one at 11 meg ALL running off the same central bridge with an omni directional antenna - I have asked this question in an open seminar and received conflicting replies
Yes, this is supported as long the root-bridge is configured to allow these data rates --- by default it should be configured to allow 1, 2, 5.5, and 11 Mbps data-rates. Note, this works similary for in-door deployments using APs as well --- clients with multiple data rates are allowed to communicate with an AP as long as the AP is configured to allow multiple data rates.
When do you expect Cisco to ship WPA? How likely is it that 340 and older equipment will not support WPA?
Will Cisco ever support WDS?
Chief Wireless Architect
Blue Modal, Inc
We are in the process of incorporating WPA support and are actively testing with multiple vendors... Once this is finalized, we intend to ship this (expect to see it within the next 3-4 months). Please note that we already support and are shipping Cisco TKIP (which includes per-packet keying and MIC support along with Broadcast key rotation) plus 802.1X/EAP support for protocols such as LEAP, EAP-TLS, and PEAP (this supported on all of our platforms including AP1200, AP1100, AP350, and AP340).
As far as WDS support, no concrete plans yet.
How should we caculate how many APs we should use? For example, 1120b cover range is 45m indoor, so I think only one AP is enough in a 1200 square metre floor, but I was told you had better place 3 or more APs here, of course, more is better. I know may indoor things like walls, furniture reduce the cover rang. So I want to know if there are some rules that tell us how to caculat?
Good question; I had previously answered a similar question on this discussion forum as to how many users per AP. Similarly, in order to determine number of APs per location, you need to consider the following factors:
1) What is the total number of users?
2) What applications to be supported over Wireless LAN? What is the desired BW per User? (keep in mind that useable bandwidth per 802.11b Access Point is about 6-6.5 Mbps)
3) What's the project growth as far as number of users?
In the past, we have recommended 20-25 users per AP for a typical WLAN rollout (for supporting applications such as email and web browsing over WLAN). Also, when you place multiple APs per location, make sure to do a site-survey and control power-levels/and limit data-rates of the APs to minimize co-channel interference.
Thanks, Sri. The number of users is really a very important thing. But I also want to ask something about cover range. For example, there are just 20 users who use wireless, but maybe thay can move form this room to another room. the total floor is just 1200 square meters. Because there are so many small rooms, not a very open big house.
I want to find how to caculate APs in such condition. I was told you couldn't believe the cover range like 45 m that was writen in books, best way is having a test before you order.
My question concerns roaming and load balancing. I am doing a site survey
for a large university building. The client requires wireless coverage in
all student areas. The bid specification requires that the signal be in the
"good" area of the link test. They also specified the 1200 series access
point and are using both the "a" and "b" standard. The original design was
to have an access point in each class or lab to handle the load. I found
that if I set the "a" radio to 5 or 10 mw and restricted data rate to 54mbps
I could keep the signal in the "good" range within the classroom. The "b"
radio is set to 1 mw and data restricted to 11 mbps. and the "good" cell
covers a room on either side of the access point. What I am finding is that
depending on what standard I am testing, I can walk 2 to 3 rooms away and
still stay connected at the high data rate. Signal strength can be in the
poor area, but signal quality is always in the higher end of "good" to
"excellent". It appears that roaming depends on signal quality to be "poor"
before it looks for a new access point. Will load balancing help to maintain
an even load, and what qualities or properties does it look at to determine
when to look for a better access point to associate with?
Good question indeed. Today, we roam based on number of parameters such as signal strength, number of 802.11 retries (which corresponds to signal quality), etc. When you were doing this roaming test, did you have a continuous data transfer (such as FTP/TFTP transfer) in process? Usually, the client has to relay on number of 802.11 retries as the basis for measuring the quality of the radio signal... Please retest (with an active data transfer) and let me know if this forces the client to re-associate with the nearest AP.
I have been running the test using the active link test in the site survey tool. As I mentioned, I would associate to the first AP, walk several rooms down -( past another AP), and still stay connected to the original AP. I had data rates locked at the highest speed only so it did not drop data rates. Overall link status was poor because signal strength was at about 15 but signal quality was excellent and reading about 90 on the site survey tool. The test was set to run 100 packets at the default size. I can see in a normal situation, as long as I got a good quality signal, I would stay associated to the original AP. In a classroom situation, I feel it is more important to balance the load among available AP's. This is why I am trying to find out what criteria load balancing uses to associate clients with different AP's. Thanks for your help.
How to get via SNMP the traffic and signal strength of associated devices?
By viewing the web interface of the 1200, it lists the "To Station" and "From Station" number of packets (and errors, etc.). So that indicates there are counters tracking traffic for each.
What is the SNMP OID to retrieve this via SNMP so that we don't have to manually look up each associated device via the web page?
Also, there is the listing for signal strength, what's the OID to retrieve that via SNMP as well?
I've tried looking through the MIB 12.01T file, but it's very daunting when I do not know what variable(s) exactly I'm looking for.
Is there a way to configure 350 Bridges so there are multiple root bridges in one wireless network? In our configuration the bridges are mobile and there is a possibility that any of the bridges may leave the network.
Currently, the design/implementation restriction is only one root-Bridge is allowed per P2MP bridged network. However, if there are more than one Root Bridge available, the non-Root bridges should be able to connect to a secondary root-Bridge (when the primary Root-Bridge moves out of the coverage area) as long as all the root-Bridges are configured similary (same SSID, encryption settings, etc)... Is this the case?
All the bridges will be configured the same (SSID, encryption settings, ect.).
I am still not clear on the primary/secondary Root bridge configuration. Will the secondary Root bridge be operational when the primary root bridge is in the coverage area? Or, will the secondary be in a "standby" mode and become operational only after the primary is no longer reachable?