We are setting up an Internet connection for vendors and customers that come on our premises using a WAP 1130AG. This will be an open connection but we want to prevent or at least substantially reduce the availability to potential connections outside of our walls.
Does anyone know a method to reduce the range of the WAP? There are configuration parameters that appear to address range, but they are not very clear.
Without knowing the size of the building, composition of walls, etc, I would suggest trying different powers and checking if an average client device can see the network from outside. This will not prevent someone from pointing a strong antenna at your building and getting a connection, but it might keep out casual drivers-by.
I was thinking that the power setting might be one solution. Another one that I think might work is to remove the options for low bandwidth connections. I'm thinking that as one gets further away from the AP the bandwidth connection reduces or anyway that seems to be my experience. The last option is to not broadcast the AP and for those that we want to provide with access, give them the AP name so they can enter it into their list of APs. By error I have found that this appears to work; I still need to verify for sure, but it might be an option.
You are right, disabling lower data rates is another option as long as you are not using any legacy devices like handheld scanners that might require the 1mb data rate. Disabling broadcast SSID is good to keep people from wandering on to your network, but it is easy to find an SSID even if it is not broadcast.
One thing I usually do for guest networks is enable the highest security supported by the clients (even if it's just wep or wpa-psk). It will not keep determined hackers out, but anyone just looking for a free connection will just move next door to an open network rather than break your security.
In addition to pervious ans., the mouting method of 1130 also affect the coverage. Cisco recommend to mount 1130 on the ceiling to max. the coverage, if you mount it on the wall, the coverage will be less. You may need to use a tool to test the coverage and make it balance w/ performance.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...