Announcement

Collapse
No announcement yet.

New Wireless Network

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • New Wireless Network


    Can anyone give me any advice on setting up a wireless network for my company. This is not something we currently use for all staff but we have now been told we need to have one in place.

    My current setup is a Netgear RangeMax WPN824 router with a hand full of users connected to it which was set up by someone else. The router gets moved around constantly as the signal strength is rubbish and can’t get through the floor to the other side of the building.

    We would have IPads, iphones, laptops & Blackberries connected to it. The requirements would be:

    As much security as possible
    Need to have a way of locking the access down via MAC address
    The signal needs to be encrypted with at least AES 256Bit (WPA2) or higher

    I have a Lynksys WRT54GL router at home with tomato firmware on there which I have been told can act as a repeater or bridge which should do the trick but I have also been told the file sharing on this setup is problematic.

    I’d rather get something in place which is solid as it’s for business purposes.

    Can anyone suggest any equipment or guides which might help me

    Finally – The crappy Netgear we were using had just died so there is a sense of urgency as the MD uses an Ipad (no erthernet port)

  • #2
    Re: New Wireless Network

    We use the Cisco WAP4410N: http://www.newegg.com/Product/Produc...-pla-_-NA-_-NA

    It has the security you are looking for, and the ability to add repeaters. The best part is the price.

    Comment


    • #3
      Re: New Wireless Network

      When your finished playing with that Cisco toy, go for a true business class device.

      http://www.ampedwireless.com/products/ap600ex.html
      "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

      Comment


      • #4
        Re: New Wireless Network

        For the love of all that is properly engineered and consistently managed, please do not use consumer wireless access points. No, DD-WRT or Tomato will not make you happy either. I've been there and tried to implement wireless networks with DD-WRT. It is a maze of twisty passages all alike - and by "all alike" I mean "all made of lava and hypodermic needles lusting to collapse on you". DD-WRT's documentation is in the form of a wiki that is one part lore, one part mythology and one part basilar-type migraine. The firmware itself is spotty in its reliability - would you rely on something that has a feature called "Keep Alive" that is merely a scheduled reboot option?! Some features just don't work like you would expect them to if you're familiar with networking equipment that is actually manufactured to standards. If you log in via SSH you're presented with the most unholy shell that was ever extruded from the intestines of Tartarus, AKA BusyBox. You never know which commands will have which features available. Just try and get ntpclient to do anything useful in DD-WRT's BusyBox shell. I dare you, infidel!

        What you need is a legit, enterprise wireless network. It doesn't have to me incredibly expensive or complex. You don't necessarily need a wireless switch or dedicated appliance to manage it. What I would recommend is to look into SonicWall's wireless offerings or if you want to maybe go a bit fancier look at Xirrus's offerings. Xirrus builds the management station into their multi-antenna access points. You get heaps of bandwidth too. You don't need to go bonkers with Aruba or Meru or Cisco or... any number of other products that are intended for a larger scale deployment. Look for a product that specifically focuses on the SMB market (SonicWall) or that really helps you out with built-in enterprise management (Xirrus).

        I should also say that designing a properly functioning, reliable and secure corporate wireless network isn't exactly child's play. It takes some decent understand of wave propagation, decibel math and local laws concerning frequency and channel useage. Take some time to research 802.11 and see what you're in for. You can do it!

        If you decide to go with consumer or SOHO hardware, you'll always be at a disadvantage, IMO and IME. If you choose to drop DD-WRT onto a WAP, no matter what image or iteration, you will be struck with a meteor in your sleep. Either that or you'll spend the rest of your employment trying to mold DD-WRT into something usable. I'd take the meteor strike, personally.
        Last edited by Nonapeptide; 2nd November 2011, 20:30. Reason: Spelling and grammar
        Wesley David
        LinkedIn | Careers 2.0
        -------------------------------
        Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
        Vendor Neutral Certifications: CWNA
        Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
        Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

        Comment


        • #5
          Re: New Wireless Network

          LOL
          Truly epic post!

          I have felt the pain of DD-WRT, but I have used them in offices of less then 5 users. Otherwise I generally go watchguard, me and sonicwall just dont play nice.....
          However strictly wifi I have had alot of success with amped wifi.
          "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

          Comment


          • #6
            Re: New Wireless Network

            Thanks for the advice guys, I went with the Cisco AP's, bought x3


            My boss told me he now wants to have the wireless network in the internet Cafe as well. Can anyone give me any advise on the security of doing this?

            We currently have a heavily locked down Citrix environment for internet Cafe use which dis allows access to the rest of the network so no one can remove any files or mess teh network up.

            My plan was to set one router up, use the other as a repeater for the office wireless. Then set the remaining router up on its own network segment for the internet cafe.

            Can anyone suggest any other ways or if this might cause any security concerns?

            Comment


            • #7
              Re: New Wireless Network

              Originally posted by Deland01 View Post
              Thanks for the advice guys, I went with the Cisco AP's, bought x3. My boss told me he now wants to have the wireless network in the internet Cafe as well. Can anyone give me any advise on the security of doing this?

              We currently have a heavily locked down Citrix environment for internet Cafe use which dis allows access to the rest of the network so no one can remove any files or mess teh network up.

              My plan was to set one router up, use the other as a repeater for the office wireless. Then set the remaining router up on its own network segment for the internet cafe.

              Can anyone suggest any other ways or if this might cause any security concerns?
              I'm slightly confused about the internet cafe. When you mention that Citrix is involved with it, do you mean that you provide computers for people to work on and those computers run some kind of session on a Citrix server? So that means that you already have a wired network in the cafe that PCs are connected to? But now you want to allow people with mobile devices to connect?

              Lots more information is needed to make an informed suggestion. However, here's goes with my uninformed suggestions:

              You will be able to have multiple wireless networks on the same WAP. You can segregate the different SSIDs on different VLANs and then handle the segregation of the network traffic through your normal means (VLANs on your switches and rules on your firewall, etc.). There's no need to dedicate a WAP to the public network. Also, look into peer security on the wireless access point. I'm not sure What Cisco calls it, but there is often a feature that disallows all nodes from sending and receiving traffic from eachother but only to gateways and other authorized devices.
              Wesley David
              LinkedIn | Careers 2.0
              -------------------------------
              Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
              Vendor Neutral Certifications: CWNA
              Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
              Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

              Comment


              • #8
                Re: New Wireless Network

                I was going to throw Draytek out there - Draytek gear, in my mind, is sort of mid-way between upper consumer level and business level. It's got alot of the feature set you'd want for a small/medium business, and they are as rock solid as..well.. A rock ?

                but you've already picked one


                I also laughed at nonapeptide's comments - I've got dd-wrt on my wrt54g here.. at one point I had a permanent PPtP site-to-site vpn configured to my employer, and I no longer work there or need that.. yet for the life of me, I can't remove it.. so I'm sure it's trying to dial on an hourly basis.

                DD-WRT is better though, than standard firmware
                Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                Comment

                Working...
                X