?
Solved

Setting up new 3com Wireless Network in Large Corporate Bldg

Posted on 2004-11-02
6
Medium Priority
?
470 Views
Last Modified: 2010-04-17
More of a planning question here.  I am in charge of setting up a multiple AP (we already have a few #com 8750 AP's)  or Antenna alternative wireless network in a 500+ user environment.  Essentially, I would like some advice on setting up the AP's, and\or Antenna's to have seemless roaming access to the same SSID's without having to change anything on the laptops.  The bldg is narrow and straight with multiple walls and more than 5 AP\Antenna will have to be used. All machines are running winXP, some SP2, some SP1.  So onto the question.  

What is the best hardware to buy?

What Security should be set?  (right now, we have Shared\WEP with MAC filtering)

If we use WEP with MAC filtering, I don't really want to add 200 users to each AP, is there another way?

Thanks,

0
Comment
Question by:jingaling
  • 3
  • 2
6 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12482655
Cisco Aironet 1200's are really nice, I have had great success with them but if you are already using 3Com you will probably want to stick with the same model to keep everything standard.  Centralized authentication using a RADIUS server is probably the way to go.  All clients will authenticate to the RADIUS server and all administration is performed on the RADIUS server easing adminstration.  Hopefully the 3Com's you are using have support for RADIUS, I know the Cisco Aironet's do.
0
 

Author Comment

by:jingaling
ID: 12484446
The 3com supports Radius, however, I don't have any experience with it.  If  I use RADIUS, what security will be enabled to protect the WLAN?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12484734
RADIUS will be used for authentication purposes, you will still need encryption to protect your wireless data from being intercepted.  You could use WEP encryption but you may want to look into using WPA instead to complement RADIUS authentication.

http://www.weca.net/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:jingaling
ID: 12484894
Pardon my ignorance for the subject, but will the RADIUS server have to be in a certain area, or can we put it with the rest of the servers?  Also, is there an easy way to encrypt data without MAC filtering on every AP?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12484934
RADIUS is a protocol, you can use IAS on a new or existing Windows server.  RADIUS provides authentication so you really don't need to use MAC filtering.  If you go the RADIUS method, don't even bother with MAC filtering.

http://www.microsoft.com/windows2000/technologies/communications/ias/
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 1050 total points
ID: 12485090
MAC filtering doesn't do encryption.  All it does is require an attacker to sniff some of your client traffic to learn some accepted MACs, and configure his wireless card to use one of them.  That's not much of a hurdle.

You still want to use AT LEAST Shared\WEP, and WPA would be a better choice.

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question