jingaling
asked on
Setting up new 3com Wireless Network in Large Corporate Bldg
More of a planning question here. I am in charge of setting up a multiple AP (we already have a few #com 8750 AP's) or Antenna alternative wireless network in a 500+ user environment. Essentially, I would like some advice on setting up the AP's, and\or Antenna's to have seemless roaming access to the same SSID's without having to change anything on the laptops. The bldg is narrow and straight with multiple walls and more than 5 AP\Antenna will have to be used. All machines are running winXP, some SP2, some SP1. So onto the question.
What is the best hardware to buy?
What Security should be set? (right now, we have Shared\WEP with MAC filtering)
If we use WEP with MAC filtering, I don't really want to add 200 users to each AP, is there another way?
Thanks,
What is the best hardware to buy?
What Security should be set? (right now, we have Shared\WEP with MAC filtering)
If we use WEP with MAC filtering, I don't really want to add 200 users to each AP, is there another way?
Thanks,
JFrederick29
Cisco Aironet 1200's are really nice, I have had great success with them but if you are already using 3Com you will probably want to stick with the same model to keep everything standard. Centralized authentication using a RADIUS server is probably the way to go. All clients will authenticate to the RADIUS server and all administration is performed on the RADIUS server easing adminstration. Hopefully the 3Com's you are using have support for RADIUS, I know the Cisco Aironet's do.
ASKER
The 3com supports Radius, however, I don't have any experience with it. If I use RADIUS, what security will be enabled to protect the WLAN?
RADIUS will be used for authentication purposes, you will still need encryption to protect your wireless data from being intercepted. You could use WEP encryption but you may want to look into using WPA instead to complement RADIUS authentication.
http://www.weca.net/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf
http://www.weca.net/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf
ASKER
Pardon my ignorance for the subject, but will the RADIUS server have to be in a certain area, or can we put it with the rest of the servers? Also, is there an easy way to encrypt data without MAC filtering on every AP?
RADIUS is a protocol, you can use IAS on a new or existing Windows server. RADIUS provides authentication so you really don't need to use MAC filtering. If you go the RADIUS method, don't even bother with MAC filtering.
http://www.microsoft.com/windows2000/technologies/communications/ias/
http://www.microsoft.com/windows2000/technologies/communications/ias/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.