Wireless Connectivity Problems w/WPA
One of our small business clients' networks has SBS 2003 (which is the DHCP server), a Cisco Catalyst 2960 Ethernet switch, and some wireless clients--some Dell (and a Sony) laptops and a Silex CWG-6700 wireless/USB print server.
Regardless of which wireless access point we use (we've tried both a cheap Linksys WAP54G and a more robust Cisco AP1121G), when security is configured to use WPA, none of the wireless clients can consistently maintain or even reliably obtain a wireless connection to the network. The wireless net is detected, but often no IP address can be acquired ("Limited or no connectivity"--as though the encryption key wasn't entered correctly, but we know it was, in part 'cuz the issue is intermittent). Even after an IP and good connection have been acquired, they are randomly lost.
HOWEVER, if we use WEP for security, all problems disappear; all clients obtain IPs with no problem and maintain good, uninterrupted network connectivity, rock-solid.
I've done my share of Googling and understand that WPA involves more complicated communication than WEP and can be tricky, but I haven't found anything that gave me an "aha!" moment or revealed some basic thing that I don't understand about how to use WPA. All of our wireless devices and adapters are relatively new, with up-to-date drivers installed; they can all do WPA. And they're various vendors' devices--Dell, Sony, Linksys, Cisco, Silex--all having exactly the same problems when WPA is used, all working perfectly when WEP is used.
I did find some suggestions, which I haven't tried yet:
--Use AES instead of TKIP
--Use fewer/more characters in WPA key
--Let WAP device auto-generate WPA key (FWIW, the WPA key we were using was a simple ten-character sting of numbers.)
Can anyone explain why we can't get a stable wireless network using WPA, and what I should do to make it work properly?
Regardless of which wireless access point we use (we've tried both a cheap Linksys WAP54G and a more robust Cisco AP1121G), when security is configured to use WPA, none of the wireless clients can consistently maintain or even reliably obtain a wireless connection to the network. The wireless net is detected, but often no IP address can be acquired ("Limited or no connectivity"--as though the encryption key wasn't entered correctly, but we know it was, in part 'cuz the issue is intermittent). Even after an IP and good connection have been acquired, they are randomly lost.
HOWEVER, if we use WEP for security, all problems disappear; all clients obtain IPs with no problem and maintain good, uninterrupted network connectivity, rock-solid.
I've done my share of Googling and understand that WPA involves more complicated communication than WEP and can be tricky, but I haven't found anything that gave me an "aha!" moment or revealed some basic thing that I don't understand about how to use WPA. All of our wireless devices and adapters are relatively new, with up-to-date drivers installed; they can all do WPA. And they're various vendors' devices--Dell, Sony, Linksys, Cisco, Silex--all having exactly the same problems when WPA is used, all working perfectly when WEP is used.
I did find some suggestions, which I haven't tried yet:
--Use AES instead of TKIP
--Use fewer/more characters in WPA key
--Let WAP device auto-generate WPA key (FWIW, the WPA key we were using was a simple ten-character sting of numbers.)
Can anyone explain why we can't get a stable wireless network using WPA, and what I should do to make it work properly?
2PiFL
I would look at the clients, are they XP? If so, are they at least at SP2?
ASKER
Sorry, I should have said. Yes, of course, they're XP Pro 2. We don't do Vista ;-)
Did you try broadcasting the ssid vs not?
ASKER
SSID is broadcast.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Danf0x and Wolfhere (do you guys know each other? ;-) -- thanks for your thoughts. Yes, many variables....
1. Range/strength doesn't appear to be an issue in our small space;
2. Key refresh rate, makes sense, but I gather there's no setting that makes it NOT be a problem (?). I mean, does this fundamentally make WPA unstable?
3. Windows vs. proprietary supplicant: I feel better now about our practice of always using the Windows wireless client, not the Dell or whatever other utility came with the adapter. Among other things, as you point out, it removes one variable from the puzzle.
4. SP3: This seems promising...but my own laptop is SP3 and suffer from similar issues on that customer's wireless network, although less frequently. But what about the Silex box, whose precise OS and wireless suplicant specs I can't do anything about?
5. B/G: Interesting; at the moment I don't remember how things are set, but on my next assault, perhaps I'll make sure all clients AND the AP are set to G-only and see what happens.
The next assault probably won't be 'til next week some time. I'll leave the question open and give you at least one update before closing. Thx again.
1. Range/strength doesn't appear to be an issue in our small space;
2. Key refresh rate, makes sense, but I gather there's no setting that makes it NOT be a problem (?). I mean, does this fundamentally make WPA unstable?
3. Windows vs. proprietary supplicant: I feel better now about our practice of always using the Windows wireless client, not the Dell or whatever other utility came with the adapter. Among other things, as you point out, it removes one variable from the puzzle.
4. SP3: This seems promising...but my own laptop is SP3 and suffer from similar issues on that customer's wireless network, although less frequently. But what about the Silex box, whose precise OS and wireless suplicant specs I can't do anything about?
5. B/G: Interesting; at the moment I don't remember how things are set, but on my next assault, perhaps I'll make sure all clients AND the AP are set to G-only and see what happens.
The next assault probably won't be 'til next week some time. I'll leave the question open and give you at least one update before closing. Thx again.
ASKER
Gentlemen: Sorry for long delay. Using the "Carrier Busy" test on our new Cisco Aironet 1100 WAP, we determined that there was crazy radio interference on lots of channels. Since we don't have a $4000 spectrum analyzer to figure out where the interference is coming from, we just did our best to pick the channels that seemed to have the least of it, and we seem to have had good luck with that. In fact, with the Cisco WAP on channel 5, we put the little Linksys WAP54g on channel 11--and now the wireless clients are jumping right onto the Linksys WAP and staying connected.