Solved

wireless routers

Posted on 2013-01-09
12
272 Views
Last Modified: 2013-01-25
Hello, I have 5 wireless routers that I need to configure on the same network. I need them to roam with each other.  I understand that I need to have the same SSID & security enabled on all of them, but they need to have different channels. My routers go from channel 1 to 11. How far apart should I make the channels on each router?

please & thank you
0
Comment
Question by:MrMay
  • 4
  • 4
  • 3
  • +1
12 Comments
 
LVL 15

Expert Comment

by:jerseysam
ID: 38758898
You should make them as far apart as is possible channel wise.

so 1,3,5,7,9,11 etc
0
 
LVL 20

Assisted Solution

by:Jakob Digranes
Jakob Digranes earned 500 total points
ID: 38758958
Channel 1, 6 and 11 are the only one that do not overlap.
That is if you use only 20Mhz channel. IF you want 300 Mbps and 802.11n capabilities, you only have 2 channels that don't overlap.

Depending on how routers overlap, use 1 on first, 6 on the next and 11, then 1 and 6 for the last one
0
 
LVL 20

Expert Comment

by:Jakob Digranes
ID: 38758970
2,4Ghz channels
0
 

Author Comment

by:MrMay
ID: 38758984
thanks for the post jakob_di.  
I'm using the 22mHz channel width. Just so I'm sure on this, I don't want them to overlap? does this mean that every single time a user with a laptop moves from one area to another, he will drop in wifi and then reconnect or will he have continues connection?
0
 
LVL 20

Expert Comment

by:Jakob Digranes
ID: 38759024
he might loose a packet or to, so if he's in a VoIP call or streaming video - they might notice this. But else this shouldn't be any problem

How many users do you expect will be using this?
Have you bought APs?
0
 

Author Comment

by:MrMay
ID: 38759052
no access points. This is a basic work wireless that started of with one wireless router and now grew into five. I have a dhcp server which distributes IPs. The wireless routers are just used for wireless. Five of them in total. I'm a bit confused on the channel range. So what would happen if I was to set up my channels as 1,3,5,7 and 11?   I understand that these channels do overlap. So if I was to start watching a YouTube video on a tablet and start walking from one end of the building to the other it would drop me off the wifi as the signal is picked up by the next router? Please explain jakob_di.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 44

Expert Comment

by:Darr247
ID: 38759835
The only way to have seamless roaming is to use WPA-enterprise or WPA2-enterprise (recommended) security having a RADIUS server checking login credentials with a database such as your domain usernames and passwords, Protected EAP (PEAP) and EAP-MSCHAP v2 authentication with Enable Fast Reconnect checked. Fast Reconnect in XPFast Reconnect in Win7
Then as you approach another AP the client will preauthenticate before disconnecting from the current AP and when the switch takes place they keep the same IP address and you won't notice when it switches from one to another.

Without using that option, when you switch APs it drops the current connection, authenticates with the new AP and gets an IP address from the DHCP server, then resumes the previous connection[s]. That produces a disconnected state for 10 to 20 seconds. Even if you use IP reservations by MAC address with the DHCP server, it still renews the lease. Using static IPs might cut the 'disconnected' time in half, but that would still be noticable if you're in the middle of watching a youtube video. (sounds dangerous walking around watching videos, by the way... haven't you seen the clips of people falling into manholes, et cetera, while walking down the street texting?)

Only channels 1, 6 and 11 should be used on the 2.4GHz band, as mentioned previously.
Here's an example of how to arrange them for full coverage Arranging 3 Channels on 2.4GHz
0
 

Author Comment

by:MrMay
ID: 38759888
Thank you for the post darr247.
Is there a forum or a website not u know of that gives instructions on how to setup a simple radius server?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 38759916
What OS is your server?
0
 

Author Comment

by:MrMay
ID: 38759961
Microsoft server 2008 (not r2)
0
 
LVL 44

Expert Comment

by:Darr247
ID: 38761079
Well, then... try these
http://technet.microsoft.com/en-us/library/dd283093(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc731853(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc732393(v=ws.10).aspx

And you might use the Request Attention link under your original question and ask the admin to add the Windows Server 2008 topic to the question, as well... I no longer have a copy of any of the microsoft server versions from which to give step by step directions.
0
 
LVL 20

Accepted Solution

by:
Jakob Digranes earned 500 total points
ID: 38762111
Looks like you got some questions answered while I was away.
But regarding how you'll experience the switch from one AP to another will vary depending on AP and clients, but most likely you won't see a disconnection on client - but if you're in a Voice call you'll notice it. Youtube buffer video so you won't notice it there - only for real time communications.

Darr247 is correct in saying that radius authentication will give you preauthentication and buffering of frames and thus give you seamless transition from one AP to another.
Regarding PEAP-MsChapV2 (Which also is way safer than Pre SHared Key) - you need the following conditions to be true: (Darr247 might have mentioned some of this already)

- A NPS server with an installed computer certificate for establishing PEAP session. THis could be a public 3rd party certificate (like Thawte or DigiCert) or an internal PKI certificate. But a certificate is needed (even though I'll tell you how to do it without later (SECURITY BREACH ALERT)

- If you authenticate computers to gain access, if you need them to be connected to wireless prior to user login, all computers need to be domain joined
- If you only intend to use user authentication - you can have tablets, smartphones - as well as PCs and MACs connected, they can be domain joined, but that is optional. But you DO need a user account in the domain
- to do this all you need to do is to configure NPS role on server
- Add a 802.1X profile
- Choose which groups should gain access
- Clear all "Less Secure Authentication Methods"
- Choose Protected EAP
- Choose edit and inner method msChapV2
- finish

(short version)
to do this without PEAP (and certificate) choose less secure authentication methods and choose MsChapV2. You still use username and password, but no certificate is needed on server. BTW; MsChapV2 have been hacked (http://wire.less.dk/?p=190)
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now