wireless routers

Hello, I have 5 wireless routers that I need to configure on the same network. I need them to roam with each other.  I understand that I need to have the same SSID & security enabled on all of them, but they need to have different channels. My routers go from channel 1 to 11. How far apart should I make the channels on each router?

please & thank you
MrMayAsked:
Who is Participating?
 
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
Looks like you got some questions answered while I was away.
But regarding how you'll experience the switch from one AP to another will vary depending on AP and clients, but most likely you won't see a disconnection on client - but if you're in a Voice call you'll notice it. Youtube buffer video so you won't notice it there - only for real time communications.

Darr247 is correct in saying that radius authentication will give you preauthentication and buffering of frames and thus give you seamless transition from one AP to another.
Regarding PEAP-MsChapV2 (Which also is way safer than Pre SHared Key) - you need the following conditions to be true: (Darr247 might have mentioned some of this already)

- A NPS server with an installed computer certificate for establishing PEAP session. THis could be a public 3rd party certificate (like Thawte or DigiCert) or an internal PKI certificate. But a certificate is needed (even though I'll tell you how to do it without later (SECURITY BREACH ALERT)

- If you authenticate computers to gain access, if you need them to be connected to wireless prior to user login, all computers need to be domain joined
- If you only intend to use user authentication - you can have tablets, smartphones - as well as PCs and MACs connected, they can be domain joined, but that is optional. But you DO need a user account in the domain
- to do this all you need to do is to configure NPS role on server
- Add a 802.1X profile
- Choose which groups should gain access
- Clear all "Less Secure Authentication Methods"
- Choose Protected EAP
- Choose edit and inner method msChapV2
- finish

(short version)
to do this without PEAP (and certificate) choose less secure authentication methods and choose MsChapV2. You still use username and password, but no certificate is needed on server. BTW; MsChapV2 have been hacked (http://wire.less.dk/?p=190)
0
 
jerseysamCommented:
You should make them as far apart as is possible channel wise.

so 1,3,5,7,9,11 etc
0
 
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
Channel 1, 6 and 11 are the only one that do not overlap.
That is if you use only 20Mhz channel. IF you want 300 Mbps and 802.11n capabilities, you only have 2 channels that don't overlap.

Depending on how routers overlap, use 1 on first, 6 on the next and 11, then 1 and 6 for the last one
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Jakob DigranesSenior ConsultantCommented:
2,4Ghz channels
0
 
MrMayAuthor Commented:
thanks for the post jakob_di.  
I'm using the 22mHz channel width. Just so I'm sure on this, I don't want them to overlap? does this mean that every single time a user with a laptop moves from one area to another, he will drop in wifi and then reconnect or will he have continues connection?
0
 
Jakob DigranesSenior ConsultantCommented:
he might loose a packet or to, so if he's in a VoIP call or streaming video - they might notice this. But else this shouldn't be any problem

How many users do you expect will be using this?
Have you bought APs?
0
 
MrMayAuthor Commented:
no access points. This is a basic work wireless that started of with one wireless router and now grew into five. I have a dhcp server which distributes IPs. The wireless routers are just used for wireless. Five of them in total. I'm a bit confused on the channel range. So what would happen if I was to set up my channels as 1,3,5,7 and 11?   I understand that these channels do overlap. So if I was to start watching a YouTube video on a tablet and start walking from one end of the building to the other it would drop me off the wifi as the signal is picked up by the next router? Please explain jakob_di.
0
 
Darr247Commented:
The only way to have seamless roaming is to use WPA-enterprise or WPA2-enterprise (recommended) security having a RADIUS server checking login credentials with a database such as your domain usernames and passwords, Protected EAP (PEAP) and EAP-MSCHAP v2 authentication with Enable Fast Reconnect checked. Fast Reconnect in XPFast Reconnect in Win7
Then as you approach another AP the client will preauthenticate before disconnecting from the current AP and when the switch takes place they keep the same IP address and you won't notice when it switches from one to another.

Without using that option, when you switch APs it drops the current connection, authenticates with the new AP and gets an IP address from the DHCP server, then resumes the previous connection[s]. That produces a disconnected state for 10 to 20 seconds. Even if you use IP reservations by MAC address with the DHCP server, it still renews the lease. Using static IPs might cut the 'disconnected' time in half, but that would still be noticable if you're in the middle of watching a youtube video. (sounds dangerous walking around watching videos, by the way... haven't you seen the clips of people falling into manholes, et cetera, while walking down the street texting?)

Only channels 1, 6 and 11 should be used on the 2.4GHz band, as mentioned previously.
Here's an example of how to arrange them for full coverage Arranging 3 Channels on 2.4GHz
0
 
MrMayAuthor Commented:
Thank you for the post darr247.
Is there a forum or a website not u know of that gives instructions on how to setup a simple radius server?
0
 
Darr247Commented:
What OS is your server?
0
 
MrMayAuthor Commented:
Microsoft server 2008 (not r2)
0
 
Darr247Commented:
Well, then... try these
http://technet.microsoft.com/en-us/library/dd283093(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc731853(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc732393(v=ws.10).aspx

And you might use the Request Attention link under your original question and ask the admin to add the Windows Server 2008 topic to the question, as well... I no longer have a copy of any of the microsoft server versions from which to give step by step directions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.