Solved

Router ruins wireless network by jamming two Cisco WAP 371 access points

Posted on 2015-02-09
9
1,168 Views
Last Modified: 2015-02-22
Dear Experts
I am not able to get a wireless network to function. Please help me understand what is going on.
I have the following hardware:
Two Cisco WAP 371 accesspoints
Cisco Small Business SG200-10FP switch with PoE
Small unmanaged DLink 4 port switch
Router from ISP. Brand not known. The internet connection is fiber and has 50Mbits up and down.

Network diagram:
Router -> Cisco Switch -> 2x Access Points

Laptops and iPhones can connect to the wireless network but speedtest failes on all devices. Sometimes it gets 0.2Mbits up and down.
If I connect to the switch using a wire then internet connection is perfect - 50Mbits both ways.
I tried to change the passwords for both SSID's (2.4 and 5 Ghz) without luck. Changed the access points login password. These two steps were made to exclude any potential hack or unwanted usage of the wireless network. No luck.
The wireless and ethernet led indicators blinks continuously.

I have take the access point to a different location and there they work perfectly. No configuration change compared to the problematic site. The laptops and iPhones works perfectly in other wireless networks.

I was thinking of noise and the I borrowed a radio frequency analyser and examined the 2.4 and 5Ghz areas. If the access points are turned off there is no signal so I excluded the possibility of noise. But when I turned on the access points there is continuous signal in the 2.4 and 5Ghz areas. I have attached an image of the 2.4 Ghz area. Normally access points only transmit when data is being transmitted. I checked my own wireless network and confirmed this.

If I disconnect the router then the RF signal disappears and the LED indicators stop blinking. If I connect the router again the RF goes up again and the LEDs start blinking.

When doing a local share on one laptop and downloading a large file from laptop 1 to laptop 2 and no router is connected then a get a transmit speed of 6-8 megabyte per second. If I connect the router then no download is possible from laptop 1 to laptop 2.

So I only conclude that the router must do something bad. I have ordered a new one.
But how can a router do this? Is there a mechanism where a router can jam a wireless network?
I am hoping that the new router fixes the problem, but I am still rather concerned.

Thank you in advance for your time and expertise.
Atb Anker
IMG-1662.JPG
0
Comment
Question by:Anker74
  • 4
  • 3
  • 2
9 Comments
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
ID: 40598473
Access points should transmit at every beacon interval (usually 100ms).

Are you saying that if you turn the router off but leave the APs on you can shift files between clients without a problem?
0
 

Author Comment

by:Anker74
ID: 40598520
Jeps.
The transmit rate between laptop 1 and laptop 2 is 6-8megabytre per second if the router is off.
If the router is on the nothing can be transmitted between the two laptops.
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 40598719
I'd parse this problem as either a networking problem - as distinct from an actual wireless/rf problem
or a wireless/rf problem.

You didn't say if the WAPs are getting their IP addresses from the router DHCP.  Are they?

The WAPs have extensive information in Status and Statistics.  What differences do you see when the router is connected / not connected?

Presumably WDS is turned off, correct?

WorkGroup Bridge mode is turned off, correct?

QoS is turned off, correct?

The WAPs are not set up as secure wired network supplicants, correct?

I have to wonder if there's an IP address conflict or a subnet mask mismatch.

From a wireless/rf point of view:

What do you see if you use something like inSSIDer on a laptop?  With and without the router involved?
I don't understand the comment that an Access Point will only transmit when there's a data transfer.  After all, the thing has to do handshaking, etc. and needs to be up all the time.  How would the first laptop connect otherwise, etc. etc.
So, there may be some misunderstanding here that would be good to clear up.
0
 

Author Comment

by:Anker74
ID: 40598754
WAPS have static IP.
Not examined: The WAPs have extensive information in Status and Statistics.  What differences do you see when the router is connected / not connected?
Yes: Presumably WDS is turned off, correct?
Yes: WorkGroup Bridge mode is turned off, correct?
Yes: QoS is turned off, correct?
Yes: The WAPs are not set up as secure wired network supplicants, correct?
If this was the problem I would it very to explain the problem: I have to wonder if there's an IP address conflict or a subnet mask mismatch.

From an RF point of view then yes there is handshaking, SSID broadcast and that kind of RF transmission, but if I use the exact same settings on my on my FieldFox to analyze RF then handshaking etc. would not explain the broad RF amplitude i.e sending massive RF continuously over the entire channel. I confirmed this a two other locations with wifi.

I have not tried inSSID, but I will try that as soon as om in site again.
Thanks
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 25

Expert Comment

by:Fred Marshall
ID: 40598869
Yes.  My concern here is that having a FieldFox may give different kinds of information (e.g. the integration time may be different) so you see things that one can't see with inSSIDer.  And, that difference in information could be confusing.  So a comparison with something that lots of folks are familiar with might be a very good idea.  That said, there's no doubt that a FieldFox would be in many ways a better instrument.  

I would be very tempted to set the WAPs for DHCP and see what happens.  You can always revert to static IPs later.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40599174
I agree with Fred; it's a TCP/IP issue rather than a wireless issue. Take it back to basics.  Configure your clients to use DHCP and test with the router on.  What happens?
0
 

Author Comment

by:Anker74
ID: 40599193
But why are are the two access points working perfectly when the APs are placed at a different location? I made no change in the APs configuration when testing the access points at the other location.
The IP address range is the same at both lo ations: 192.168.1.x / Subnet: 255.255.255.0 / Router: 192.168.1.1
Nothing fancy.
0
 
LVL 25

Accepted Solution

by:
Fred Marshall earned 250 total points
ID: 40599260
Oh ... well, that's new information.  And, your conclusion is logical.  But, for us, there are too many things we have to assume are just "OK".

So, I'd still recommend using DHCP for the WAPs until this is fixed.

Here's a simple experiment:

Insert a router between the ISP router and the LAN just for the WAPS.
Enable its DHCP.
Give it a LAN subnet of 192.168.99.0/24 ... something like that that's different from 192.168.1.0/24.
Plug the DHCP-enabled WAPs into the LAN side.
Plug the WAN into the ISP router getting its WAN address via DHCP.
Now what happens to the WAP clients with the ISP router operating and not operating?

If this works either way then it's not likely a wireless/rf problem and more likely a network addressing problem.
If it remains not working with the ISP router operating then it's more likely a wireless/rf problem.
In that latter case I'd be looking for an enabled wireless capability in the ISP router that's interfering.
Less likely would be that the ISP router is a source of unwanted rf noise.

Just a vignette: Recently I worked on a wireless problem with a single laptop in an office.  It was only a problem in the home office.  Turns out they were connecting a desktop monitor to the laptop.  The monitor and/or its cable was generating enough interference to mess up the wireless.  Hard to find...!  So maybe your test for noise wasn't "good enough"?  Just a thought.  It may not be noise in the signaling spectrum at all but, rather, some other sort of EMI.
0
 

Author Comment

by:Anker74
ID: 40624074
Hi Fred and craigbeck
Thank you very much for your responses.
I have finally been able to be onsite and examine the problem further. A friend of mine advised me to do a wireshark sniffing session and that hit the nail.
The problem was a multicast/broadcast TV signal in form of UDP packets. As soon a the router detected the TV box then the router startet the broadcast on all port on the switch. This explains why the wireless accesspoint where transmitting all the time.
The simple solution was to keep TV box in its own port of the router and the switch with accesspoint in a another port on the router.
In retrospect I did not inform about the entire network and I will remember this to next time.
Thank you again for your time.
atb Anker
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now