ProSoundWeb Community

Please login or register.

Login with username, password and session length
Advanced search  

Pages: [1] 2  All   Go Down

Author Topic: Inconsistent Wifi access  (Read 6303 times)

Stephen Swaffer

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2245
Inconsistent Wifi access
« on: August 11, 2014, 09:53:18 pm »

Our pastor likes to use Keynote with either an iPhone or iPad to control the presentation, lately we have been having trouble getting devices to talk even though they appear to be on the same network.  Short on time to get the setup done, I had another member help but I think I am going to have to dig in and get it fixed.  I would prefer a stand alone network for media, but for various reasons I think we will wind up on the church network.  We have a wireless router in the office, but to get better wifi in the auditorium we added another router that he setup as a WAP.  He said all he had to do was use the same network name?

When I use inSSIDer, I find two networks with our SSID a belkin and a Netgear-the 2 "routers".  My Android device shows one network with our SSID and Apple devices show a network with our SSID and a second called "our SSID".media.

This shouldn't be difficult, but I don't understand what I am seeing.  I am a newbie at using multiple WAPs and with Apple products-and I usually only get hands on with the Apple stuff for a few minutes before the service when we are in a full court press to get it up and running.  I am not even sure our setup "should" work?



   
Logged
Steve Swaffer

Cailen Waddell

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1428
Re: Inconsistent Wifi access
« Reply #1 on: August 11, 2014, 11:57:02 pm »

So to completely over simplify it,   A wireless home router has 3 parts,

The router which is like the air traffic controller, identifying devices and deciding what goes to who

A switch, which let's multiple wired devices connect to the network

A WAP, or wireless access point which allows devices to connect wirelessly to the network

A network only needs one router, but can have multiple WAPs and switches.  One of your two wireless routers needs to be 'in charge' and the other needs to follow.  In order to do that, one router should have its wan port connected to the lan port of the in charge router.   The follower router should also be put into bridge mode. 

This allows all devices on the network to see eachother. 


Unfortunately, you'll probably run into a bigger problem. When everyone in the congregation shows up and all of their cell phones try to access the wireless in the sanctuary, your small home office routers will probably get overwhelmed.  They will not be able to handle the number of connection requests and could kick your pastors iPad off.  The solution is a network just for production, with a password and hidden ssid.  Usually operating in 5 ghz mode only (if your pastor has a new enough iPad to do 5ghz)
Logged

Stephen Swaffer

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2245
Re: Inconsistent Wifi access
« Reply #2 on: August 12, 2014, 12:40:29 pm »


Unfortunately, you'll probably run into a bigger problem. When everyone in the congregation shows up and all of their cell phones try to access the wireless in the sanctuary, your small home office routers will probably get overwhelmed.  They will not be able to handle the number of connection requests and could kick your pastors iPad off.  The solution is a network just for production, with a password and hidden ssid.  Usually operating in 5 ghz mode only (if your pastor has a new enough iPad to do 5ghz)

We use Line 6 wireless mics, so I have been wanting to get to 5ghz Wifi anyway-inSSIDer sees a bunch of 2.4 ghz wifis-most disappear when mics are turned on (no doubt just interference). 
If a device-my ASUS or pastor's iPad has 5 ghz capability will there be a setup screen for it?  inSSIDer allows me to look at 5 ghz, of course, but it is not seeing anything making me wonder if my ASUS has 5 ghz capability.

Network is password protected already.  If SSID is hidden, will that help avoid connection requests?  My original setup-5 years ago or so-used a hidden SSID.  When that router died, I was not asked to setup the new one and the SSID was not hidden on the new setup.  I can get that changed, but it will help if it is not "my idea".

So, I found specs and my ASUS does not do 5 Ghz-and the .media SSID was a 5 Ghz. One mystery solved.  I logged into the router and found 25 devices logged in=many by people with less reason to be on there than myself, since I did not have the wireless password, I assumed it was closely held.  Guess not!

Unfortunately, "home routers" don't seem to play well with other devices.  No "bridge mode".  One does do a WAP, the other only allows a "repeater" function.

I plan to follow Cailen's advice and push for a production network.  The 2.4 Ghz and 5 Ghz on the two "routers" have different SSIDs.  Does that equal separate networks?
« Last Edit: August 17, 2014, 11:20:24 pm by Stephen Swaffer »
Logged
Steve Swaffer

Jonathan Johnson

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2999
  • Southwest Washington (state, not DC)
Re: Inconsistent Wifi access
« Reply #3 on: August 20, 2014, 05:11:28 pm »

A network only needs one router, but can have multiple WAPs and switches...

Cailen's on the right track. However, I'd recommend that the second router (the one in the auditorium) be wired with a cable from the LAN side of the office router (which I'm assuming is the main router that connects the LAN to the Internet) to the LAN -- not the WAN/Internet -- side of the auditorium router.

To set up the auditorium router, give it a LAN IP address on your local network (but not the same IP as the office router! The last octet must be unique). Set up the WAN interface as DHCP, and leave it disconnected. Set the wireless network settings (SSID, security mode, passphrase) the same on both routers for convenient roaming, but make sure the channels do not overlap. Also be sure to disable the DHCP server on this router.

I've used this configuration many times. It works, but it's definitely not a strong, commercial/production network. It's a cheap way of implementing a second WAP in a network; inexpensive routers are cheaper than dedicated WAPs.

* * * * *

There are a few issues with WiFi that are easily overlooked.

First is that a WAP (Wireless Access Point) acts kind of like a simplex hub, not a duplex switch. For example, if your wireless network allows 54 Mbps, that bandwidth is shared among ALL WiFi devices attached to that WAP. A switch may allow gigabit speeds on each port, but the "switch fabric" or backplane provides for much greater speeds. So ports 1 and 2 can talk to each other while ports 3 and 4 talk to each other at the same time at gigabit duplex speeds. So the effective load on the backplane of the switch can be 4 gigabit in that instance. (A 48-port enterprise grade gigabit switch may have a switch fabric capacity of 100Gbps, even though each port is only capable of duplex gigabit speeds.) In a 54 Mbps wireless network, if devices A and B are talking, A can send packets to B at 54 Mbps. But if C and D want to talk at the same time as A and B are talking, each can be limited to half of that, as the TOTAL speed the WiFi "backplane" can handle is 54 Mbps. If you've got a bazillion devices on your WiFi, the performance between any two devices can go to zilch.

The second issue is that if you use the same SSID on all of your WAPs, there's not really any way to control which WAP your devices connect to. Most of the time they will connect to the strongest signal, but I've seen where a device will connect to WAP A (because it's strongest at the time), then the device can be moved to mere inches from WAP B, but it remains connected to WAP A because the signal from WAP A hasn't dropped below the threshold which will trigger renegotiation.

The third issue is that renegotiation when you move from WAP to WAP can result in several seconds of downtime. This is especially true if your WAPs are different brands. Some WAPs support roaming better than others. Two brands that support roaming very well are Ubiquiti UniFi and SonicWall -- they will share authentication with each other so when you are authenticated with one it doesn't require reauthentication when you roam to a different WAP. (The Ubiquiti UniFi is much more affordable than the SonicWall SonicPoints, which require a SonicWall firewall to act as a controller.) There are other brands as well, but these are the two that I have experience with.

(EDIT: Clarified brand name. Unifi is a series of products made by Ubiquiti Networks.)
« Last Edit: August 21, 2014, 12:39:11 am by Jonathan Johnson »
Logged
Stop confusing the issue with facts and logic!

Jonathan Johnson

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2999
  • Southwest Washington (state, not DC)
Re: Inconsistent Wifi access
« Reply #4 on: August 20, 2014, 05:21:54 pm »

There are a few issues with WiFi that are easily overlooked...

One more: many WiFi routers and WAPs now have a security feature that prevents wireless devices from communicating with each other (often called "client isolation"). You will need to turn this feature off if you need WiFi devices to communicate with each other. Some routers also have a "guest" mode that only allows the WiFi clients access to the Internet; they block traffic between WiFi devices and other wired devices on the LAN.
Logged
Stop confusing the issue with facts and logic!

Stephen Swaffer

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2245
Re: Inconsistent Wifi access
« Reply #5 on: August 20, 2014, 08:28:35 pm »

I understand networking basics-wired networks are easy.  Wireless-and especially wireless roaming is where things get fuzzy-and I don't have the hands on experience to make things fly right.

If I understand correctly, I have three options.

1.  The cheap WAP Jonathan suggests.

2.  A commercial/business class network with a router in the office to internet and a WAP.  Ballpark pricing on this?  I can look at audio gear and discern pro vs consumer, but not sure here.

3.  Would a dedicated production WiFi router make sense-using the WAN to our wired network for internet access?  I don't think signing into a dedicated network for "production" would be a big deal might even be a plus as a step that says "we are now ready to go live."

Pros/cons?
Logged
Steve Swaffer

Scott Holtzman

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 5590
  • Ghost AV - Avon Lake, OH
    • Ghost Audio Visual Systems, LLC
Re: Inconsistent Wifi access
« Reply #6 on: August 20, 2014, 10:38:07 pm »

I understand networking basics-wired networks are easy.  Wireless-and especially wireless roaming is where things get fuzzy-and I don't have the hands on experience to make things fly right.

If I understand correctly, I have three options.

1.  The cheap WAP Jonathan suggests.

2.  A commercial/business class network with a router in the office to internet and a WAP.  Ballpark pricing on this?  I can look at audio gear and discern pro vs consumer, but not sure here.

3.  Would a dedicated production WiFi router make sense-using the WAN to our wired network for internet access?  I don't think signing into a dedicated network for "production" would be a big deal might even be a plus as a step that says "we are now ready to go live."

Pros/cons?

Couple of things.  The double NAT of the second access point (if you could turn off NAT all the better) will mess up access to streaming and other real time apps on the Internet side of the equation.

Take a look at the ubiquity gear.  It supports roaming, multiple VLAN's and is surprisingly affordable.

Each wireless network and each VLAN needs to be in it's own subnet.  You need a router/firewall on the Internet connection and an interior router to get between the inside networks.  For the budget conscious a used Cisco 2811 is more than enough router for inter-Vlan traffic and has two Gig E. ports.

If you can hook up the cables a consultant can remote into a laptop with some type of WAN wireless (cellurlar) and config from the console ports until the network is up.  That way you save the expense of an engineer to set it up.

Have you seen if you have an network engineer in the congregation (not a jack of all trades IT trunk slammer)?  I know in my church I not only get to install/configure and maintain the equipment I also donate it!

Logged
Scott AKA "Skyking" Holtzman
River Delta Audio is now:

Ghost Audio Visual Solutions, LLC
Cleveland OH
www.ghostav.rocks

Jonathan Johnson

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2999
  • Southwest Washington (state, not DC)
Re: Inconsistent Wifi access
« Reply #7 on: August 21, 2014, 12:51:45 am »

The double NAT of the second access point (if you could turn off NAT all the better) will mess up access to streaming and other real time apps on the Internet side of the equation.

Configured the way I suggested, there is no NAT layer to worry about in the second router. Configured with the WAN port of the second router connected to the LAN there would be unless you disable NAT and set routing up properly. However, you'd have two separate subnets, so should not use the same SSID. Using the same SSID and security settings would result in clunky if not unworkable roaming.

The way I've set things up for many of my customers is a Sonicwall (the TZ 105 is an affordable model that can be purchased for less than $300) as the main firewall, then Ubiquiti UniFi access points. The SonicWall is very configurable, though there is somewhat of a learning curve to understand the way it works. Typically I set up the WiFi in a separate subnet/security zone from the LAN, so the customer can grant guests Internet access. I've never messed with VLANs on these, but I imagine you could set up the UniFi with multiple WiFi networks on different VLANs, and use the SonicWall to grant access to the wired LAN for one WiFi network but not the other. Maybe.

The SonicWall does let you create multiple subnets on its multiple interfaces. Each port is a separate interface, which can be configured either as discrete interfaces or as a switch.

Ultimately, the most secure firewall is the one that you understand the best. If you're a Cisco guy, then go for Cisco gear. If you're a Juniper guy, go for Juniper. I like Sonicwall, because I've learned how they work and I understand them the best.
Logged
Stop confusing the issue with facts and logic!

Scott Holtzman

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 5590
  • Ghost AV - Avon Lake, OH
    • Ghost Audio Visual Systems, LLC
Re: Inconsistent Wifi access
« Reply #8 on: August 21, 2014, 01:12:39 am »

Configured the way I suggested, there is no NAT layer to worry about in the second router. Configured with the WAN port of the second router connected to the LAN there would be unless you disable NAT and set routing up properly. However, you'd have two separate subnets, so should not use the same SSID. Using the same SSID and security settings would result in clunky if not unworkable roaming.

The way I've set things up for many of my customers is a Sonicwall (the TZ 105 is an affordable model that can be purchased for less than $300) as the main firewall, then Ubiquiti UniFi access points. The SonicWall is very configurable, though there is somewhat of a learning curve to understand the way it works. Typically I set up the WiFi in a separate subnet/security zone from the LAN, so the customer can grant guests Internet access. I've never messed with VLANs on these, but I imagine you could set up the UniFi with multiple WiFi networks on different VLANs, and use the SonicWall to grant access to the wired LAN for one WiFi network but not the other. Maybe.

The SonicWall does let you create multiple subnets on its multiple interfaces. Each port is a separate interface, which can be configured either as discrete interfaces or as a switch.

Ultimately, the most secure firewall is the one that you understand the best. If you're a Cisco guy, then go for Cisco gear. If you're a Juniper guy, go for Juniper. I like Sonicwall, because I've learned how they work and I understand them the best.

I was a Cisco guy, for a long time, however the past 5 years I jumped to the Juniper side of the street.  There are technical reasons but it really got down to how Cisco treats customers and resellers.  I prefer my vendor to be my partner not also my competitor.  Juniper knows the meaning of partner.

Sonicwall I run from at full speed.  Won't even work on a network that uses one.  Just too many issues with VoIP.  Yes, you can get them to work but it should not be that hard. 

This is also way off thread.

I thought that the Sonicwall would act as a wireless controller and support roaming?  I have never worked a venue large enough I could not cover with one AP so I can't comment.

I know that I can hold a voice call on my Android phone with a SIP client as I roam between the two Engenius AP's on the same SSID at my house.

I did have to run the Zone Controller software from a VM that could be an inconvenience for the venue.  The software controls access and fast handoff among other things.

Logged
Scott AKA "Skyking" Holtzman
River Delta Audio is now:

Ghost Audio Visual Solutions, LLC
Cleveland OH
www.ghostav.rocks

Tim Padrick

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 909
  • Indianapolis
    • T.P. Audio
Re: Inconsistent Wifi access
« Reply #9 on: August 24, 2014, 01:25:29 am »

This network is comprised of home grade routers (no bridge function).  The connections are all LAN port.  http://padrick.net/LiveSound/TheaterNetwork.htm
Logged

ProSoundWeb Community

Re: Inconsistent Wifi access
« Reply #9 on: August 24, 2014, 01:25:29 am »


Pages: [1] 2  All   Go Up
 



Page created in 0.057 seconds with 24 queries.