Wireless LANs
A Case Study of
Baylor University’s
Wireless Network
Copyright Bob Hartland 2002 This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.
How are we using Wireless?
Roaming Network Access
Point-to-Point Connectivity
Point-to-Multipoint Connectivity
Wireless Applications
Library Loaner Laptops
EBIC
MBA and EMBA
ResNet access for dorms that are difficult to wire
Mobil network access
Connecting small remote facilities to LAN
Wireless Network Growth
Currently 60 access points installed
Projected to have 210 installed access points by Fall 2002
Access Point Installation
Site Survey
2 lines to every location
Power supplied over ethernet cable
Configure AP with proper channel separation
Document – location, coverage area, channel
Wireless Troubleshooting Tools
Access Point management tools
Wireless sniffers
Spectrum analyzers
Documentation
Wireless Test Stations
Wireless Usage Policies
Wireless falls under Computer Usage Policy
Baylor Air-Space Policy for 2.4GHz spectrum
Wireless Network Practices
Firewall blocks connection attempts from the Internet to Wireless hosts
Firewall requires user authentication before allowing access to campus LAN and Internet
Centralized logging server for authentication information
Wireless Authentication -Current Design
Client application
NetAuth
DHCP server
Firewall
RADIUS server
LDAP
Centralized logging
Problems with Current Design
Password is passed in clear text
Maintaining client application for wide range of Operating Systems (Palm Os, Linux, Windows CE…)
Limitations in customizing the firewall’s authentication mechanisms
Modular Design creates configuration issues and multiple points of failure
Needs:
Replace DHCP server, firewall, and client with one device – Wireless Firewall Gateway (WFG)
Took a solution described by a NASA white paper then expanded and customized.
http://www.nas.nasa.gov/Groups/Networks/Projects/Wireless/index.html
The WFG solution addresses the following issues:
Clear text password
Holes in existing solution if a client uses a static IP and/or a falsified MAC address
No client application to maintain – only requirement is a secure web browser
Less expensive to maintain hardware/software
Highly customizable
Contributors:
Bob Hartland
Director for IT Servers and Network Services
Baylor University
254-710-2711
Scott Day
• Cori Rhodes
• Jon Allen
Speaker: Technical:
Support Issues
Wide variety of platforms
Non-standard personal machines and cards
Maintaining 200+ access points
Troubleshooting a mobile device
Wireless become default for accessing resources
Air-Space Policy Key Points:
Describe what the policy covers (include reference to FCC documentation) We are concerned with the 2.4GHz range used by 802.11b
Explain why policy is needed
Only way to help guarantee a reliable wireless network.
State that Baylor will conduct regular scans for interference
Prevents redistribution of Baylor’s network
List sanctions or consequences
Students dealt with through the student policies
Work with faculty/staff to eliminate interference
Wireless Test Stations
Guarantee one functional access point
Troubleshooting steps for user to walk through
Near a phone for phone support if necessary
Organizational Chart
D ata N etw ork Telephone Broadband V ideo IT Servers
Bob H artlandD ire c to r o f IT S e rve rs a n d N e tw ork in g S e rv ices
D r. R eagan R am sow erC IO
M r. D avid B rooksC F O
D r. R obert S loanP re sid e n t