I want to expand upon the previous post of the wireless setup.
When I stated that you should use the same SSID that was for the simplicity of network identification. If you have a Public and Private network make one named Private so you know when setting up the AP's that it needs to have access to all things company shared. Mark the other network Public to keep it Internet accessible only. It's all about ease of installation and documentation.
Speaking on ease of installation another thing that helps is keeping all of your devices within the same block or row on your switch. It will be easier a year down the road when you are looking at documentation when problems occur and it will be easier for everyone when you are finishing the installation and go to jack all the ports.
I've done installs where the switch had every other port configured to VOIP then every other port configured to computers and 4 ports in the left and right block dedicated to the printers with two ports configured for trunking. What a mess this makes. It is so confusing to the installers running data lines and to any future network admins reading your documentation. Before you know it you have a spaghetti mess of cables, everyone is confused and the install doesn't look professional.
Some would say a set up like that is for security purposes so if someone gets in they will not know where they are at. I agree to an extent, but really, if some hacker gets into your router/switch you failed. It wouldn't matter anyways - if they have gotten this far then they will know the difference in set up on port configurations to get to the proper devices.
Anyways enough of that stuff. Here are my recommendations for wireless AP setup:
Step 1: Test your switch by connecting into it with a cable and see if DNS, DHCP, etc... is set up correctly and you can get out to the Internet.
Step 2: Plug in your WAP and test it with any of the tools mentioned before or even your Windows Network Finder application. Verify it is running and the SSID is what you set it to.
Step 3: Do some testing with the encryption turned off. Make sure you can access file shares or what ever it is that you want the client to do when this is fully functional. This will keep things simple and easier to trouble shoot if a problem arises.
Step 4: Add PSK, WEP, or WPA authentication and connect with a simple Pre Shared Key. Check all file shares and verify Internet connectivity.
Now that you see everything works finish up and set up your AP for proper security authentication to lock it down. Finalize the network for whatever your organization will need for security and take the AP to the desired location in the building and add it to the network permanently.
Ideally you would want to do this in a lab setting, but in most cases (at least for me) it is done on the fly in a production environment after hours.
JS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment