Wi-Fi and the Great Spring Break Band Trip — Part One

Bus Wifi

Time for some R&R away from the office, as I volunteered to be a chaperone for 40 teenagers with my daughter’s band for their spring break trip!  (R&R with 40 teenagers?  Maybe AP microwave radiation really does affect the brain….)  Anyway, seems like you can never really get away from work when you are a Wi-Fi engineer, can you?

(BTW, we had Wi-Fi on the bus, but it sucked!  That’s a topic for another blog….)

As we were visiting a school for a combined band concert, I pulled up inSSIDer to look at the school’s Wi-Fi network and got the PSK to log into the guest SSID.   I noticed a bunch of “issues” associated with the school’s WLAN and took a quick snapshot (the SSIDs and MAC addresses have been edited for the safety and protection of the non-WLAN techs that set up this network!!).  Click on the graphic below and see if you can find the FIVE Wi-Fi problems in this WLAN (extra credit if you can come up with a sixth suggestion to make this WLAN even better):


OK class, put down your pencils.  The test is now over.  However, you can grade your own papers.  🙂

WLAN Problem #1:  Vendor vexed.  I count four vendors in this graphic.  Why on earth can’t this school select ONE vendor? (I know — Cisco now owns Meraki, but these are two different AP technologies–Meraki being cloud-based and the Cisco AP apparently an autonomous AP…)  Having more than one vendor on your enterprise WLAN is a bad, bad idea.  (Vendors do not play very nice together in a “Wi-Fi sandbox”, sadly.)

WLAN Problem #2:  Channel confusion.  I see adjacent channel interference with the APs on channels 1, 2 and 6.

WLAN Problem #3:   SSID Sickness.  I count FIVE SSIDs!  Ugh!  If you want an excellent read on the problems with SSID overhead, check out Andrew von Nagy’s outstanding blog (with Excel interactive spreadsheet):  http://www.revolutionwifi.net/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html    At the most, three SSIDs are needed (and I think you can make it work with only two, using VLANs).

WLAN Problem #4: Non-broadcast nonsense.  It does appear some of the SSIDs are not being broadcast.  That may have worked a while back as a security feature, but most enterprise WLANs now broadcast all their SSIDs to differentiate between employees and guests.

WLAN Problem #5:  Bandwidth bewilderment.  Why in the world does this SSID have 40 MHz channel bonding turned on in the 2.4 GHz band?!?!  I know that 802.11n has a 40 MHz intolerance bit that prohibits the use of 40 MHz channels in the 2.4 GHz band (CWAP Study Guide, pp 395-396), but still, there is no reason why this should be turned on.

Extra Credit:  WLAN Problem #6:  Authentication ailments.  This school no doubt has an Windows domain with active directory, so why not leverage everything that 802.1X/EAP authentication can offer?  WPA2 Personal with weak PSKs can be hacked by dictionary and brute force attacks; the strengths of 802.1X coupled with fast secure roaming would be a welcome addition to this WLAN.

I did not have time to ask about any other WLAN features of the school (cloud or hardware controllers, mobile device management, et al), but I saw enough to know that the WLAN needed some serious attention.

I personally know the band director of the school we visited and briefly mentioned the WLAN had some issues.  He said another IT person was going to be hired soon and I mentioned that I hope this new hire will come with some enterprise Wi-Fi experience!

Bottom line:  If you are studying for the CWDP exam (like me!), take some WLAN snapshots at different businesses and venues and see if you can troubleshoot the WLAN issues you encounter.  Come up with suggested fixes as though you were a consultant that had been hired to troubleshoot a poor performing WLAN.  Who knows–you might even find a WLAN that is set up correctly!  🙂

(A teaser for Part Two:  Can network performance really keep a band concert from going on?)



Filed under Uncategorized

3 responses to “Wi-Fi and the Great Spring Break Band Trip — Part One

  1. Your ‘Cisco’ AP is actually a LInksys SoHo Access Point…

    Even ‘hinting’ that hiding SSIDs is any form of security… it is NOT security, though I’ve seen some places use it to help manage customer requests. (minimize help desk calls for “How do I get on the secure Corp network?”)

  2. Pingback: Public Wi-Fi, captive portals and heartburn recovery — a MiniBlog complaint | gcatewifi

  3. Pingback: Public Wi-Fi, Captive Portals and Heartburn Recovery — a MiniBlog complaint

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s