I am interested in buying a commercial-grade access point for a WLAN solution for our office (about 50 wireless users, single floor, several labs with groups of people). The access point will be connected to a box with pfSense running on it. A little investigation showed the following products as possible candidates:
[1] 3Com® Wireless LAN Managed Access Point 2750 / 3CRWX275075A
formatting link
[2] 3Com® Wireless 7760 11a/b/g PoE Access Point / 3CRWE776075
formatting link
Questions:
would I be able to use the PoE functionality if I connect to a PC with pfSense? Does it have to be a 3Com switch on the other side?
I was trying to find differences between the products -- [2] supports WDS, can run in SuperG mode. They are both similarly priced. Is there any major feature in one which is not in the other?
I am also looking for feedback on either of these products or any other commercial grade AccessPoints.
I'm not sure a single access point will be sufficient for 50 users. IT really depends on what they're doing and how much traffic you're expecting. If this is a "wired ethernet replacement" system, methinks you'll have quite a bit of wireless to wireless traffic, which might be a problem.
Ok, a M0n0wall mutation. Good choice. I assume it's already running.
Almost anything that claims 802.3af PoE compliance should work. It does not need to be a 3com switch.
That being said, there are a few traps out there. One is that there are a few Class zero PoE injectors that are nothing more than a power supply and a big resistor. It's difficult to tell what's inside and many vendors do not list which class levels or power output they deliver.
Methinks something like:
formatting link
formatting link
formatting link
(etc...)
*MIGHT* work, but the data sheets are seriously lacking. I couldn't find a stand alone, single port PoE injector from 3com, so they're apparently pushing their switches. You're not going to blow up anything by experimenting with different injectors, so for $30 to $50, it's probably safe to experiment (Learn by Destroying).
There are different power ratings for PoE named Class 0 through Class
The 3com data sheet and trash can filler didn't bother mentioning which class level their AP's require or how much power their AP's burn, so I can't tell for sure how fancy a PoE injector is required. Call 3scum pre-sales support and pry it out of them.
With 50 users, you're going to have performance problems. WDS is going to slow everything down. I suggest you run the wires and not use WDS. Super-G, Afterburner, and Turbo-G are useful only at fairly short ranges. Are you sure you actually need any of these?
Suggestions:
Unless you're hiding all 50 of your users behind the M0n0wall, it's overkill, especially if you already have an existing router. Sounds like you already have PFSense installed, which should work.
Stay away from the exotic 802.11 enhancements. 802.11g is good enough. MIMO is better but is currently not standardized and will probably create future compatibility issues.
One access point is not enough for 50 full time users. You mumbled something about a "lab". My experience with one biotech lab is that they do real time video over wi-fi and send giant files over the network almost continuously. I think you need to do some capacity planning.
Mixing vendors is wonderful as long as you're not the one that has to maintain the system. You might look into a wireless switch system (Aruba, Symbol, etc) and something with bundled admin and monitoring tools. However, if all you want to do is tack on a few AP's to your existing M0n0wall, that's also overkill.
There is almost always a public/private WLAN issue, where visitors need to connect to the internet, but IT doesn't want them on the inside LAN. Think about AP's with multiple SSID's or possibly multiple AP's exclusively for visitors. Both 3com AP's will do this, but you should remember to make it a key part of the config.
Uzytkownik "John Smith" napisal w wiadomosci news:FKpOg.73$ snipped-for-privacy@newsfe04.lga...
formatting link
formatting link
One 3COM Access Point is not able to connect 50 users, 3COM is not good choice for WLAN. I think U sholud read about Cisco or Mikrotik RouterOS (at Routerboard or PC), but I think to connect 50 users U have to buy 2 AP or 2 mPCI cards in Mikrotik.
Thanks for your response. I have setup the network as following:
- added two WRT54G v6 routers (firmware v1.00.9) as AccessPoints using wired connections.
- divided the users among two AccessPoints depending on where they sit in the office.
- a third AP has been designated as a visitor AP with internet-only access. If one of the "employee" accesspoints went down, they will still be able to connect to this and VPN to the network.
- the number of users currently is ~ 35 and we think it will be around
50 by the end of the year. Will add another AP then.
The new setup seems to work well. I decided to not go with 3CRWX275075A or 3CRWE776075.
I do have a question about setting up the WRT54Gv6 as an AccessPoint. Here's my setup:
- Setup >> Basic Setup * Internet Connection Type: Automatic Configuration - DHCP * Router Name: UDaMan * MTU (manual): 1430 * Local IP Address: 10.100.1.4 (gateway/pfSense is 10.100.1.1 and APs are 3,4) * Subnet mask: 255.255.255.0 * Network Address Server Setting (DHCP): Disable * Time Setting: Time Zone Set
"Internet Connection Type" could be Automatic Configuration or Static. Should I choose Static? If I choose Static, I need to enter a Internet IP Address and a Local IP address, and they cannot be the same. What should I set for them?
In the Automatic Configuration, what is bothering me is that I am not entering the gateway information anywhere. While the setup is working, is that a problem?
Should UPnP be enabled?
In the Status, Current Time comes up as "Not Available". How can I ensure that it has the correct time?
The v5 and v6 mutations of the WRT54G/GS router are not the best. They tend to hang on streaming media. It's apparently a hardware issue, not software. If you see any indication of hangs during streaming media downloads, I suggest you find a replacement.
|
formatting link
That will take care of the user balanace between access points. However, it will not do any load balancing.
The Maximum MTU should be 1500 for ethernet and 1492 for PPPoE. I forgot the number for frame relay.
WEP? Why? You're going to have compatibility problems between users that insist on typing in ASCII WEP keys and Hex keys.
Firewall doesn't matter. The firewall isn't used as nothing is plugged into the WAN port.
You forgot to disable the DHCP server!!!!
See FAQ How-To at: |
formatting link
I'm not 100% sure that "AP Isolation" has to be turned off to make this work as an access point. Try turning it on to make sure there's no wireless client to wireless client connection.
Doesn't matter if (and only if) you're using the WRT54G as an access point. The "internet connection" of for the WAN (internet) port which is not used when setup as an Access Point.
That's easy. As an access point, the WRT54G is acting as a wireless bridge on ISO Layer 2. Bridges don't know anything about Layer 3 protocols such as TCP/IP. The only thing you need that has IP addresses is the managment IP address of the access point 10.100.1.xx and pointing the gateway IP to 10.100.1.1.
Disabled. It does nothing when used as an access point.
If the gateway IP eventually goes to the internet, the NTP time server should eventually find whatever time server Linksys is using. Are you blocking or filtering any ports at the main router?
I don't know. I've had to deal with a few v5 versions. They would hang all too often and had some other weird problems. At the time, DD-WRT did not work with v5 so I just returned them and bought something else. Try asking on the DD-WRT forums and see if anyone has had any success with v5 and v6.
It probably won't make any difference as the MTU is a negotiated value. 1454 is alledged the optimum value: |
formatting link
ping with the "don't fragment" flag set to test. |
formatting link
|
formatting link
't forget to subtract 28 bytes for the actual value.
30-50 users on a single ADSL line is going to be constipated. We have about 30 computers in my office complex running on one 1500/384 DSL line. It only works because the usage is erratic. If all 30 machines decided to download large medical images at once, it would be useless. I suggest you do some bandwidth testing and QoS tweaking.
WPA if possible. Anyone with a modern laptop will have WPA support. Anyone showing up with a Windoze 98/ME laptop can be told to upgrade. Recent experience showed that the few without WPA support just went to the local store and bought a more modern PCMCIA card. Those with internal wireless (MiniPCI) all had WPA support.
Again, the problem with WEP in this application is not security. It's the compatibility problem between ASCII to Hex key conversions. If you run into a few that just insist on using WEP, then setup a seperate access point just for them running at the slowest possible speed and the most restricted access. That should give them the clue.
You may have problems with PDA's and SmartPhones that only do WEP. I don't have an answer for these other than I would not expect anyone to view medical xray images on these devices.
Sorry. I missed it.
WHICH automatic configuration? The WAN (internet) connection or the LAN side. If the WAN, then it doesn't matter because the WAN port is not used in the access point configuration. If it's the LAN side, you don't need a gateway because the access point is NOT doing any routing. There's no way the access point can route packets to the internet while acting as a bridge. Therefore, you only need the IP address of the access point in order to configure and manage the access point. No gateway is required.
formatting link
"internet connection" section is the WAN connection. The "Network setup" section is the LAN section. No gateway required on the LAN side.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.