Centralized administration of WRT54xx APs..

On Thu, 12 Apr 2007 12:44:12 +0200, Geir wrote in :

What's wrong with just connecting to their admin screens at their different IP addresses? Or are you looking for something more robust and automatic? Then why not enterprise-grade gear that features central admin and other features designed for enterprise-grade networking? I strongly advise _against_ cheap consumer-grade gear for something like that -- TANSTAAFL!

John Navas skrev:

I have 15 devices, and it's a pain to maintain config changes by logging into each one of them...

Well, the WRT54xx series aren't the 'worst' cheapo WL equipment that have been made...?

/geir

On Thu, 12 Apr 2007 18:53:48 +0200, Geir Holmavatn wrote in :

They are nonetheless consumer-grade, and (IMHO at least) unsuitable for enterprise-grade service. (The cost of dealing with consumer-grade devices in an enterprise environment will usually overwhelm the purchase cost savings. You're already running up such cost.) If you must use them, then I suggest you look into running DD-WRT firmware (if you have supported models), which may give you what you want.

John Navas skrev:

I already run DD-WRT firmware on each of them. And this is in a boarding school's dorm areas, which I do not classify as enterprise level. Nevertheless, as of the feedback here I assume that there does not exist any centralized admin solution for this range of wireless devices....?

Thanks anyway ;-)

/geir

On Thu, 12 Apr 2007 20:22:35 +0200, Geir Holmavatn wrote in :

I would, just as I would for pretty much any business that could be impacted by wireless networking issues. As the car commercial goes, "pay me now or pay me later," where later tends to be much more expensive than now.

Not that I know of.

You're welcome.

Geir Holmavatn hath wroth:

DD-WRT support SNMP (simple network management protocol). SNMP is the basis of most (not all) management systems. All of these are "centralized" in that they can be used from a central management server (for data and statistics collection) or configured from anywhere. Note that the server is most commonly runs Linux (for stability).

I suggest that you research HP OpenView, Unicenter TNG, OpenNMS, Nagios, Net-SNMP, Pandora, etc. I've used GetIF, MRTG, PRTG, RRDTool, and Nagios extensively.

(SNMP based software)

It might also be useful to become familiar with SNMP on DD-WRT:

If you just want to try SNMP, I suggest GetIF:

Lack of evidence that something exists only means your searching in the wrong place. Google returns huge numbers of hits for "network management". Incidentally, there's nothing unique about manageing a wireless system with SNMP. To the software, it's just another managed SNMP box.

Also try asking in: news:comp.dcom.net-management

You didn't bother specifying why you need central "management". Most of the features and functions can be "controlled" using the build in web based interface. Only the traffic monitoring, statistics, and data collection will require SNMP. Such data, usually in the form of graphs, is invaluable for troubleshooting and fault isolation. However, I don't see a boarding skool network running an unspecified number of access points as being sufficient large to justify a dedicated management server or workstation. My guess(tm) is that you would need about 20 or more managed boxes (AP's, switches, modems, routers, servers, etc) to justify the learning curve for a real network management system.

On Thu, 12 Apr 2007 11:49:49 -0700, Jeff Liebermann wrote in :

He specifically said (wrote) "administration". SNMP is primarily "monitoring", at least with regard to DD-WRT -- no? I'd be surprised if DD-WRT supported SNMP for the kinds of things that come to my mind with regard to "administration" (e.g., reconfiguring traffic shaping).

I'd say _may_ mean. Sometimes it may simply not exist. ;)

Or more importantly, what specific tasks are encompassed in that definition of "management".

No. SNMP can be used to write to the router, change settings, run initial setups, and do all manner of "write" type of functions. There are two SNMP community names (passwords). One for read and one for write. Also, my idea of "administration" includes fixing problems, not just monitoring. I do it all the time, mostly using GetIF 2.3.1.

Not the most user friendly, but good enough for quick tweaks.

Suprise. Go to: Administration -> Services -> SNMP Note that it show RO (read only) and RW (read write) community names (passwords).

Incidentally, SNMP is my favorite way of breaking into servers and systems. Most admins enable SNMP but leave the community names at the defaults resulting in a wide open back door (or perhaps front door). Even those that should know better manage to screw it up:

(etc...).

Yep. My idea of management is troubleshooting and traffic analysis (i.e. reports). Someone else may be into initial configuration and setup (provisioning). Others may use it for inventory control, capacity planning, resource optimization, and justifying one's job. I've done all of these and more with SNMP.

MRTG for Windoze 95, 98, and ME:

Old, but still works.

On Thu, 19 Apr 2007 02:08:44 +0100, "Forster Tuncurry" wrote in :

Consumer-grade gear tends to have both more and more serious flaws than enterprise-grade gear. One of the worst examples is the badly misnamed "DMZ" feature, a gaping security hole, not a real DMZ.

That would only be due to incompetent administration, not the enterprise-grade. Properly administered, enterprise-grade gear is far more robust and secure than consumer-grade gear.

"enterprise-grade" gear have some of the easyest flaws to exploit.

It's easyer to connect to the local gov office then the kid down the road that knows how to lock down his linksys.

Joe.

On Thu, 19 Apr 2007 03:37:37 +0100, "Forster Tuncurry" wrote in :

The value is that the enterprise gear is far more robust, reliable, secure, and capable. Not to mention better supported.

p.s. Please don't switch posting styles (top vs bottom) in mid-thread

-- it makes the thread confusing and hard to follow. Thanks.

True but Not just admin airhead moments real flaws in the gear... The kid is gonna thump the little linksys with manny times the workload and yet uptime, performance, stability, thruput... much the same, you get a few more options and a few less mods for your $. Where is the value?

J.

That recent netgear exploit has existed in enterprise gear for years but there is no mad rush to patch the security hole. Not that neatgear is any good but its support appears better in this case.

Joe.