We are in the process of implementing canopy 2.4 at a new location. We are starting with 3 2.4 integrated APs (60 deg, but according to moto engineers will work to feed 360 degree) to a cmm micro, fed by a Tranzeo 5.8 BH, servicing a rural area. We are mounted about 200’ on a grain elevator.
We have the prizm 30 day trial, we havent installed it yet so we can test without it before we start the 30 days.
Currently we manage our system on paper, through SNMPc, Telnet sessions, an Excel database, Netenforcer, and memory. This worked at one point but we are looking into better implementations.
The first question I have is how to limit unauthorized access without Prizm. There is no ESSID or WEP key, or anything of the sort that I see in the documentation we are able to get. Basically how do we stop some kid from ebaying a SM, Going to ARIN to get our IP Range, getting on our network and downloading “reasearch information for school” on our network, worse yet, how do we stop him from monkeying around on our internal network, without Prizm.
The second is regarding Public and Private IPs, I am not understanding how these radios work in respect to addressing. With NAT and its internal DHCP it seems like they would funcion as a router, so could we safely put a routable IP on the outside and connect their PC to the POE inside. calling it a day, eliminating the router we currently provide? It would be nice to be able to eliminate that router since we currently preconfigure them with static IPs in the shop. If putting a public address on the radio wont work, are we able to have the radio hand out a public IP to a router set to accept DHCP on the WAN side, so we can send out default routers to customers. (we currently have alot of issues with customers buying wireless routers and hooking them into our router (or trying to replace our router) and losing connectivity causing tech support calls. If they could go out and buy a wireless router off the shelf and hook it up direct to the POE that would be great.
Third, the helpful customer. I like it when customers take initiative to troubleshoot a problem, but I foresee them connecting to powered side of the POE int their PC or router, even though it is labeled. Anyone have any advice on avoiding that, and if they do it, does it actually hurt anything?
Fourth, grounding. My bosses have found that grounding seems to hurt more than it helps at times. On the customer side, from what I have been able to gather, it seems using the surge suppressor rarely seems to work without causing problems. (note, we do zero electical for customers, so bonding their panel to our ground is not an option) What is considered best practice from a realistic standpoint on the customer premise? We have a hard enough time getting them to ground their outlets for our alvarion equipment, so other than contractual protection, theyre not likely to resolve any issue on their side.
And on the AP side, we are grounding the APs to the Structure (top and bottom of the shielding will be grounded to the structure) Our backhaul and UPS are going through the Motorola surge supressor. The CMM Micro will be grounded. We will bond the ground from the outlet providing location power to our ground as well to shunt any variatin between their ground and ours around our equipment. Everything is bonded to a copper ground rod we placed. Are we hurting anything, helping anything, or just wasting copper? (note: we arent using transtectors in this application since they cost more than the access points)
Fifth (and final for now) back to the network. We use SNMPc, and we like it for the most part. How much control over the units do we acually have (since we never got the Lab testing completed we never got to the point of integrating it, we had problems loading the MIBS as well). Right nowm through SNMPc we can control most every aspect of alvarion equipment we need to, with an occasional double click to a telnet session. Without Prizm, is there real SNMP Management capability or is this a propietary issue that will just ruquire a bullet bite and the bosses to write another check?
Thanks for any input any of you have, I really do appreciate it.
Read the Canopy System Release 8 User Guide. You’ll find answers there.