802.11G MVP issues with encryption?
DHawthorne
Posts: 4,584
I have been entirely unsuccessful with getting any of the new MVP panels with 802.11G to connect to an encrypted access point other than the AMX WAP. I have had a Linksys on my desk for years just for setting up MVP's, and have had 3 new ones in the last week that I could not connect with it. I had a WAP200 lying around, so I swapped it out and was fine, and thought no more of it. However, on a customer site I had similar issues with a Netgear WAP, and, on a hunch, disabled encryption. It worked fine once I did that. I strongly suspect theses panels are way too finicky with non-AMX access points.
0
Comments
I have 4 MVP-8400i panels connected with WEP128 without any problems. Now if only the roaming issue could resolved.....
These are to non-amx WAP's. I believe they are to Cisco Aironet WAP's I normally use Netgear WPN802NA but have not had the chance to connect to these
Just a thought,
Jeff
We've got two MVP-8400s here with the 802.11g upgrade card. The card even has a Cisco logo on it. I spent about a week with our IT department (who provide the network services) configuring the system in a secure manner. It seems to work well enough:
WPA-PSK encryption (pre-shared-key with a rolling-key algorithm, I believe)
Hidden SSID (of course)
We found that after setting the PSK (& perhaps the SSID) we had to reboot the MVP for the setting to take effect. That had us frustrated for a while, since the panel looked like it was trying to dynamically apply the new settings.
One of the nice things about the new Cisco wireless system that we have here is that the WAPs only act as antennas to a central wireless manager. Going by signal strength, it is now possible for the wireless manger to use triangulation to physically locate the panels. (Yep, you upload maps into the wireless manager, and tell it where the WAPs are.) The MVPs have been locked down to only provide a link via the WAPs near the installation. If they go beyond that (and are picked up on other WAPs), notifications (SMS/pager/etc) can be sent to the appropriate people. Best of all, if the panels are ever pinched, the triangulation essentially tells us which way the thief ran, making it much quicker to review security footage, etc.
Roger McLean
Swinburne Uni
The Netgear WAP was one of those new 802.11N models, which I turned off and forced to g/b mode. The Linksys has had its firmware upgraded within the last 12 months, but I doubt it's the most current. Unfortunately, I am too swamped right now to play around with this ... was just hoping someone could shed some light, or had seen anything similar.
We are in the process of reviewing the chipset being used in the AMX wireless products for compatibility in the more advanced Cisco encryption methods. I would like to ask that if you are having issues with a particular method, please give us a call. Your method specific information will greatly assist us in this evaluation.
Thanks to you all for your observations.
I have swapped out about 20 802.11b cards to the new 802.11G cards hoping to minimize dropped connections and roaming between access point issues. I have these cards all configured with WEP128 with either Netgear WPN802NA , Linksys WRT54G (I normally use this as a router only becasue the wireless is poor), Belkin PRE-N, Cisco Aironet, and AMX WAP200G WAPS. I have not tried other encryption methods. The biggest issue I have is when panels need to connect to another WAP. They will not always re-connect or will take a few minutes before the panel comes back online. I was also told by tech supoort to make sure I broadcast the SSID with using the new G cards.
Aha! That might be the issue ... I always turn off SSID broadcasts. I'm quite surprised AMX tech support didn't mention this to me.
I'm certain that we have SSID broadcast turned off, and it works fine for us on our G upgrade cards. In our university environment where there are many budding minds, we can not afford to let them know the SSID - that is just asking for trouble. When we set up the panels, we started with everything insecure. Once the connection was up and running, we progressively locked it down. After the PSK was working, we turned off the SSID broadcast and reconnected.
It seems to work fine. Looking at my logs, the panels drop offline from time to time, but reconnect within 10 seconds or so. It's been running well for the past 4 months now. I would be hesitant at taking the "must broadcast SSID" suggestion as a hard and fast rule. For what it's worth, we have a dedicated SSID set asside for our AMX gear.
Roger McLean
Swinburne Uni
Are these 8400i panels Dave?
Reading some of the posts, it looks like, almost without exception, the card swapping that others are posting about etc is for 8400 panels not specifically 8400i panels. Surely the new 8400i panels are not being shipped with the old NICs....
Maybe this issue (Dave's) is apparent only for the 8400i panels.
We use most flavors of encryption on our MVPs and *always* turn the SSID off. Never seen this issue.....but....they are not 8400i panels either...
Just a thought to throw into the mix.
I leave mine on.