Home AMX User Forum AMX Control Products

802.11G MVP issues with encryption?

I have been entirely unsuccessful with getting any of the new MVP panels with 802.11G to connect to an encrypted access point other than the AMX WAP. I have had a Linksys on my desk for years just for setting up MVP's, and have had 3 new ones in the last week that I could not connect with it. I had a WAP200 lying around, so I swapped it out and was fine, and thought no more of it. However, on a customer site I had similar issues with a Netgear WAP, and, on a hunch, disabled encryption. It worked fine once I did that. I strongly suspect theses panels are way too finicky with non-AMX access points.

Comments

  • I have 4 MVP-8400i panels connected with WEP128

    I have 4 MVP-8400i panels connected with WEP128 without any problems. Now if only the roaming issue could resolved.....
  • Panels are connected to non-AMX WAP's

    These are to non-amx WAP's. I believe they are to Cisco Aironet WAP's I normally use Netgear WPN802NA but have not had the chance to connect to these
  • Spire_JeffSpire_Jeff Posts: 1,917
    I might be on crack, but isn't AMX using Cisco technology in some way for their network products? This might explain the Cisco WAPs working and not the consumer based stuff.

    Just a thought,
    Jeff
  • annuelloannuello Posts: 294
    Cisco WAP

    We've got two MVP-8400s here with the 802.11g upgrade card. The card even has a Cisco logo on it. I spent about a week with our IT department (who provide the network services) configuring the system in a secure manner. It seems to work well enough:

    WPA-PSK encryption (pre-shared-key with a rolling-key algorithm, I believe)
    Hidden SSID (of course)

    We found that after setting the PSK (& perhaps the SSID) we had to reboot the MVP for the setting to take effect. That had us frustrated for a while, since the panel looked like it was trying to dynamically apply the new settings.

    One of the nice things about the new Cisco wireless system that we have here is that the WAPs only act as antennas to a central wireless manager. Going by signal strength, it is now possible for the wireless manger to use triangulation to physically locate the panels. (Yep, you upload maps into the wireless manager, and tell it where the WAPs are.) The MVPs have been locked down to only provide a link via the WAPs near the installation. If they go beyond that (and are picked up on other WAPs), notifications (SMS/pager/etc) can be sent to the appropriate people. Best of all, if the panels are ever pinched, the triangulation essentially tells us which way the thief ran, making it much quicker to review security footage, etc.

    Roger McLean
    Swinburne Uni
  • On another note, Linksys is powered by cisco. So they should be compatible. Dave, have you tried to make sure they have the latest firmware in the Access Points ? I have had this same problem with the b card in MVPs and sometimes I just have to reload the firmware in AP and it fixes all my connection issues. And it is the same scenario where it works without encryption but once I set up WEP, it dies.
  • DHawthorneDHawthorne Posts: 4,584
    If this was just a problem with the Linksys, I would have just trashed it and moved on. It's only because I had the identical issue with a Netgear WAP that I thought maybe I was seeing a pattern. And yes, I have rebooted the panel after changing settings; it's like it doesn't exist on the network at all ... can't get an IP if set for dynamic, also non-responsive (and not pingable) with a static IP as well. Yet, turn off the encryption (I've been using WEP 128), and with nothing else different, it connects immediately.

    The Netgear WAP was one of those new 802.11N models, which I turned off and forced to g/b mode. The Linksys has had its firmware upgraded within the last 12 months, but I doubt it's the most current. Unfortunately, I am too swamped right now to play around with this ... was just hoping someone could shed some light, or had seen anything similar.
  • Greetings Gentlemen
    We are in the process of reviewing the chipset being used in the AMX wireless products for compatibility in the more advanced Cisco encryption methods. I would like to ask that if you are having issues with a particular method, please give us a call. Your method specific information will greatly assist us in this evaluation.

    Thanks to you all for your observations.
  • 802.11g Nic Cards

    I have swapped out about 20 802.11b cards to the new 802.11G cards hoping to minimize dropped connections and roaming between access point issues. I have these cards all configured with WEP128 with either Netgear WPN802NA , Linksys WRT54G (I normally use this as a router only becasue the wireless is poor), Belkin PRE-N, Cisco Aironet, and AMX WAP200G WAPS. I have not tried other encryption methods. The biggest issue I have is when panels need to connect to another WAP. They will not always re-connect or will take a few minutes before the panel comes back online. I was also told by tech supoort to make sure I broadcast the SSID with using the new G cards.
  • DHawthorneDHawthorne Posts: 4,584
    robswid wrote:
    I have swapped out about 20 802.11b cards to the new 802.11G cards hoping to minimize dropped connections and roaming between access point issues. I have these cards all configured with WEP128 with either Netgear WPN802NA , Linksys WRT54G (I normally use this as a router only becasue the wireless is poor), Belkin PRE-N, Cisco Aironet, and AMX WAP200G WAPS. I have not tried other encryption methods. The biggest issue I have is when panels need to connect to another WAP. They will not always re-connect or will take a few minutes before the panel comes back online. I was also told by tech supoort to make sure I broadcast the SSID with using the new G cards.

    Aha! That might be the issue ... I always turn off SSID broadcasts. I'm quite surprised AMX tech support didn't mention this to me.
  • annuelloannuello Posts: 294
    SSID broadcast?

    I'm certain that we have SSID broadcast turned off, and it works fine for us on our G upgrade cards. In our university environment where there are many budding minds, we can not afford to let them know the SSID - that is just asking for trouble. When we set up the panels, we started with everything insecure. Once the connection was up and running, we progressively locked it down. After the PSK was working, we turned off the SSID broadcast and reconnected.

    It seems to work fine. Looking at my logs, the panels drop offline from time to time, but reconnect within 10 seconds or so. It's been running well for the past 4 months now. I would be hesitant at taking the "must broadcast SSID" suggestion as a hard and fast rule. For what it's worth, we have a dedicated SSID set asside for our AMX gear.

    Roger McLean
    Swinburne Uni
  • DarksideDarkside Posts: 345
    I notice in Dave's original post that he has 'new panels'

    Are these 8400i panels Dave?

    Reading some of the posts, it looks like, almost without exception, the card swapping that others are posting about etc is for 8400 panels not specifically 8400i panels. Surely the new 8400i panels are not being shipped with the old NICs....

    Maybe this issue (Dave's) is apparent only for the 8400i panels.

    We use most flavors of encryption on our MVPs and *always* turn the SSID off. Never seen this issue.....but....they are not 8400i panels either...

    Just a thought to throw into the mix.
  • DHawthorneDHawthorne Posts: 4,584
    Yes, these are brand-new 8400i's.
  • viningvining Posts: 4,368
    annuello wrote:
    In our university environment where there are many budding minds, we can not afford to let them know the SSID -
    Not broadcasting the SSID isn't really a deterrent to those mischievous students, they are the ones running NetStumbler or other apps and sniffers and they will see the access point regardless. It's really only protection from those who wouldn't if they could or don't have the technical skill to do anything malicious.

    I leave mine on.
Sign In or Register to comment.