Introduction
Featured Speaker
George Stefanick is a Wireless Architect employed by a large healthcare system in the Texas Medical Center. His Wi-Fi engineering experience spans nearly two decades and in that time he has provided consulting to many Fortune 500 companies in industries such as healthcare, mining, and hospitality. He maintains a popular Wi-Fi engineering community, the blog MY80211.com and he holds many vendor and vendor neutral certifications..
As a member of the Cisco Support Community, George has been awarded with a Cisco Designated VIP status, a recognition that Cisco bestows upon the most valuable and influential members of their official technical support community.
Lessons Learned Deploying an All-Wireless Office
Q: What's the difference between high density and ultra high density?
A: Ultra High Density will go beyond common client support per AP, applications like stadiums will require a better performance for APs to process requests. Optimized roaming and Rx-SOP, together with specific AP models (p series for 3700) 2800/3800 series will also provide double 5GHz radios to provide 2 different cell per AP and distribute clients into 2 different collision domains. All in a single area.
Q: What does Cisco recommends, to leave the RRM to do auto channel/power assignment or manual assignment?
A: There isn't one size fits all, you would want to use RRM when possible but you also need to design accordingly so that it can be leveraged effectively.
Q: Is it possible get the snr value through air magnet tool?
A: Yes you can, but it will be dependent on the adapter that you are using for surveying, not all of them report the noise floor.
Q: Are you running 20Mhz channels throughout the hospital?
A: You can find the answer to this question on the Ask the Expert event.
Q: As we are seeing wireless features newly in IOS-XE platform in 3850/3650 switches, is Cisco in roadmap for fading AireOS and promote IOS based wireless platform?
A: AireOS is not going anywhere any time soon, new features are AireOS first.
Q: What is the threshold for Data-Retries for a good environment? What if Data-Retries exceeds number of transmit+Received packets?
A: Depends on the application, for example for voice deployments the general guideline is to not exceed 20% of retries.
Q: Can you elaborate more on if you will expand your all wireless office?
A: When you’re interested in expanding more you need to have a look that it’s the right opportunity.
At the hospital we expand under the opportunity of a corporative place, in which we can do cost savings. That is, no much infrastructure and less cables.
Q: What is the best way to only allow office SSID to be advertised at office and preventy any other SSIDs?
A: For local SSIDs, our recommendation is to keep a top of 4 SSIDs available per location. External SSIDs are best to negotiate with their owners to follow better ways to reduce the coverage in your location.
Q: We have a pair of 5508 controllers and around 150 AP's for 1200 users. Our 5508's are going on 7 years old. Should we be looking to upgrade those to 5520's?
A: Depends on your requirements and lifecycle strategy. There are already a few gaps of features that are only supported on newer WLCs.
Q: Can you provide some pros/cons of why they have chosen utilizing AirMagnet vs, say Ekahau? Maybe just some high level talking points?
A: You can find the answer to this question on the Ask the Expert event.
Q: How to troubleshoot for radio down issues?
A: You will sometimes want to start at L1 and the switch where the AP is connected.
Q: Is it possible to rename for multiple ap's in prime? If so how?
A: You can find the answer to this question on the Ask the Expert event.
Q: Is it recommend to use DFS channels even if you are seeing them being in the logs WLC?
A: Depends on where you are located and how prone are specific channels to see radar.
Q: Does 1832/52 has issues with the os?
A: I recommend looking at the release notes to understand the open and resolved caveats in specific releases for that platform.
Q: Is there any plan to introduce 3800 into this AWO office in near terms?
A: You can find the answer to this question on the Ask the Expert event.
Q: Can you speak on what data rates they currently are supporting on the 5ghz channel?
A: Here is a sample on one of their locations 802.11a 12M Rate............................. Mandatory
802.11a 18M Rate............................. Supported
802.11a 24M Rate............................. Mandatory
802.11a 36M Rate..............
Q: What are the recommended certifications to fulfill the competitive wireless Job market requirement nowadays?
A: You can find the answer to this question on the Ask the Expert event.
Q: Do you take the DFS channels out of DCA so they won't be selected?
A: Yes, currently DFS channels are not used in most of the locations.
Q: Cisco recommends 1st Predective Survey, Implementation, Passive Survey, or 1st Predective Survey, Active Survey, finally passive survey or 1st active survey and finally passive survey ?
A: If possible you would do a predictive survey, a physical pre-deployment survey (passive or active depending on requriements), implement, then follow up with post-deployment survey to gather data to fine tune and have a baseline.
Q: Whether 200mw power is allowed for the AP's? I thought 100mw is max power.
A: You can find the answer to this question on the Ask the Expert event.
Q: How is the softphone traffic is handled in the laptop that is connected with wireless network?
A: That depends on the type of application you want to give to clients, data-only can provide good service for more than 50 clients per Radio. Voice and video will decrease the number to 17 to 25 tops.
With AVC, AP can identify the specific traffic from the softphone app and define specific QoS marking: http://www.cisco.com/c/en/us/products/collateral/wireless/8500-series-wireless-controllers/qa_c67-722538.html
Q: We have APs on DHCP reservation, is it better to put AP on static IP setting?
A: Personal preference is to keep it with DHCP.
Q: What is your suggestion when designing for Large open space with lot of surrounded AP'S?
For example a person standing in the ground floor of a mall , surrounded by shops and he get almost same RSSI from the shops from the ground floor
A: You can find the answer to this question on the Ask the Expert event.
Q: What kind of packet capture app he uses to analyze the driver behavior when connecting to the Wireless Network? (in addition to WLC Debug, Wireshark (if it applies).
A: Primarily Omninpeek is used by George for packet captures.
Q: Some of the times , the clients data rate is keep on fluctuating even if the client machine is in the same place. What could be the issue?
A: It can be many things affecting the signal coming from the AP at the location, if link quality decreases, client will negotiate lower modulation scheme to still understand the frames. a proper RF study is recommended. With AVC, AP can identify the specific traffic from the softphone app and define specific QoS marking: http://www.cisco.com/c/en/us/products/collateral/wireless/8500-series-wireless-controllers/qa_c67-722538.html
Q: So Passive survey is post deployement survey, correct?
A: Typically, but there are reasons why you would want to do an active survey after a deployment.
Q: Do you use a qualification document for your client NICs?
A: You can find the answer to this question on the Ask the Expert event.
Q: What's the maximum number of clients we may have on single AP?
A: There is a difference on the theoretical value of associations that an AP supports, and what is valid and realistic for a particular environment. I would recommend focusing more on doing a proper capacity design to derive the clients/AP ratio you need.
Q: Is there any way to prevent users to connect to 2.4 Ghz an force them to use 5Ghz. via WLC or any Supplicant?
A: You can find the answer to this question on the Ask the Expert event.
Q: I'd like to know if there are specific guidelines for QoS on Wireless?
A: There are several deployment guides that cover this topic quite well and provide good direction on where to start.
Q: Is Cisco WLC to detecte any SSID that advertise from a user inside corporate netwrok?
A: WLC by default provides Rogue AP detection, it normally reports all heard SSIDs and sources which are not part of the WLC or Rf group. For details about SSIDs classification: http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0111110.html
Q: Cfr to the Wi-Fi office deployment - was the implementation a hard cut? Meaning stopping all LAN, and moving to WLAN all at once or was it an implementation on a "stage-by-stage"?
A: You can find the answer to this question on the Ask the Expert event.
Q: I am cursious if in this deployment, did you continue to use TPCv1 or move to 2 due to AP density? Also, since moving to a 40Mhz did you disable channels 149,153 due to Apple TVs broadcasting.
A: The deployment is using TPCv1, no UNII3 channels were disabled.
Q: Is it advisable to separate SSID for 2.4Ghz and 5 Ghz, what is the impact?
A: Depends of the requirements and devices that you will connect and also how you want to segment them.
Q: What ddo you think about 802.11r and session resume for PEAP/EAP-TLS?
A: You can find the answer to this question on the Ask the Expert event.
Q: In wireless capture, I see a lot of frame that has EMPTY source & destination MAC addr directed to bogus BSSID, and the NAV duration inside is very HIGH (such as 11190 or greater). This is causing VERY high latency and slow network. How can we procced?
A: If possible RF attack has been discarded. But for accurate assistance we recommend to not hesitate on opening a case with Cisco TAC.
Q: 802.11r is formally supported on OS 10 for Apple Devices. How are you supporting this feature with so many different type of devices out there?
A: Being evaluated and tested, specially adaptive 11r.
Q: What is the best way to help with having major bleed through from other companies on 5ghz bands to help with CCI?
A: It’s a challenge, but everything is based in relationship in which through communication you provide the understanding of the reasons why certain legacies are needed.
Q: How to identify tha ap interference and steps for troubleshoot?
A: WLC can provide you with summary of RF status per AP. 'Monitor- Access Points - Radios - <a-b>. Hover over the blue button of the AP. Click on 'detail'.
You should see channel utilization, noise floor, and interference per channel. CleanAir data will also identify the source of the interference based on the signal pattern.
Q: According to the recommended Cisco design I installed the APs, there is a good coverage innside the corporate building, however during my survey I found that there is a good coverage even outside the building, what is the best way to prevent this?
A: Normally you will see some bleedthrough because of the nature of RF, what you would want is to secure it properly.
Q: In 1572 installation, i do'nt get ac speeds when the ap is 10-15m away, can you help me?
A: You can find the answer to this question on the Ask the Expert event.
Q: Does enabling band select causes some connectivity issues to the clients ? I have seen the recommendation as not to choose this option.
A: In certain scenarios it could potentially delay the association/roaming, so for example in voice deployment you tend to not enable it on the ssid used for voice devices.
Q: Mixed model deployment of access point create any kind of issue?
A: Please find more information in the following link: http://blogs.cisco.com/wireless/dont-sweat-the-small-stuff-its-okay-to-mix-cisco-access-points
Q: Can you share comments or experiences regards Chromecast on Apple Devices and their deployment? (In case they have experience doing it).
A: You can find the answer to this question on the Ask the Expert event.
Q: What do you think about the comparison between Cisco Prime and Aruba Airwave? What do you like? Is the other one better than the other?
A: Methodist is currently using PI for both wireless and wired.
Q: Do you have any critial wifi policies that you would like to share?
A: You can find the answer to this question on the Ask the Expert event.
Q: Is there a major reason for the AP that stuck in DHCP selecting mode and didn't get its IP?
A: If AP is not receiving IP address, make sure L2 and relay agent are properly configured for the AP management VLAN. Lightweight AP satate machine will attempt to get IP address every 5 minutes.
If you still face issues do not hesitate to contact TAC, we will be glad to assist you with your specific issue.
Q: Why enabling " ip http secure-server " not recommended in 5760 unless TAC suggest?
A: For 5760, https redirect could use many hardware resources and TAC should identify the the WLC load to determine no issues with the use of this feature.
Q: Did you adjust any 802.11a optimized Roaming or DCA times to say every 8 hours for a full shift work day?
A: You can find the answer to this question on the Ask the Expert event.
Q: I use the application quite a bit with all the different wireless customer networks that I dive into on a daily basis. I am wondering if cisco is going to continue to develop this tool and if I could suggest request on adding features.
A: If you are talking about the WLCAA then yes, is constantly being updated as new requirements and best practices are learned.
Q: What is the intel driver version that he posted as the most stable at this point?
A: You can find the answer to this question on the Ask the Expert event.
Q: Why do we need seperate AES/CCMP encryption when we get PTK for encrypting the trafiic by 802.1x method? Difference between AES/CCMP and PTK.
A: The main reason is the lack of support of 802.11r from wireless clients, Management 802.11 with FT frames may not be properly processed by those devices and they wont attempt to join the SSID.
Q: Is that applicable to this model AIR-CAP3502I-A-K9?
A: You can find the answer to this question on the Ask the Expert event.
Q: Is flexconnect local switching prone to more issues, or harder to manage than central switching?
A: All roles have their respecitve purpose, depends on your requirements which one you will use. I know plenty of flexconnect deployments where that role is a better fit.
Q: How do you handle the 5 GHz DFS channels?
A: Currently DFS channels are not being used on most of Methodist locations.
Q: Have to took advantage of Network Programmability to automate some tasks? If so, which ones?
A: You can find the answer to this question on the Ask the Expert event.
Q: Do you generally recommend relegating 2.4 to legacy devices and keeping 5ghz to production enterprise devices?
A: Due to the limitantion of the 2.4GHz band, yes you want to try to use 5GHz as much as possible.
Q: How much is Houston Methodist relying on RRM?
A: we recommend looking at the release notes to understand the open and resolved caveats in specific releases for that platform.
Q: What is your AP cell size? AP coverage ares? Do you use RTLS?
A: We typically design 5Ghz. We try to use AP and create more cells, ones that may reach all devices including a cellphone which are minimum ones.
Q: Lets assume the tpc value for the 5 ghz 11 (Min),What is the optimum value for 2.4 Ghz?
A: You can find the answer to this question on the Ask the Expert event.
Q: Is it possible to use the same WLC/AP to make an interfireance with any SSID that are not part of RF group?
A: WLC provides rogue AP containment which basically floods an BSSID with disassociation frames, this only remomended as a temporary approach, but the best is to phisically try to physically shut down the offender. Denying service at a non-licensed spectrum may incur in legal problems.
Q: I found error 5440 on ISE is directlly related to the disconnection experienced when roaming which is caused by EAP + WPA Key Mgmt process, did he solve this using 802.11r? But 802.11r is not widely supported.
A: You can find the answer to this question on the Ask the Expert event.
Q: How may SSIDs can be configured and advertised through a WLC & 3700 serice AP?
A: Depending the WLC model, we can have more than 500 different SSIDs configured, but keep in mind that each AP will only support up to 16 different SSIDs per Radio.
Q: What version of WLC code are you currently running?
A: You can find the answer to this question on the Ask the Expert even
Q: I found error 5440 on ISE is directly related to the disconnection experienced when roaming which is caused by EAP + WPA Key Mgmt process, did he solve this using 802.11r? But 802.11r is not widely supported.
A: You can find the answer to this question on the Ask the Expert event.
Q: On the switch side connecting the AP, what is the recommended setting? speed/duplex full or auto?
A: Noramlly you want to leave it dynamic.
Q: Were both AirMagnet products employed right from the beginning? Would it have been possible to embark on this project without SiteSurvey and Wireless Analyzer?
A: You really need the right tools to be able to work on the propper design.
Q: Would gpo push for 5ghz limit wifi connectivity when users have their devices outside the corp office? Is there a preference option for 5ghz priority then 2.4ghz.
A: You can find the answer to this question on the Ask the Expert event.
Q: Is it possible to rename for multiple ap's in prime? How?
A: There is a bulk update option in PI. You can use templates at PI to define a set of configurations to be applied to many APs registered, all at the time: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-1/user/guide/pi_ug/config-temp.html
Q: Was the bleedthrough showing 2.4 GHz or 5?
A: You can find the answer to this question on the Ask the Expert even
Q: What is the best way to mark voice/video traffic through softphone such as Skype? Those PCs are associated to PC SSID/Vlan.
A: If you have control on the endpoint you can do some mapping there, else you could leverage features like AVC on the WLC.
Q: Can SNMP help you administer you corporate wireless lans?
A: Yes, for instance we have Cisco Prime and other software packers. But at the end it all comes down to comfort and needs
Q: What percentage of your AP's are AC capable?
A: Majority are 3702, this is their current standard.
Q: What do you think about 802.11r combined with session resume for PEAP/EAP-TLS on ISE?
A: You can find the answer to this question on the Ask the Expert event.
Q: Did they use they use Air Pcap for the wireshark captures?
A: Omnipeek was used for taking the captures for the most part.
Q: Could explain your sniffing setup with Wireshark using separate APs?
A: We use peek appliance. So you want to go to sniffing tools for detail analysis. When you configure Cisco Aps you have the ability to configure different types of moods,one of them is sniffer.
You reboot the sniffer AP and put the IP address and you set a channel, this will send all the information to the appliance.
Q: I know that you are currently using Prime but have you tried AirWave in this type of enviroment and if so have you noticed any pros or cons on each product?
A: George has used and considered AireWave for other projects, but for Methodist implementation PI is the one that better meets the requirements for both wired and wireless.
Q: How do you address QoS on wireless?
A: You can find the answer to this question on the Ask the Expert event.
Q: One access point is sutible for how many users to be connected?
A: That depends on the type of application you want to give to clients, data-only can provide good service for more than 50 clients per Radio. Voice and video will decrease the number to 17 to 25 tops.
Q: AP grouping will help if we have multiple WLAN?
A: Or if you want to apply RF profiles.
Q: Did you make any modifications for allowing user backups to occur over Wi-Fi?
A: You can find the answer to this question on the Ask the Expert event.
Q: How can we standardize the drivers in the BYOD environments?
A: It is very challenging, that is when internal discussion has to happen on the teams to determine what is needed and feasible. It is problematic, because eon BYO environments you don’t necessarily own those assets. Usually in a corporate environment is a major effort.
Q: Is there a chart or recommendation of how many devices per AP? I take it this varies model to model. Also does this vary on what the users are doing? I am looking in particular for the 3700.
A: It all comes down to what are the applications used on the AP. This will determine the solution, for instance not all applications needs high band. On the 3700, we have done it on 5 and 8.
Q: Is there a guide that demonstrates the bandiwidht requirements for the applications?
A: Depends a lot on the application, this link is for HD but should give you an ideo on how to look at things, have a look to: http://www.cisco.com/c/dam/en_us/solutions/industries/docs/education/cisco_wlan_design_guide.pdf
Q: In an AWO did you find applications that didn't fuction on wireless?
A: You can find the answer to this question on the Ask the Expert event.
Q: Is there a recommended coverage range for 2702i with internal and external anntena and for the 1532 outdoor AP?
A: They have different radios and antenna options, you should evaluate what are your requirements and make your selection acordingly.
Q: Can you share the steps used for the Device and Driver test validation?
A: We have a spread sheet that we go through, we look at how well this device is working here. You test variations on the drives, then you modify, once you modify you review how is behaving since the last check. Those are some of the things we look for, in fact they’re very basic things.
It’s very important that you Vaseline, compare that that provides you data to compare and then improve.
Q: I found error 5440 on ISE is directlly related to the disconnection experienced when roaming which is caused by EAP + WPA Key Mgmt process, did he solve this using 802.11r? But 802.11r is not widely supported.
A: You can find the answer to this question on the Ask the Expert even
Q: The max client of 50 for data only and 17-25 for voice and data?
A: Depends a lot on the application, this link is for HD but should give you an ideo on how to look at things http://www.cisco.com/c/dam/en_us/solutions/industries/docs/education/cisco_wlan_design_guide.pdf
Q: George mentioned that he could minimize driver issues in a controlled environment, what would be the approach in a BYOD environment (school) with so many different devices?
A: When you’re in BYO environment you don’t necessary have control in those devices so it’s recommended to delimitate some standards in that state the recommended drives for them, but it’s not possible to provide recommendation to all of them.
Q: From an organizational buy-in, how cost effective is the all-wireless office? Since the organization has absorb increased engineering/R&D to overcome issues, does this outweigh running drops and switches; especially when each design may be unique?
A: You can find the answer to this question on the Ask the Expert event.
Q: I've this SR 681735198 , but still not able to get help from Cisco. Is there a chance you could look into it?
A: Without AVC (application and Visiility Control), all traffic from the laptop will be marked with the QoS value configured at the SSID (silver, gold, platinum).
Q: Do you onboard BYOD devices with MSE?
A: For BYO we don’t necessarily have a policy to bring your own device, instead we provide a guest network in which users can connect with their own device. At least in hospital that is how we do it.
Q: In healthcare you have a lot of proprietary equipment, where wendors don't want to co-exist with other vendors(healthcare equipment); how many prod SSIDs do you have, and how did you manage the healthcare vendors?
A: You can find the answer to this question on the Ask the Expert even
Q: When both AP's shows same signal strength and how client device choose the ap?
A: It is totally up to the client/driver logic and varies per device.
Q: What tool did they installed on the iPads?
A: You can find the answer to this question on the Ask the Expert even
Q: In the end, was there cost savings over a wired office? (including time spent troubleshooting, lost productivity, etc.)
Q: What is the best solution to protect Wireless network?
A: It comes down to the design requirements, for instance small offices will do with simple pressure keys whereas more robust corporate environment EP with locking. Also, since BYO is a trend a lot of corporates are looking at MDM so they have full control of all those assets.
Q: How much is Houston Methodist relying on RRM?
A: There is a lot of discussion going around this. We do subscribe our RRM and we do have some static areas. When doing RRM you need to have a design to support it, it needs to be understood and modify according to the needs.
A: You can find the answer to this question on the Ask the Expert event.
Q: Isn't it better to have WLAN and LAN together and then moving slowly to WLAN and eliminating LAN?
A: Yes certainly, it’s a comfort level. A typical build out would be wireless and wired.
Q: Is it really a 100% wireless environment? How about desk phones, printers, servers and video equipment?
A: Everything is wireless with the exception of the conference room, where we have 4-5 phones and printers. There are no cable to any of the tubes nor to any of the offices.
Q: Were you budgeted form the start?
A: You can find the answer to this question on the Ask the Expert event.
Q: How can we standardize the drivers in the BYOD environments?
A: AP tx for 3800 series will provide up to 23dBm, please consider the total EIRP to meet regulatory restrictions. BYOD is a challenge, as George mentions, he has focused the effort to standarize at least production devices. La environments with every devices expected at the network is a good approach.
Q: How do you influence clients to connect to 5Ghz instead of 2.4 band?
A: When we did the AWO one of the things we did was testing the 5Ghz to make sure all the devices could connect, once we make it happen we changed. In fact when we moved into 5GHz, we never took away the 2.4 band, so device son that standard could connect.
It was a very calculated process in which we never let devices to have no connection, till we were sure they could.
Q: Did you ever want to give up and just pull a cable?
A: The first 2-4months I wanted to hide, we had many things to work out, but we didn’t give up. Management support was critical when we deployed AWO at the hospital.
Q: Do you expect IoT devices to also share 5 GHz space or would these be better suited to use a low power 2.4 GHz transmission so voice and priority data get's the nicer 5 GHz band.
A: You can find the answer to this question on the Ask the Expert even
Related Information