Project to create uncensored wireless mesh network

sasma · ‎01-21-2022

Hello everybody, my name is Asma.

I plan to create a uncensored mesh network for my project, i have been provided a cisco 1841 router with two fast Ethernet ports. I want to create a simple peer to peer network, however i am very stuck in the designing process, as in how many switch and access points i should use or what commands i should use to configure the router.

My goal is to create a network that is not monitored by my ISP but i would be using my ISP router to get internet.

Anybody with mesh networking experience, please help!!

balaji.bandi · ‎01-21-2022

its all depends on the requirement, if you are not sure i would suggest to engage with cisco partner to help you.

This require lot of requirment gathering like :

1. where you like to deploy

2. how many users.

3. what is the scope of the area

4. requiremetn site survey to come to how many AP required.

5. what is the bandwidth requirment

so on...

get some idea look below document :

https://www.cisco.com/c/en/us/td/docs/wireless/technology/mesh/7-3/design/guide/Mesh/Mesh_chapter_01.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

sasma · ‎01-21-2022

Thank you for replying, this is just an experiment and a project for graduation, i am only going to use two aps, one as a root ap and the second one as mesh ap, due to covid i am setting all this up in my home

balaji.bandi · ‎01-21-2022

what AP do you have at home? Does the one root AP mean to act as controller?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

sasma · ‎01-21-2022

atm i dont have one, i am just waiting to understand what design ineed, so that i can get an ap, maybe a switch too

Scott Fella · ‎01-21-2022

Well if this is for your home, the next question is how much do you want to spend. I have my own lab at home and I don't use any consumer equipment. You can look at the Meraki Go equipment that is cloud based. With getting enterprise gear, you have to also be able to download the images, which means you need support. So be careful when you are looking at older gear for home lab, because even though its cheap, you might have a firmware that is buggy or doesn't allow for some feature.

-Scott
*** Please rate helpful posts ***

sasma · ‎01-21-2022

this is for a graduation project and the equipment is being provided by my college, i am just setting up the equipment at home due to covid

Scott Fella · ‎01-21-2022

Okay, but we still would need to know what exact equipment you have and the code version that is on that equipment. You also need a console cable.

-Scott
*** Please rate helpful posts ***

sasma · ‎01-21-2022

i have a cisco 1841 router so far, i have a console cable, going to get a switch and two as soon

Scott Fella · ‎01-21-2022

I think just wait until you have everything and then provide the information about the model and firmware. Without that, there is no way to help.

-Scott
*** Please rate helpful posts ***

sasma · ‎01-21-2022

thank you for helping out

Arshad Safrulla · ‎01-22-2022

As a high level what you need;

1. Strong Encryption between Root and Mesh AP.

2. DNSSEC & DNS over HTTPS (DoH) connecting clients

3. Client authentication system which uses unique parameters to identify and authenticate, authorize users, but doesn't retain any identity information.

4. TOR capable ISP facing edge

5. WPA3 capable clients and wireless AP's.

Some good articles;

(https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKSEC-2011.pdf)

https://blogs.cisco.com/networking/wpa3-bringing-robust-security-for-wi-fi-networks

What you want to achieve may not be possible using Cisco products as Cisco adheres to most of the known standards. You may have to look into opensource products and start customizing them as per your requirement. Some opensource standards you may look in to

1. TOR for routing

2. Opensense for firewalling and edge

3. OpenWRT for wireless

4. Free Radius

Since this is a college project, I recommend u to use opensource products. this can help you financially and also provide you more customizable solution.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

Scott Fella · ‎01-22-2022

@Arshad Safrulla good info here.... the equipment is being provided by the school, so no need to look for other solutions. It will be interesting what equipment will be provided however.

-Scott
*** Please rate helpful posts ***

sasma · ‎01-22-2022

school is just providing some old junk and wants me to make use of it

sasma · ‎01-22-2022

i like the idea of using opensourse products, since its more cost effective. And you are right cisco products might not be compatible with the system that i am trying to achieve