Wireless NetworkingWireless Networking

Big Ten Engineering Computing Big Ten Engineering Computing Support & Networking ConferenceSupport & Networking Conference

14 November 200214 November 2002

Bill Simmons – PurdueBill Simmons – Purdue

Paul Oliphant – WisconsinPaul Oliphant – Wisconsin

Purdue’s Wireless ServicesPurdue’s Wireless Services

The Head of Electrical & Computer Engineering The Head of Electrical & Computer Engineering Provided ~$4,000 to Install Wireless Data Provided ~$4,000 to Install Wireless Data Networking into Two BuildingsNetworking into Two Buildings

Coverage was Contiguous Throughout Coverage was Contiguous Throughout Conference Rooms and the Two BuildingsConference Rooms and the Two Buildings

WEP was Used and That Became a ProblemWEP was Used and That Became a Problem Users Were Required to Provide Their System’s Users Were Required to Provide Their System’s

MAC Address for Access ControlMAC Address for Access Control A Livingstone 2.1 Radius Server has Been A Livingstone 2.1 Radius Server has Been

InstalledInstalled

Roaming On Purdue’s Roaming On Purdue’s Wireless SystemWireless System

When a System Gets Close to an Access When a System Gets Close to an Access Point, the System’s MAC Address is Sent Point, the System’s MAC Address is Sent to the Radius Server.to the Radius Server.

The Radius Server Does a MAC Address The Radius Server Does a MAC Address Lookup to see if the Address is RegisteredLookup to see if the Address is Registered

If a MAC Address is Registered With the If a MAC Address is Registered With the Radius Server, Access is ApprovedRadius Server, Access is Approved

Secure IMAP and POP Services Have Secure IMAP and POP Services Have Been Established on the Wireless Network Been Established on the Wireless Network

Purdue’s Campus Purdue’s Campus Wireless InitiativeWireless Initiative

New University President & CIO have put New University President & CIO have put Campus–Wide Wireless Networking on the “Fast Campus–Wide Wireless Networking on the “Fast Track”Track”

Campus System Implementation Expected by Campus System Implementation Expected by Spring 2003Spring 2003

Implementation will be 802.11b with Option to Implementation will be 802.11b with Option to Use 802.11aUse 802.11a

Will Install all Cisco Access Points and VPNWill Install all Cisco Access Points and VPN One Concern is That There are Some Operating One Concern is That There are Some Operating

Systems for Which a VPN Client Does Not ExistSystems for Which a VPN Client Does Not Exist Current & Critical Issues are Security & RoamingCurrent & Critical Issues are Security & Roaming

Wisconsin’s Wireless InitiativeWisconsin’s Wireless Initiative Wireless Networking has Become Extremely PopularWireless Networking has Become Extremely Popular Initial Testing Included Several Laptops Distributed to Initial Testing Included Several Laptops Distributed to

Students for Trial Test & EvaluationStudents for Trial Test & Evaluation Faculty Desiring Wireless Connectivity are Sold Cards Faculty Desiring Wireless Connectivity are Sold Cards

for Their Computersfor Their Computers Student use of Wireless Includes:Student use of Wireless Includes:

ClassroomsClassrooms Common Areas & Common Areas & The LibraryThe Library

In General, Everyone is Satisfied With Performance & In General, Everyone is Satisfied With Performance & MobilityMobility

Wireless at Michigan StateWireless at Michigan State

Wireless Computing is on a Completely Wireless Computing is on a Completely Separate VLANSeparate VLAN

Wireless has not Become a Commodity in Wireless has not Become a Commodity in the Collegethe College

No VPN has Been Implemented at This No VPN has Been Implemented at This TimeTime

Wireless at Wireless at The University of MichiganThe University of Michigan

Design Goals:Design Goals: Interoperability with Linux (Intel), Microsoft Interoperability with Linux (Intel), Microsoft

OS’, Macintosh OS X and PDAsOS’, Macintosh OS X and PDAs Provide Seamless Wireless CoverageProvide Seamless Wireless Coverage Authentication Across the University & no NIC Authentication Across the University & no NIC

RegistrationRegistration Provide Security and Easy Use Across Provide Security and Easy Use Across

UniversityUniversity ScalabilityScalability Separate Solution for Conference Rooms Separate Solution for Conference Rooms

Characteristics of Wireless at Characteristics of Wireless at The University of MichiganThe University of Michigan

Cover Three Floors of Media UnionCover Three Floors of Media Union VPN Access Control for Authentication and SecurityVPN Access Control for Authentication and Security

User Authentication to VPN Server Using Kerberos IDUser Authentication to VPN Server Using Kerberos ID

50 MBPS of Sustained Throughput for 1500 50 MBPS of Sustained Throughput for 1500 Simultaneous UsersSimultaneous Users

Specific Guests are Provided Instant Access but Have a Specific Guests are Provided Instant Access but Have a Fixed ExpirationFixed Expiration

Official Rollout and full Scale Deployment During First Official Rollout and full Scale Deployment During First Quarter CY 2003 Quarter CY 2003

Hotline Support Will be Available to UsersHotline Support Will be Available to Users One Issue: IPSec VPN Kills Windows and Mac Built–in One Issue: IPSec VPN Kills Windows and Mac Built–in

ClientsClients

Wireless at Penn StateWireless at Penn State Ad Hoc Wireless Networks Exist Throughout Ad Hoc Wireless Networks Exist Throughout

Many DepartmentsMany Departments College has Deployed two Point–to–Point College has Deployed two Point–to–Point

Wireless Systems Between Four BuildingsWireless Systems Between Four Buildings 1 - 5.8 GHz RadioLan With Directional Antennas1 - 5.8 GHz RadioLan With Directional Antennas 1 - 2.4 GHz Cisco AeroNet System With an Omni 1 - 2.4 GHz Cisco AeroNet System With an Omni

Directional Antenna on one Building and a Directional Directional Antenna on one Building and a Directional Antenna on the Other BuildingAntenna on the Other Building

11 Access Points From Various Vendors are 11 Access Points From Various Vendors are Deployed in College’s Main Administration Deployed in College’s Main Administration BuildingBuilding

Plans Exist to Deploy an Additional 10 Access Plans Exist to Deploy an Additional 10 Access Points in Various BuildingsPoints in Various Buildings

Characteristics of College Characteristics of College Operated Wireless at Penn StateOperated Wireless at Penn State

All Services are Currently 802.11bAll Services are Currently 802.11b DHCP Connectivity Provided Upon RequestDHCP Connectivity Provided Upon Request

Faculty and Staff may Request Wireless ServicesFaculty and Staff may Request Wireless Services DHCP Services Provided Only to Fixed MAC DHCP Services Provided Only to Fixed MAC

AddressesAddresses

Cisco VPN Provides Secure CommunicationsCisco VPN Provides Secure Communications Cisco 3030 Provides a Maximum Throughput of 50 Cisco 3030 Provides a Maximum Throughput of 50

Mbps and can Support up to 1500 Simultaneous Mbps and can Support up to 1500 Simultaneous ConnectionsConnections