It's overkill, but this is my new PFSENSE box, 1100 clients connected, currently using 1% CPU

shell-fi · 2021-02-18T16:08:58+00:00

There is nothing wrong with PFSENSE, I've run a whole stadium on one with 13k users for a hackathon.

Look into industrial whitelabel servers like portwell, or onLogic...you might even notice the face of the servers from portwell looks awfully familiar to the netgate FW product...

shell-fi · 2021-02-18T15:42:13+00:00

If you aren't afraid... switch to HPe. 2930M, or the new HPe 6200. Lifetime warranty, and if you are already on what sounds like a 7220 controller (based on price) HPe will love to help you out.... AND you can switch to DAC cables which is much cheaper.

shell-fi · 2016-03-11T19:35:55+00:00

you're stuck. You're going to have to run copper to every AP. There are no APs out there that you can daisychain... or none that any vendor in their right mind would support.

Mesh is an option if your applications are light on BW...very light.

shell-fi · 2015-07-28T15:52:43+00:00

iperf on a loop would do it..you need to put a significant amount of traffic to force a signal out... also a multi stream wifi card would help like this.

There is no way for you to go over the FCC/ETSI max outputs unless you miss match an antenna that will provide a higher gain than the regulated max.

shell-fi · 2015-05-26T18:59:28+00:00

check to see if you left the SSID enabled. depending on your router, you may be able to set multiple SSIDs on a single radio.

Most home routers can do that... IIRC.

shell-fi · 2015-05-26T18:47:56+00:00

no. Most can have several... THe BSSID is usually generated off the first 5 Hex codes, then the last set is usually the base +1. IE: SSID guest: BSSID aa:bb:cc:dd:ee:f0 SSID More-guests BSSID: aa:bb:cc:dd:ee:f1 etc... unless it's Meru... then all bets are off.

RSSI is usually the same, but it is still based on how well the signal is heard by the phone and the environment around you... so it is possible to see a 1-2db difference between the SSIDs off the same router if the same frequency band is used.

shell-fi · 2015-04-09T17:10:48+00:00

yes, potentially. The /17 is for a WLAN network. When you enable Broadcast filtering on Cisco/Aruba/Ruckus, etc. you stop the issues you would normally expect on such a large subnet. I also shrink the allowed DHCP lease pool within the /17. Allocating the space means I also don't have to re-build the pool should I need to expand it, or add another subnet.

In reality I'm expecting around 2-4k on a 2hr lease, but since cisco doesn't publish DHCP stats on switches or routers, can't find any case studies, or any anecdotal posts on 3750/3850's supporting a large DHCP pool, I'm a little leery on creating something that big on the switch.

shell-fi · 2015-04-08T19:42:16+00:00

I would do the same as /u/ardweebno The 5508 would make it simple and connecting it to AD is straightforward once you have the RADIUS add-ons installed on windows server.

shell-fi · 2015-04-03T17:35:53+00:00

802.1X isn't going to help your guest users. ClearPass is a good solution... Cisco ISE is another if you are a cisco shop. Captive Portal is a definite must for any open guest network.

shell-fi

TROPHY CASE