Hi,
Ok, I've got a building that I'm putting wireless into. The building is approx 400 ft long and is split into two large bays by a central set of offices that are made out of cinderblock.
I've installed a 3Com 7250 AP in each bay to ensure good coverage. The APs are using 802.1x/RADIUS, EAP-TLS and AES encryption. Windows Group Policy controls most aspects of the wireless environment via Windows 2003 wireless policies. The policy defines 802.1x connections, preferred networks, etc and overall works pretty well.
However, I have run into a problem - the preferred networks setting appears to be somewhat rigid in terms of the order in which APs are connected to, regardless of the strength of the signal. For example, say there are 2 "preferred networks" (APs) designated in the wireless policy, AP1 and AP2, and they are listed in that order. AP1 is located on one side of the building and AP2 is on the other and there is some overlap of coverage. A user (user 1) logging onto a wireless client near AP1 gets an excellent signal and a 36-54 MB/s connection rate.
However, when user 2 logs on near AP2, their client is still associated w/ AP1 (presumably due to the order of precedence in the wireless policy) and gets a low or unstable connection due to the distance and shielding between the AP and the client (remember that the building is split by several cinderblock layers). Rebooting the client does not change the association and the only way to get the client to associate to AP2 is to disconnect the Ethernet cable from AP1. Additionally, when user 1 moves away from AP1 and towards AP2, there is no switch-off between APs when the signal from AP2 is stronger than from AP1.
Right now to "fix" this, I've created separate OU's in Active Directory, placed wireless clients in the respective OU's, and then creating separate policies for these OU's but that only works for wireless clients that are not mobile.
Any thoughts on how to fix this? The preferred networks setting (and the wireless policy in general) is desirable as it locks down what the clients can connect to so we really need to continue its use.
Thanks....
Ok, I've got a building that I'm putting wireless into. The building is approx 400 ft long and is split into two large bays by a central set of offices that are made out of cinderblock.
I've installed a 3Com 7250 AP in each bay to ensure good coverage. The APs are using 802.1x/RADIUS, EAP-TLS and AES encryption. Windows Group Policy controls most aspects of the wireless environment via Windows 2003 wireless policies. The policy defines 802.1x connections, preferred networks, etc and overall works pretty well.
However, I have run into a problem - the preferred networks setting appears to be somewhat rigid in terms of the order in which APs are connected to, regardless of the strength of the signal. For example, say there are 2 "preferred networks" (APs) designated in the wireless policy, AP1 and AP2, and they are listed in that order. AP1 is located on one side of the building and AP2 is on the other and there is some overlap of coverage. A user (user 1) logging onto a wireless client near AP1 gets an excellent signal and a 36-54 MB/s connection rate.
However, when user 2 logs on near AP2, their client is still associated w/ AP1 (presumably due to the order of precedence in the wireless policy) and gets a low or unstable connection due to the distance and shielding between the AP and the client (remember that the building is split by several cinderblock layers). Rebooting the client does not change the association and the only way to get the client to associate to AP2 is to disconnect the Ethernet cable from AP1. Additionally, when user 1 moves away from AP1 and towards AP2, there is no switch-off between APs when the signal from AP2 is stronger than from AP1.
Right now to "fix" this, I've created separate OU's in Active Directory, placed wireless clients in the respective OU's, and then creating separate policies for these OU's but that only works for wireless clients that are not mobile.
Any thoughts on how to fix this? The preferred networks setting (and the wireless policy in general) is desirable as it locks down what the clients can connect to so we really need to continue its use.
Thanks....