Sunday, January 7, 2018

Sticky Clients

Nearby Office Complex with bad Wi-Fi

This past week, I was called on to help in a Wi-Fi nightmare at a nearby office complex here in Tennessee.

The issue was client devices having really poor throughput even though the building had a really good internet service.

After a few minutes onsite, I found there were no interferences anywhere in the building so I fired up my survey tools and performed a validation survey.

Contrary to my first thoughts, the survey was darn near perfect in every location and overlapping cells were textbook.

I decided that I would quickly replicate the issue before going forward. The layout is a 2 story building with a lot of open cubicle space and several walled offices.

I carried my laptop, iPad, and iPhone through the front entrance as if I were coming in for work. I went up the stairs and across the floor to the opposite end of the building and sat down at a vacant desk.

upon looking at my devices, I saw I was connected on every device but my iPad and iPhone had really slow connectivity and my laptop (which I just turned on) had great connectivity.

At this point, I began tracking the connectivity back to the actual access points each device was connected to and found that the iPad and iPhone was connected to the access point in the main lobby, while the laptop was connected to the  access point 20 feet from the desk I was sitting at.

This small amount of troubleshooting took me right to the IT Coordinator's office and I asked him to see his WLC.

He logged me into it and let me cruise through the configurations and I found that all the data rates were on, no rf profiles were applied to any of the SSID's and no limits were set to limit connections to each access point.

It was an office complex with just under 60 employees and 9 access points throughout the facility but when I checked connections 28 devices were connected to the lobby access point on 2.4 GHz at -77 dB or worse while 17 more devices were connected to access point in front of the elevator on the first floor at -76 or worse on 2.4 GHz. 13 more devices were connected to the lobby access point on the 5 GHz radio at -79dB or worse.

It became very evident at this point what the issue was.

I spent about an hour looking for devices that had to use 2.4 GHz  and found there were actually none that had to use it so I turned it off for testing.

I set rf profiles making 18MBs the lowest data rate available.

I set the maximum clients per AP to 15.

Once all of these settings were changed, I carried my devices out of the building, rebooted them and went into the building again.... but this time with everything on and operating.

I stopped in the lobby to be certain everything connected and they did, so I went on to the elevator and pressed the call button. My laptop switched to the elevator AP while the Apple devices stayed connected to the lobby AP until I stepped into the elevator.

Once I was in the elevator, the Apple devices switched to the break room AP which was a few feet down the hall from the elevator on the second floor.

When the elevator doors opened, my laptop switched to the 2nd floor office AP in the opposite direction of the break room.

I walked toward the cubicles and the Apple devices switched to the 2nd floor office AP with the laptop.

As I got to the far end of the building where I had sat before my laptop was on the AP 20 feet from the desk and the Apple devices were on an AP between the 2nd floor office AP and the one my laptop was on.

None of them ever roamed to 2.4 GHz but all three devices roamed to a closer AP for better data rates as I traveled through the office.

Since all of the access points rebooted when the profiles were applied, I went around and checked with employees to see how their wireless was working now. Everyone said it was much better than before.

I told the IT Coordinator to check with them all in the morning when they came in and made the walk through the lobby to their desks.

GOOD NEWS!!! Every device roamed as it was supposed to and Wi-Fi was popular again!

Use your RF Tools, adjustments, and profiles.... They Work Great!!!

Brett Hill, CWNE #147

Saturday, January 6, 2018

Alternative Power Sources for Wi-Fi Devices

One of the biggest issues facing a Wireless Engineer today is not the ability to get proper signal propagation into hard to reach areas, it is coming up with a power source to provide adequate power to the Wi-Fi equipment.

There are light pole taps and many other ways to provide power to your access points but I want to help you out here with designing your own reliable power source at a very affordable price.

Many companies offer solar solutions for powering 802.11 devices but they are usually very pricy (Up to $12,000) and most customers do not want to pay such a price to power one device.

If you understand the principle of power consumed over time, then you can calculate the power supply needed in order to sustain consistent, stable power to your device.

Lets start with time -

Amp Hours are better explained as how long a power source can provide power.

For example: If a battery is rated for 10 Amp Hours then you could power a device requiring

1 Amp for 10 hours, 2 Amps for 5 hours or 5 Amps for 2 hours.

So if your device requires 2 Amps to operate and you want it have a 48 hour power reserve, then you

need to multiple TIME by POWER USED

2 Amps x 48 Hours = 96 Amp Hours

Disclaimer: These values are always assumed calculations and climate and temperature conditions can effect the totals so you should always provide a buffer as a reserve.

If you need 96 Amp hours you should provide 120 Amp Hours to be on the safe side.

Now that we know our discharge rate (2 Amps per Hour), we know we need to provide a charging rate to keep our power source (battery bank) charged.

Discharging faster than we are charging will eventually result in a power failure.

To figure out a dependable figure to work with, we need some values and a formula to work with:

DC watts to amps calculation

The current I in amps (A) is equal to the power P in watts (W), divided by the voltage V in volts (V):
I(A) = P(W) / V(V)
The current is Amps and since solar panels are measured in Watts, we need to convert based on the voltage we are using.
If you are using a 12VDC power source, we use 12 as our V.
If we are requiring 2 Amps, we use 2 as our I.
Since we are solving for P or watts, we multiply 12V x 2A and we get 24 Watts.
Now we know how many watts we are burning per hour so we can start looking for a way to provide battery recharging to prevent our batteries from a complete discharge.

The Sun is not always in an optimum position for a solar panel to produce power at 100% all the time so we MUST plan for this. 
First plan for a maximum of 50% utilization of your solar panels to be on the safe side of engineering. With the above calculations, a 50Watt solar panel would fit the bill, except...
Your solar panels may get 6 or 7 hours per day of peak solar power but it could be as little as 3 or 4 
or cloudy or winter days. With this information, you should plan on providing enough power in a 4 hour period to recharge your battery bank.
If you discharge at a rate of 2 Amps per hour then you will discharge 48 Amps in one 24 hour day. you need to replace those 48 Amps during the daylight hours, preferably you will calculate your recharge rate based on the worst conditions, so we will use 4 hours.

In 4 hours time, we need 48 Amp Hours recharged so we need to replace 12 Amp Hours per Hour. This will quickly recharge the batteries from the power consumption of the night before.

12V x 12A = 144W
I(A) = P(W) / V(V)
In 4 hours time, we need (at Minimum) a 144 Watt charging source provided to keep our system running.
Using these Factors, you now know your MUST HAVE recharge rate based on your device's discharge rate.
NOTE* use an overcharge circuit protector to keep from damaging batteries and other equipment.
I personally have used Harbor Freight's 100W solar panel kit ($145.00) and their solar charging protection circuits to do this very thing and it works great.
For less than $600.00, I have successfully built a dependable solar power source for an 802.11 
wireless access point.

Enjoy and I hope this helps!

Brett Hill, CWNE #147

Wi-Fi Humor

Just a humorous conversation to share about a dual band Wi-Fi network that consisted of outdoor mesh and indoor access points:

Me and a co-worker were troubleshooting an issue on the 2.4 GHz Wi-Fi when I just randomly asked him a question.

"What happens during the open authentication process?"

and he just stared at the table...

so I explained the frames and the information element exchanged during that process and what was  advertised in the probe response and access point beacons. 

The information element advertises the data rates available on a particular Wi-Fi network. Data rates are 

controlled by a type of modulation that provides the data rates. If there are no data

rates advertised, then there are no modulation types offered that are

compatible with your device in order for your device to associate to. 

If you can’t associate, then you probe another available option immediately.
(Such as the 5GHz network).

Then he just randomly says, “Well, once the phone associates to the 5GHz radio, it might try

to roam to the 2.4GHz radio during a phone call and drop the call”.

So…. I reply, “Your controller based network is equipped with Fast BSS

Transition, CKM, Neighbor Messages, and neighbors sharing their neighbor

messages. Your phones will know all of the great places to roam to and the

places they cannot roam to, way before they ever roam”.

His reply….. “I don’t think that’s right”.😖

Moral of the story- If you are going to troubleshoot any technical project, please know the technology you are 

working on.

Brett Hill - CWNE #147

Thursday, April 7, 2016

Security in Passwords

I spoke with a Network administrator at a school district a few days ago and he was having trouble with passwords being strong enough for the staff. He could not relay a way for them to get good passwords that were hard to crack so he asked me for some help in conveying the message and in coming up with a better way for them to do their passwords.

I creates this alphabet for him and I thought I'd share the idea so everyone can get an idea on  how to avoid having cracked passwords.

Security Alphabet
A = @
B = B
C = (
D = D
E = 3
F = F
G = &
H = #
i = !
J = ]
K = {
L = 1
M = M
N = N
O = 0(zero)
P = ?
Q = %
R = R
S = $
T = +
U = U
V = ^
W = W
X = *
Y = Y

Z = >
For passwords to be secure, you want something you can remember but also something that cannot be looked up in a dictionary.
Create a phrase you can remember:
“Pigs are good” then change the phrase to the security alphabet.
Then you know it can’t be cracked from a dictionary attack.

If you need a longer phrase, then create one:
His socks are smelly
Or break it up and modify it:


I hope this helps you to develop your own password strategy, and remember.... You should change it often.

Brett Hill, CWNE#147

Friday, March 4, 2016

Converting a Light weight AP to an Autonomous AP Using TFTP

     Occasionally, one might need to perform a conversion on an access point in order to use it as a survey tool, or convert a survey AP back to a light weight AP. The problem is this: We don't always do this and it can become very easy to forget the steps needed to be successful at it.

I recently had my Cisco 2602e loaned out to someone performing RF testing on it in a lab so I had to convert a new AP so I could use it to re-survey an industrial area that made a lot of modifications since the last survey.

Lucky for me, I have plenty of people available to reach out to to trigger my memory for such things as many of us do different tasks, and some much more than others. I reached out to Sam Clements, an old friend who is always willing to lend a hand when I need him.

Here are the steps in performing the conversion and I will add the big deal breaker here that I had to get from Sam (A Mac User), the TFTP Server that comes on the Mac doesn't work for this so I used my Mac to console in with My AIR CONSOLE (Love it) and set up my Dell Laptop as a TFTP Server using 3CDaemon (a free download) as my TFTP server program.

Console into the AP using the AIR CONSOLE Bluetooth connection from the Mac
(You can replace this step with simply using the Cisco console cable if you have a serial port on your PC).

 Press the MODE button (on the access point) and hold it down then power up the AP with the button held down.

As you see the AP boot up, the screen will show "Button Pressed. Waiting for release" and you can release the button at this time and the AP will boot into ROMMON mode.

Your first step will be to format the flash by simply typing this command:
format flash:

Next, you want to set up the network with these commands:

of course you can modify the network if you wish but you have to be sure your PC acting as the TFTP server is on the same subnet.

Next, you have to initiate the flash, the ethernet port on the AP, and the TFTP capability using these commands:

These three steps have to be performed.

Next you will use the xtract function and load your new image to the AP by using the following command string:
tar -xtract tftp:// flash:

*Note: the ip address in the string is the ip address of your PC used as the TFTP Server.

*Also note that the ".tar" extension has to be shown on the file of the directory your TFTP Server is pointing to. Type in the ap image exactly as it shows in that directory or you will not succeed.

You will see the file transfer begin, and it will take a little time to do but you are well on your way.

Once the file loads, you will need to reboot the AP and it will boot with the new image.

When you get to the prompt use Cisco for the username and Cisco for the password to log in and begin configuring the AP.

Here are your steps again in order:

format flash:
tar -xtract tftp:// flash:

Hang onto this command string for future use. You'll need it.

Brett Hill, CWNE #147

Monday, February 15, 2016

Coverage Hole Detection

I was asked last week about planning for coverage hole detection in a wireless network. The gentleman said he had a really good survey (design) and the guys that did the design really did a great job with their Air Magnet software and the heat maps proved it.

His problem wasn't the overlap of cells, co-channel interference, or anything like that... His main problem was that the survey was performed at the max power level of his VoIP devices (802.11 wireless phones). In doing so, in the event a coverage hole issue was triggered, the controller was turning the nearby access points up 3dB higher than the max power of the VoIP phones and issues were arising because of it.

The solution is to really go back and re-survey at a lower power level so that when a coverage hole detection is triggered and the controller has to turn the power up on a couple of access points, the power level will not be raised above the max power of the VoIP phones.

In his case, since the installation was complete and the moving of the access points was going to be really costly, we set his VoIP phones to the "G only" setting and allowed lower data rates on the network (Nothing 11MBs and below).

The spectrum analysis showed a clean environment for 2.4GHz and the phones were the only devices using the 2.4GHz band so it worked out great and he had no more issues with his phones.

Another lesson to remember when starting a new design (survey). Always know the devices you are going to have on your wireless network before designing it, and survey at power levels below the max power level of the weakest device you are going to deploy. This prepares you for a coverage hole detection without compromising the integrity of your wireless network.

Brett Hill, CWNE #147

Wednesday, January 27, 2016

dB to mW Conversion Table

Always remember that 3dB is Half Power in either direction, and the measurements are "Relative".

View the chart below and notice there is another factor of ten (10) hi-lighted in red. This chart will help you understand the back and forth conversions. Some access points show power settings in mW and some show it in dB. It is helpful to memorize the two (2) patterns.


     10W           =          40dBm          =          10,000mW

       8W           =          39dBm          =            8,000mW

       4W           =          36dBm          =            4,000mW

       2W           =          33dBm          =            2,000mW

       1W           =          30dBm          =            1,000mW

800mW           =          29dBm                                       27dBm           =      512mW

400mW           =          26dBm                                       24dBm           =      256mW

200mW           =          23dBm                                       21dBm           =      128mW

100mW           =          20dBm                                       20dBm           =      100mW

 50mW            =          17dBm                                       18dBm           =        64mW

 25mW            =          14dBm                                       15dBm           =        32mW

12.5mW          =          11dBm                                       12dBm           =        16mW

10mW             =          10dBm                                       10dBm           =        10mW

6.25mW          =           8dBm                                          9dBm           =          8mW

3.125mW        =           5dBm                                          6dBm           =          4mW

1.56mW          =           2dBm                                          3dBm           =          2mW

     1mW          =           0dBm                                          0dBm           =          1mW

Brett Hill, CWNE #147