Wireless Bridge Question(s)

pitviper

OK, so we have a wireless link from building A to building B (approximately 50 yards across a parking lot). Need some pointers as to the best way to secure the traffic over the wireless. I’m thinking site-to-site VPN – good or bad? The wireless gear is already in place and working – that’s the good news. The bad news that we’re in the middle of a rip and replace project (voice and data) and we don’t have the login credentials for the bridges so I’m thinking that we’ll need to wipe the configs and reset them up from scratch - I've setup plenty of 1131 APs, but never configured a 350 bridge.

tiersten

The site is okay with the BR350 doing the link? They're only 802.11b devices so that link isn't going to be particularly fast. I'd replace them with a 1131 or a 1242 personally

I've used a site to site VPN link for a WiFi bridge before. Worked fine.

pitviper

Going to setup an intermediary network between the 2 ISRs, and test out an IPSec tunnel between the 2 sites.

pitviper

tiersten wrote: »

The site is okay with the BR350 doing the link? They're only 802.11b devices so that link isn't going to be particularly fast. I'd replace them with a 1131 or a 1242 personally

I've used a site to site VPN link for a WiFi bridge before. Worked fine.

Can I bridge a couple of standard 1131s? Hmmm, If so, I may actually replace them (assuming that I don’t have to modify the antenna connector). Worst case the 350s will be a trial run

I’m a little concerned about the crappy link + VPN overhead + some voice traffic (not much though).

pitviper

OK scratch that - No external antenna connectors on the 1131s

tiersten

pitviper wrote: »

Can I bridge a couple of standard 1131s?

You should be able to. The autonomous APs can do AP or root bridging. You don't really want workgroup bridging.

pitviper wrote: »

Hmmm, If so, I may actually replace them (assuming that I don’t have to modify the antenna connector). Worst case the 350s will be a trial run

Does the 1131 actually have an external antenna socket? I know the 1242 does but I've never really looked that closely at a 1131.

jason_lunde

pitviper wrote: »

Can I bridge a couple of standard 1131s? Hmmm, If so, I may actually replace them (assuming that I don’t have to modify the antenna connector). Worst case the 350s will be a trial run

I’m a little concerned about the crappy link + VPN overhead + some voice traffic (not much though).

Ahh, you can test your QoS skills

nc30_uk

If you're looking to buy new hardware then the Cisco 1310 AIR-BR1310 i think is the product for the job however in all honesty it won't really function any differently to a 1242.

You will find them with an intergrated patch antenna (Mid Range) or if you buy the -R version then you can attach an external antenna using an RP-TNC connector something like a AIR-ANT1949.

I've used 2x1310 with 2xAIR-ANT1949 and had 36Mbps over a 1 - 1.5Km link under ETSI configuration with is only 50mW max, mounted 2.5 Meters above ground. In the US you can use 100mW i believe in 2.4Ghz.

The setup is the same as any other AP except they both need to use the same channel and share the same SSID and Security requirements.

You then configure one as the root bridge and one as the non-root bridge.

The configuration is the same if you use the 1242 - except they'll need to be indoors and the antenna outdoors, and you'll connect the single antenna to the RP-TNC port labelled primary and leave the other unused (when both are used it's call diversity mode and no applicable here). You can get extention cables - but keep them as short as possible as they'll introduce loss.

HtH
Marc.:D

pitviper

jason_lunde wrote: »

Ahh, you can test your QoS skills

Piece of cake

It’s actually a group of 4 offices linked together (all running CME). The good news is that I converted 2 of the sites already and tested the QoS on the serial links as well as through the ISPs backbone (they actually have it setup correctly and are not trashing our tags ). The 11MB link will be like setting up QoS on a freeway!

pitviper

Awesome, thank you much for the input!

The current setup has Cisco Yagi antennas mounted on the roof @ each location, with the bridges mounted in the building attics (unfinished of course) and feeds running down to the network racks. I’m going to re-configure the wireless piece as it is now, and look at possibly upgrading the bridges down the road.

tiersten

pitviper wrote: »

The 11MB link will be like setting up QoS on a freeway!

The freeway isn't quite as big 11Mb is the raw signalling rate. You only get about 5-6Mbps out of a 802.11b link assuming only 1 client and no interference.

pitviper

tiersten wrote: »

The freeway isn't quite as big 11Mb is the raw signalling rate. You only get about 5-6Mbps out of a 802.11b link assuming only 1 client and no interference.

hehehe, still better than a 768k serial link! At least I don't have any of those this time (don't ask)!

pitviper

Got the wireless link and IPsec tunnel over the bridge working with relative ease tonight. No problems at all with the added overhead and voip traffic. Have a weird problem with router generated packets (netflow) not being encrypted over the link but it's no biggie for now. Thanks again for the help!