Building a Wireless Network for an Apartment Complex?

itwerx asks: "I've been asked to design a wireless infrastructure for an apartment complex. Tenants will pay an 'access deposit' and a monthly surcharge to get a PCMCIA/PCI/USB network card along with free installation and, of course, wireless Internet access. The buildings are arranged such that 2 WAP's per building should cover all the tenants (one WAP per side, far enough away to get line-of-sight through the windows). I do have a few concerns, however. All help is appreciated and when we're done we'll put up a HOWTO!"

"My concerns are the following:

• Interference between WAP's (there's several buildings) - there are enough channels if we go 802.11a but cost is a concern.
• Management of 'hitchhikers' - we're planning on manual assignment via DHCP/MAC address for tenants with others having all their HTTP requests get directed to an info page. Anybody done something different?
• Interference from WAP's and other devices that may be owned by tenants! Should we just avoid the default channel and hope for the best?!?

What other things might I need to worry about?"

well...

[ddent]

You have 3 channels with 802.11b, and you can pretend you have 4 if you have a little bit of overlap. Arrange things in a honeycomb. Also investigate the nocatauth portal. A small bit of googling will turn our lots of resources, you don't need to code this all yourself - lots of people are doing it.

Re:Hitchhikers

[elmegil]

dude, your sig is like so out of date.

Re:I would not hire you

[Spruce+Moose]

Yeah - most moderators don't seem to know the difference between "offtopic" and "troll".

Re:IPSEC

[SealBeater]

This guy doesn't need real security

That's the problem, attitudes like yours. I could care less about sniffing
traffic, that's not the point, the point is to replace WEP with something
better, and the goal isn't to stop people from grabbing credit card details,
it's to prevent Joe Hacker from having an easy leap off point to lauch attacks
against others. In addition, you don't need firewalls on the machines to
prevent traffic sniffing, ipsec tunnels set up on the boxes that pass IP traffic though
the wireless link work just as well. here
and here.

It sounds like if you had your way, he should just put up a couple of apple
airports and forget about it. What myself and others are doing is trying to
implement a reasonable amount of security when it should be implemented, at the
beginning, and not as a duct tape fix after there is an incident and this guy
has to explain why attacks were launched from his network. At any rate, the
openbsd boxes with wireless cards is still the ideal solution, both from a cost
perspective and a security perspective. There have been attacks against all
the commercial wireless access points, ranging from expensive Ciscos to
Breezecom to Linksys. The point isn't to have a totally locked down B1 and
above security implementation, it's to make it the kid with the laptop decide
to move on to Joe User's unsecured Linksys and not this guys network. I also
assume that this guy is looking for a way to keep costs low, and this is the
best way to do it. Somebody earlier mentioned Cisco Catalysts, yea
right

SealBeater

Re: WLAN for Apartment complex

[Doc+Wireless]

YIkes! First post. What happened to my paragraphing? Surely was there when I wrote it all. Apologies. Guess that's what I get for using an XP box I'm testing for a client.

Re:Can't you guys agree?

[amlutias]

you're right. if you put them all on the same channel, your throughput drops through the floor and sucks terrible ass.