Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Page 2 of 2 < 1 2
Topic Options
#342057 - 07/02/2011 20:28 Re: Wall-mounting a large router [Re: Dignan]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
Originally Posted By: Dignan
Fortunately I don't want to do anything extremely fancy. I want to do whatever I can to make the network solid and if you have tips on how to secure it against a dumb kid plugging in a router incorrectly that would be great. I'll be doing some QoS to limit the P2P stuff too.

I'm a Cisco person and there are others on this forum so just post. Go download Cisco CCP and ignore anything that tells you to use SDM. The basic configuration that only does routing out a single WAN connection is what you want to get going first and that shouldn't be difficult. There are best practice guides for locking down Cisco routers which you should follow.

Do you know what feature set is install? And do they have a SMARTnet maintenance contract? No contract = No support = No software updates.

Originally Posted By: Dignan
One thing I'm not certain about is the wireless access points. The customer and the architect didn't listen to me very well and decided that, in the four floors of living space, they wanted a total of seven APs. How on earth do I configure that?

Are they Cisco APs? If you've got that many then they should have gotten a WLC as well to control them all. I assume that they all connect to ethernet as a backhaul and you don't need to do bridging?

Top
#342059 - 07/02/2011 20:35 Re: Wall-mounting a large router [Re: tman]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12318
Loc: Sterling, VA
Originally Posted By: tman
I'm a Cisco person and there are others on this forum so just post.

Thanks, I really appreciate that.

Originally Posted By: tman
Do you know what feature set is install? And do they have a SMARTnet maintenance contract? No contract = No support = No software updates.

Unfortunately I don't know what you mean by feature set. Like I said, I haven't set one of these up before. Nothing special was ordered so I suppose it's standard. And no, there's no contract.

Originally Posted By: Dignan
One thing I'm not certain about is the wireless access points. The customer and the architect didn't listen to me very well and decided that, in the four floors of living space, they wanted a total of seven APs. How on earth do I configure that?

Are they Cisco APs? If you've got that many then they should have gotten a WLC as well to control them all. I assume that they all connect to ethernet as a backhaul and you don't need to do bridging?[/quote] They're all ethernet and no, no bridging I think.
_________________________
Matt

Top
#342061 - 07/02/2011 20:43 Re: Wall-mounting a large router [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
Originally Posted By: drakino
Same SSID, same security, different channels. Assuming they all connect to the same LAN, this allows clients to roam between access points.


When making sure no two waps on the same channel are close to each other, also consider waps on adjacent floors. Usually, three different channels will be enough. So, use channels as far as possible from each other. We are using ch. 1, 6, 11. That leaves you room for little adjustments later on.

For example, wap in my office corridor is on CH. 6. Because of the radio weirdness occurring in old buildings, my laptop happens to receive a stronger signal from both the floor above me and the floor below me. Both waps generating such signals happened to be on ch 11 (nobody tought that all concrete, thik walls of a 3 century old building would allow the signal to pass, and we were all wrong) and produced destructive interference. I could move one wap to ch 9 and the other on ch 12, solving the problem without creating interferences with other waps around the two involved.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#342063 - 07/02/2011 20:53 Re: Wall-mounting a large router [Re: Dignan]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
Originally Posted By: Dignan
Unfortunately I don't know what you mean by feature set. Like I said, I haven't set one of these up before. Nothing special was ordered so I suppose it's standard. And no, there's no contract.

Ew. No contract may be an issue as you've no access to updates at all without one. People use to exploit the Cisco download site by buying a support contract for the cheapest possible device and then using the access granted by that to download everything they needed but Cisco finally implemented contract specific download restrictions at the start of the year.

Cisco being Cisco, you don't get everything just by buying the box. IOS is licensed based on features and you need to get a license which means $$$. The old system was that each IOS version had an associated feature set file and you just downloaded the feature set that you needed. The new system for ISR G2 routers like this 2921 is that you just download a massive universal image and unlock the various feature sets by typing in a device specific code.

Buy a license for say the Security feature set. Cisco will give you a Product Activation Key. You go to cisco.com via web browser or directly on the router if you've already got internet connectivity and type in the PAK, SN# and PID of the device. That'll give you a Software Activation license which needs to be installed to actually turn on that feature set.

I assume that you'd want at least the Security feature set so you should check into what was actually ordered for this router before you trek over there.

The version of IOS you'll want is 15.0M and nothing with a T in it. M = Mainline aka the "stable" branch. T = Technology and its where new features get added along with new hardware support so its sometimes a bit flakey with unusual bugs.

Are they Cisco APs?

Top
#342064 - 07/02/2011 20:55 Re: Wall-mounting a large router [Re: tman]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
Oh. Its probably in the box but just in case, download the USB Console port drivers and install them on your laptop. You can get it from Cisco.com with just a registered account and no service contract.

Get a TFTP server for your laptop as well. Bring a spare CF card, CF reader and a USB stick. You shouldn't need a USB serial adapter as its got the USB console feature but its up to you if you want to be prepared.

You got any WICs, PVDMs, NMs or ISMs in this 2921? They're all different types of expansion module.

Top
#342066 - 07/02/2011 21:16 Re: Wall-mounting a large router [Re: tman]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12318
Loc: Sterling, VA
The APs are Cisco, as are the switches.

There are no expansion cards, though there might be in the future... just a switch for connecting the four lines running to each floor...
_________________________
Matt

Top
#342072 - 07/02/2011 21:42 Re: Wall-mounting a large router [Re: Dignan]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
Originally Posted By: Dignan
The APs are Cisco, as are the switches.

There are no expansion cards, though there might be in the future... just a switch for connecting the four lines running to each floor...

The advantage of a WLC is that you get centralised management, better security and more features since all the APs act as basic radios and tunnel everything back to the WLC. Make sure to configure/upgrade the APs before you mount them! You powering them using a PSU or POE?

Not sure how viable this would be for you but if you can then you should get all the hardware together before its mounted so you can work out how to configure it. Mistakes at this point would be easy to correct and wouldn't mean you trekking around the building trying to access a AP or switch thats embedded in the wall or ceiling.

I would have put a EtherSwitch module into the 2921 and skipped the extra switch in the wiring closet that the router is in. This would mainly be for space saving reasons rather than management as the ESW is managed separately even though its inserted into a router.

It'll be a good learning experience for you. Always good to have Cisco experience on the resume/CV smile

Top
#342078 - 07/02/2011 23:32 Re: Wall-mounting a large router [Re: andym]
jimhogan
carpal tunnel

Registered: 06/10/1999
Posts: 2591
Loc: Seattle, WA, U.S.A.
I've gotten the exact same 1U wall bracket from their outlet in US:

http://www.racksolutions.com/

We have 3 of their 42U racks as well. Not super-pricey and they have been great to deal with.

Jim
_________________________
Jim


'Tis the exceptional fellow who lies awake at night thinking of his successes.

Top
#342082 - 08/02/2011 00:32 Re: Wall-mounting a large router [Re: tman]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
In my experience, Cisco products come with a year's support or so, and that includes software updates. It's possible that that's changed, though.
_________________________
Bitt Faulk

Top
#342098 - 08/02/2011 03:58 Re: Wall-mounting a large router [Re: tman]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12318
Loc: Sterling, VA
Originally Posted By: tman
I would have put a EtherSwitch module into the 2921 and skipped the extra switch in the wiring closet that the router is in. This would mainly be for space saving reasons rather than management as the ESW is managed separately even though its inserted into a router.

I actually sent out an email to the guy in charge of ordering components to get a 4-port EtherSwitch card. Model EHWIC-4ESG, I think.

Originally Posted By: tman
The advantage of a WLC is that you get centralised management, better security and more features since all the APs act as basic radios and tunnel everything back to the WLC.

Ooo, very cool. I'll have to remember that for the future.

Quote:
Make sure to configure/upgrade the APs before you mount them! You powering them using a PSU or POE?

They're mounted but accessible. They're powered by PSU. How do I access the APs for configuration?

Quote:
Not sure how viable this would be for you but if you can then you should get all the hardware together before its mounted so you can work out how to configure it. Mistakes at this point would be easy to correct and wouldn't mean you trekking around the building trying to access a AP or switch thats embedded in the wall or ceiling.

Unfortunately everything is in place and installed, but fortunately there isn't anything that's difficult to access.

Quote:
It'll be a good learning experience for you. Always good to have Cisco experience on the resume/CV smile

While I'm nervous about it I'm also interested in getting in there and working on it. It'll be fun smile
_________________________
Matt

Top
Page 2 of 2 < 1 2