Just wanted to see what everyone uses for client authentication.

We use ACL, works good for us.

We use ACL, works good for us.

2nd that

Reed

We use ACL and cloaking. Cloaking pretty much takes care of freeloaders and we use ACL to force a client to the proper tower.

ACL is MAC based authentication, correct?

Yes ACL is MAC based.

Do you guys use scripting to add/remove associations...if not isnt it a pain to manage? We do alot of add/removing/moving of associations and it just seems like it would be alot of overhead to keep up on every MAC.

We use Radius as we have about 1500 subscribers and radius talks directly to our CRM system. Managing ACL's by hand is way to inefficient with our size. I am very glad we went radius nearly from day 1.

only issue is we are stuck on V2 until radius works on V3 on Prisim.

The prism will be removed in V3. It will never make it out of beta. The results are so disappointing there is no reason to leave it in, in fact it makes us look bad so we feel we are forced to remove it.

If you need prism support then use v2 with a WRAP board.

A little off topic... does V3 support MAC authentication with the 2.4 gig atheros chipset?

Only via ACL (static list), and/or WPA (development branch).

We will be working on Radius-based ACL when we bring the new WPA-enabled Atheros driver out of beta.

The prism will be removed in V3. It will never make it out of beta. The results are so disappointing there is no reason to leave it in, in fact it makes us look bad so we feel we are forced to remove it.

If you need prism support then use v2 with a WRAP board.

After putting a V3 Atheros in place of a V2 Prism, I must agree. There is no real reason to continue Prism support into V3. I observed a 2db drop in signal with the standard WLM54G cards, but that could be boosted back to the Prism level again by installing the new WLM54AG-23 card instead. This AP has 19 connections, 3 are Star V2 with CM9, 6 are old WET11 bridges, and 10 are Realtek based CPE devices. The only issue I had was the realtek devices were constantly associating and dissassociating until I backed down the firmware a few versions then everything is fine.

This site was the first test site to try the V3/Atheros AP with the mix of old hardware. Our newest site that just went operational will have the priveledge of only WAR1 clients on it (no old junk to keep working there).

I will be working at upgrading all our APs in the coming months, but I think I will wait for the WLM54AG-23 just to keep the signal levels where we have them now.

I've been saying this and I'm pretty certain some of the wisps on the list think I was just pumping star and don't believe the diference.

I've swapped out most of my ap's to v3 atheros. There are issues and the connecting disconnecting happens to me to with some of the TT ez bridges.
Sometimes I've had to replace a few of the subs with atheros as well. Probably the busier subs.

So beware when you do start to swap out ap's, be prepared to have some extra gear to replace those subs that all of a sudden are not compatable.

It's worth the money.

The prism will be removed in V3. It will never make it out of beta. The results are so disappointing there is no reason to leave it in, in fact it makes us look bad so we feel we are forced to remove it.

If you need prism support then use v2 with a WRAP board.

Lonnie:

Have you seen less of an issue with DHCP clients not getting an address with the later versions of v3 and Atheros? We had issues with the earlier versions.

Our whole network is using DHCP at the AP and DHCP client at the customer side. We use ISC-DHCP Server for the AP so that we can have more flexibility and control, especially with being able to do static IP assignment based on the MAC.

We have continually updated the programs, so perhaps there was a deficiency in the early days, but from what I can see it is pretty stable and usable in the latest V3 releases.

Sorry, I should have been more specific. We were having problems with all of the CPE200's, CPQ's, CB3's, etc not getting addresses. It's really the only issue we have had that we can't seem to solve. It does not show up with Prism AP, only Atheros AP. Has shown up in V2 and early V3, haven't tried the latest V3. Does this problem seem to be better now?

Sorry but I have no idea if things seem better now, because we do not use CPE200's, CPQ's, CB3's, etc. Our V3 systems work just fine in client mode and that is what we use, and also what I recommend to people wanting to solve issues with CPE200's, CPQ's, CB3's, etc.

Perhaps this issue is better handled by contacting the appropriate support group for the CPE200's, CPQ's, CB3's, etc. If they cannot fix the issue then consider taking my advice and replacing them with our new Client.

Tony and myself have been running the new Client on our personal Internet feeds for a few days now. I am confident it is a solid release and will be a landmark in first release stability.

UPDATE: downloading a new linux kernel which is a highly compressed bz2 gets 1,800 KBytes/sec in routed mode with connection tracking enabled. This path is in X2 cloaked mode but there is another segment of the link that is WAR4 based in X1 mode. The speed we see is really only limited by the WAR1, and 1.8 MBytes/sec is pretty decent for a $90 unit (plus radio), especially in X2 cloaked mode.

Sorry, I should have been more specific. We were having problems with all of the CPE200's, CPQ's, CB3's, etc not getting addresses. It's really the only issue we have had that we can't seem to solve. It does not show up with Prism AP, only Atheros AP. Has shown up in V2 and early V3, haven't tried the latest V3. Does this problem seem to be better now?
A few people, including myself, have reported better success with the beta series - specifically with CPE200's and an Atheros (SR2 or CM9) AP. It is of course beta. I don't use the DHCP server in it though, but it has helped our issue with CPE200's going stupid and shutting down a whole AP with the 'N' association issue.

I have read on a recent Tranzeo mailing list(part-15.org) where it was acknowledged that there are incompatibility issues with Tranzeo prism products (CPE200's) and Atheros-based access points - including StarOS and Mikrotik.

Although I understand it is not always cost effective to upgrade a large number of customers, Lonnie's advice is the best you could get. The WAR1 clients are now about $170 for a 2.4Ghz CPE - with free shipping. This is about the same, sometimes cheaper than many of the others out there. And the improved speed and reliability will be amazing over the mix-n-match of other products.

This just seems like a good place to inject a thought.
I suspect every manufacture is tweaking their CPE products to work the best they can with their own AP's. (Or in some cases-working at all)
After all, your gear is only as good as it's reputation for performance!
-------------------
WHY?
Would we think they could or would make their products work with the rest of the world?
We all know of problems between FW versions of a single vendor.
If you bought several CPE units based on price several years ago.
Why are you upset that they don't seem to work properly with another manufs. AP's.
----------------
Why all this trying to get EOL Prism gear working with anything?
(Whats it been, 5 years now?)
-----------
I threw out a dozen very expensive Adaptive Broadband ATM units also 2 dozen $20,000 microwave units because their time came and went.

This is just plain madness.
---------
My advice FWIW:
Find a supplier that provides a product that works for your application at fair price, gives good support, and stick with them.
---------------
We have several city / village wide Hot Spot offerings and if you think you have compatibility problems try working with an "Elite Customer with an expensive APPLE LT" that won't connect to an AP 100 ft away.

Only via ACL (static list), and/or WPA (development branch).

We will be working on Radius-based ACL when we bring the new WPA-enabled Atheros driver out of beta.

Is it true the "Squeeky wheel gets the grease"?

PLEASE,PLEASE,PLEASE WE have to have a replacement for WRAPS with automated hotspot before the next big city wide order comes in.
I think SHAIGHT and I are pretty much in the same boat.
It has to be automated or we are sunk.
Anything we can do to help?
Set up accounts on our systems etc. as it looks as if you folks don't have this kind of system deployed in your backyard.

I know you are up to your butt in gators but we are really hanging on this one.
I know "It will be ready when it is ready and not a moment before" ;)

We use Radius as we have about 1500 subscribers and radius talks directly to our CRM system. Managing ACL's by hand is way to inefficient with our size. I am very glad we went radius nearly from day 1.

only issue is we are stuck on V2 until radius works on V3 on Prisim.

How much luck have you had Using V3 with Atheros and turning off the enhanced features and selecting long preamble ?
Did it help your interop problem any?

We are kind of in the same boat here.