Centralized administration of WRT54xx APs..

Hi,

Does it exist hardware or software to centralize admin/config of a
campus wireless network consisting of a number of WRT54xx boxes...?

Thanks for hints and comments

regards

Geir

On Thu, 12 Apr 2007 12:44:12 +0200, Geir <(E-Mail Removed)> wrote in
<(E-Mail Removed)>:

>Does it exist hardware or software to centralize admin/config of a
>campus wireless network consisting of a number of WRT54xx boxes...?
>
>Thanks for hints and comments

What's wrong with just connecting to their admin screens at their
different IP addresses? Or are you looking for something more robust
and automatic? Then why not enterprise-grade gear that features central
admin and other features designed for enterprise-grade networking?
I strongly advise _against_ cheap consumer-grade gear for something like
that -- TANSTAAFL!

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

John Navas skrev:

> What's wrong with just connecting to their admin screens at their
> different IP addresses?

I have 15 devices, and it's a pain to maintain config changes by logging
into each one of them...

> I strongly advise _against_ cheap consumer-grade gear

Well, the WRT54xx series aren't the 'worst' cheapo WL equipment that
have been made...?

/geir

On Thu, 12 Apr 2007 18:53:48 +0200, Geir Holmavatn <(E-Mail Removed)>
wrote in <(E-Mail Removed)>:

>John Navas skrev:
>
>> What's wrong with just connecting to their admin screens at their
>> different IP addresses?
>
>I have 15 devices, and it's a pain to maintain config changes by logging
>into each one of them...
>
>> I strongly advise _against_ cheap consumer-grade gear
>
>Well, the WRT54xx series aren't the 'worst' cheapo WL equipment that
>have been made...?

They are nonetheless consumer-grade, and (IMHO at least) unsuitable for
enterprise-grade service. (The cost of dealing with consumer-grade
devices in an enterprise environment will usually overwhelm the purchase
cost savings. You're already running up such cost.) If you must use
them, then I suggest you look into running DD-WRT firmware (if you have
supported models), which may give you what you want.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

John Navas skrev:

> They are nonetheless consumer-grade, and (IMHO at least) unsuitable for
> enterprise-grade service. (The cost of dealing with consumer-grade
> devices in an enterprise environment will usually overwhelm the purchase
> cost savings. You're already running up such cost.) If you must use
> them, then I suggest you look into running DD-WRT firmware (if you have
> supported models), which may give you what you want.
>
I already run DD-WRT firmware on each of them. And this is in a
boarding school's dorm areas, which I do not classify as enterprise
level. Nevertheless, as of the feedback here I assume that there does
not exist any centralized admin solution for this range of wireless
devices....?

Thanks anyway ;-)

/geir

On Thu, 12 Apr 2007 20:22:35 +0200, Geir Holmavatn <(E-Mail Removed)>
wrote in <(E-Mail Removed)>:

>John Navas skrev:
>
>> They are nonetheless consumer-grade, and (IMHO at least) unsuitable for
>> enterprise-grade service. (The cost of dealing with consumer-grade
>> devices in an enterprise environment will usually overwhelm the purchase
>> cost savings. You're already running up such cost.) If you must use
>> them, then I suggest you look into running DD-WRT firmware (if you have
>> supported models), which may give you what you want.
>>
>I already run DD-WRT firmware on each of them. And this is in a
>boarding school's dorm areas, which I do not classify as enterprise
>level.

I would, just as I would for pretty much any business that could be
impacted by wireless networking issues. As the car commercial goes,
"pay me now or pay me later," where later tends to be much more
expensive than now.

>Nevertheless, as of the feedback here I assume that there does
>not exist any centralized admin solution for this range of wireless
>devices....?

Not that I know of.

>Thanks anyway ;-)

You're welcome.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

Geir Holmavatn <(E-Mail Removed)> hath wroth:

>I already run DD-WRT firmware on each of them. And this is in a
>boarding school's dorm areas, which I do not classify as enterprise
>level.

DD-WRT support SNMP (simple network management protocol).
SNMP is the basis of most (not all) management systems.
All of these are "centralized" in that they can be used from a central
management server (for data and statistics collection) or configured
from anywhere. Note that the server is most commonly runs Linux (for
stability).

I suggest that you research HP OpenView, Unicenter TNG, OpenNMS,
Nagios, Net-SNMP, Pandora, etc. I've used GetIF, MRTG, PRTG, RRDTool,
and Nagios extensively.
<http://en.wikipedia.org/wiki/Category:Open_source_network_management_software>
<http://www.simpleweb.org/software/> (SNMP based software)
<http://dmoz.org/Computers/Software/Networking/Network_Management/>

It might also be useful to become familiar with SNMP on DD-WRT:
<http://www.dd-wrt.com/wiki/index.php/SNMP>
If you just want to try SNMP, I suggest GetIF:


>Nevertheless, as of the feedback here I assume that there does
>not exist any centralized admin solution for this range of wireless
>devices....?

Lack of evidence that something exists only means your searching in
the wrong place. Google returns huge numbers of hits for "network
management". Incidentally, there's nothing unique about manageing a
wireless system with SNMP. To the software, it's just another managed
SNMP box.

Also try asking in:
news:comp.dcom.net-management

You didn't bother specifying why you need central "management". Most
of the features and functions can be "controlled" using the build in
web based interface. Only the traffic monitoring, statistics, and
data collection will require SNMP. Such data, usually in the form of
graphs, is invaluable for troubleshooting and fault isolation.
However, I don't see a boarding skool network running an unspecified
number of access points as being sufficient large to justify a
dedicated management server or workstation. My guess(tm) is that you
would need about 20 or more managed boxes (AP's, switches, modems,
routers, servers, etc) to justify the learning curve for a real
network management system.


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Thu, 12 Apr 2007 11:49:49 -0700, Jeff Liebermann
<(E-Mail Removed)> wrote in
<(E-Mail Removed)>:

>Geir Holmavatn <(E-Mail Removed)> hath wroth:
>
>>I already run DD-WRT firmware on each of them. And this is in a
>>boarding school's dorm areas, which I do not classify as enterprise
>>level.
>
>DD-WRT support SNMP (simple network management protocol).
>SNMP is the basis of most (not all) management systems.
>All of these are "centralized" in that they can be used from a central
>management server (for data and statistics collection) or configured
>from anywhere. Note that the server is most commonly runs Linux (for
>stability).
>
>I suggest that you research HP OpenView, Unicenter TNG, OpenNMS,
>Nagios, Net-SNMP, Pandora, etc. I've used GetIF, MRTG, PRTG, RRDTool,
>and Nagios extensively.
><http://en.wikipedia.org/wiki/Category:Open_source_network_management_software>
><http://www.simpleweb.org/software/> (SNMP based software)
><http://dmoz.org/Computers/Software/Networking/Network_Management/>
>
>It might also be useful to become familiar with SNMP on DD-WRT:
><http://www.dd-wrt.com/wiki/index.php/SNMP>
>If you just want to try SNMP, I suggest GetIF:


He specifically said (wrote) "administration". SNMP is primarily
"monitoring", at least with regard to DD-WRT -- no? I'd be surprised if
DD-WRT supported SNMP for the kinds of things that come to my mind with
regard to "administration" (e.g., reconfiguring traffic shaping).


>>Nevertheless, as of the feedback here I assume that there does
>>not exist any centralized admin solution for this range of wireless
>>devices....?
>
>Lack of evidence that something exists only means your searching in
>the wrong place.


I'd say _may_ mean. Sometimes it may simply not exist.


>Google returns huge numbers of hits for "network
>management". Incidentally, there's nothing unique about manageing a
>wireless system with SNMP. To the software, it's just another managed
>SNMP box.
>
>Also try asking in:
>news:comp.dcom.net-management
>
>You didn't bother specifying why you need central "management". ...


Or more importantly, what specific tasks are encompassed in that
definition of "management".

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

On Thu, 12 Apr 2007 19:01:58 GMT, John Navas
<(E-Mail Removed)> wrote:

>He specifically said (wrote) "administration". SNMP is primarily
>"monitoring", at least with regard to DD-WRT -- no?

No. SNMP can be used to write to the router, change settings, run
initial setups, and do all manner of "write" type of functions. There
are two SNMP community names (passwords). One for read and one for
write. Also, my idea of "administration" includes fixing problems,
not just monitoring. I do it all the time, mostly using GetIF 2.3.1.
<http://www.wtcs.org/snmp4tpc/getif.htm>
Not the most user friendly, but good enough for quick tweaks.

>I'd be surprised if
>DD-WRT supported SNMP for the kinds of things that come to my mind with
>regard to "administration" (e.g., reconfiguring traffic shaping).

Suprise. Go to:
Administration -> Services -> SNMP
Note that it show RO (read only) and RW (read write) community names
(passwords).

Incidentally, SNMP is my favorite way of breaking into servers and
systems. Most admins enable SNMP but leave the community names at the
defaults resulting in a wide open back door (or perhaps front door).
Even those that should know better manage to screw it up:
<http://www.cisco.com/warp/public/707/cisco-sa-20050202-ipvc.shtml>
<http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=5166>
(etc...).

>Or more importantly, what specific tasks are encompassed in that
>definition of "management".

Yep. My idea of management is troubleshooting and traffic analysis
(i.e. reports). Someone else may be into initial configuration and
setup (provisioning). Others may use it for inventory control,
capacity planning, resource optimization, and justifying one's job.
I've done all of these and more with SNMP.

MRTG for Windoze 95, 98, and ME:
<http://www.LearnByDestroying.com/mrtg/docs/w95mrtg.htm>
Old, but still works.

--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558 (E-Mail Removed)
# http://802.11junk.com (E-Mail Removed)
# http://www.LearnByDestroying.com AE6KS

On Thu, 19 Apr 2007 02:08:44 +0100, "Forster Tuncurry"
<(E-Mail Removed)> wrote in <(E-Mail Removed)>:

>"John Navas" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> On Thu, 12 Apr 2007 12:44:12 +0200, Geir <(E-Mail Removed)> wrote in
>> <(E-Mail Removed)>:
>>
>>>Does it exist hardware or software to centralize admin/config of a
>>>campus wireless network consisting of a number of WRT54xx boxes...?
>>>
>>>Thanks for hints and comments
>>
>> What's wrong with just connecting to their admin screens at their
>> different IP addresses? Or are you looking for something more robust
>> and automatic? Then why not enterprise-grade gear that features central
>> admin and other features designed for enterprise-grade networking?
>> I strongly advise _against_ cheap consumer-grade gear for something like
>> that -- TANSTAAFL!

>"enterprise-grade" gear have some of the easyest flaws to exploit.

Consumer-grade gear tends to have both more and more serious flaws than
enterprise-grade gear. One of the worst examples is the badly misnamed
"DMZ" feature, a gaping security hole, not a real DMZ.

>It's easyer to connect to the local gov office then the kid down the road
>that knows how to lock down his linksys.

That would only be due to incompetent administration, not the
enterprise-grade. Properly administered, enterprise-grade gear is far
more robust and secure than consumer-grade gear.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>