A Tale of Two Wi-Fis - A Guest Blog by Devin Akin

A Tale of Two Wi-Fis - A Guest Blog by Devin Akin

By CWNP On 06/21/2013 - 16 Comments

Often I (Devin) get the question, “Can two Wi-Fi systems be co-located beside each other peacefully?” Absolutely. This may be the case when performing a Wi-Fi system upgrade, vendor changeover, or well…you just happen to think that having different Wi-Fi vendors play different roles in your Wi-Fi network is cool.  Whatever your reason, there are some specific items to be aware of when it comes to installing two disparate Wi-Fi systems side-by-side.

Radio Resource Management (RRM)
One system should have its channels and power statically configured, and the other system should have its channels and power statically configured or could be configured for automatic operation.  What you don’t want is both systems to be configured for automatic operation because they have the potential for constant readjustment.
Least Common Denominator (LCD)
With Guest Management, BYOD, or even Fast/Secure Roaming (e.g. Voice-Enterprise or OKC) features, you may have to go with Least Common Denominator features between the two systems to avoid confusing users (e.g. Guest Management or BYOD on-boarding) or to avoid incompatibilities (e.g. Fast/Secure Roaming).  Once one of the systems has been removed, then it’s advisable to enhance these LCD features to the best available features within the remaining Wi-Fi platform.
Wireless Intrusion Prevention System (WIPS)
Either disable the WIPS feature in both platforms or configure each platform so that the other platform’s APs are authorized.  Since both systems will be connected to the wired infrastructure, each system will see the other system’s APs as rogues unless they are configured as authorized.  This is typically easiest by importing a list of each system’s BSSIDs into the other system.
Fast / Secure Roaming (FSR) with WPA2-Enterprise
It’s important to understand that when a WPA2-Enterprsie client roams between the two systems, the first roam will be a slow roam, meaning that the 2nd system will authenticate the client against RADIUS because it will consider the authentication to be an Initial Mobility Domain Authentication (IMDA).  Thereafter, every roam between the two systems will be a fast/secure roam as long as its roams do not exceed the cache timers of each system. Cache timer configuration typically depends on organizational security policy, but if unrestricted by policy, can be set to ~36 hours to yield “work week” access (which would time out over weekends) or ~72 hours to yield “never times out” access if a worker is expected to continually roam between systems.
Separate Buildings
It’s always good to physically separate Wi-Fi systems where possible.  This separation is best accomplished by placing System-A in one building and System-B in another building.  If you’re going through a system upgrade or have simply chosen another vendor for whatever reason, this is the best approach.  It typically avoids the bulk of RRM, WIPS, and FSR issues, though you are still likely to deal with LCD issues.  During a system swap-out or refresh, simply move/consolidate System-A into some buildings and System-B into some buildings and manage accordingly, and allow the physical separation between buildings help with roaming issues (which will be slow anyway), and RRM & WIPS issues (as the systems are unlikely to hear each other over the air).
All of these tips discount the fact that you will have to manage each system separately, which should be obvious. To some folks, this is no big deal, and in fact, is recommended by most vendors over having a single system (from any vendor) that manages its native system plus a lackluster job of managing a foreign system (e.g. from another vendor).
I hope you’ve found this helpful.  If you know of other “gotchas”, please leave comments.  These are just the items that rear their ugly head all of the time for me.  I’m definitely interested in your thoughts!
Devin Akin Chief Wi-Fi Architect Aerohive Networks Tagged with: WIPS, RRM, Multiple wifi, WLAN vendors

16 Responses to A Tale of Two Wi-Fis - A Guest Blog by Devin Akin

Subscribe by Email
riya roy Says:
09/21/2018 at 02:52am
good article

bulby mathew Says:
09/18/2018 at 06:56am
I am thankful for sharing the details with us as I have been searching for this piece of data. The comment section under the article help to know the public response easily. I am grateful for sharing it with us. Thanks for the share. cheap cable

Aatma Aatma Says:
09/10/2018 at 02:16am
Paper Wreck matched after textual content among Edward Cooke's book. Photograph: North Carolina Department on Natural or Cultural Resources.

bulby mathew Says:
09/07/2018 at 07:39am
Many people have this doubt I think. I think those who are reading the blog will get some information about the wifi and related information. The specifications seem to be informative. Keep share more. internet explorer not responding

Maria Heels Says:
08/09/2018 at 03:46am
Thank you for sharing the post. Glad to find the information.
instagram search

shell shockers Says:
07/31/2018 at 04:47am
Thank you for sharing this useful information, I will regularly follow your blog
the impossible quiz

Martin nathin Says:
07/30/2018 at 06:21am
Love to use Link

Maitri Shah Says:
07/30/2018 at 04:40am
Your site has a lot of useful information for myself. I visit regularly free gift codes generator

Kane Rana Says:
06/04/2018 at 07:22am
These days WiFi devices really being helpful in your homes or office for high speed networking. The peoples can use my bestwritingclues.com to get the latest WiFi devices in cheap rates which gives you best working speed. I am really motivated form this blog so i will suggest this to others.

Kane Rana Says:
06/04/2018 at 07:20am
I love Chacha for getting new vides

anil yadav Says:
05/19/2018 at 22:35pm
Endless reverse moves allowing you to try different methods to win your windows 10 font to your lovely lappy...

Sara Marchetti Says:
01/19/2018 at 03:12am
Thanks for taking the time to discuss this, I feel about it and love learning more on this topic.
If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me.

bruno Mars Says:
01/14/2018 at 05:42am
From here you can get 100% safe and secure place where you play free online sonic games without any regstration.

Howard Higgins Says:
07/02/2013 at 13:08pm

The separate buildings suggestion seems like it should apply to 802.11ac AP's versus .11a/n systems too.   Even if they are from the dame vendor.
Won't that hinder the acceptance of  .11ac ?

Glenn Cate Says:
06/21/2013 at 09:34am
Devin (and Tom...)  Great blog and timely, as I'm working with my daughter's high school to do a Wi-Fi uplift this summer and parts of the existing Wi-Fi system might be retained.  (btw, our vendor choice is well-known to Devin!!)  We will certainly incorporate your thoughts and add any 'gotchas' we find during deployment.

<< prev - comments page 1 of 1 - next >>

Leave a Reply

Please login or sign-up to add your comment.
Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.

Read More

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.

Read More

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.

Read More