Wireless / networking gurus please help!

Thanks in advance. I haven't really screwed anything up, but I'm not sure I'm getting it right, either. Here's what I have (I didn't set it up):

• ASUS wireless router with DD-WRT - this is my main admin wireless for my timing and scoring system. It's broadcasting a secured network and is shown as being in bridge mode.

• (2) TRENDnet WAPs. These are connected to the main router via ethernet. They are set up to have an open, unsecured network to allow users to see our live timing. We're going a different route and the open network is no longer desired.

What I want to do:

• Delete the open network and repurpose the WAPs as range extenders for the existing secured network.

I'm not all that up on terminology so I'm getting lost. I ran one of the WAPs through the TRENDnet setup wizard and it's working... BUT, it's showing as a separate wifi source. What I want is to have all 3 operate together under 1 network name.

Do I need to set the WAPs up as repeaters? I can do that through the admin page easily enough. But is that how it should be configured if it's hardwired to the main router? Thanks.

EDIT: Here's a link to a control panel emulator for the WAP.

If I understand correctly, the problem is that you're seeing APs showing up under different names. The solution is to set up every AP with exactly the same name, encryption type and authentication (if not open). Your devices should auto select from any available AP, favoring the strongest.

In reply to Mike:

OK, if it's as simple as that, cool. Thanks.

EDIT:

But won't that just make 3 networks with the same name show up? Or do I just turn off broadcasting on the 2 WAPs?

Anybody else have input? Is it really that simple?

Thanks.

I'd suggest having the repeaters also repeat the MAC address from the main router:

Repeater Mode Support = Enable
Repeater MAC Addr. (Enter MAC from Asus Router)

That way, your wireless clients will think it's one big network.

MCarp22 wrote: I'd suggest having the repeaters also repeat the MAC address from the main router: Repeater Mode Support = Enable Repeater MAC Addr. (Enter MAC from Asus Router) That way, your wireless clients will think it's one big network.

Yeah, that's how I have them configured. Thanks.

Do I turn off network name broadcasting on the WAPS, or leave it on and just make it the same as the main router?

Duke wrote: Do I turn off network name broadcasting on the WAPS, or leave it on and just make it the same as the main router?

That will depend on how far you want the network broadcasting the SSID. Unless I'm mistaken, leaving it off means that new connections would have to be made within range of the main AP, then once connected they could move to the coverage provided by one of the repeaters. With it on, it's one big network.

MCarp22 wrote:

Duke wrote: Do I turn off network name broadcasting on the WAPS, or leave it on and just make it the same as the main router?

That will depend on how far you want the network broadcasting the SSID. Unless I'm mistaken, leaving it off means that new connections would have to be made within range of the main AP, then once connected they could move to the coverage provided by one of the repeaters. With it on, it's one big network.

Yeah, I want it to appear as one big network, so it's good if the broadcast range is wide. What I don't want is 3 different but apparently-identical networks showing up in device lists. Thanks again for the help.

+1 for what Mike said. I wouldn't clone MAC addresses though, that helped in the early days of WiFi when a lot of devices had no concept of AP roaming/automotic switching but these days I think it causes more problems than it solves.

GameboyRMH wrote: +1 for what Mike said. I wouldn't clone MAC addresses though, that helped in the early days of WiFi when a lot of devices had no concept of AP roaming/automotic switching but these days I think it causes more problems than it solves.

So, repeater or not? Since they're cabled together, they don't actually need to do wireless repeating... I just want them to behave like 1 big network.

Is it really as simple as naming all 3 the same thing?

EDIT: Sorry for requiring this laid out in small words.

If they're wired together, you don't set them as a repeater...and it's very nearly as simple as giving them all the same AP name & security setup. You also need to make sure that DHCP is disabled on the secondary routers. You make the wired connections through the LAN ports.

Edit: And just to spell everything out, you need to make sure the secondary routers have different IP addresses than the primary, but in the same subnet (for virtually all consumer routers, this means just the last number should be different) and not in the primary's DHCP range.

Thanks. I manually set the WAPs' IPs so I could get directly to them easily. This was how the guy who set them up had them. The laptop is 10.10.10.10, the router is 10.10.10.1, the WAPs are .2 and .3.

I'll make sure that DHCP is off on the WAPs. Thanks again.

You don't want DHCP to hand out the WAP admin addresses to wireless clients. You should verify DHCP config.

Ideally, for security, WAP config would not be exposed to the client wireless network.

Yeah, all the configs are on a separate password, if that's what you mean.

In reply to Duke:

That is certainly good, but I mean a separate network, so you can't even get to the admin interface from a wireless client. The degree to which this is a benefit has a lot to do with whether your network is open, and how much you trust your network clients. If you are running an open public Wi-Fi access point in a high traffic area, it is very important. If this is just to improve coverage around your house, you're using WPA2, and all clients are friends and family, it probably isn't worth the bother. The degree to which this is even possible has a lot to do with the feature set of your equipment.

I was assuming all clients are trusted...even so, the guest wireless network at my office is wide open and clients can hammer away at the HTTPS and SSH admin logins all they want. Strong passwords and a little tarpitting have kept them out for at least 6 years now.

Mike wrote: In reply to Duke: That is certainly good, but I mean a separate network, so you can't even get to the admin interface from a wireless client.

I wouldn't even begin to know how to do that.

Mostly clients will be trusted. They'll either be using our own equipment, or they'll be people we know using their own tablets or phones. It's for the T&S network volunteer at our events - it's not likely to come under much in the way of an attack. Of course, anything's possible.