Welcome to the MacNN Forums.

mrgaskell · Mar 9, 2003, 08:52 PM

All righty. I convinced my school to purchase an iBook mobile lab with some grant money that popped up. So what I have is a cart of 20 iBooks, 700mhz, 20gb HDs, 256 mb RAM, Airport. Cool, huh? But I need to network them to a Cisco network that does not support the Airport base stations. I was told by the Apple Rep for the district that I could use any 802.11b WAP but due to the Cisco network proprietary protection schemes Airport won't work. The network uses a server that you have to manually set up the IP addresses (no DHCP).

Now my question is this: can I just plug the WAP in, or somehow give it an IP address that will 'move' with the cart and the WAP from room to room? Or do I have to manually set it up each time it moves? We wanted to be able to walk the cart into a classroom, plug in a WAP, and let it dole out IP's to the 20 laptops. I know our network supports WAPs 'cause they're putting new one's in all over the building next year (over the summer).

Any help, instructions, suggestions, reading materials, or websites I can visit?

Thanks guys!

jg

kampl · Mar 12, 2003, 07:50 PM

So you want to move this lab environment from place to place within your campus it sounds. Do you have to have these iBooks get access outside their local segment (whatever DHCP scope the Airport is set to hand out addresses on?). If no, I see no problem in just plugging in power to the AP and letting the iBooks hop on that network. Depending on proximity, you may run into issues with people on other wireless networks associating to your AP instead of your network engineering department's wireless deployment (people get a little ticked in that case

). If you just need connectivity between all the devices involved with the "roving lab" I don't see an issue other than that described above. You may want to consult with your engineering department and security department about all this though again.

mrgaskell · Mar 12, 2003, 08:28 PM

Actually it's a high school and this will be the only WAP (until next August). The problem is the SSID isn't broadcasted, it's using the CISCO security protocol (their version of WEP?), and the IP addresses are handed out Manually, not on a DCHP server. Could I just put in one IP address and hop around from jack to jack?

Scotttheking · Mar 12, 2003, 11:49 PM

If you've got cisco, it probably means there is someone qualified to work on networks there. Why not ask them for help?

mrgaskell · Mar 12, 2003, 11:59 PM

They are very anti-Mac and simply say "Macs aren't supported." Even though we have Mac only schools in the district, but alas, nobody seems to hear my calls for help.

Then again, the district said that "Toshiba's are not supported and cannot connect to the district network, only Dells." and "Gateway wanted to put in free labs but we told them "No" because we only want Dells." WTF?! Ahhhh! We have like 15 working computers with PII's as the most up to date for 1100+ kids!! And they're turning down free stuff!

Makes you wonder why teachers generally don't last more than 5 years. hamstring us out the gate, don't help us when we help ourselves and then blame us when we don't turn kids with crackheads for parents into Rhodes Scholars in 4 years. </rant>

Scotttheking · Mar 13, 2003, 12:14 AM

I would send a letter to the superintendent letting him know about that, explaining that IT is not doing it's job to provide the teachers with the tools that they want to use to do their jobs, that they are stifling student's educations.
Frankly, to EVER turn down offerings of free stuff is absurd. It sounds to me like someone high up is pushing a personal agenda at the expense of students.

Scarpa · Mar 13, 2003, 01:19 PM

Couple of questions:

Why do you need the students to connect to the rest of the network? Please don't say they need internet access. You have no idea the can of worms you would open by releasing 20 students at once on the net.

Why don't you request that they install one of the new WAPs on your cart over the summer? The iBooks should connect just fine to them and the IT staff doesn't need to worry about a non-standard WAP (which really is a security risk, especially if they're using Cisco WEP)

I would think you could utilize this resource just fine as an isolated network unto itself. Configure the teacher's iBook as a server so they can load up the appropriate course material as needed.

I work in government myself so I definitely feel your pain when it comes to arbitrary standards and the 'not my job' attitude. But you can make this work, I'm sure of it. You may need a prescription for Valium from your doctor when you're done though.

kampl · Mar 14, 2003, 07:27 PM

SSIDs not being broadcast doesn't seem to be an issue as you can get that information from the network admins (I don't see how they could keep it a secret if they expect people to use it other than themselves). In so far as LEAP is concerned (Cisco's wireless security implementation/802.1x implementation), Aiport cards are most certainly compatible depending on how it is configured on the access point. Here's is the Apple link confirming this Apple Knowledge Base . I can find the Cisco documentation and make that available also, but it will take me a little while to find. I have used Macs on LEAP enabled networks using an Airport card, so speaking from experience it is definitely possible.

mrgaskell · Mar 16, 2003, 10:35 PM

The real question I guess then is how do I move the WAP around to give internet access to the iBooks? Do the WAPs store IP addresses? The network is not DHCP.

Thanks!

jg

BLAZE_MkIV · Mar 16, 2003, 10:44 PM

Not having any wireless experiance the solution that comes to mind is to put the access point on the cart with a small UPS. So when you unplug the access point to go from room to room you don't have to reconfigure everything. Then when you get to the next room (or storage) just plug in the UPS and the WAPs ethernet and maybe have to reset the WAP. With just the WAP plugged in the UPS should run for hours.

aaanorton · Mar 17, 2003, 10:18 AM

Originally posted by mrgaskell:
The real question I guess then is how do I move the WAP around to give internet access to the iBooks? Do the WAPs store IP addresses? The network is not DHCP.

Thanks!

jg

To be honest, this thread seems more complicated than it should be. I am not familiar with Cisco's stuff, so I may very well be missing something.
But why not just give the Base station a static IP and set it to distribute IPs (DHCP) to the iBooks? You could assign each iBook its own IP, but that might be more difficult.

Scarpa · Mar 17, 2003, 06:38 PM

The Cisco stuff is more complicated. Basically it uses WEP with a rotating key. I don't know a whole lot more about it than that.

In answer to the question about the IP address of the WAP, yes it does store a static IP address internally. Set it once and you're done.

kampl · Mar 17, 2003, 08:16 PM

Well I guess I missed the point somewhere along the line. So it seems that since your network is not DHCP enabled, you might have an interesting time getting a list of available IP addresses for the segments you plan on plugging the AP into, being that your support people are not all that cooperative from what I gather. You could figure it out yourself with a valid IP address and an Nmap ping sweep. The rest seems easy to me.

You have your AP hand out DHCP leases and the default route to all the iBooks. You then change the static IP address and default route on the wired interface of the AP depending on what segment you are plugged into in the building(s), and PAT the wireless clients to the static address you assigned the AP to get access off the wireless segment. I said it would be easy right?

I've never really used Apple's wireless gear, but in the usually Apple style I'm willing to bet this is easier to configure than it sounds.

jdhindes · Mar 18, 2003, 06:19 AM

As a technology director for a school district in Texas, it looks like your IT department is into "control." As a former teacher in our school district, we can't EVER let our own biases and control issues in the IT department get in the way of student acheivement.

We DO let all of our students on the Internet with parent permission. By federal law, we use filtering software and monitor, monitor and monitor the internet usage. We also have a AUP (Acceptable Use Policy) that is strictly enforced.

I agree with the post that said to contact the Supt. As a former PC lover and anit-Mac user (who has recently switched), much of the anit-Mac stuff is just pure ignorance. Until I saw the Ibook working on our Windows network at school, I didn't believe it myself. Get your IT department to test an Ibook on the network themselves. It will make a "believer" out of them as it did me.

I now own a 12" Powerbook and love it--so IT people can change!

ghporter · Mar 18, 2003, 10:26 AM

The Cisco issue is its authentication scheme, not WEP. Cisco uses a proprietary "LEAP" protocol to make the wireless network more secure. LEAP stands for Lightweight Extensible Authentication Protocol, and basically limits the clients that can connect to the network to those who pass the authentication test. Here's a link to a site with some info on getting connected through a LEAP protected access point, and even better, an Apple FAQ article on the subject. Your network er, individuals (yeah, that's the right term!) may need to creat new user accounts on the wireless network, but that's about all.

What it comes down to is that it ain't really that complicated. It also comes down to people with either really detailed job descriptions (that include "don't learn anything new...") or people who are too insecure about their technical knowledge to handle something new.

I spent years in a PC only world, and I'm doing my best to learn all there is to Macs and the various MacOS versions. Why? Because the more I know, the better I can do anything. Besides, Macs are cool!