End-user network extention
June 19, 2005 3:55 PM   Subscribe

I'm a college student at a school that has a policy of one port per bed for network jacks. What sort of gear do I need to transparently break my port out into several wired jacks and wireless access?

I have both a desktop machine and laptop that need network access, and I would like to keep them as close to the college network as possible (ie: not behind NAT or on their own subnet or whatever). The college has a Class B IP block, and assigns students valid IPs out of that. As such, I'd like to make sure I'm using their DHCP servers and appear the same as if I'd plugged directly into the jack. My research has lead me to believe that a switch would satisfy the wired aspect of this question, but I'm at a loss when it comes to wireless. Should I get a wired switch and then connect a wireless bridge/AP to it, or should I just get a wireless router? If I go with the router, what sort of settings do I need to modify/disable/etc to use upstream DHCP servers and such? Or do I need something else entirely? Thanks!
posted by SemiSophos to Technology (11 answers total)
 
I'd get a switch and then connect a wireless access point to it. 'Cept that most colleges I've been at have a 'one IP per port' (and they make you register your MAC address) policy, which means you'd need to NAT and have your own class C behind the router, which means you couldn't use upstream DHCP. If your goal with still using the colllege network is to still be able to play games or to have an external internet connection, you can put one of the computers into a DMZ.

Make sure you protect your access point. Colleges have been known to come down hard on people who have them unprotected and use up a lot of bandwidth.
posted by SpecialK at 4:05 PM on June 19, 2005


You should be fine with just an easily available wireless router. I set up basically the same thing for my mother. (Specifically, added wireless with a $5 Linksys wireless router to an existing home network.) The biggest trick was that I had to plug the existing network into one of the regular wired jacks, not the "WAN" or "Uplink" jack on the back of the wireless router. The software configuration was all obvious, I think. Turn off DHCP, turn off NAT, and so on and so forth.

You have to make sure your school isn't doing MAC filtering or adjust for that like SpecialK said.
posted by TheOnlyCoolTim at 4:07 PM on June 19, 2005


you need a switch.

check your IT department's policies before you add a wireless access point - many schools are very strict about not letting people run them, especially if there's on-campus wireless. for that matter, they may be mad at you if you grab a regular 4-port DSL/Cable router and hook it in. (I work for a moderately large university and we'll disable your port if we find either on the network. we, however, have near 100% wireless coverage on campus.)

assuming that your school's IT dept. won't get pissy at you for having your own access point, just get a wireless bridge - NetGear makes one, Linksys has the WET-11 (and a 54mbit model too.. WET-54? I forget), and there's also the Apple AirPort Express (which has the handy benefit of being a print server and iTunes remote speaker thingy too). these are just wireless bridges - they don't route, they don't provide DHCP, and they will need to sit on a switch or hub if you want to have wired and wireless.

btw, if they do allow you to run wireless, make sure you at least use WEP on the access point - part of the reason IT depts. don't like routers and APs on their networks is because it removes the traceability of the computers connected to it, and (with APs especially) makes it easier for people who aren't supposed to be using the campus network use it.
posted by mrg at 4:12 PM on June 19, 2005


Regarding my school's policies: They discourage students from having access points, though they only prohibit open APs. They don't restrict the number of IPs or MAC addresses that can be registered on any port, though they do have a network registration system in place that keeps track of what students register what MAC addresses in one of seven VLANs. The school is just starting to deploy APs, and currently only have the library, math/cs building, and campus center covered. It'll be a while before the dorms get access.

I'm also well aware of students that have been able to get Airport Expresses up and running by disabling the "distribute IP addresses" setting in the admin utility, but that wouldn't have solved my wired needs. Thanks for the advice -- I'll grab a switch and AP.
posted by SemiSophos at 4:50 PM on June 19, 2005


I got away with hooking up a wireless router in my dorm last year. When we registered for network service, we had to run a pain-in-the-ass java app that made sure we weren't connected through a router, had their anti-virus software installed, etc. Then we were assigned a static IP address (and we could only have one) that was tied to our computer's mac address. So I set it up with my laptop plugged in to the wall jack, then after registration, I set the wireless router to clone my mac address and hooked my roommates up with free wireless goodness.

This of course violated all of the rules. It's my experience that campus tech people are busier trying to shut down the file-sharers than finding rogue wireless networks.

And if you let anyone else (roommates, etc.) make use of your (WEP protected!) wireless access, make sure you are ABUNDANTLY CLEAR that if they start using Kazaa to download crappy pop music and get caught, you'll be the one who gets busted since it'll be your IP address.

Because it's a big pain in the ass when your idiot roommate gets caught uploading "Accidentally in Love" by the RIAA. Just sayin'.
posted by katieinshoes at 4:50 PM on June 19, 2005


how about just following the rules? I'm thinking that if the policy was not to your liking you probably shouldn't have elected to attend that school..

but, I'm an old fart and don't know much anyway.
posted by HuronBob at 5:48 PM on June 19, 2005


Ah, but the problem is that the rules get changed every semester.
posted by katieinshoes at 8:45 PM on June 19, 2005


HuronBob: My education trumps network connectivity. Further, my actions are well within the school's policies (which are succinct and viewable at http://webapps.acs.carleton.edu/campus/its/accounts/policy/deal/).

The school discourages students setting up access points in order to reduce the burden on our helpdesk resulting from misconfigurations of a pure commodity. For the same reason, our telecom office doesn't support phones other than the ones provided with the rooms. Students are basically allowed to take any action on the network so long as they do not infringe upon other students' privacy or access to network resources. If a student is capable of replacing or extending a college-provided resource without requiring assistance from the college itself, he is allowed to do so.
posted by SemiSophos at 9:19 PM on June 19, 2005


You could use a wireless bridge, but if I were you I'd just go with NAT/subnet/DHCP. Linksys wireless routers make the whole process painless and idiotproof, and they will even pretend to have the same MAC number as the computer you registered with, so your provider can't know what you're doing.

Here's the one I use. Scroll down to the review by 'neurotome' for a detailed list of the features I find useful. You're going to have to secure your wireless from unauthorized use - you have a couple options with this router.

Suggest not using 802.11g because of the low interference robustness.
posted by ikkyu2 at 10:06 PM on June 19, 2005


I'm skeptical of the idea using a wireless bridge, mainly because they are typically more expensive than wireless routers while offering less functionality (which might come in handy later).

I'd suggest buying a wireless router, like a WRT45G. Before you hook it to your campus network, go into the config screen, disable DHCP, and set up wireless security. Then hook it to the LAN port via one of the 4 LAN ports on the back, ignoring the WAN port.

If you ever need to change the config, you should pull it off the LAN, and give one of your PCs a manual IP address on whatever private network the device defaults to (usually 192.168.1.X) in order to connect to the web configuration interface again.
posted by Good Brain at 10:32 PM on June 19, 2005


My apologies, your original post stated there was a "policy", I misread that.

kudos to the school for allowing this flexibility!
posted by HuronBob at 4:32 AM on June 20, 2005


« Older Strange Noise Emanating from Tungsten E   |   Buying SIM-free cell phones Newer »
This thread is closed to new comments.