The OSU Office of Information Technology (OIT) is working on an official
policy document for wireless networking on campus. There are already a number
of requirements which they have published, and based on these policies, we
have developed the following to address wireless networking requests on the
local network.
Some Common Acronyms
LAN = Local Area Netwwork: The infrastructure within the
local building complex comprised of network switches, cables, etc. which
provides access to other network-connected devices and the Internet.
WAP = Wireless Access Point: The device which provides
connectivity between the wired network and a wireless network. For example,
Apple's AirPort is a WAP. (For the purposes of this document, a WAP includes
true WAPs, which only serve to bridge wired and wireless networks, and
wireless routers, which interconnect two different networks.)
WLAN = Wireless LAN: The infrastructure of one or more
WAPs and devices connected to the network via those WAPs.
Wireless (a.k.a. WiFi) Limitations
Across the frequency spectrum allocated for use by 802.11b/g devices, there are
only three (3) non-overlapping channels available. It is mathematically
impossible to map three channels across three dimensions with full
coverage without two adjacent coverage areas using the same frequency. To
limit contention (a.k.a. channel interference), WAP placement must be
carefully coordinated. This is why it's not possible for just anyone to go out
and buy a WAP for use here without coordination by IT management. To allow
this would lead to sheer chaos.
There is currently no commercially viable wireless networking technology that
approaches the speed of a wired connection. The local network backbone supports
speeds of up to 100Mbps (megabits per second) and plans to upgrade the wired
backbone are in the works to move to 1Gbps (one gigabit per second). The
theoretical maximum speed of WiFi is currently 54Mbps, but the more users that
connect to a single WAP, the slower the speed gets. What's more, since our
WAPs support not only 802.11g (at 54Mbps), but also the slower 802.11b (at
11Mbps), if even one person connects to a WAP at the slower speed, all
subsequent connections to that WAP run at the slower speed for the duration of
their connections or until the slower connection is terminated, whichever
comes last.
Current Policies
Wireless connectivity within the building complex is considered an
extension to the existing network backbone, not as a means to provide
connectivity for a subset of users. A WAP may be installed to serve a group of
systems for academic purposes when the wired alternative doesn't exist
or would be impractical to implement.
All WAPs connected to the network are to be managed exclusively by
Site management must be contacted before attaching a WAP to the network,
since it's very important to determine if the installation of a WAP is even
necessary/possible, and if so, the optimal placement of the WAP. In general, it
is not efficient to limit access to a WAP to a subset of departmental users,
and depending on the particular WAP device under consideration, such limitation
may not even be possible. Assuming installation of a WAP is possible, placement
of the WAP is fixed and permanent. Anyone discovered attaching a WAP without
prior consent from
will be subject to the terms of the Enforcement clause of OSU Policy on Responsible
Use of University Computing Resources.
All wireless traffic MUST be encrypted. The currently
supported standard for wireless data encryption on the local WLAN is known as
Wireless Equivalent Privacy (WEP). Any WAP to be installed on the LAN
MUST support and enforce 128-bit WEP. What's more, WLAN users
should consider additionally encrypting their data with a second protocol,
like SSH, since WEP is currently known to have security holes which could
allow unauthorized data capturing. To maintain compatiblity with future
authentication plans, computers that are to be connected to the local wireless
network should also support the WPA protocol. This is a much more secure
protocol than WEP, and will allow management to provide for authentication
based on ECR6 username and password.
Computers must be configured to allow the operating system to manage their
wireless connections. In particular, Windows XP needs to directly manage the
wireless connection, not the software which might be provided by the wireless
card or computer manufacturer.
Operating System requirements - As mentioned, above, computers (and
wireless cards) will need to be able to handle the WPA protocol in the future.
Specifically, we will be employing what's commonly known as the "WPA
Enterprise" protocol for authentication. For Mac users, you will need to be
running Mac OS X v10.3 or better. Windows users must be running under Windows
XP with Service Pack 2 (SP2) installed.
Many WAPs support routing via Network Address Translation (NAT). Routing
of any kind is NOT permitted, except as mandated by
If you wish to have a WAP installed, it MUST
support bridging between the wired network and the wireless network. Consult
your WAP's documentation or the support mechanism(s) provided by your WAP's
manufacturer for this information.
Coverage
Our deployment plans call for covering the computing labs and various meeting
rooms around the building complex. Coverage will NOT encompass the entire
building complex. The following details where areas of coverage are currently
centered:
Ideally, an area of coverage is spherical, so access is often from a WAP
above or below you. Due to reflection or shielding contributed by certain
building materials, though, a WAP's sphere of coverage is often incomplete.
Campus-Wide Wireless
Besides the above departmental areas, osuwireless is available in and/or near
the classrooms within the building complex. This is a separate and distinct
network from the departmental backbone. Please see the cited link for details.
Access to osuwireless is typically much easier to arrange than access to the
departmental backbone. It should be noted, however, that certain resources
available on the departmental backbone are not accessible via the osuwireless
infrastructure (e.g. Windows file sharing).
Wireless Signal Visibility
If you do not see either the departmental "CBE-MSE WLAN" wireless network or
the University's "osuwireless" wireless network on your system, you will not
be able to use wireless networking, here.
Arranging Access
You will be provided with authentication instructions when your computer is
configured. To request access to the departmental backbone for your system,
please see this link. The instructions
provided for requesting access must be followed explicitly.
Access to the osuwireless system is handled solely by the Office of Information
Technology (OIT), through the Web site provided, above, under Campus-Wide Wireless.