eHelp
A. Wireless technology is the ability of computing devices to communicate on a network without the need of a physical connection to that network. Wireless networking services are now offered on-campus by I&IT using the 802.11b Wireless Local Area Network technology (WLAN), also known as "Wi-Fi." The WLAN technology allows for personal computers and other computing devices to communicate using Internet protocols over a short-range wireless radio link (2.4GHz). This will allow individuals to quickly establish connectivity with the Internet without the constraints of a network jack or fixed position.
However, wireless networking has its limitations. The 802.11b standard supports up to 11Mbps of bandwidth per "access point." An access point is a fixed wireless transceiver unit that connects the wireless computers to the wired network. Although the wireless communication speed has the ability to reach 11Mbps, more realistic speeds are within 3 - 6Mbps per access point. This makes wireless less desirable for permanent connections or any applications where network performance is critical. Because each access point is a "shared" connection, the bandwidth available is split up among the wireless client users. Consequently, the more people using a single access point at a given time, the less responsive the network will be for each user.
The campus currently supports 802.11g and 802.11b concurrently in over 90% of our current wireless infrastructure. There are no 802.11n access points (well, none that are enabled) on campus since 802.11n is still in a draft state. However, it should be approved soon, and will be utilized by the new Aruba wireless equipment that is presently being installed (e.g.: Bldg. 3 will be 802.11b/g/n compliant once the standard becomes ratified).
For more details on wireless local area network standards, visit http://en.wikipedia.org/wiki/IEEE_802.11.
Q. What are the benefits/limitations of using Wireless?
A. Because of the limited bandwidth and shared connection, wireless is best used by portable computers that need network access in various locations. However, it does provides sufficient bandwidth for web browsing, "light" file transfers (be courteous to your fellow users), email communication and remote terminal access connections.
Wireless is not ideal for desktop computers at fixed locations or for servers of any kind. It is not useful for applications that require lots of bandwidth, a constant stream of data or low packet latency. Some computing services that are NOT ideal for wireless use are streaming video, streaming audio, heavy or intense file transfers and graphical virtual consoles. Also, any applications that should operate over a secured network should not use a wireless connection to the network. Using an un-encrypted remote system administration console is a good example and should be physically connected to the network.
There are actually quad-standard cards that now support 802.11a/b/g/n concurrently. We currently have no plans to roll out 802.11a. Once 802.11n gets ratified, we will offer that service wherever we have access points that support it (only Aruba access points).
For more details on wireless local area network standards, visit http://en.wikipedia.org/wiki/IEEE_802.11.
A. The University has been using 802.11b and 802.11g for a few years now. 802.11n is coming within the next year or so. For authentication, we are currently using LEAP, PEAP and EAP-FAST on any of the access points. Most clients should be able to use PEAP, and possibly EAP-FAST out of the box. Some clients come with LEAP built-in (e.g.: Intel ProSet wireless for Centrino laptops). While LEAP is still supported for legacy setups, we recommend using EAP-FAST if available, and if not, PEAP should be sufficient. LEAP will probably be phased out due to the supplicant requirements and security vulnerabilities.
For more details on wireless local area network standards, visit http://en.wikipedia.org/wiki/IEEE_802.11.
Q. Why is the University using wireless authentication; why is security such an issue?
A. Wired networks are typically more secure than wireless environments due to the fact that an individual must physically plug his/her computer into a wall jack in order to use the service (i.e. browse the web). With a wireless network, the network signal is transmitted in the air; thus, posing a greater risk of abuse. Network administrators must take the proper steps to prevent unauthorized users from gaining access to the network.
Wireless networking at Cal Poly Pomona can be encrypted using session based keys over the wireless link. The only legacy access points that are not managed by I&IT are in the Collins School; all other access points are unauthorized.
The wireless network currently supports the following authentications methods over the CPP SSID: LEAP, PEAP and EAP-FAST.
Additionally, the following encryption methods are supported over the CPP SSID: WEP (dynamic) and WPA-TKIP. Currently, the campus access points do not support WPA2 (AES encryption).
The Aegis client has not been in use for a few years now, and is no longer supported by Cisco. Most clients should support EAP-FAST or PEAP natively, and shouldn’t require a 3rd-party supplicant for authentication.
For information on how to install non-Cisco cards involving Aegis, contact the Help Desk. Submit a Help Desk ticket or stop by the I&IT Help Desk with your Bronco Access Card or another photo ID so we can better assist you. The I&IT Help Desk is located in Building 1, Room 100. It is open from Monday - Thursday, 7:30 AM - 6:00 PM and Friday, 8:00 AM - 5:00 PM (excluding state holidays).
Q. Is the wireless card that came with my laptop compatible?
A. The wireless card that came with your laptop will most likely work within the Cal Poly Pomona wireless environment. However, the card must support, at minimum, 802.11b and 128 bit WEP standards. Higher speeds and better encryption can be supported via 802.11g and WPA with authentication. WPA2 may become available in the near future once the Cisco wireless system has been phased out.
To learn more about the wireless requirements see Wireless Access Requirements at http://www.csupomona.edu/~ehelp/wireless/requirements.html.
Q. I have already purchased my wireless card; will it work on the wireless network?
A. Refer to the above question.
Q. What type of wireless card should I use?
A. Most wireless cards will work with the Cal Poly Pomona wireless network. The following are a few of the cards that the I&IT Help Desk has tested successfully with the wireless network.
Most wireless cards can authenticate onto the network without the help of a special client. LEAP authentication is not required. Most clients natively support PEAP and EAP-FAST. If your wireless card supports PEAP and EAP-FAST authentication, you do not need to download a client.
Q. Who provides wireless services?
A. I&IT operates, installs and maintains the campus' wireless network. We do the same for the wired network.
There are some wireless networks on campus that pre-date the campus-wide coordination initiative. These networks are currently operated by departments that performed the initial installation, but are subject to coordination by I&IT Systems. Because of the potential for radio interference, roaming complications, security and network service interruptions, it is no longer permissible to install wireless network technology on campus, except through I&IT Systems and I&IT Networks coordinated/operated projects.
Q. Can I run my own wireless service?
A. Unless approved by I&IT, no. Unauthorized networks will be disconnected.
Q. Who configures the clients?
A. The client desktop owner or organization/user is responsible for client configuration. However, there are online Wireless Access Configuration Guides provided on eHelp.
Additionally, the Help Desk is available to assist you. Submit a Help Desk ticket or stop by the I&IT Help Desk with your Bronco Access Card or another photo ID so we can better assist you. The I&IT Help Desk is located in Building 1, Room 100. It is open from Monday - Thursday, 7:00 AM - 6:00 PM (excluding state holidays).
Q. Who manages the wireless networks?
A. I&IT Systems manages the authentication and network data. I&IT Projects & Services manages the wire plant and infrastructure.
Q. Where is the service available:
A. Please refer to the Coverage Area web page for this information. Maps will be published for areas covered by productions systems.
Q. What about off-campus visitors?
A. Only people who have intranet accounts and have configured a network password will have access to the system. For official visitors of the University who need access, temporary authentication is not available at this time. We do offer the GUEST SSID for un-authenticated and un-encrypted connections with limited connectivity anywhere that Cal Poly wireless is available.
Q. Is there support for my operating system?
A. On the Intel platforms, we support Windows 2000 and Windows XP. For Macintosh, we currently support Mac OS 9.x and 10.1 through 10.4.
Q. My department wants to add access points. How do I do this?
A. Start with a work order at https://win.webdev.csupomona.edu/workorder/.
This order goes to I&IT Projects & Services, which procures and installs the wiring to the nearest switch. Then Systems procures, installs and tests the Wireless Access Points (WAPs). For these, the requesting department is charged.
This page was last updated on September 23, 2008.
