Wireless site link

Hi all,
I've been asked to provide a LAN link into another building, I would have liked a laser link, but budget is minimal.

So I'm after something that supports an external directional aerial and WPA2.
- a telephone port would be very handy too.

The distance is about 100-150m in clear air.
Speed not a big issue, only about 5 PC’s

Was considering Draytek, but has anyone got any wireless bridge/yagi recommendations?

Take a look at some of the ZyXEL antennas

(just to close this thread, here's some install notes)

I ran out of time to make a properly researched choice, so I just grabbed some kit that I knew would work OK. (it's not going to be connected for very long)

got two Acme routers that came with two external 12dBi panel aerials (about the size of a beermat)
If you have the money, get a Cisco bridge

Tested them across a 150m carpark at 25% signal strength and it was fine.
(These are spec'ed to reach 500m in open air)

You don't always need line of sight; whilst testing a nice person parked the company van in front of the aerial (doh!) ...yet it still worked

Realised at the last minute the beam would need to be above the level of passing trucks (duh) , so screwed each one to the side of the roof.
Noted later that one of the corner roof panels is GRP, so could have mounted one of them internally.

The dB gain of the aerial is obviously too much for this application, but I was more interested in limiting the beam spread. Ask the supplier to calculate this if you are doing this properly.

Note some routers "say" they support WPA, but actually only support this in client mode. In Bridge mode, many drop back down to WEP. Most "manuals" won't tell you this either

I also felt that syslog support is important (I tend to log everything that can be logged) but I think most routers support this feature anyway (in practice, this routers logging looked good (lots of options), but didn't generate nearly enough info. So I'll plug the port into a sniffer and generate the logging data off of that)

Get more aerial cable than you think you need, it will make mounting the router easier. I didn't get a lighting arrestor, but they are something to consider. Pass the cable through a rubber grommet to stop it being cut by whatever it passes though

Remember that you'll need a power socket and a cat5e port near/in the roof space, and possibly even require a UPS too. Make sure you can mount all this properly and not create a fire risk. Consider the lead time on getting someone to install the power socket.
Some vendors supply extra-long power cables and mounting brackets.

You'll need to seal the outside connector with non-setting rubber tape (not PVC tape), and secure the cable to stop it flapping in the wind

I used a web password generator to create the admin and encryption keys

ping time is about 1ms, so latency is not an issue

hth

---edit ---

with hindsight, download netstumbler first and check the RF channel you picked is not being used by someone nearby
.

(just a follow on from my post above)

as I understand it when setting up a wireless bridge, WPA and WPA2 are not supported through a WDS connection.
Apparently WDS uses MAC addresses to communicate, but WPA is designed to encrypt the MAC addresses and so it isn't supported.

(although SMC's SMC2870W does some kind of WDS-lookalike that supports WPA, and appears to be the only router that does this.)

So WDS just uses WEP/MAC to secure the channel...!?

That appears to leave the only way to really secure a wireless bridge is to terminate the bridge into a VPN box ?
('tis lucky I have a spare firewall/vpn clients)

It can't be correct that all bridges have to use WEP....
- am I missing something ?


----------
(edit - update)

when in bridging mode using WDS,
although the link is setup as WEP, no other connections are allowed.
(ie it stops looking like an AP)

also a minor thing, but the SSID disappears, so it looks like no link is present.
So I reckon as no secondary connections are possible, this is secure.




.