Regardless of what WLAN vendor you have, there are 13 things you should be doing with your WLAN.
- Disable 1,2,5.5,11 data rates – just make sure you’re REALLY done with 802.11b (hey, 1992 called, they want their barcode scanner back)
- No more than 4 SSIDs active per radio – Any more and you’re creating interference for yourself.
- Turn on the multicast functions for all cases – Make sure it’s configured! If you don’t your multicasts will go out as broadcasts and everyone suffers.
- Mobility group (same name) should be 15 controllers or less – It should cover only the RF roaming space. No need for messages from one campus to flow to another.
- Have a low radius timeout depending on usage scenario (not a general change) – Tends to speed up authentications.
- Internal DHCP servers (on controllers/AP’s) shouldn’t be used – They just don’t scale well. (Great for a lab, however.)
- Don’t use local EAP – Does not scale well on larger networks.
- Recommend to change EAP retries to 4, timeout to 400ms – This speeds up the failure if someone types the wrong password.
- Minimum RSSI to –80 for rogue AP’s – Who cares if I can hear someone across the street. It’s not a “rogue”.
- Disable all rogue auto contain settings – unless absolutely needed for security reasons
- Enable Application Visibility – Even if you’re not building a policy for QoS or restrictions, at least it’s there for troubleshooting.
- Enable Fast SSID – Especially for Apple Clients
- Enable CleanAir if you have AP’s that are capable – Take advantage of this feature.
How did you stack up?