Project: Reworking company network

[P1X3]

I have been given an opportunity to completely rework network for a what I assume is fairly small company. As of now this is the biggest project I have an opportunity to work, and I think I might be biting on more than I can chew. So here are complains/requests and what I think is reasonable solution. I am sure there are a lot of members here with different amount of experience, preferences, and ideas of how things should work, so please keep that in mind while posting your thoughts, ideas, and feedback.

 

Problem #1: Main software the most employees use is connecting to sql database currently stored on single server. There were occasions where server hardware and/or software failure cause multiple hours of downtime loosing company the money. In addition to that, owner specifically said that he does not want to stress about the single server being a single point of failure.

My solution: Setup two sql server in cluster with "Always on" feature enabled. Two machines, two separate storage places. Secondary server will take-over in case of primary server failure. I have tested this setup and it seems to work astonishingly well. Downtime is very minimal and fail-over is automatic.

 

Problem #2: All computers company owns are different, some being crappy dell inspiron and others being i7 4770k. I wouldn't question why they used 4770k for work computers. Eventually it would be ideal to replace all workstations with updated systems that are the same.

My solution: Having older Intel NUC available, I have tested how it performs in work environment for one week. Employee that had more powerful workstations noticed no slow down, yet those with slower workstations were very happy with upgrade. By the time company is ready to fully upgrade the systems, I think Intel NUC with Broadwell will be a perfect solution.

 

Problem #3: Computers, devices, and storage aren't organized. Some employees have access to what they shouldn't have, while others have to go through hoops to access devices.

My Solution: Since they don't have it setup yet, I would say Active Directory is a must. I have never performed AD setup in production, only in testing, but I am somewhat confident about it. Ideally I would want to have Roaming profiles but there are few concerns. One, their current server will be reused as domain controller, but if server experiences software and/or hardware failure then whole idea of avoiding single point of failure is down the drain. Second is storage and network bandwidth. For starters storage is attached to same physical server as domain controller, and single point of failure is brought up again. This is something I am very unsure about.

 

Problem #4: Software and updates distribution is terrible. Some systems are Windows 7, other are Vista or 8.1, while one or two are running win10 tech previews... I wouldn't dare to ask why. Worst of all some systems aren't being updated at all, while others are up to date. Same thing with the software starting with tools such as pdf reader and proprietary scanner software, and ending with main software not being updated.

My solution: I don't think I have this down yet. I have heard of WSUS which will probably work, but software distribution is something I am afraid to look at.

 

Problem #5: Network setup is a mess, and I think many will agree. There is a single 10.0.0.0/24 network and every single network device is connected through single switch. Again, if router fails then whole network is down. Some devices lease the IP address from router's DHCP, some have static, and other have static set from router. In my mind it seems like a bigger issues, but their security cameras are also on same network and their traffic is also router through the same switch.

My solution: No concrete solution as of yet. 

 

Problem #6: Old server experienced hardware failure because of where it was stored. To make it short, it sucked dust in, not just simple dust, but oily dust. It was sitting in storage room. There was clear oily dust on the motherboard. The current server is in the same place but not as bad yet.

My solution: Have proper server cabinet with filtered air. This is partially in process as it needs to be regardless of how the project goes. No server needs to see dust. 36U enclosed server cabinet is already put together. Ideally it will be somewhat sealed to accept air from external unit that cools and filters the air.

 

This is all I can think of right now, but there are quite few issues to address. Company has roughly 15 in-office employees.

[jmannik]

Problem #1: Main software the most employees use is connecting to sql database currently stored on single server. There were occasions where server hardware and/or software failure cause multiple hours of downtime loosing company the money. In addition to that, owner specifically said that he does not want to stress about the single server being a single point of failure.
My solution: Setup two sql server in cluster with "Always on" feature enabled. Two machines, two separate storage places. Secondary server will take-over in case of primary server failure. I have tested this setup and it seems to work astonishingly well. Downtime is very minimal and fail-over is automatic.
My Input: This is a reasonable solution, but how does it work inside a domain? (Assuming you will move forward with the active directory deployment.
 
Problem #2: All computers company owns are different, some being crappy dell inspiron and others being i7 4770k. I wouldn't question why they used 4770k for work computers. Eventually it would be ideal to replace all workstations with updated systems that are the same.
My solution: Having older Intel NUC available, I have tested how it performs in work environment for one week. Employee that had more powerful workstations noticed no slow down, yet those with slower workstations were very happy with upgrade. By the time company is ready to fully upgrade the systems, I think Intel NUC with Broadwell will be a perfect solution.
My Input: This is a valid solution if it meets the needs of the client, I would raise the issue of warranty on the NUC though as most businesses I support run 3 years next business day warranty.
 
Problem #3: Computers, devices, and storage aren't organized. Some employees have access to what they shouldn't have, while others have to go through hoops to access devices.
My Solution: Since they don't have it setup yet, I would say Active Directory is a must. I have never performed AD setup in production, only in testing, but I am somewhat confident about it. Ideally I would want to have Roaming profiles but there are few concerns. One, their current server will be reused as domain controller, but if server experiences software and/or hardware failure then whole idea of avoiding single point of failure is down the drain. Second is storage and network bandwidth. For starters storage is attached to same physical server as domain controller, and single point of failure is brought up again. This is something I am very unsure about.
My Input: Have you considered virtualisation? you could run two hosts with Server 2012 and run multiple virtual machines on them, including two domain controllers. if you configure it correctly then you could even set up high availability between the two hosts (going by how unsure you are about this project I would say you are probably not comfortable with setting this up but its worth mentioning). If set up and configured correctly this can be very reliable and easy to manage, but also you need to ensure that they have a good backup solution in place no matter what you do here.
 
Problem #4: Software and updates distribution is terrible. Some systems are Windows 7, other are Vista or 8.1, while one or two are running win10 tech previews... I wouldn't dare to ask why. Worst of all some systems aren't being updated at all, while others are up to date. Same thing with the software starting with tools such as pdf reader and proprietary scanner software, and ending with main software not being updated.
My solution: I don't think I have this down yet. I have heard of WSUS which will probably work, but software distribution is something I am afraid to look at.
My Input: WSUS will work for Microsoft updates quite well but it takes regular maintenance or it will fill up your hard drive with updates. You will need to regularly decline superceded updates, and run the cleanup wizard every now and then. Other software you are better off creating a standard operating environment image that you can image to computers when needed and add individual programs needed to those particular workstations.
 
Problem #5: Network setup is a mess, and I think many will agree. There is a single 10.0.0.0/24 network and every single network device is connected through single switch. Again, if router fails then whole network is down. Some devices lease the IP address from router's DHCP, some have static, and other have static set from router. In my mind it seems like a bigger issues, but their security cameras are also on same network and their traffic is also router through the same switch.
My solution: No concrete solution as of yet. 
My Input: Use a managed switch, vlan off the security cameras from the main network otherwise the size of the network is not big enough to worry about more.
Get a business grade switch from a known brand (HP or Cisco for example) with a good warranty, switches are not usually unreliable devices so I wouldnt worry too much about the hardware. When you set up an active directory domain you can also make it a DHCP server and configure all the needed reservations and exclusions needed.
 
Problem #6: Old server experienced hardware failure because of where it was stored. To make it short, it sucked dust in, not just simple dust, but oily dust. It was sitting in storage room. There was clear oily dust on the motherboard. The current server is in the same place but not as bad yet.
My solution: Have proper server cabinet with filtered air. This is partially in process as it needs to be regardless of how the project goes. No server needs to see dust. 36U enclosed server cabinet is already put together. Ideally it will be somewhat sealed to accept air from external unit that cools and filters the air.
My Input: Try convince them to dedicate a small room for server and networking equipment. Rackmount server and switch gear, make sure it is running on a good quality UPS as well (these not only keep the server up in the event of a power failure but also filter the power going in).
 
In summary it sounds very much like you have bitten off more than you can chew, I would suggest you get someone experience in to help you on this one and make sure you soak up as much of the knowledge and experience from the job as you can.
 
Good luck
 
This is all I can think of right now, but there are quite few issues to address. Company has roughly 15 in-office employees.

[P1X3]

#1: SQL Cluster actually needs active directory to function. Main software also has no issues connecting to a sql cluster since all it needs is server name and have mixed auth mode enabled.

 

#2: I actually haven't considered the warranty at all, and I am glad that you brought it up. Is it arranged with the retailer, manufacturer, or third party? For the scenarios where a system goes out, I was thinking that it would be replaced with a spare while the broken one is sent for repair or a new system is ordered. Would love to hear more on this topic.

 

#3: I have played around with virtualization across multiple hosts, but am nowhere near confident to deploy such setup. Were you also suggesting to have thin clients and run each system as virtual machine? I have played with something like this and have very little experience with it. The test setup worked fine as far as I could tell, but I kinda felt that it wasn't reliable. Again, this is just me based on what I experienced when playing around with the idea of thin clients and virtual machines. Does it work well? Honestly, this does seem like a step in right direction in terms of managing. In addition to that, current server is decent dual socket (1366), so having another system like that for virtulization could be plenty. I would love this, but lack of experience is rather disturbing me. 

 

#4: Having system image with updated software is what I was thinking too, that is when all the systems are the same. As of now, there are 5 times of different computers used in the office, 5 different images to keep. But going back to #3, having thin clients and virtual machines would make this issues disappear in a moment.

 

#5: How would I go about splitting things into different networks and assigning IP addresses? Like what is a good practice here? I was thinking about IP cameras and why wouldn't they be connected directly to security system via switch? Perhaps their traffic won't slow down network and they can be in separate vlan, yet just having them off general network all together is more appealing, no?

 

#6: I have brought that up and unfortunately there is no space available at the current location. It is possible that company will move to new location where such space might be available tho. 

 

I have few helpers for physical installs and such, yet noone to oversee the project and suggest alterations, ideas, etc.

Thank you for your input, as always I am always glad to hear more as this is definitely my first big one.

[jmannik]

#1: SQL Cluster actually needs active directory to function. Main software also has no issues connecting to a sql cluster since all it needs is server name and have mixed auth mode enabled.

 

#2: I actually haven't considered the warranty at all, and I am glad that you brought it up. Is it arranged with the retailer, manufacturer, or third party? For the scenarios where a system goes out, I was thinking that it would be replaced with a spare while the broken one is sent for repair or a new system is ordered. Would love to hear more on this topic.

 

#3: I have played around with virtualization across multiple hosts, but am nowhere near confident to deploy such setup. Were you also suggesting to have thin clients and run each system as virtual machine? I have played with something like this and have very little experience with it. The test setup worked fine as far as I could tell, but I kinda felt that it wasn't reliable. Again, this is just me based on what I experienced when playing around with the idea of thin clients and virtual machines. Does it work well? Honestly, this does seem like a step in right direction in terms of managing. In addition to that, current server is decent dual socket (1366), so having another system like that for virtulization could be plenty. I would love this, but lack of experience is rather disturbing me. 

 

#4: Having system image with updated software is what I was thinking too, that is when all the systems are the same. As of now, there are 5 times of different computers used in the office, 5 different images to keep. But going back to #3, having thin clients and virtual machines would make this issues disappear in a moment.

 

#5: How would I go about splitting things into different networks and assigning IP addresses? Like what is a good practice here? I was thinking about IP cameras and why wouldn't they be connected directly to security system via switch? Perhaps their traffic won't slow down network and they can be in separate vlan, yet just having them off general network all together is more appealing, no?

 

#6: I have brought that up and unfortunately there is no space available at the current location. It is possible that company will move to new location where such space might be available tho. 

 

I have few helpers for physical installs and such, yet noone to oversee the project and suggest alterations, ideas, etc.

Thank you for your input, as always I am always glad to hear more as this is definitely my first big one.

#1: Awesome that makes things easier.

 

#2: The answer to that is as long as a piece of string so to say. It depends on the device, here in australia computer hardware has a mandatory 12 month warranty from new. With the businesses I support the devices are purchased from Tier 1/2 suppliers (think HP, Lenovo/IBM, Dell etc.) and the additional warranty is purchased with the machine from the manufacturer, this is not as important as for the servers. You really want your servers to be covered by a service agreement, this means that if anything breaks in them that parts and a technician are sent out to repair it when it goes wrong. Which service level agreement you purchase depends on the cost/benefit ratio. Here in Aus all the major players provide 4 hour response and next business day response. You should do a little research into this yourself.

 

#3: I didnt suggest thin clients as to me they are just not my cup of tea (personal preference). If you were to look at thin clients what you would be looking at is a terminal server and all the thin clients connect to it (usually via rdp from the very cut down and specialised OS on the thin client), this is not the route you want to go as it does require knowing what you are doing to set up and would probably not be suitable for the size of the business.

 

#4: If you build the image correctly (research sysprep) you can actually build one image that will work on all* of the computers. While thin clients would make the image issue go away it would introduce other issues.

*assuming there are no show stopping issues between the models

 

#5: With VLAN's what you are doing is going "ok these ports here are one switch(vlan1), these ports with the cameras can go on this switch(vlan2)" but once again I think we are getting into things above your head, so maybe a little research into VLAN's and how they work would be advised here.

 

#6: Well at least you know where you are working from on this issue, Make sure they know that if the server is not located in an ideal location this can effect its reliability especially in the long term.

In all of this whatever you do make sure you document everything, follow standard practices where possible because no matter what happens you want things to be done right so if someone else comes into the situation and starts looking to fix something they wont be scratching their head wondering why you did something.

[P1X3]

#1: Awesome that makes things easier.

 

#2: The answer to that is as long as a piece of string so to say. It depends on the device, here in australia computer hardware has a mandatory 12 month warranty from new. With the businesses I support the devices are purchased from Tier 1/2 suppliers (think HP, Lenovo/IBM, Dell etc.) and the additional warranty is purchased with the machine from the manufacturer, this is not as important as for the servers. You really want your servers to be covered by a service agreement, this means that if anything breaks in them that parts and a technician are sent out to repair it when it goes wrong. Which service level agreement you purchase depends on the cost/benefit ratio. Here in Aus all the major players provide 4 hour response and next business day response. You should do a little research into this yourself.

 

#3: I didnt suggest thin clients as to me they are just not my cup of tea (personal preference). If you were to look at thin clients what you would be looking at is a terminal server and all the thin clients connect to it (usually via rdp from the very cut down and specialised OS on the thin client), this is not the route you want to go as it does require knowing what you are doing to set up and would probably not be suitable for the size of the business.

 

#4: If you build the image correctly (research sysprep) you can actually build one image that will work on all* of the computers. While thin clients would make the image issue go away it would introduce other issues.

*assuming there are no show stopping issues between the models

 

#5: With VLAN's what you are doing is going "ok these ports here are one switch(vlan1), these ports with the cameras can go on this switch(vlan2)" but once again I think we are getting into things above your head, so maybe a little research into VLAN's and how they work would be advised here.

 

#6: Well at least you know where you are working from on this issue, Make sure they know that if the server is not located in an ideal location this can effect its reliability especially in the long term.

In all of this whatever you do make sure you document everything, follow standard practices where possible because no matter what happens you want things to be done right so if someone else comes into the situation and starts looking to fix something they wont be scratching their head wondering why you did something.

 

I slept on your suggestions for running virtual machines and think it is very well worth considering. 

 

Their current server is Asus RS500-E6/PS4 with two Xeon E5606, 24GB ECC Ram, ssd for system, and two WD NAS RED 1TB drives running in mirror from some eight port lsi megaraid (can't remember model off the top of my head).

Since initially I thought about having two sql servers run separately without anything else on it, the plan was to order two identical ASUS RS300-E8-PS4, Xeon E3-1231, 16GB ECC Ram, and Intel Pro 2500 for system. Probably an overkill for sql server, yet I see now reason why they wouldn't handle two VMs each with third (current) server used for other purposes. Run full server installation and core on the identical servers. The two identical servers could also be setup later on for DFS Replication too which is very nice.

 

Thoughts?

[jmannik]

I slept on your suggestions for running virtual machines and think it is very well worth considering. 

 

Their current server is Asus RS500-E6/PS4 with two Xeon E5606, 24GB ECC Ram, ssd for system, and two WD NAS RED 1TB drives running in mirror from some eight port lsi megaraid (can't remember model off the top of my head).

Since initially I thought about having two sql servers run separately without anything else on it, the plan was to order two identical ASUS RS300-E8-PS4, Xeon E3-1231, 16GB ECC Ram, and Intel Pro 2500 for system. Probably an overkill for sql server, yet I see now reason why they wouldn't handle two VMs each with third (current) server used for other purposes. Run full server installation and core on the identical servers. The two identical servers could also be setup later on for DFS Replication too which is very nice.

 

Thoughts?

My thoughts are that you should look into Hyper-V failover without a SAN, here is a good link to get you started http://blogs.msdn.com/b/mvpawardprogram/archive/2012/11/05/windows-server-2012-hyper-v-high-availability-without-a-san.aspx

 

Run the existing server as a Hyper-V host, virtualise the DC and any other servers there (add extra disks and take the mirror array to a 1+0 array or even raid 6 with hot spares if you can get the drives (depending on raid card capability of course)

Get an additional server with similar specs and then set up hyper-v failover.

A few things to keep in mind, SQL is heavy on IOPS and RAM but you really want to get a baseline on the performance of the current system so that you can build the servers up accordingly.

More disks = faster speeds + more redundancy (if set up correctly) which in turn = happy client.

[unijab]

At my job, in our production servers, our clustered SQL setup is 2 virtualized machines each with 128GB of RAM with fiber channel storage on a  NetApp SAN. 

[P1X3]

My thoughts are that you should look into Hyper-V failover without a SAN, here is a good link to get you started http://blogs.msdn.com/b/mvpawardprogram/archive/2012/11/05/windows-server-2012-hyper-v-high-availability-without-a-san.aspx

 

Run the existing server as a Hyper-V host, virtualise the DC and any other servers there (add extra disks and take the mirror array to a 1+0 array or even raid 6 with hot spares if you can get the drives (depending on raid card capability of course)

Get an additional server with similar specs and then set up hyper-v failover.

A few things to keep in mind, SQL is heavy on IOPS and RAM but you really want to get a baseline on the performance of the current system so that you can build the servers up accordingly.

More disks = faster speeds + more redundancy (if set up correctly) which in turn = happy client.

 

Sorry if I seem stubborn to go with proven or already worked out setups, just exploring options and seeing how well this could work. So here is a thought. 

 

Setup main server as domain controller. Two new servers join the domain, failover cluster feature is enabled, and SQL server with "Always on" is installed on both. Failover feature is required for "Always on." Each SQL server gets its own local storage for a copy of database, perhaps SSD. "Always on" takes care of replicating primary database to secondary node. This satisfies client's requirement, except that in case of Domain Controller failure, SQL servers, both joined the domain, might experience issues. For that I can setup Hyper-V on either/both new servers and run secondary domain controller VMs. For me the biggest pros are that sql servers are running on a physical hosts and secondary domain controllers are also available for the scenario where server with primary domain controller fails. Also for the future, two new servers can be setup to host dfs replication roles depending on how loaded they get. 

 

As you said, SQL is IOPS and RAM heavy so my guess is it is better to have them run on physical hardware, yes or no? Since they both will keep a copy of same database, it might even be better to get a dedicated SSDs for database storage. 

 

Edit:

I will probably test this as I am not sure how Hyper-V will behave along with SQL Server running on a server with failover cluster feature.

[jmannik]

Sorry if I seem stubborn to go with proven or already worked out setups, just exploring options and seeing how well this could work. So here is a thought.

Setup main server as domain controller. Two new servers join the domain, failover cluster feature is enabled, and SQL server with "Always on" is installed on both. Failover feature is required for "Always on." Each SQL server gets its own local storage for a copy of database, perhaps SSD. "Always on" takes care of replicating primary database to secondary node. This satisfies client's requirement, except that in case of Domain Controller failure, SQL servers, both joined the domain, might experience issues. For that I can setup Hyper-V on either/both new servers and run secondary domain controller VMs. For me the biggest pros are that sql servers are running on a physical hosts and secondary domain controllers are also available for the scenario where server with primary domain controller fails. Also for the future, two new servers can be setup to host dfs replication roles depending on how loaded they get.

As you said, SQL is IOPS and RAM heavy so my guess is it is better to have them run on physical hardware, yes or no? Since they both will keep a copy of same database, it might even be better to get a dedicated SSDs for database storage.

Edit:

I will probably test this as I am not sure how Hyper-V will behave along with SQL Server running on a server with failover cluster feature.

The idea of virtual machines is that they are hardware independent, so its easy to move the VM to another host. Making all servers virtual will fulfill the requirement of high availability. It also makes it easy to migrate to new hardware. Hyper-v hard drive performance and SQL on a VM are fine. Aim for two hosts with good specs (more cores and more ram is more important than high clock speed), set up high availability between hosts that will cover you for hardware failure. Have a good backup system in place, I suggest veeam or shadow protect.

[unijab]

For the VMs to be highly available; you have to cluster the Hyper-V hosts.

[jmannik]

For the VMs to be highly available; you have to cluster the Hyper-V hosts.

Not in Server 2012 http://blogs.msdn.com/b/mvpawardprogram/archive/2012/11/05/windows-server-2012-hyper-v-high-availability-without-a-san.aspx

[unijab]

Not in Server 2012 http://blogs.msdn.com/b/mvpawardprogram/archive/2012/11/05/windows-server-2012-hyper-v-high-availability-without-a-san.aspx

 

Did you read it?

 

 

 

Configuring Storage: Building a Scale-Out File Server

The heart of a highly-available virtualization environment is to have reliable, fault-tolerant storage. Windows Server 2012 provides all the building blocks that are required as part of the operating system.  In a simple configuration, you can configure all of these features to run on a single Hyper-V host server (of course, that won’t protect against many possible types of hardware failures). The process involves installing and configuring the Scale-Out File Server role with active-active file shares.  Once that’s configured, you can use the Failover Clustering Manager to add highly-available storage.  Windows Server 2012 includes features that support NIC teaming, multi-pathing, and a variety of performance and reliability features that are implemented in the SMB 3.0 protocol. 

 

Now google Scale-out file server role...

 

 

http://technet.microsoft.com/en-us/library/hh831349.aspx

 

 

Scale-Out File Server for application data:   This clustered file server feature was introduced in Windows Server 2012, and it lets you store server application data, such as Hyper-V virtual machine files, on file shares, and obtain a similar level of reliability, availability, manageability, and high performance that you would expect from a storage area network. All file shares are simultaneously online on all nodes. File shares associated with this type of clustered file server are called scale-out file shares. This is sometimes referred to as active-active. This is the recommended file server type when deploying either Hyper-V over Server Message Block (SMB) or Microsoft SQL Server over SMB.

[jmannik]

Did you read it?

Now google Scale-out file server role...

http://technet.microsoft.com/en-us/library/hh831349.aspx

I stand corrected, I scanned but didn't read it.

[unijab]

IMO I think using SAN or iSCSI would be an easier way to provide storage to the cluster. 

[jmannik]

IMO I think using SAN or iSCSI would be an easier way to provide storage to the cluster.

That would be ideal but I was thinking of trying to keep the costs down while fulfilling the redundancy and avoiding single points of failure requirements

[P1X3]

Small updates on the project.

• First of all three POE switches (with 4POE ports on each switch) are being replaced with a single 10/100 24-Port POE switch. There are plans to add more cameras at current location, and even more at the new location. I figured it is a good idea to invest in 24 port switch right away.
• Server cabinet was assembled, 48 port patch panel arrived, and some networking equipment was ordered.

Now here is something a bit ridiculous. Occasionally there is a problem with some devices on the network, some devices (one or two) will simply lose all network connectivity until restart. After restart, another device(s) will do the same. I couldn't figure out why, but then realized that DHCP server on the router is leasing only 50 IP addresses. Surely, all 50 IP addresses are being leased, so I am waiting for the end of the workday to make that change to avoid router restarts during work-time.

 

Ninja-edit (not really):

After increasing the amount of DHCP leases (from 50 to 100), the issues has seem gone away. I decided to take it a step further and setup a guest wifi network that is on separate subnet with no access to other subnets (AP Isolation and iptables rules). Of-course internet access is allowed. We'll see how this playsout

[P1X3]

Here is a puzzler, to me at least. On main router I have two WiFi networks, private with all access, and public for guests with only internet access. Therefore, there are two SSID networks.

How would I go about extending the public ssid since it is setup only for internet access. I assume this is where vLANs are needed to assign to each ssid, right?

[jmannik]

Here is a puzzler, to me at least. On main router I have two WiFi networks, private with all access, and public for guests with only internet access. Therefore, there are two SSID networks.

How would I go about extending the public ssid since it is setup only for internet access. I assume this is where vLANs are needed to assign to each ssid, right?

Vlanning it would be the most secure option although you could just configure the wireless router to only allow traffic out the internet and not to other network devices (depending on the wireless routers capability of course)

[P1X3]

Vlanning it would be the most secure option although you could just configure the wireless router to only allow traffic out the internet and not to other network devices (depending on the wireless routers capability of course)

 

I don't think my original question was clear. I meant to ask how would I go about using wifi range extender to extend both wireless SSIDs (guest and private). Currently company has two (2.4 and 5) wifi range extenders with seperate ssid each.

[P1X3]

So three POE switches (4POE ports each) are finally out of the picture. While at it, passive POE injectors for wifi range extenders got removed as I hope to hook them up to the switch. Unfortunately the Ethernet cable on extender needs to plugged into a different port so that will be happening sometime this week.

 

I have no idea what to do with this mess of a wires. There is a wall-mounted patch panel for office Ethernet for those aren't being used as far as I have been told. Instead new wires were run to the pictured location with simple RJ45 connectors. Good luck to whoever decided to move to this location after lease expires... Also good luck to me...

 

 

Edit: Also the three POE switches, they were chained. First plugged into main switch, second plugged into first, and last was plugged into second switch. Server, was plugged into third POE switch... Don't want to know... and didn't even mention this to the person that was keeping all of this in "tact"

[jmannik]

So three POE switches (4POE ports each) are finally out of the picture. While at it, passive POE injectors for wifi range extenders got removed as I hope to hook them up to the switch. Unfortunately the Ethernet cable on extender needs to plugged into a different port so that will be happening sometime this week.

I have no idea what to do with this mess of a wires. There is a wall-mounted patch panel for office Ethernet for those aren't being used as far as I have been told. Instead new wires were run to the pictured location with simple RJ45 connectors. Good luck to whoever decided to move to this location after lease expires... Also good luck to me...

IMG_20150117_133656.jpg

IMG_20150117_133659.jpg

IMG_20150117_133707.jpg

IMG_20150117_133715.jpg

Edit: Also the three POE switches, they were chained. First plugged into main switch, second plugged into first, and last was plugged into second switch. Server, was plugged into third POE switch... Don't want to know... and didn't even mention this to the person that was keeping all of this in "tact"

The scope on this job is just going nuts... That room needs to be completely repatched. Get experienced help on this one... This is a mess

[P1X3]

The scope on this job is just going nuts... That room needs to be completely repatched. Get experienced help on this one... This is a mess

 

Yes, nuts indeed. Company will be relocating soon afterall so it was decided it is for everyone's best interest we don't waste time with the mess of wires. Instead everything will be organized in the new building as it gets built.

 

Meanwhile I am still baffled how to setup wifi repeater for two SSIDs of a single router but also keep the same authentication. I have setup the private wireless network with radius and it works exceptionally well, but no bueno with repeater using same authentication method.