About the VU Wireless Network
The following page provides some helpful incite to how VU's wireless network is designed as well as general information that explains wireless technology and how the environment can impact the user experience. Here are some key points about the network:
- Pervasive coverage in all indoor spaces (except elevators and stairwells) for all VU campus and remote sites
- Limited coverage in outdoor areas
- Supports 802.11a/g/n in 2.4GHz and 5GHz frequency ranges
- Supports max data rates from 11Mbps - 450Mbps
- 100% Controller-based technology (increases performance, functionality and manageability)
- Utilizes Cisco CleanAir technology to avoid radio interference sources such as microwave ovens
- Supports Location Services / RFID tags
- Supports Cisco Wireless Phone Services
The following table illustrates the available wireless networks or SSIDs with their corresponding authentication and encryption methods.
|Network Name or SSID||Standard||Authentication||Encryption||Broadcast SSID||Security Strength||Availability|
|vuNet||WPA2-Enterprise||PEAP||AES or TKIP||Y||Strongest||Now|
|vuDevice||WPA2-Personal||PSK||AES or TKIP||Y||Better||Now|
Which Wireless Network Should I Use?
You should configure your device to support the highest level of security possible. For most user devices, vuNet will be the network of choice. The following descriptions breakdown each SSID along with its pros and cons:
- vuNet - 95 percent of Vanderbilt students, staff and faculty should use this SSID for their desktops, laptops, tablets, phones, etc. It requires a valid vuNetID and ePassword for access. It is one of the two SSIDs that are broadcast and uses the most secure means to use the wireless network. Since the SSID is broadcast, your devices will automatically see this network when in range and will automatically connect for your use once initially configured. Even devices that users cannot login to can use this SSID and a machine account login to access the network. This SSID supports PEAP authentication along with either AES (preferred) or TKIP encryption. Note: If you are using TKIP, your maximum data rate will only be 54Mbps. For best results, use the CloudPath xPressConnect Wizard wireless onboarding system to connect to this SSID (see vuSetup).
- vuSetup - Is an open SSID used to onboard wireless devices to vuNet. vuSetup uses a wireless onboarding system called xPressConnect. A device will connect to this SSID, run through the one-time setup process and then will connect directly to vuNet in the future. If a device's operating system is reset or the wireless configuration becomes corrupt for any reason, just reconnect to vuSetup and run through the CloudPath xPressConnect Wizard system again.
- vuDevice - For devices that do not support PEAP authentication, this SSID can be used. It still uses the stronger WPA2 standard, but uses a PSK (Pre-Share Key) for authentication. This network is designed to support devices such as health monitors, infusion pumps, MRI, electronic microscope, etc. that users will NOT login with their vuNetID.
- vummiv - This SSID provides no security. Users should use the secure vuNet SSID when possible. Students should use vummiv for their game consoles and other consumer devices that cannot use vuNet as these devices should not require a static IP. If you are experiencing issues connecting gaming or other consumer devices, please call VUIT at (615) 343-9999 or submit a ticket at www.vanderbilt.edu/techhub.
NOTE: As of November 2017, Nintendo Switches are not compatible with vummiv.
There are many sources for radio interference that can cause wireless network degradation, especially in the 2.4Ghz frequency range. Devices such as microwave ovens, 2.4Ghz phone systems and BlueTooth enabled devices can degrade wireless service. Cisco's CleanAir technology will try to mitigate impact by automatically moving users to another channel. However, this feature is somewhat limited in the 2.4Ghz spectrum. For this reason, we recommend using devices that support the 5GHz spectrum (802.11a or 802.11n). Users should be aware of such interference causing devices if they are having intermittent wireless issues where it works sometimes or it works in some areas while having problems in other areas. If you suspect that you are having interference related issues, your Network Services team can help you identify potential interferers.
Using items that serve as wireless access points, such as wireless printers and routers, can cause degradation to the Vanderbilt network. To learn how to disable features to avoid this, please visit the VUIT News Blog.
Receive Signal Strength Indicator (RSSI) and Signal to Noise Ratio (SNR)
RSSI is the signal level that the client's wireless card "hears" the wireless AP. An RSSI of -67dB or higher (e.g. -61dB) should provide a seamless connection for voice, data and video. Below -70dB, user experience will be sporadic to no connection.
SNR is the difference in the noise floor and the RSSI. A SNR of 25dB or higher (e.g. 38dB) will provide the best performance. Although RSSI is a good indicator of expected wireless performance, SNR is the best measurement since it takes into consideration both the RSSI and the amount of noise (noise floor) present that the client's wireless card will hear. A higher noise floor can be compensated for if the RSSI is high enough, but the difference (SNR) should never be less than 25dB. For example, if the noise floor is -92dB and the RSSI is -64, then the SNR is 92-64=28dB which is very good.
This chart helps illustrate how SNR will impact a client's connection:
|25-40dB||Very Good||3-4 Bars||Always||Very Fast|
|15-25dB||Low||2 Bars||Always||Usually Fast|
|10-15dB||Very Low||1 Bar||Mostly||Mostly Slow|
|5-10dB||None||No Bars||Not||No Go|
Rogue Wireless Devices
VU does not permit any unauthorized network devices including wireless access points to be used on the VU premises per VU Policy #OP 10-40.30. These devices can impact network performance & management and will be confiscated when located.
Rogue devices can be a major source of wireless interference or act as a network infrastructure devices, such as a DHCP server. As an interferer, the rogue device may use the same radio channel as one of our wireless Access Points (AP), so it uses a portion of our wireless signal which reduces throughput for the user. Cisco's CleanAir technology tries to move our AP to another channel if possible, but this is very limited in the 2.4GHz spectrum.
A rogue device acting as a DHCP server will have serious impact, since it will be assigning IP addresses to VU devices that will not work on our network.
Examples of rogue devices:
- Apple AirPort Wireless Access Point
- Linksys or Netgear home wireless access points and routers
- MiFi devices - personal WiFi hotspots from cellular providers (Sprint, AT&T, Verizon, etc.)
802.11g vs 802.11n
802.11g supports a max data rate of 54Mbps and 802.11n support a max data rate of 300Mbps. All buildings currently support 802.11a/g/n with the exception of the buildings listed below. One Hundred Oaks is scheduled to be upgraded Summer 2014. Currently, 10% of VU is 802.11g and 90% is 802.11n.
|802.11a/g||MRB3, MRB4, One Hundred Oaks, Green Hills Office Building, MCN, Owens-Minor (OCCOC-Briley)|
2.4Ghz vs 5Ghz
The original specification for 802.11b/g only supported the 2.4Ghz spectrum. This is an unlicensed radio spectrum that many manufacturers have used for their wireless devices. This includes BlueTooth devices and so happens to be the frequency that many microwave ovens operate in. This has led to spectrum overcrowding and created many interference sources. The 2.4Ghz spectrum is also very limited, only allowing 3 non-overlapping channels to operate wireless devices.
In contrast, 802.11n supports both legacy 2.4Ghz spectrum as well as the 5Ghz spectrum. The 5Ghz spectrum is not as crowded and has fewer interference sources. It also provides 23 non-overlapping channels which allows more APs to be installed in a given area thus allowing the controllers more flexibility (more channels) to dynamically adjust channels around interferers. The new 802.11ac "gig wireless" specification will only operate in the 5Ghz spectrum, so the future of 5Ghz is here to stay and the more problematic 2.4Ghz spectrum will become obsolete for WiFi services.
Band Select is a wireless controller feature that encourages devices to use the 5Ghz radio spectrum to avoid some of the interference associated at 2.4Ghz as previously discussed. When a client device is turned on, it begins the process of trying to locate a wireless network. It "probes" the air space looking for wireless networks. If a client supports 2.4Ghz and 5Ghz signals, it typically (depending on configuration) probes for a 2.4Ghz AP, if none found, it then probes for a 5Ghz AP. When an AP responds with a beacon signal acknowledging either the 2.4Ghz or 5Ghz client probe, then the client attempts to associate at that frequency. Band Select forces the wireless controller (the brains behind the AP in a controller-based network) to ignore the first 3 client probes for 2.4Ghz to "encourage" the client device to connect at 5Ghz. If the controller does not receive any 5Ghz client probes, then it begins the process of associating the client device at 2.4Ghz.
Bonjour Services is used by Apple devices to advertise and find other Apple devices and services such as printers, AppleTv, Apple file sharing, screen sharing, remote desktop, iTunes, etc. Bonjour Services are now supported on the wireless network for wireless devices only.
Location Specific Services (LSS) - LSS allows Apple wireless devices to only see the Apple Bonjour Services being offered in their imediate area. Without LSS, a user will see all services offered across the entire university. However, because the client limits the number of devices displayed to 64, they will only see the first 64 of potentially thousands of devices which would make finding devices impossible.