My Ekahau license expired during a survey

…and it took 9 days to restore it.

Two weeks ago I was doing a survey with the iPad, when my Ekahau license was suddenly suspended. I was logged out of the Survey for iPad app and lost access to all my cloud files. After 9 days the license was restored, and all has been well since. Here is my experience and lessons learned.


Firts steps with Ekahau Survey for iPad

A couple of weeks ago I upgraded to Ekahau Connect and an iPad Pro for my RF surveys. I’ll write my first-hand experiences learning to use it and doing actual work.

Bottom line: get Connect and an ARK-enabled Apple device if you need to speed-up survey operations and if you (or your employer) can afford the price.


Lessons from legacy 802.11n access points

Some Enterasys AP3600 ready for retirement

My colleague and I are finally completing the retirement of a legacy 802.11n deployment based on Enterasys AP3600s.

It was our university first modern wi-fi network back in 2010, based on modern hardware and latest technology (802.11n was released in 2009). In the following years a few hundred AP3600s were installed on the campus and provided the bulk of our WLAN access.

field notes

Hardware store warehouse

Some wifi spotting (or wifi watching) at a hardware and home improvement store in Milano, Italy. I went there to buy a set of TORX tamper-resistant drivers to unscrew an old AP at the office and found myself looking at the ceiling all the time.

It’s a huge warehouse about 10m high with industrial metal shelves packed full of metal hardware, tools, building materials, piping, electric gear and wood sheets. It’s open to the public and there is a perpetual flow of customers, forklifts and elevating platforms.

The company opened 4 years ago, there is a good ethernet infrastructure at every cashier desk and aisle station, but the wireless gear was hard to spot.

Many PDAs and inventory scanners, forklifts. I did not take pictures of the handheld devices because the employees might have objected. Price tags on the shelves are low-tech.

I could not identify the devices that were hanging from the ceiling, some in a structured fashion, but pointed slantly across the aisles and not along it. Perhaps because the AP mount is not stable and the devices rotate freely.

This device is oriented across the aisle, not along it
Another orientation that does not make sense, probably it’s freely rotating due to air currents, thermal movements, machinery bumping it.
Definitely perpendicular to the aisles and shelves.

Some devices were just hanging from the ceiling or the fire extinguisher piping, like jungle vine.

Here you are!
welcome to the jungle
Looks like they want to cover the whole area above the shelving
Another view of the same.

I recorded 97 BSSID with Airport Utility standing still near the cashiers. 92 BSSID were from a locally administered MAC OUI, 5 from universal OUIs. Here’s a list of the manufacturers:

00:A0:57 LANCOM LANCOM Systems GmbH
38:08:FD Silca Silca Spa
50:D4:F7 Tp-LinkT Tp-Link Technologies Co.,Ltd.
8C:34:FD HuaweiTe Huawei Technologies Co.,Ltd
02:18:4A Locally administered MAC address
02:18:5A Locally administered MAC address
E2:55:7D Locally administered MAC address

The BSSIDs where evenly spread on 2.4 Ghz and 5 Ghz. The SSID list, redacted for privacy:

(hidden SSID)

SES is a proprietary WPS solution from Cisco Linksys:

SecureEasySetup, or SES is a proprietary technology developed by Broadcom to easily set up wireless LANs with Wi-Fi Protected Access. A user presses a button on the wireless access point, then a button on the device to be set up (printer, etc.) and the wireless network is automatically set up. This technology has been succeeded by the industry-standard Wi-Fi Protected Setup.

Silca Futura is a key cutting machinery manufacturer, so the SSID comes from the locks and safes area.

WebPocket is a 4G mobile wifi hostspot device made by Huawei.

Do you know what kind of devices/solution is behind the 92 local mac addresses? The comments are there for you.

field notes

Spotted some healthcare location services

Went to the hospital for a health check and spent the waiting time looking up to the ceiling. I spotted some RTLS devices from Centrak:

as usual, antennas are tilted randomly
What’s this? Aruba?

I did a quick scan with Airport Utility and found about 90 APs with hidden SSID and a Local mac address, plus other assorted OUIS. Here’s the OUI list:

02:18:4A Locally administered MAC address
02:18:5A Locally administered MAC address
00:A0:57 LANCOM Systems GmbH
38:08:FD Silca Spa
50:D4:F7 Tp-Link Technologies Co.,Ltd.
8C:34:FD Huawei Technologies Co.,Ltd

The locally administered Macs were broadcasting a hidden SSID, plus CLIENT, GUEST,PDA,SMARTPHONE.

The Silca OUI does not make sense here, unless it’s an access control system with intelligent door locks, the kind you operate with a keycard or a FOB.

Lancom Systems Gmbh is a network equipment manufacturer and solutions provider.

Channels in 2.4 Ghz are 1,6,11 as expected, and some 7 (what the heck?) and 9.

Channels in 5 Ghz: 36,44,64,104,112,140. Don’t know about channel width from the Airport Utility.


CWNA study guide review

David D. Coleman, David A. Westcott
CWNA Study Guide Fifth edition, Exam CWNA-107
Sybex, 2018

This book has been my companion since I started working in my employer’s entrerprise wireless LAN in late 2018. It’s a foundation guide that gave me the right approach to wifi networking and architecture. It’s also a technical reference guide for the many situations facing a WLAN administrator during the day to day operations of designing, deploying, validating and troubleshooting an enterprise WLAN.


About ghost frames

A recent WiFi Ninjas podcast (part 1 and part 2) is a long interview with Ben Miller about channel utilization, spectrum analysis and data rates. Miller talks also about so-called ghost frames, a concept I don’t understand very well.

A ghost is a preternatural being that haunts the living – ghost frames is a negative term, a statement of trouble, a problem. I tried to make sense of this statement reading Devin Akin’s article on ghost frames, and reopening my CWNA study guide (chapter 8, 802.11 medium access).

This notes are my tentative thoughts on the issue, there are probably mistakes, but writing it in English I feel I can think more clearly. I hope that the people quoted will not take offense for my representation of their ideas.


CWSP guide received

just delivered!

I’m a CWNA now!

I passed the Certified Wireless Network Administrator certification exam on Dec 19th, 2019!

My CWNA certificate
The certificate is generated about 24 hours after passing the test

It’s been a long journey starting 18 months ago, when I moved from network security to wireless networking and I realized that everything in wifi is totally upside-down from the wired world.

I dived into my new job, and on the sideline studied everything I could lay my hands on, starting with the CWNA Study Guide by Coleman and Westcott and published by Sybex. This book goes beyond the task of exam preparation and is a reference work to keep always on the desk.

Sybex CWNA Study Guide by Coleman and Westcott
A handy 900+ pages tome of wifi wisdom

The study guide has a list of blogs, conferences and Twitter handles that is a good starting point for following the wifi universe. I recommend the WLPC videos from the WLAN professional community, great for technical drill-down and (to non-native english speakers) for a taste of english technical terms.

CWNA-107 is the current certification exam version. It was updated from CWNA-106 around 2017 and it may be overhauled in 2020. You can check the official CWNP site for exam details, costs and study materials.

There was also a copy of the CWNA-107 Official Study Guide published by CertiTrek laying around in the office, but did not read it. My colleague (and now fellow CWNA) Claudio Lori liked that it’s condensed, more exam-focused.

While preparing the exam I kept working on my employer’s infrastructure: It’s a privilege I could apply new knowledge to real-world problems and make practical sense of otherwise abstract issues.

I was almost ready for taking the exam when my employer booked me and my colleague to a CWNA training class by Devin Akin (CWNE #1) in Milano. It was a fantastic, challenging week that defined me professionally, an eye-opener experience that motivated me to pursue the CWNP path.

After organizing my study notes and going over the Exam Objectives document for the last time, I purchased the Practice Test and the Exam Voucher on the CWNP site, then eventually booked a test date in Milano.

The practice test is completely optional. It has 2 banks of 60 questions that closely match the quality of the official test. After completing the 2 banks with a high score I was fairly confident that I could pass the real exam.

Still, when the exam date came and I was sitting at the testing center, I was a little nervous before clicking the last and final submit button, and immensely relieved when I was instantly presented with the exam results and the pass score. Yeah!

Now there are lots of plans for the future: more on that in the next posts.