Wireless Device DHCP and NAT specifications
Definitions
Bridge – a device that will allow network traffic to pass through it unchanged.
Router – a device that will provide direction to a range of IP address onto another network.
Dynamic Host Configuration Protocol (DHCP) – the dynamic allocation of IP addresses and other information to computers on a network.
Policy Statement
Note: Personal Wireless Access Point (WAP) devices are not allowed in residence halls where wireless connectivity is already provided (see wireless_services).
Wireless Access Point devices can be used in non-wireless residence hall rooms to add wireless connectivity and extra wired Ethernet ports. These devices can be configured two ways: as a “bridge” or as a “router.” If installed as a router, the WAP device will create a “private” network in the room. If installed as a bridge, the devices on the other side of WAP will be visible to the main network. The Information Technology Services (ITS) department, which is charged with supporting all networking on campus, strongly prefers individuals to install devices as bridges because then the staff can identify sources of problems, such as virus-infected machines, on the network created by the WAP device. A wireless device installed as a router will hide all computers that use that network behind a single wireless access point.
We recognize, however, that most manufacturers of WAP devices instruct the users to setup the device as a router, by default. Please note that if an individual installs a wireless device as a router, then that person is responsible for all users and uses on devices on the private side of the router (these users might be tapping into the wireless network from nearby without permission). Further, ITS suggests that the router be reconfigured as a bridge at the earliest convenience.
Bridge Configuration
The preferred configuration of a wireless device is a bridge configuration. Caution must be used, however, to ensure proper installation. DHCP services provided by the WAP must be turned off. If not turned off, then the WAP will give out IP addresses which could make the entire residence hall floor or building unable to access the Internet. How this could happen varies depending on manufacturer. Once DHCP services have been turned off, internal Ethernet ports can be connected to the wall outlet with a standard crossover cable. This will ensure that all the devices using this extended network segment will use the College’s DHCP server and services. Each computer attached to the extended network through the Wireless Access Point will need to uniquely register with NetReg, as is the case with all Ethernet ports in the residence halls.
Router Configuration
Caution must be used in configuring a Wireless Access Point as a Router. To do this you must turn on DHCP services provided. You are encouraged to use the IP Range 192.168.0.0 subnet 255.255.255.0 (this is standard for many Wireless Access Points). You should configure the WAP to give you IP addresses in the range 192.168.0.100 to 192.168.0.110, thereby limiting the number of devices that can connect. This will allow your WAP to give out IP addresses so that you and any one connecting to it will be able to access the Internet. The instructions for doing this will vary by manufacturer. Once DHCP Services have been turned on, plug the internal Ethernet port (WAN Port) into the wall outlet with a standard network cable. Once this is done, all the devices that use the extended network segment will use an IP address provided by your WAP’s DHCP Server. Each computer attached to the extended network through the WAP will use the WAP device’s registration to access the Internet. All traffic generated by users of the extended network will be identified to the individual who registered the device. The device owner will be responsible for the effects of malicious network traffic that is identified as being transmitted through the device.