Re: Multiple WLAN Routers with same SSID
On Sat, 2012-09-22 at 08:40 +0200, Petric Frank wrote: Hello, Am Freitag, 21. September 2012, 20:17:24 schrieb Dan Williams: On Fri, 2012-09-21 at 12:42 -0500, Larry Finger wrote: On 09/21/2012 12:14 PM, Marius Kotsbak wrote: On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de mailto:pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. As far as I know, all routers from a given manufacturer come from the factory with the same ESSID and the same router password. It certainly is true for Netgear and Linksys, As Marius says, you should change the ESSID, and it is very important to change the password. If you don't, you may find that someone else will lock you out of your AP/router, and you will need to learn where the reset button is located. The default ESSID is a clue that the password might not have been changed. We've actually had code in NM for quite a long time that, if you click on a new network with any of the names: linksys, linksys-a, linksys-g, default, belkin54g, NETGEAR, o2DSL, WLAN, ALICE-WLAN, Speedport W 501V In fact here the SSID is the name of a device delivered by german telecom to its subscribers. Added to the list. Thanks! Dan then NM will create that connection *and* lock it to that access points BSSID, so that users don't run into this situation. Obviously, as time goes on we may need to add more to this list. If anyone has nominations, please let me know! See above. ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
Hello, Am Freitag, 21. September 2012, 20:17:24 schrieb Dan Williams: On Fri, 2012-09-21 at 12:42 -0500, Larry Finger wrote: On 09/21/2012 12:14 PM, Marius Kotsbak wrote: On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de mailto:pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. As far as I know, all routers from a given manufacturer come from the factory with the same ESSID and the same router password. It certainly is true for Netgear and Linksys, As Marius says, you should change the ESSID, and it is very important to change the password. If you don't, you may find that someone else will lock you out of your AP/router, and you will need to learn where the reset button is located. The default ESSID is a clue that the password might not have been changed. We've actually had code in NM for quite a long time that, if you click on a new network with any of the names: linksys, linksys-a, linksys-g, default, belkin54g, NETGEAR, o2DSL, WLAN, ALICE-WLAN, Speedport W 501V In fact here the SSID is the name of a device delivered by german telecom to its subscribers. then NM will create that connection *and* lock it to that access points BSSID, so that users don't run into this situation. Obviously, as time goes on we may need to add more to this list. If anyone has nominations, please let me know! See above. ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
Larry Finger larry.fin...@lwfinger.net writes: On 09/21/2012 12:14 PM, Marius Kotsbak wrote: On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de mailto:pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. As far as I know, all routers from a given manufacturer come from the factory with the same ESSID and the same router password. Not necessarily. But I'd like to share a little horror story of why the alternative isn't necessarily any better... Many years ago, the ISP I work for decided that we wanted a unique ESSID and password on every CPE we send out to our customers. So we made that a vendor requirement. No problem. Several vendors could deliver that. But unique does not equal random. The vendor did of course use some algorithm to come up with the ESSIDs and passwords, and the result should not surprise anyone. It took me one two-word Google search to come up with this as hit #3: http://www.gredil.net/WPAkeyCalc/KeyCalculator.html One could of course argue that the end users were no worse off than if they had received CPEs with the same ESSID and password, but the fact is that they were. The uniqueness gave a warm and fuzzy secure feeling, making fewer users change it from default. And then someone combined wardriving data with calulator output and published long lists of coordinates, essid and password. This did not look good in media. And it was decided that we had to fix it. But how? We do manage the CPEs and can change any setting. But you cannot just change the wireless settings for an end user. How are they going to connect then? You have to change every device connected to their home network as well. We ended up redirecting them to a web portal, providing information about the problem and some guidance on what to do. And not letting them access the Internet again until they have selected a new ESSID and password and at least have reconfigured the device they use to access the portal. Hassle for us, and lots of hassle for the end users. And to avoid overloading support, we have to limit the rate to a few thousand users a day. Which means this will take forever. Unique ESSIDs definitely was not worth the trouble. But we have learned a lot while trying to fix the bummer. Bjørn ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. -- Marius ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
On 09/21/2012 12:14 PM, Marius Kotsbak wrote: On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de mailto:pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. As far as I know, all routers from a given manufacturer come from the factory with the same ESSID and the same router password. It certainly is true for Netgear and Linksys, As Marius says, you should change the ESSID, and it is very important to change the password. If you don't, you may find that someone else will lock you out of your AP/router, and you will need to learn where the reset button is located. The default ESSID is a clue that the password might not have been changed. Larry ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
On Thu, 2012-09-20 at 23:37 +0200, Petric Frank wrote: Hello Dan, Am Donnerstag, 20. September 2012, 19:19:52 schrieb Dan Williams: On Thu, 2012-09-20 at 18:13 +0200, Petric Frank wrote: at my location i sometimes notice that different WLAN-routers broadcasts the same SSID, but different frequencies and MAC-addresses. They also require different (WPA1/2-) keys to access. But i have only the access key of one of this access points. So this is somewhat bad network planning, because it means you cannot roam between access points. That's somewhat worked around by the locking to WPA1 vs. WPA2. NM actually *does* have the functionality to lock a connection to WPA1 or WPA2, but it's not exposed in the UI because it's incredibly stupid planning on the part of network engineers, and in 6 years this is only the second case we've heard of that would require that. These networks are not owned/managed by me. So i don't have the possibility to get then changed. You seem have the impression that i am in the task of network planning. This is not true - i am a simple end user on this subject. I know you can't change it. And we have to work around it. Just cathartically pointing some fingers. However, we'll probably end up adding an option to expose the WPA1/WPA2/Automatic option in the UI by setting a gsettings key to expose it. These dialogs already have enough toggles :( The autoconnect feature of nm-applet (and hence network manager) seems to select the host to connect only by the SSID - which often fails. Correct, because with WiFi the SSID *is* the network; wifi networks with the same SSID are expected to be backed by the same core network, and you're expected to be able to roam between these APs. In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? Well, same situation here in the US with Linksys consumer routers, where by default they all use linksys and nobody bothers to change it. But the difference here is that these devices are used in a *home*, not a business or campus. That means that we can assume that every linksys or netgear is *not* the same network, and that you're *not* expected to roam between these access points. So what users need to do here is lock the connection to a BSSID (ie, a single AP) instead, and then NM will only try to connect to the specific AP you've told it to. However, at a campus or business where all access points have the same name, you *are* expected to be able to roam between access points, and so a network like you describe where half the access points have one passphrase and the other have have a different passphrase is unhelpful. But obviously you can't fix that. Therefor i asked to use an other key additionaly Could i suggest to implement and use (/store) the MAC address of the WLAN access point as additional selection key (maybe optionally) ? This is already implemented as the BSSID option in the connection editor; setting this to the BSSID of the access point you'd like to connect to will limit that connection to only that AP. I saw the field in nm-applet's config system. What should be put into this field - the MAC address of the access point in question ? Yes, you put the MAC address of the AP into this field (also called a BSSID). If it is an SSID it does not help me, because of duplicate SSIDs (as written above). At one time i was at a location where i saw 4 access points in range announcing the same SSID. These access points were *no* roaming ones, they seemed completely different dedicated ones. Yes, like linksys or netgear or alice you need to lock the connection to the specific AP you want to use, otherwise NM, wpa_supplicant, and the kernel have no idea which one to use, and will happily attempt to roam between access points. This isn't an NM-specific behavior, often the kernel drivers or supplicant will roam between access points too, because that's how WiFi is expected to work. The MAC address of the access point's wlan interface (if not changed by the owner) is the unique key of it - as far as i know. The can be see by issuing for example iwlist wlan if list in the line Cell xx: Address MAC This however does break roaming quite spectacularly, because it disables roaming completely. If you don't need roaming at all, try this. I do not need roaming for them. Good. Then locking the connection to a specific MAC address/BSSID will work well for you. Dan ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
On Fri, 2012-09-21 at 12:42 -0500, Larry Finger wrote: On 09/21/2012 12:14 PM, Marius Kotsbak wrote: On Sep 20, 2012 11:38 PM, Petric Frank pfr...@gmx.de mailto:pfr...@gmx.de wrote: In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? That is bad (but it seems like Linksys routers are the same), but you should be able to change the SSID of the AP you use. As far as I know, all routers from a given manufacturer come from the factory with the same ESSID and the same router password. It certainly is true for Netgear and Linksys, As Marius says, you should change the ESSID, and it is very important to change the password. If you don't, you may find that someone else will lock you out of your AP/router, and you will need to learn where the reset button is located. The default ESSID is a clue that the password might not have been changed. We've actually had code in NM for quite a long time that, if you click on a new network with any of the names: linksys, linksys-a, linksys-g, default, belkin54g, NETGEAR, o2DSL, WLAN, ALICE-WLAN, then NM will create that connection *and* lock it to that access points BSSID, so that users don't run into this situation. Obviously, as time goes on we may need to add more to this list. If anyone has nominations, please let me know! Dan ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
On Thu, 2012-09-20 at 18:13 +0200, Petric Frank wrote: Hello, at my location i sometimes notice that different WLAN-routers broadcasts the same SSID, but different frequencies and MAC-addresses. They also require different (WPA1/2-) keys to access. But i have only the access key of one of this access points. So this is somewhat bad network planning, because it means you cannot roam between access points. That's somewhat worked around by the locking to WPA1 vs. WPA2. NM actually *does* have the functionality to lock a connection to WPA1 or WPA2, but it's not exposed in the UI because it's incredibly stupid planning on the part of network engineers, and in 6 years this is only the second case we've heard of that would require that. However, we'll probably end up adding an option to expose the WPA1/WPA2/Automatic option in the UI by setting a gsettings key to expose it. These dialogs already have enough toggles :( The autoconnect feature of nm-applet (and hence network manager) seems to select the host to connect only by the SSID - which often fails. Correct, because with WiFi the SSID *is* the network; wifi networks with the same SSID are expected to be backed by the same core network, and you're expected to be able to roam between these APs. Could i suggest to implement and use (/store) the MAC address of the WLAN access point as additional selection key (maybe optionally) ? This is already implemented as the BSSID option in the connection editor; setting this to the BSSID of the access point you'd like to connect to will limit that connection to only that AP. This however does break roaming quite spectacularly, because it disables roaming completely. If you don't need roaming at all, try this. Dan Maybe it is already there, but i failed to find on how to configure it (using nm-applet). Yes, i know, the backend is wpa-supplicant - maybe there is the deficit. But network manager is configuring it and so this should be possible. Actually i use network manager v. 0.9.4.0. regards Petric ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple WLAN Routers with same SSID
Hello Dan, Am Donnerstag, 20. September 2012, 19:19:52 schrieb Dan Williams: On Thu, 2012-09-20 at 18:13 +0200, Petric Frank wrote: at my location i sometimes notice that different WLAN-routers broadcasts the same SSID, but different frequencies and MAC-addresses. They also require different (WPA1/2-) keys to access. But i have only the access key of one of this access points. So this is somewhat bad network planning, because it means you cannot roam between access points. That's somewhat worked around by the locking to WPA1 vs. WPA2. NM actually *does* have the functionality to lock a connection to WPA1 or WPA2, but it's not exposed in the UI because it's incredibly stupid planning on the part of network engineers, and in 6 years this is only the second case we've heard of that would require that. These networks are not owned/managed by me. So i don't have the possibility to get then changed. You seem have the impression that i am in the task of network planning. This is not true - i am a simple end user on this subject. However, we'll probably end up adding an option to expose the WPA1/WPA2/Automatic option in the UI by setting a gsettings key to expose it. These dialogs already have enough toggles :( The autoconnect feature of nm-applet (and hence network manager) seems to select the host to connect only by the SSID - which often fails. Correct, because with WiFi the SSID *is* the network; wifi networks with the same SSID are expected to be backed by the same core network, and you're expected to be able to roam between these APs. In fact (here in Germany) german telecom delivered WLAN-routers which all have preset the same (E)SSID. Shall i go to every household (even if i can locate them) in my environment to tell them to change their SSID ? And again at every location i travel to if the same SSID appears again ? Therefor i asked to use an other key additionaly Could i suggest to implement and use (/store) the MAC address of the WLAN access point as additional selection key (maybe optionally) ? This is already implemented as the BSSID option in the connection editor; setting this to the BSSID of the access point you'd like to connect to will limit that connection to only that AP. I saw the field in nm-applet's config system. What should be put into this field - the MAC address of the access point in question ? If it is an SSID it does not help me, because of duplicate SSIDs (as written above). At one time i was at a location where i saw 4 access points in range announcing the same SSID. These access points were *no* roaming ones, they seemed completely different dedicated ones. The MAC address of the access point's wlan interface (if not changed by the owner) is the unique key of it - as far as i know. The can be see by issuing for example iwlist wlan if list in the line Cell xx: Address MAC This however does break roaming quite spectacularly, because it disables roaming completely. If you don't need roaming at all, try this. I do not need roaming for them. regards Petric ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list