Reasons why not too install AP’s in false ceilings.

Its is bad design….

How can we design for something we cannot measure? A wireless design needs to account for signal attenuation, one of the big design requirements is to account for the loss caused by  walls, windows etc. We do this be measure the signal loss and accounting for it in our designs.

How would one  measure this the objects that are located in a false ceiling…? Well it would be extremely difficult to safely, accurately and not to mention costly to measure the HVAC  ducts etc located in false ceilings, especially when the  everything is already in place, as well how do you measure the impact of reflections etc???

Impact to coverage and efficiency of the WLAN….

In a typical corporate office multi level building the false ceilings can contain, HVAC ducting, water pipes, metal cable trays etc,  increasing reflections and sufficiently reducing signal propagation.

Reduced coverage  will result in extra AP’s having to be used to account for the coverage holes ,which result in an increase to overall cost.

Increased multi path caused by reflections can decrease overall throughput for less capable devices. Can cause AP radios to reduce power to account for the reflected signal being detected by the radio elements. Not good when design is based on RRM


AP’s can produce a great deal of heat (Cisco 4802) false ceilings are usually hot, contain dust and other material when combined can become a fire hazard.


As mentioned above AP’s and false ceilings can be rather hot, when AP’s are installed in false ceiling it is usually on some metal frame or structure, the increase heat can cause AP’s to overheat or fail.



Installing a Windows server CA signed certificate into ISE 2.4

Step 1: Download your Root CA certificate, depending on your setup this step may vary

  • In this example my certificate authority will be my home labs windows 2008 server, it is assumed that you have access to a CA server  or signed CA certificate already

Step 2: ISE use .pem format for its certificates, the Windows CA cert is a .cer format so we are required to changed the format, to do this I  will be using Openssl as I am using a Apple MAC which comes standard if using windows you will required to download the file.

  • In Terminal or what ever application you are using go to the location of where you have stored the certificate and enter the  following command

“openssl x509 -inform der -in cacert.cer -out isecacert.pem”

Step 3: Import the signed CA cert into ISE

  • Click on administration>system>certificates>trusted certificates
    • Click on Import

Screen Shot 2019-10-28 at 12.15.55 pm.png

  • Select the CA certification “isaca.pem”
    • Once  CA Certificate has been selected, clicked on the following 3 boxes to support EAP-TLS based authentication
    • Click submit

Screen Shot 2019-10-28 at 12.16.32 pm.png

Click submit.

Screen Shot 2019-10-28 at 12.17.02 pm.png

The Windows  server CA certificate will now appear in the Trusted Certificates list.

Using UC-232AC USB to serial adapter on a Apple Mac

The purpose of this blog post is to show the steps required on how to add the UC-232a USB to serial cable to your Apple MAC and then how to configure a profile so you don’t have to enter the commands again. I have had to do this a lot recently due to issues with my MAC so I thought I would document my own workflow on this process.

Step 1: Go  here and download the required drivers under Support & DownloadsYScreen Shot 2019-10-21 at 6.39.07 am.png

Step 2: Install the driver for the UC232a USB to serial cable it will require a reboot of your computer

Step 3: Open a terminal session, press command key and space then type “terminal” once located hit enter

Step 4: plug in UC-232AC USB to serial adapter into MAC

Step 5: In terminal program type:

$  ls /dev/cu.*

Located the /dev/cu.UC-232AC  as per below.Screen Shot 2019-10-21 at 6.40.12 am.png

Step 6: Type,

$  screen /dev/cu.UC-232AC 9600

Screen Shot 2019-10-21 at 6.43.04 am.png

And Now you should have CLU access to your device

Screen Shot 2019-10-21 at 6.46.58 am.png

If the below message is displayed in Terminal, dis-connect and reconnect  your USB to serial cable ;

Screen Shot 2019-10-21 at 6.47.20 am.png

Now to create a profile so you do not have to continually enter the commands

Step 6: Click on Terminal and select ” Preferences…”

Step 7: In the ” Profiles section” Click “+” icon located bottom left corner

Step 8: Type in your profile name i.e ” USB Serial”

Step 9 : In the shell tab that is part of your new profile you created, click “Run command” and enter in the text field: screen /dev/cu.UC-232AC 9600

Screen Shot 2019-10-21 at 6.54.06 am.png

Then close the window

Step 10: Right click on the terminal icon and go to ” New window with Profile” and select the profile you created

Screen Shot 2019-10-21 at 6.53.49 am.png

Now you should have CLI access to your device.

Screen Shot 2019-10-21 at 6.46.58 am.png

If the below message is displayed in Terminal disconnect and reconnect your usb to serial cable

Screen Shot 2019-10-21 at 6.47.20 am.png


That is it.

ECSE Design

I recently sat (Sept 2019) the Ekahau Certified Survey Engineer (ECSE) Design course in Melbourne Australia instructed by Eddie Forero the man behind , course hosted by

The ECSE Design course is 1 of 3 courses that Ekahau offer, they also offer an Advanced and Troubleshoot course, for further information on  Ekahau and the courses refer here

The Design course covers the fundamentals of using the Ekahau software, RF, Design requirements and a heap more.

To ensure you get the most out of the course,  I would highly recommend you have a good foundational knowledge of wireless ( 802.11). One way of ensure this is by having read and grasped the material covered in the CWNA study guide book offered by CWNP, more information on this can found here: .

The first day of the course does cover what they refer to as CWNA lite,  but trust me and do yourself a favour, read and understand the material covered in the CWNA book before going on this course.

I had an absolute blast on this course,  Dicker Data (Darko) was a fantastic host & Eddie Forero a brilliant instructor.

Apart from the course another huge highlight was talking to different wireless professionals and the after training activities.  There was some great knowledge sharing conversation had!

Before doing this course I having been using Ekahau for many years, since transitioning from another product, but never completed any offical training, everything I learned came from experience (trial & error), CWNP, Ekahau guides, YouTube and advice from the twitter wireless community.

There is a wealth of information out there but it can certainly be overwhelming and steer you in the wrong direction.

I would highly recommend the ECSE Design course to anyone that wants to learn more about:

  • Wireless design requirements
  • Wireless capacity requirements
  • Wireless site surveys
  • Wireless documentation and reporting
  • Looking at doing the  ECSE-Advanced course as Design is a pre-req
  • Learning from experienced instructors that are veterans in this field.
  • And of course learn more about using Ekahau software and SideKick.

Big thanks to Darko from , Eddie and of course Ekahau


Screen Shot 2019-09-15 at 1.09.39 pm.png

Basic overview of Wireless QoS

The purpose of this blog post is to hopefully provide a better understanding of wireless QoS without doing deep.

Wireless QoS simply put it is a method of prioritising certain types of frames, so that it spends less time waiting to transmit.

When talking about Wireless QoS most people are referring to either Wi-Fi Multimedia (WMM) or 802.11e.

WMM is a certification created by the Wi-Fi alliance to assist with the need for frame prioritisation while the 802.11e amendment was being signed off.  The 802.11e and WMM are somewhat similar in their structure.

Wireless QoS was defined in 802.11e amendment that is part of the 802.11-2016 standard, it was created to address particular requirements around latency and jitter for voice, video and audio traffic that is sent over the wireless medium, as the original 802.11 standard did not account for that type of traffic.

Two channel access methods are defined in the 802.11e amendment:

  1. Enhanced distributed channel access(EDCA) and
  2. Hybrid coordination function controlled channel access (HCCA)

Of the two, EDCA was adopted,

EDCA is used by both WMM and 802.11e capable clients. EDCA is a channel access method that allows certain types of traffic to be assigned to 4 queues called access category (AC).

The 4 AC are listed highest to lowest

  • Voice
  • Video
  • Best effort
  • Background

The AC are mapped to user priorities of which there is 8, within each AC there are two UP

  • UP 7 & 6 = Voice
  • UP 5 & 4 = Video
  • UP 3 & 0 = Best Effort
  • UP 2 & 1 = Background

The AC that a frame is placed in will determine how often it gets access to the wireless medium. I.e. a frame in the video queue will get more transmit opportunities than a frame in the Background queue.

Part of the 802.11 arbitration process is a wireless client must check that the medium is available before it transmit, this involves performing the following:

  • Carrier sense checks for further information on this refer to this post 
  • Inter-frame space (IFS)
    • A set period of time a STA cannot transmit a frame
    • For an 802.11e frame it is called arbitration inter-frame space (AIFS), basically the higher the AC the frame is placed into the short the AIFS timer will be
  • Random back off time
    • A random range of values called the Contention window (CW)
    • Each AC has minimum CW and maximum CW value. The higher the AC the lower the CW min and max value will be.

For a QoS frame, the IFS and the Random back off timer are extremely important, as it these timers that determine the period of time the client is waiting before it can send its frame. Less time waiting to transmit equals more transmit opportunities.

What has not be discussed is how this maps up to the wired side with layer 2 (COS) and layer 3 (DSCP) QoS markings, this will  be covered in another post.


Westcott, David A.. CWAP Certified Wireless Analysis Professional Official Study Guide. Wiley. Kindle Edition.

Coleman, David D.. CWNA Certified Wireless Network Administrator Study Guide (p. 267). Wiley. Kindle Edition.



CCNP Wireless Deploy (300-365)

The following information is for anyone that is looking at or is currently studying for the CCNP Wireless Deploy (300-365) exam.

Information about the CCNP Wireless exams can be found here as well there is a CCNP Wireless study group

Study material is limited but I have listed what is available below, the best thing is to do given the limited official study material is breakdown the exam blue print and mark the sections of as you become confident in the topic.

Study material:

  • Cisco deployment guides based on the code version of the exam
  • Cisco CCNP wireless Quick reference guides

For this exam you will need to buy or borrow some lab equipment, so to ensure you grasp the topic’s in the blue print.

Equipment at a minimum:

  • 2x 2504
    • Can do most WLC configurations expect HA SSO and rate limiting
  • 4x 3502 or better
    • Can re-image 2 for Autonomous AP studies
  • Server that is able to run Prime, ISE, windows server, and windows client

This will enable you to do a lot of the topics in the blue print.

I sat the exam on March 2019, and passed on first attempt with about 20minutes of spare time left over.  Same with the CCNP-W Design exam the Deploy exam has the typical Cisco question, where it could have two right answer but the correct one depends on what document you read.

The exam does have configuration/troubleshooting questions as well as lab simulations in it, so hands on experience is a must if you aim to pass.

CCNP Wireless Design (300-360)

The following information is for anyone that is looking at or is currently studying for the CCNP Wireless Design (300-360) exam.

Information about the CCNP Wireless exams can be found here  as well there is a CCNP Wireless study group

The following material below is what I would recommend for anyone looking at studying for this exam

Study material:

CWNP: Certified Wireless Design Professional study guide (CWDP-302)

Cisco CCNP Wireless CUWSS Quick guides

  • Old book, yes but so is Cisco wireless design methodologies

Cisco E- learning

Cisco deployment guides based on the code version of the exam

In Nov 2018, I sat the CCNP Wireless Design (300-360) exam and passed it, I finished the exam with plenty of spare time. The exam had typical Cisco question, where it could have two right answer but the correct one depends on what document you read.

The exam was based on a lot of Cisco best practices and wireless standards, if you have been doing Cisco Wireless or wireless design in general for some time you may find the exam not that difficult. If you haven’t I suggest reading the material mentioned above and visiting the CCNP Study group linked above.

How many clients can we have per radio?

A very common question we wireless professionals get asked is. How many clients per AP can we have on this AP?

To help us determine and better answers this question there are some excellent resource available that I have linked below. Highly recommend becoming familiar with them.

Capacity Planner by Andrew Von Nagy at Revolutionwifi

Forecasting AP Capacity by by Andrew Von Nagy at Revolutionwifi

Wi-Fi Throughput by Devin Akin at Divergent Dynamics

Ekahau Site Survey Pro (any of the latest version) need to pay for software

Client information by Mike Albano at

To determine client capacity, we need to understand what is actually possible, as we have some major limiting factors with our wireless networks “Air-time” and the half duplex nature of the medium.

Capacity calculators like the ones above are used to determine how many AP’s/Radio’s we need based on the amount/types of clients and their throughput requirements.

To get a general understand of how many clients a radio can support I will show some examples using Devin Akins efficiency rules (linked above) “MCS rate x ~ 40% / # of users = per device throughput.

Following examples are based on zero 802.11 and non-802.11 source of interference (perfect world).

Example 1:

802.11n 2×2:2 AP with 20MHz channel with 50/30/10 802.11n 1×1:1 clients at an RSSI -64 that gives them a MCS7 data rate of 72Mbps with a short guard interval at medium/large use.

Data Rate= 72Mbps

40% efficiency= medium/large use

Total throughput capacity= 29Mbps

/50 1×1:1 client devices =570Kbps/client

/30 1×1:1 client devices =650Kbps/client

/10 1×1:1 client devices =2.9Mbps/client

Example 2:

802.11n 2×2:2 AP with 20MHz channel with 50/30/10 802.11n 2×2:2 clients at an RSSI -64 that gives them a MCS7 data rate of 144Mbps with a short guard interval at medium/large use.

Data Rate= 144Mbps

40% efficiency

Total throughput capacity= 58Mbps

/50 2×2:2 client devices =1.152Mbps/client

/30 2×2:2 client devices =1.92Mbps/client

/10 2×2:2 client devices =5.76Mbps/client

The following examples show the affect that device capability & number has to overall throughput per client.

Wireless networks 99% of the time contain different chipsets, understanding your device types is a critical component to your wireless network. Mike Albano site has an extensive list of different client chip sets, if the device is not listed, it mentions how to capture the information.

A very common way marketing spin their AP’s is with descriptions like: “Our 802.11n 2×2:2 APs can support 500 clients with a data rate of 300Mbps”. Which is just not possible.


  1. To theoretical achieve a “data rate” of 300Mbps you need to have 40MHz wide channels, clients are 2×2:2 802.11n with an RSSI -64dBm using a short guard interval.
  2. The term “data rate” is completely miss leading this is not your actually throughput, wireless has a lot of overheads, basically cut that value in half and there is your starting point.

Now let’s look at some other variables that also affect the capacity of our wireless networks

  1. Business requirements:
    1. Different applications have different channel utilisation threshold before services start being affected
    2. If Voice services are required what are the RF design and configuration requirements,
      1. RF design
      2. Vendor specific configuration requirements: i.e. Cisco CAC
  2. QoS design
    1. Such as 802.11e, WMM, DSCP & CoS
  3. Rate limiting
    1. Can have significant impact to air-time utilisation
  4. Airtime fairness
  5. # of SSIDs
  6. % of associated users or concurrent clients?
  7. AP’s configuration i.e. 1x 2.4GHz and 1x 5GHz
  8. AP Chips sets, can they handle all the con-current and client associations
  9. Sources of RF and non-RF interference
  10. Wireless design requirements: Mesh with client connect, etc.
    1. Mesh present a whole number of extra requirements (headaches) when considering overall aggregate throughput per client.
    2. Channel plan
    3. Suitable Channel width without increasing CCI & ACI
  11. Device types, density, & number of devices:  A killer especially with legacy devices.
  12. Client device drivers are up to date.
  13. Backhaul: extremely important.

While an AP data sheet may say it can support # of clients per radio, we as wireless engineers need to ensure our wireless networks are designed with sufficient AP density to accommodate the numbers/types of clients and their throughput requirements.

Capacity planning is critical step to ensuring the wireless network meets the requirements of the design.

CCA from Another Perspective

As we know 802.11 is half-duplex, so devices must check the wireless medium to determine if it is free or busy before it can send traffic, No issues there.

Where it gets interesting is when we look at the thresholds (at a high level) that determine if the medium is busy. Part of the mechanism used to determine if it is available is called Clear Channel Assessment (CCA). Within CCA there are two thresholds – Signal Detect (SD)and Energy Detect (ED).

–          Signal detect (SD): listen for any transmitting 802.11 frames

–          Energy detect (ED): list for any other none RF transmissions that is 20dB stronger than SD (won’t go into this in this post)

SD is used to detect a transmitting 802.11 preamble, which is contained within the physical layer header of an 802.11 frame, if it can decode the preamble, it will attempt to sync with the incoming transmission, which is sent at the lowest basic rate for the Band, 1 Mbps for 2.4GHz and 6Mbps for 5GHz. The SD threshold is usual set at 4dB SNR, so if the noise floor is at -96dBm, an 802.11 device is able to demodulate the preamble at an RSSI of -92dBm, which would then trigger CCA, causing devices to deferrer.

So how far is -92dBm or 4 dB SNR? The below simulation shows you how far, represented by a simulated Cisco 3802 AP with the following configuration: 1mW, 2.4GHz and no obstruction,

The colour coding represents the following signal areas,

Screen Shot 2019-03-21 at 7.34.00 pm.png: The wireless coverage we have designed for, where we want our clients to be associated

Screen Shot 2019-03-21 at 7.34.06 pm.png : The area that can cause CCA

and every where else is where it becomes noise below the required CCA threshold

Screen Shot 2019-03-21 at 7.37.22 pm.png

  • Note the picture above is only the Radius.

Using 1mW (equates to 0dBm) and with a cell edged measure at -92dBm the total distance is 500m.

In some of the environments that I work in our industrial wireless AP can vary anywhere from 2Watts (33dBm) – 4Watts (36dBm) in the 2 .4GHz and 5GHz band and our enterprise AP around 25mW (14dBm) +/-, so the potential coverage area for SD to cause devices to deferrer can be quite large

Understanding this is important when it comes to our wireless designs. We design for a required cell edge i.e. -67dBm/25dB SNR for devices, but we also need to account for the signal we don’t care about as it continues on, so we can minimise Co- channel interference (CCI).

Minimising CCI is possible in 5GHz (depending on AP capacity), but not possible in 2.4GHz. It becomes an even greater pain in the butt when we add client STA’s into the mix, as the client STA are one of the biggest contributors to CCI.

Screen Shot 2019-03-21 at 7.38.27 pm.png

While we may have done our best to minimise AP CCI, as soon as a mobile client roams to the outer edges of a cell, it has the potential to extend the contention domain and interfere with another AP on the same channel, causing devices to defer. This is due to SD as mention previously

This in turn increases medium contention, due to devices having to defer, which eats up your airtime – equaling less throughput.

What can we do to help reduce this?

  • Understand your AP and client STA receive sensitivities levels
  • Consider your CCI boundaries in your designs
  • Use directional antennas where possible

Would like to give a shout out to two legends @WazzFi and @Stephen_Cooper for their input and support.


Tom Carpenter (2016). Certified Wireless Analysis Professional (CWAP-402). US: CertiTrek Publishing

Devin Akin (2018) Certified Wireless Design Professional Training course


The importance of physical AP separation

The following information is to highlight the negative impact that occurs when AP’s are installed next to each other <3m, as It is not uncommon in today’s wireless deployment, to see these types on installations.  As the old saying goes a picture paints a thousand words, so I have tried to minimise technical jargon, by using pictures.

Figure 1, shows the spectral mask (Shape) of an OFDM modulation pattern, which will be represented throughout. An OFDM spectral mask, is approximately 20MHz wide, and is based on the centre channel. In this example it is based on channel 6.


Screen Shot 2019-01-30 at 10.37.04 am.png

Figure 1: OFDM Spectral mask


The Spectral mask of any 802.11 modulation contains certain key areas,

  • Peak power
  • Shoulders
  • And where it tapers off into background noise


All have values which are described as decibels relative to peak power (dBr) of the centre frequency

Good design practice is to ensure only non-overlapping channels are used. In the 2.4GHz band to be consider non-overlapping it must be separated by 5 channels or 25 MHz, in the 5GHz band it is 20MHz separation from the centre frequency.

Not only is having non-overlapping channels critical to any good wireless design, so is the importance of AP separation. If AP’s are not physically separated >3m or have some form RF isolation method than interference will occur. This also applies to AP placement when located next to objects, but sometimes this is unavoidable, so correct antenna selection is crucial.

To demonstration this I have setup the following equipment in a small lab scenario as shown in Figure 2, AP1, 2 & 3 at approximately less than 30cm apart, configured on static channels 1, 6 & 11, at transmit power of 20dBm This testing is relative to the equipment used) Spectrum analyser sitting next to the AP’s to view the layer 1(RF) information

Not shown in this picture are test clients, 3x 1×1 Apple IPad mini and Apple MBP that will be used for throughput testing and capturing information.


Screen Shot 2019-01-30 at 10.38.04 am.png

Figure 2:  Lab setup

Shown below in Figure 3. Is the current 2.4 GHz band utilisation.

Screen Shot 2019-01-30 at 10.38.12 am.png

Figure 3: 2.4GHz band before testing

AP1 is enabled on Channel 1 with a client device conducting a throughput test, as shown in figure 4.

Pay particular attention to;

  • The shoulders of the OFDM spectral mask, notice how it bleeds over into adjacent, and non-overlapping channels.
  • Notice the channel utilisation, for adjacent and non-overlapping channels.

Screen Shot 2019-01-30 at 10.38.20 am.png

Figure 4:  AP1 on Channel 1 with client running throughput test

I will now disable AP1 and repeat the same test again this time with AP2 on channel 6

Screen Shot 2019-01-30 at 10.38.27 am.png

Figure 5:  AP2 on Channel 6 with client running throughput test

This time leaving AP 2 still enabled, I will re-enable AP1. Notice that the shoulders of both the spectral masks have bleed together.

Screen Shot 2019-01-30 at 10.38.32 am.png

Figure 6: AP1 on channel 1 & AP 2 on Channel with throughput testing being conduct with Clients

Now compare the channel utilisation from figure 5 to figure 6, notice the increase that has occurred.

AP 2 is disable and AP3 is enable on channel 11 also with a client conducting a throughput test

Screen Shot 2019-01-30 at 10.38.36 am.png

Figure 7: AP1 & AP3 with throughput testing being conduct on each channel

Figure 7 shows utilisation occurring on channel 6 regardless of any stations. Take note on the channel utilisation in figure 7 and compare it figure 5. The utilisation on channel 6 in figure 5 is almost the same as figure 7.

This time I will re-enable AP2 with client. Take note of the overall increase in 2.4GHz band utilisation and the shoulders of the individual spectral masks.

Screen Shot 2019-01-30 at 10.38.45 am.png

Figure 8: AP1, 2 &3 enabled with clients running throughput tests

Now let’s compare the difference when AP’s are physically separated.

AP1 and AP3 are separated by 5meters, the spectrum analyser is located in the middle

Screen Shot 2019-01-30 at 10.38.51 am.png

Figure 9: AP 1 & 3 separated by 5m

Notice the spectral mask shoulders and overall channel utilisation of the band compared to previous test shown in figure 6.

This time I have changed the channels but the distances remain the same.

Screen Shot 2019-01-30 at 10.38.56 am.png

Figure 10: AP 1 & 3 enabled with throughput test

Compare figure 10 against figure 6. Massive difference. All 3 AP’s are now separated by distance of 5meters.

Screen Shot 2019-01-30 at 10.43.11 am.pngFigure 11: AP1, 2 & 3 enabled with throughput test an AP’s

Notice the difference in overall utilisation when figure 11 is compared to figure 8.

Hopefully this shows that physical separation is extremely important to minimise interference, however testing should always be performed as the distance required is dependant to the AP, antenna and EIRP selected. To determine the required separation  those factors must be account for.

As mentioned this was a small test lab, if this was in production the impact would have been magnified.