I just spent two days installing a guest network with WiFi. The location already had an isolated network so we decided to just expand it. We decided that a few extra changes were also needed for future opportunities.
Everything except the access points went as expected.
We installed an HPE OfficeConnect 1420 switch. This is an unmanaged 24 port switch that has 12 ports with PoE. Since the guest network is not accessible to me remotely, the managed switches I usually use were not needed. The number of ports is over kill for the installed purpose but the PoE requirements necessitated the switch size.
I unboxed the first access point to find two pieces of paper, three mounting options, and the access point.
The web site mas minimal documentation so I had no clue as to what these mounting options looked like or how they would work at this location. I was able to use the ceiling T-Bar mount in the office. The other mounting bracket I had to enlarge the screw holes to allow the use of a tie-wrap as I was mounting it to a steel roof truss in the warehouse.
I ran network wire to the desired locations (3 locations in a 65,000 square foot building), terminated and tested as normal. Mounted the access points and connected them to the network cable. The cable was not connected to the switch yet.
After mounting the switch and the firewall in the rack I updated the firewall’s firmware and configured it.
My laptop connects to the internet just fine through the switch so I know the firewall’s settings are good.
I download the HPE OfficeConnect WiFi Portal app to my Android phone. I plug in the first OC20 access point and wait for it to boot. I launch the app and it finds the OC20 no problem. I fill in the blanks appropriately and activate the network. Error: Problem activating your network. I got this so many times it felt like one of those “please try again” notices on a Tim Horton’s “Roll Up The Rim” contest. I ended up taking it home the first night and I eventually got it to work. When I took it back the next morning it no longer worked. I spent some time watching the network to see what was going on. The firewall was passing the traffic through no problem. Turns out HPE is using Amazon AWS for hosting the OfficeConnect system but that’s a different issue. I called HPE support only to find that the OfficeConnect is handled differently and the first level support was via online chat. I filled in the blanks to get access to the online chat (name, address, phone, email, product number, product name, product serial number). A support person came on saying “Hi, how are you?” to which I responded “frustrated installing OC20”. His next request was for my contact information and the product information. I just did this only to do it again!! After describing the problem he wants a screen shot of the error message. I typed in the error message word for word already. Just more frustration. I did some more experimentation and found that it worked with my personal email address but not the work one. I gave him both addresses. After a couple minutes he comes back with the answer. Turns out the system only supports email address up to 30 characters. My address was 32 characters. There is no limitations shown in the client app at all. IIRC the RFCs for email has an effective length of 160 characters. I pointed this out as well to which he responded that the developers were working on it, whether they were working on the client app or the obvious defect in their system was not determined.
After working around that email address length limitation, the other two access points worked as expected. They found the first one, fetched the network information as they are designed to do, and everything worked.
The expectation was to be able to set the radio signal strength to control the coverage area as we only desired a small area. This is not the case with the OC20. You only have two parameters to set: the network name and the password. There is the option to enable a “Guest Network” on top but I did not explore that feature since the entire network was for guest access. In doing a walk around I found network access well beyond the property borders so it looks like the radio signal strength is hard coded to maximum. The survey software also identified the network as using WPA2.
The android app does provide some “neat” functionality by way of reporting. I can pull up the access point settings (channels, number of clients, etc), usage statistics, client statistics, and overall network health. This can also be pulled from the first access point’s web portal.
Overall they system is very easy to set up and does not require any technical knowledge. Not withstanding the email length issue. This does come at a cost though. Everything about the network would have to go through the OfficeConnect system hosted at Amazon. I have not done a full network trace to see just what flows where but I do know that the OC20 uses HTTPS to two Amazon IP addresses (from the firewall logs) and also uses port 4343 for the local web portal.
Would I deploy another? Yes, but only in situations where security is not a requirement.
The target market appears to be the non-technical people that need something quick and easy with minimal control requirements.