Tech Forum

RussellHltn wrote:Also, I don't think the church as ever issued more then 2-3 machines to a FHC. That along with local unit admins are unlikely to get over 10 machines. If you've got more then 10, then there's been some donations somewhere along the line or someone has opened up the network to patrons.

I know the FHC in my old stake had 12 computers for FH research and temple ready. Probabily a lot a donations as all the Redmondites were throwing out their 2 year old computers.

While I have heard of wireless being installed in church buildings, from what I'm hearing it's only for church business (and requires a client to be installed). It's not for the usual FHC patron.

Too bad. I'd like to set up a "in room" wireless system so patrons can use their computers.

RussellHltn wrote:Too bad. I'd like to set up a "in room" wireless system so patrons can use their computers.

In room only? By lowering the power or making a Faraday cage around the room so the signal cannot get out (or other electromagnetic radiation get in).

Actually that might be a good idea to make a Faraday cage around the chapel, that way people's cell phones don't go off during the sacrament prayer. (Of course it might drain their batteries trying to make a connection to the cell phone tower, but that is just another plus. )

I'm too lazy to put a cage around the room. I'd probably use antenna placement and connect the AP to the lighting circuit so it only works when the FHC lights are on. But you've got the vision, it would only be for patrons and would discourage any outsiders.

thedqs wrote:Yea I know it is at the FHC but if home routers work better then the PIX ones then why not use them. I do know they have a functionality of hooking up to a giant VPN server which the home routers couldn't do.

Please do not advocate removing approved Church firewalls. They have been placed there for a reason.

lakeytw wrote:Please do not advocate removing approved Church firewalls. They have been placed there for a reason.

He wasn't. He didn't know they were providing firewall capability. He was mentioning that because of the number of RJ45 connections. It's there in his posts, look more closely.

lakeytw wrote:Please do not advocate removing approved Church firewalls. They have been placed there for a reason.

Sorry that my post could be interpreted that way. In no way do I suggest removing, circumventing or modifying the router (though CHQ gives the password away WAY to easily), or any other thing that would reduce the effectiveness of the router. The post was made in exploring why the PIX has a device limitation while the home routers, which are cheaper, do not. The only apparent benefit seen from the PIX is to connect into a giant VPN thus all church computers are on a single network.

thedqs wrote:The post was made in exploring why the PIX has a device limitation while the home routers, which are cheaper, do not.

I can only guess it has to do with licensing of VPN software. From what I've heard, that's how the church is doing their Internet filtering. Most home routers don't have VPN, so no licensing required.

No, the licensing only has to do with Cisco's revenue model and marketing. I guess maybe it is because some of their SOHO have fixed class C networks behind them, while a PIX will do whatever IP range you tell it to.

You can easily get around the license by putting a NAT device behind the PIX. A SOHO router (with WIFI disabled ) behind the pix would allow you to connect as many hosts as you have addresses for.

Some SOHO routers will do VPN, but not with the stock firmware. My WRT54G will work for both ends of a VPN with the right packages installed. I have not actually tried it, but it would be cool to VPN into my home network from elsewhere. The firmware I run will also allow me to put my own IP range in.

runstodboy wrote:One other thing you'll need to check on is how many computers the PIX is licenses to use. Some of the PIX's are only licensed for 5-10 computers. If you try adding more than that, you'll have connection problems. I'd call the CCN desk (Global Service Desk second level) and talk to them about getting an upgraded license. (I'm not sure what the policy is on that, but they can make sure you won't run into any problems adding additional computers).

Good luck...

I just got off the phone with the Global Service Desk. After some research, they told me the normal licensing for the Cisco PIX firewall is 10 computers. There is a higher level that is 15 computers. He put me on hold and verified this is correct.

So I won't need to change the license for what we are doing.

Thanks!
Skip