• Date
    Ray Robins
  • Date
  • Replies 7 replies
  • Subscribers 184 subscribers
  • Views 5822 views
  • Users 0 members are here

Ion network isolation and iRFR wireless routing

I recently put an Ion in a local college and during training indicated to the owner that he could get the iRFR ap to connect, but that to do so he should request a dedicated wireless router for the lighting network.  Of course, IT came back with "why do you need a dedicated router when we've got dozens of WAPs in that building?"  The Ion is running only DMX outputs (for now) and I noted on http://www.etcconnect.com/Community/wikis/products/irfr-how-to-setup-your-wireless-network.aspx the "do not allow your lighting network to be directly connected to the internet", but not being an IT/networks guru...

Am I wrong and there isn't any problem with having them use the same wireless router as other network devices - assuming they can within the 10.100 ETC address scheme?  If I'm not wrong, is there a doc out there that can explain, in IT, why its a bad idea to put the lighting network in contact with either the LAN and/or the internet?

Parents

  • We definitely prefer to keep everything on the lighting network physically separate from any other building networks.  Not only is this safer, but it's a lot easier for our phone support to help troubleshoot when there's a problem.  Putting the console directly on the campus network/internet is risky for the reasons mentioned previously: the lack of security being the big one. 

    However, there is a compromise where you can use the existing WAPs, but still keep the networks separate.  The college IT department may be able to create an isolated VLAN with its own SSID.  As long as there's no connection between this new VLAN and the rest of the building network, then it's just as safe as having completely separate hardware.  The only downside is that troubleshooting will still be somewhat hindered by involving hardware you don't have access to or control over.  Since the iRFR is a convenience rather than something show-critical, I'm assuming this won't be much of a concern for you.

Reply

  • We definitely prefer to keep everything on the lighting network physically separate from any other building networks.  Not only is this safer, but it's a lot easier for our phone support to help troubleshoot when there's a problem.  Putting the console directly on the campus network/internet is risky for the reasons mentioned previously: the lack of security being the big one. 

    However, there is a compromise where you can use the existing WAPs, but still keep the networks separate.  The college IT department may be able to create an isolated VLAN with its own SSID.  As long as there's no connection between this new VLAN and the rest of the building network, then it's just as safe as having completely separate hardware.  The only downside is that troubleshooting will still be somewhat hindered by involving hardware you don't have access to or control over.  Since the iRFR is a convenience rather than something show-critical, I'm assuming this won't be much of a concern for you.

Children
No Data
Related

www.etcconnect.com