Step one was turning on the DHCP service on one of our servers that sits on our public Internet subnet; he'll give wireless clients their IP addresses when they associate with one of the access points (APs). If this grows beyond a trial with a handful of APs I'll need to find a bigger block of IP addresses than the one I had available, but this is just a trial for now.
In step two I started by reconfiguring the Cisco Aironet APs in the office to run with Hartford_Open_WiFi as their SSID, turned on SSID broadcasting, and turned off WEP. Then I changed the IP addresses of the access points themselves to be IPs on our public Internet subnet.
Step three entailed some network plumbing. The Aironet 350s are powered remotely -- you plug them into a switch that can supply "power over Ethernet" (like a Cisco Catalyst 3500) and *click* they come on. We have such switches supplying power and connectivity for our IP telephones. However, the IP phones are on an inside subnet and we don't want to mix IP phone and "free wireless" users. The solution? I configured a second VLAN (Virtual LAN) in the switch: I assigned the ports that the APs plugged into to this new VLAN, along with a port for a cross-connect cable. The cross-connect cable goes from the Cisco switch that's providing power to another switch that connects to our public Internet subnet. By having the phones on one VLAN and the APs on another both can get power from the switch, without having their network traffic intermingle.
It all, more or less, worked right on the first shot. I had to go back and adjust some things on the APs (I left WEP turned on on one, didn't turn on SSID broadcasting on another)... but, it works! I was walking around the office with my laptop+wireless card with my VPN client running (tunneling me securely through to the inside of the network), running a continuous ping and streaming MP3s. There were little stutters when I moved out of range of one AP and my laptop connected to the next nearest one, but I could roam the length of the building. I went for a stroll out front along Market St. and it all held together.
Perhaps the most amusing shift is riding the elevator from the 1st floor to the basement: the signal from the AP on the first floor holds until the antenna on the laptop is below the level of the 1st floor, then I loose signal. The second the elevator door opens in the basement it picks right up with the basement AP. Winamp takes a few more seconds to resume (the VPN is getting re-synched and then Windows networking is restoring its connection to the file server), but it too picks itself right up and resumes right where it left off. Tres cool.
Also of interest is the number of other APs out there that NetStumbler found. From the front of the building I could detect twelve different APs. Two were mine (I couldn't see the third one in the basement), three were from the new UConn School of Business next door, one was from Zuzu's cafe farther up the road, leaving six others. Some with WEP on, some with WEP off. Some advertising their SSID, some not. I may want to pay a visit to the management company across the street -- they've been good to work with, and I suspect that they may not be aware that their AP is running wide open.
So, a pleasingly successful morning of wireless geeking. If this turns into something, I'll let you know.