News to me. There's already software on the computer that allows it to be remotely managed when it is on. (More of a "pull" management then a "push".) So for them to change to this new process would be quite a shift. There would also have to be a directive to keep power applied to the computers so they can be woken up.odwill wrote:Now we have heard that the Church plans to extend its VPN capabilities so that they can wake up our ward and stake clerk computers, update software, and then remotely turn off the computers.
Additional Access Point
-
- Community Administrator
- Posts: 34421
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
Re: Additional Access Point
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 5
- Joined: Sun Feb 26, 2012 8:28 pm
Re: Additional Access Point
So if the currently installed remote management software is "pull" oriented, the fact that three of our computers get the internet through WAPs that do Network Address Translation and place the computers in the 192.168 rather than the 10.1 IP range is no problem, right?russellhltn wrote:News to me. There's already software on the computer that allows it to be remotely managed when it is on. (More of a "pull" management then a "push".) So for them to change to this new process would be quite a shift. There would also have to be a directive to keep power applied to the computers so they can be woken up.
-O. D.-
-
- Community Administrator
- Posts: 34421
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
Re: Additional Access Point
Not currently. But there may be an issue if you are in need of support and support wants to remote into your computer. I'm not sure which direction that connection goes. We'll have to see what the future holds.odwill wrote:So if the currently installed remote management software is "pull" oriented, the fact that three of our computers get the internet through WAPs that do Network Address Translation and place the computers in the 192.168 rather than the 10.1 IP range is no problem, right?
Personally, I'd be happier with the clerk machines on a different subnet then the wireless users.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Community Moderators
- Posts: 11460
- Joined: Mon Mar 17, 2008 10:27 pm
- Location: US
Re: Additional Access Point
I have heard this but not from an official source, so I cannot answer the specific question. I do know that the Global Service Center logs into our administrative computers to help us with problems. I do not believe that requires a 10.1 address. I think it just requires Internet access and someone present at the box to allow the remote connection.odwill wrote:Before our FM Group got involved in installing Cisco WAPs in our Stake building and ward buildings, we installed our own WAPs. . . .
Can anyone here verify that the Church plans to use the VPN to access the Ward and Stake clerk's computers for updates at some future point?
However, I like your simple solution of sending the admin computers directly from the firewall and then letting the WAPs do their thing. That would certainly alleviate any problem in the future.
- Mikerowaved
- Community Moderators
- Posts: 4734
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Additional Access Point
I can confirm they want as many devices appearing on the 10.x.x.x address space as possible. It's not only for admin computer updating, but they can also better keep tabs on local IP Addressing trends and bandwidth usage.
The simplest way to "flatten" your subnets is to turn your local routers into dumb WAP's. You can do this by turning off the DHCP and NOT using the WAN port on the routers. Just connect both the church firewall and the clerk PC to an available LAN port and you're done. You might want to fix the IP address of the router to one that's outside the DHCP range of the church's firewall, but that's up to you.
The simplest way to "flatten" your subnets is to turn your local routers into dumb WAP's. You can do this by turning off the DHCP and NOT using the WAN port on the routers. Just connect both the church firewall and the clerk PC to an available LAN port and you're done. You might want to fix the IP address of the router to one that's outside the DHCP range of the church's firewall, but that's up to you.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 5
- Joined: Sun Feb 26, 2012 8:28 pm
Re: Additional Access Point
Thanks to all for your input. I agree with Mikerowaved that the best approach is to connect the WAP and the computer to a LAN port that is on the 10.x.x.x address space. The clerk's offices have only one LAN port so I installed Linksys 8 port switches so that the WAP and the computer could both be on the 10.x.x.x space. The head of the FM group wants the switches removed because they are not "Church approved" devices and he is afraid that they will "mess up" the system. There seems to be some confusion about what a switch is and what it does. Putting in the switches gave us the "flat" 10.x.x.x address space that everyone recommended. We obtained brand new Linksys 8 port switches for $20 each. If I remove the switches, the ONLY way to have wireless and the clerk computers on the internet is to use the output ports on the WAN which will place the computers back in the 192.168.x.x address space. Any suggestions?
-O. D. Williams-
-O. D. Williams-
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
Re: Additional Access Point
I certainly agree that using switches and keeping everything in the 10.x.x.x space is a better choice.odwill wrote:The head of the FM group wants the switches removed because they are not "Church approved" devices and he is afraid that they will "mess up" the system.
So I'd gently put the decision back on the FM group. They have the ability to purchase Church-approved switches. If that's important to your FM group director, he can use some of his budget to purchase switches through eMarket and then everyone will be happy. But it sounds like you have multiple switches, and those Cisco switches aren't cheap, so he might balk at the cost.
Another option might be to run a cable from the firewall to a place where each WAP can be placed (which might be better in the attic or a ceiling anyway). If the FM group wants to do that, it could also solve the problem (depending on whether the firewall has enough ports for that approach).
-
- Community Administrator
- Posts: 34421
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
Re: Additional Access Point
Having a router that hands out another subnet (that is, your existing WAPS) is a bigger risk.odwill wrote:The head of the FM group wants the switches removed because they are not "Church approved" devices and he is afraid that they will "mess up" the system.
If he wants church approved switches, he can order some or run more lines to eliminate the need for a switch.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
- Mikerowaved
- Community Moderators
- Posts: 4734
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Additional Access Point
Just a reminder that all your converted home routers serving as WAP's usually have a 4-port switch built in. You might consider using these instead of the "offending" 8-port switch and keep everyone happy.
So we can better help you, please edit your Profile to include your general location.
-
- New Member
- Posts: 5
- Joined: Sun Feb 26, 2012 8:28 pm
Re: Additional Access Point
Mikerowaved - I'll explore that possibility. One of the WAPs was donated by a member and is older technology and may not have the ability to move over to the 10.x.x.x space. I'll check it out. Your suggestion might work although it would become a problem if the Church ever adds any "common" device such as a server or NAS in the building since you cannot route/connect "back" through a router to devices behind the router.
-O. D.-
-O. D.-