Coverting older FHC WiFi to match 881W installation config

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
jdlessley
Community Moderators
Posts: 9860
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#11

Post by jdlessley »

It has been over three years since the transition for us in the U.S. from the "moroni" SSID to LDSAccess. I had forgotten there was more to the change than just the SSID. The moroni script used the WEP security protocol. As aebrown posted, the third party wireless management software Odyssey Client was used on those older wireless networks. The Church used it to avoid giving out the SSID and password. Instead the software was installed on Church owned computers and that was all that was necessary to get them connected.

The LDSAccess script uses WPA security protocol. It does not use any third party software to manage the wireless network connection. When converting your FHCs that are using the moroni script you will have to uninstall Odyssey Client from the computers so that you can use the Windows wireless network manager with the LDSAccess SSID.
sphester wrote:Looks like I will need to contact the GSC my only concern now is how I will manage to change the WiFi over on the PC's at each of the existing FHC's.
It is not as daunting as it may appear. I spent fifteen minutes with the GSC re-scripting the PIX 501 and the "base" WAP (Cisco 1200 series). I had to recover two of the "repeater" WAPs to connect them directly to the PIX for re-scripting. That took forty minutes. The stake only had one laptop setup with Odyssey Client. That took another fifteen minutes to uninstall Odyssey Client and configure the wireless through Windows wireless network setup.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
sphester
Member
Posts: 136
Joined: Tue Sep 20, 2011 12:44 pm
Location: Lancaster England

#12

Post by sphester »

Your right i was not thinking the Desktop mchine will have to be changed by someone over here as doing it remotely would cut them off in the process of doing it.

I did call the GSC this evening to get them to change the WiFi at the unit I live in I was down there doing some clerking work. Unfortunately they could not get to Cisco Pic501 they said they were unable to ping it and telnet to it which seems odd. I thought the VPN setup was there to allow people to get to these. The chap on the phone said the only way for them to be able to change it is for me to hard wire the MLS pc we have into the Cisco using a network cable and then the the GSC will do a remote desktop session to the PC and then telnet to the pic501 from there. All seems a big mess if you ask me and now I have to arrange a time to move the machine and physically it is no where near the Cisco to allow me to plug it in.

Not sure I'm up for doing any of this at the other units. Might be better to just wait for the units to be upgraded to the newer 881W. The FM group could not confirm if they were getting upgraded and if they are it will be some time next year.
russellhltn
Community Administrator
Posts: 34421
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#13

Post by russellhltn »

sphester wrote:Unfortunately they could not get to Cisco Pic501 they said they were unable to ping it and telnet to it which seems odd. I thought the VPN setup was there to allow people to get to these.

I'm not sure how the VPN is set up. What do you have between the Cisco Pix and the Internet? Does your modem have a router function that can be disabled/bypassed so that the Internet has direct access to the Cisco?
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
sphester
Member
Posts: 136
Joined: Tue Sep 20, 2011 12:44 pm
Location: Lancaster England

#14

Post by sphester »

The current set in my ward is a Modem/Router this provides the internet connection. It then goes cat5 to to the Pic and then cat5 to the wireless access point.

I'll be honest I've not tired to log into the BT modem/router but then I have no details as to the user name and password so not sure I could even get into it. In short not sure if the modem has a router function or not I'm guessing it does. I can try to get into it chances are it will be on standard factory password will just need to find them on the web.

This is very much looking like I will need to visit each unit to make these changes and while there calling the GSC as in most cases the members will no little or nothing about the setup not least because it will have been done years ago. So trying to explain this to someone on the phone and then getting them to call the GSC sound like a recipe for disaster.

I'm assuming it is the right thing to do in terms of getting these older setups convert to the new LDSaccess? Or should I just leave them for the FM group to upgrade as and when it happens.
sphester
Member
Posts: 136
Joined: Tue Sep 20, 2011 12:44 pm
Location: Lancaster England

#15

Post by sphester »

Is the GSC open on Sundays to do this work for me? I'm assuming not!

As in some cases I can get a lift to a unit with a member of the high council. But if the GSC is not there to do the work no point going and I'll have to do this on a evening.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#16

Post by aebrown »

sphester wrote:I'm assuming it is the right thing to do in terms of getting these older setups convert to the new LDSaccess? Or should I just leave them for the FM group to upgrade as and when it happens.

Yes, although it's a hassle to switch them over to LDSAccess, believe me, you will be much happier once you get them switched over. The FM group is not involved in the process -- it is your responsibility as STS to work with the GSC to get it switched.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#17

Post by aebrown »

sphester wrote:Is the GSC open on Sundays to do this work for me? I'm assuming not!

It depends on what you mean by Sunday. The GSC is open 24 hours a day, six days a week, Mountain Standard Time. So if you are an early riser in England, you might be able to catch someone at 11:00pm in Utah. And even during some hours on Sunday I have been able to reach first-level support. If you run into more complicated issues that require specialists, then you need to reach them approximately 7am-6pm MST, M-F.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
sphester
Member
Posts: 136
Joined: Tue Sep 20, 2011 12:44 pm
Location: Lancaster England

#18

Post by sphester »

Thanks for the advice.

I will get the one done in my own unit first. Any other ideas about how the GDC can get to the cisco pic remotely without doing a remote desktop session first. I can try and get into the modem but not sure if this would help. Surely they will have had a connection when it was originally installed a few years ago.

Is it worth sending the GSC an e-mail to see if it can be passed to 2nd or 3rd line support to look into why they can't telnet to the pic remotly. Whilst the guy on the phone was helpful I'm not sure if he explored all options for getting into the device.
jdlessley
Community Moderators
Posts: 9860
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#19

Post by jdlessley »

Generally the problem that prevents remote access is the VPN not functioning on the Cisco PIX 501. If the light on the front of the PIX with the label VPN is green then the problem may be with the modem/router. If the light is not green for the VPN then power cycle the PIX to get it rebooted and the VPN reset.

You can also help the GSC technicians by supplying them with the IP address of the modem.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#20

Post by aebrown »

On two occasions when I have worked with the GSC on issues with the Pix 501, I have had to use the supplied console cable to get the firewall properly configured. This became necessary because the GSC could not get remote access to script the Pix in any other way. When this step becomes necessary, it helps if you are ready. You'll need:
  • The console cable. It is a flat cable with an RJ-45 connector on one end, and a 9-pin serial connector (DB-9) on the other. It came with the Pix, but may not be stored right next to the Pix.
  • Since computers with 9-pin serial ports are extremely rare these days, you'll want a serial-to-USB adapter. These are pretty cheap (you can find them for under $10 US), but to be fully prepared, you need to get one before you call the GSC.
  • A computer connected to the Internet. In one case, I plugged my laptop directly into the ISP's modem; in another, I took the Pix to my home (that was back when I had a computer at home with a 9-pin serial port and hadn't yet obtained a serial-to-USB adapter).
For this procedure, the GSC will ask you to run a remote control application so that they can take control of your computer that is connected to the Internet and also connected to the Pix using the console cable. They can then rescript the Pix from scratch and get it working. Then they should be able to access it through the meetinghouse network to do any further configuration.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
Post Reply

Return to “Meetinghouse Internet”