Netrounds offers testing, monitoring, and troubleshooting of your network through the use of active agents.  These agents are offered in a variety of deployment options, from cloud, to containers, to on-premises virtual machines, to linux applications, to physical equipment.  The addition of physical equipment interests me because it enables you to test beyond the wire and into the WiFi.  With the slew of deployment options available, you are given the opportunity to test through a client experience from their wireless device, through the switches, routers, firewalls, IPS, VPN tunnel, to your cloud provider and verify the experience is meeting your target performance metrics. Continue reading


What’s New in Ekahau Site Survey 9.2

In late June 2018 Ekahau released Ekahau Site Survey 9.2 with two new features, coverage planning visualizations and bluetooth planning!

Select Coverage Planning from the visualization menu when in Planning mode to quickly see how AP placements may affect coverage in your floor plans.  While this only displays coverage, it is an excellent way to identify how your environment will interact with the RF.  Saving time and ultimately making it easier to make placement decisions.

Coverage Planning
Coverage Planning visualization in ESS 9.2

The second addition is Bluetooth visualization and planning.  Now you can plan your Bluetooth deployment and visualize the potential reach within your environment.  Ekahau has also added Aruba LS-BT10,  Aruba LS-BT20, and a Generic BLE that can be added to your planner for mapping.  Currently, only predictive surveys work, but I can only imagine what Ekahau has up their sleeve for designing and surveying BLE beacons.

To give the BLE planning a shot select the Bluetooth Coverage from the visualizations menu, Bluetooth Beacon from the now multifunction button for manual placements, and pick which beacon you wish to design for.

Bluetooth Beacon
Dropdown menu for manual planning

Set your requirements for overlap and start plotting away.  Want to place a beacon at all your printers and meetings rooms?  Go for it!  See if you can to tie in your room systems or deploy Aruba Meridian for turn-by turn directions to your meetings.  Neat!

Bluetooth planning in ESS 9.2

Troubleshooting Steps

Whether your studying for your CWNA-107 or just troubleshooting issues at your day job, it helps to have defined steps for discovering and remediating problems when they arise.  The steps laid out in the CWNA-107 blueprint section 7.1 are listed below and are the steps I personally use when working through an issue.

  1. Identify the Problem
  2. Discover the Scale of the Problem
  3. Define Possible Causes
  4. Narrow to the Most Likely Cause
  5. Create a Plan of Action or Escalate the Problem
  6. Perform Corrective Actions
  7. Verify the Solution
  8. Document the Results

Let’s take a look into each of these steps and how you can use them when trouble arises in your network.

Continue reading

WiFi Explorer Pro, Troubleshooting, and You


There is a growing number of tools for macOS that allow you to see what wireless networks are around.  I have used several of them and even paid for some of them, but why use something with such limited functionality?  In this post I will be showing off why WiFi Explorer Pro is one of my favorite tools for wireless engineers on macOS and how it supersedes those scanners of yesteryear.

In WiFi Explorer Pro of course you can view a list of networks, RSSI values, and supported data rates.  Then, there are some features you would not typically find in other products at this price including a simple user interface, a breakdown of the information elements, and spectrum analysis.

Continue reading

RF Math

Since I am not a maths expert, and had a difficult time keeping track of the differences between mW and dBm when first started learning about wireless I thought I would toss together a reference blog for those who need it.


Milliwatt (mW) is the amount of power being transmitted by the intentional radiator (most likely an access point).

Decibel-milliwatts (dBm) is the reference value to 1mW.


The full equation for conversions dBm to milliWatt is P(mW) = 1mW ⋅ 10(P(dBm)/ 10), but you don’t need to memorize that to be able to do close-enough conversions.  All you need to remember is the rule of 3 and 10.

  • When you add three dBm multiply the mW by two.  If you subtract three dBm divide the mW by two.
  • When you add ten dBm multiply mW by ten.  If you subtract ten dBm you divide mW by ten.

This chart should help illustrate the rule of 3 and 10.

dBm mW
0 1
3 2
6 4
9 8
10 10
13 20
20 100

It should also be noted that these values are not exact, but do work for your calculations.  If you need a more specific value I recommend you use a calculator like the one available at RapidTables.


When it comes time to install access points, especially those with external antennas, you will need to keep your local laws and regulations surrounding maximum Equivalent Isotropically Radiated Power (EIRP) in mind.  If you’re in the United States check out this excellent chart from the fine folks over at that maps out the FCCs rules per band, frequency, and function.

EIRP = Transmit Power (mW) – Loss (db) + Antenna Gain (dBi)

Example 1

You are installing an access point with a transmit power of 20mW connected to an antenna with +7dbi of gain over a cable with -1db of loss.  What is your total EIRP?

To solve this questions and find our EIRP lets list out the information we know.

  • Transmit Power = 20mW
  • Cable Loss = -1db
  • Antenna Gain = 7dbi

Now let’s put that together into the formula above:

EIRP = 20mW – 1db + 7dbi

In order to find the total EIRP we need to convert all the values to the same format, either dB or mW.  I personally find it simpler to convert your transmit power to dBm.  So let’s try and convert 20mW into dBm.

To find the value of 20mW in dBm we can use values we know.  Since we know that 10dBm is equal to 10mW.  Then, we can use the rule of 3, because if we add 3dBm we would multiple 10mW by 2 and end up with 20mW.  Using the chart above we can confirm that 20mW is equal to 13dBm.  Now let’s put our answer back into the formula and get our answer.

EIRP = 13dBm – 1db + 7dBi

EIRP = 19dB

Example 2

What is the dBm equivalent of 80mW?

For this example we can start with what is known again – 10dBm is equal to 10mw. Then ,since we know we need to work our way up to 80mW.

  • 10dBm = 10mW
  • 13dBm = 20mW
  • 16dBm = 40mW
  • 19dBm = 80mW


I know these values are not exact, but they will help you when you need to perform a quick conversion or work through your CWNA or CCNA Wireless exam.  Remember to practice the rule of 3 and 10 until it becomes a skill.  If you have any questions or examples you would like to work through, leave a comment and we can work through it together.

Troubleshooting Meraki Wireless


This document is designed to help get you started troubleshooting when users are having trouble connecting to meraki wireless networks.

Client Logs

The best place to start looking for errors is the client logs. Client logs offer everything from client adapter, mac address, SSID, encryption type, username, RSSI, and more.

In this case I am running Windows 10 using an Intel 7260.  To get to the logs open Windows Event Viewer and navigate to:

  • Event Viewer
    • Applications and Services Logs
      • Microsoft
        • Windows
          • WLAN-AutoConfig
            • Operational

Event Viewer - Guest Failed PSK

  • As you can see in the event summary of this information error you can determine the PSK entered for our Guest network was incorrect.
  • A successful connection will contain 6 log messages for PSK and 7 for 802.1X.
    1. AcmConnection (1) – Connection initiated.
    2. MsmAssociation (1) – Network Associated Started.
    3. MsmAssociation (2) – Network Association Succeeded.
    4. MsmSecurity (1) – Wireless Security Started.
    5. OneXAuthentication (1) – 802.1X Authenticated Started. (WPA2-ENT only)
    6. OneXAuthentication (2) – 802.1X Authentication Succeeded. (WPA2-ENT only)
    7. MsmSecurity (2) – Wireless Security Succeeded.

If you’re working on a client and not seeing what you are expecting, remember the gold rule:  sometimes clients just need to be rebooted.

Continue reading

Cisco Mobility Express

Cisco recently announced a solution capable of bringing controller functionality to access points, bringing new options to your small to medium deployments.  The solution, Cisco Mobility Express, allows you to convert an 1830/1850 access point into a Mobility Express AP.  In this mode you are able to control up to 25 FlexConnect APs and 500 clients in as little as ten minutes.  But, why would Cisco put a controller in an AP?

Let’s face it, wireless is a dynamic space.  We see use cases and requirements ranging from straight-forward to something resembling that of a Willy Wonka contraption.  Cisco now has a fleet of options from Controllers for traditional CAPWAP networks, to IOS-XE for networks with Unified Access in mind, Meraki for customers who prefer cloud management, and now Mobility Express for customers with small to medium deployments who can benefit from nerd-knobs expected in an enterprise deployment.  I personally hope the diversity offered does not lead to more diversity in features leading to confusion or aggravation amongst users; only time will tell.

You may have asked yourself, “How can I set up a Wireless LAN Controller in less than ten minutes?”  Well, that is a good question and has a bit of a complicated answer.  Yes it is possible to configure the 1830/1850 to be a Mobility Express AP and have a network up and running in that short of time, but you will still need to make tweaks – as with any wireless deployment.

Continue reading


When you are in a room of people trying to figure out who the idiot is, it’s probably you. This definitely rang true for me during my first visit to the holy grail of techie events, Wireless Field Day 6. Being surrounded by some of the greatest minds in WiFi, I felt as if i was a small fish in a big pond and I was excited for the opportunity to soak up every bit of information I could steal away from them!

I have been watching the field day events online since everything was a Tech Field Day, so needless to say, I was elated when I received an invitation from Mr. Foskett. I got to meet people in the wireless industry whom I look up to, have conversations with vendors, interact with the people of twitter under the WFD6 hashtag, and hear from two amazing organizations that are doing a lot of good around the world, Plan Ciebal and Disaster Tech Labs.

Now that WFD6 is over and everyone has headed home I figured now would be an appropriate time for a recap from my perspective. This will be a short blurb of what I thought about the vendors, with more detailed posts to come in the near future.

AirTight – It was awesome to see a presentation full of passion and energy, but I guess that just follows Devin Akin wherever he goes! AirTight is beginning to focus and deploy tools to the Managed Services Providers, announced an 802.11ac access-point, and revealed that even us WiFi savvy folks are still vulnerable to a good old fashion karma attack.

Aruba – Showed off their new Meridian technology, think indoor GPS, and Analytics Location Engine, a way to connect with customers. The old adage ‘there is no such thing as a free lunch’ is ringing true, and as WiFi is becoming more of an expectation, businesses are looking for ways to connect with customers and gain analytics in return.

Disaster Tech Labs – One of those amazing do-good organizations I mentioned earlier. Their organization focuses on going to disaster ridden areas and providing wireless connectivity to assist with organizing recovery, helping families access the necessary forms, and give a feeling of normalcy to families so they can contact loved ones to let them know they are alright. A great reminder on how easy it is to take all the technology we have for granted.

Plan Ceibal – The other amazing do-good organization I mentioned earlier. This is a program that puts technology in the classroom and in the hands of children in Uruguay. Honestly, an example program that I would love to see pushed throughout the United States and other developed countries to better educate the next generation. Unfortunately, due to politics a project of this sort would be highly contested, and that my friends is a travesty.

CloudPath – Nerdy CEO makes the whole room happy. CloudPath was the only non-directly-wireless company to present at WFD6, but I think they deserved every second they got! An agentless way of configuring end user equipment for secure 802.1X wired and wireless networking has a need and CloudPath, in my opinion, is delivering the best solution compared to current on-boarding solutions being integrated by other vendors.

Xirrus – The most anticipated presentation of the event for me. At Wireless Field Day 5 Xirrus presented, but was bombarded with questions regarding their design of arrays and antenna design. This year Xirrus brought out the most interesting man in RF, Avi Hartenstein, to explain the antennas the HE designed. Xirrus finished off their presentation with a few marketing slides of their real world customers from large events, but around the room and twitter were mumbles of lack of good wifi at some of these events. Whether this is an integrator problem or a device problem is still the question of the day.

Extreme NetworksThe bathroom was extreme. They showed off a lot of slides and information about the stadiums they have designed for and how to design for stadiums, but lacked on the information side of how this all gets done. I agree with Sam that there is a lot of information to cover during a first WFD event as a sponsor, though I would like to see how the guts of everything works. Hopefully at WFD7 they will deliver an inside look at how they perform these functions.

Overall, I had an absolute blast at my first Wireless Field Day and hope to be invited back for more! If you have a chance, check out the recorded sessions on Youtube and comment any topics you would like to see in a future post.
In the meantime check out the other delegates fantastic websites and blogs:
Blake Krone – You’ll notice I stole the title for this post from Blake!
Evert Bopp
George Stefanick
Germán Capdehourat
Jake Snyder
Jennifer Huber
Keith R. Parsons
Lee Badman
Sam Clements
Scott Stapleton

Configuring a 3602 for Wireless Surveying

Cisco has recently released their new flagship access point, the 3602. This access point is nothing short of a beast. It has been completely redesigned with 4 transmit and 4 receive antennas and can sustain three spatial streams. This AP also features the first-to-market expansion slot that will be used for the Security and Spectrum Intelligence (SSI) module scheduled for release in Q1 of 2013. Cisco will then be releasing an 802.11ac capable module in the first half of 2013.

Now that you’ve invested (or are planning on investing) in this new generation of access points, you’re going to be out surveying new deployments with them. The only problem with this AP is it comes with a Lightweight IOS image preloaded. Cisco does offer a feature limited autonomous IOS that can be used for surveying – which is what we will be setting up and configuring today.

This process will require a few things:

  • Cisco 3600 Autonomous IOS (Available from
  • TFTP Server (Available free from
  • Console Cable
  • Switch – Workstation and AP MUST be on the same VLAN

Below I have listed two options for you to choose from for converting your access point to the autonomous IOS required for active surveying. Option A is your easiest and most preferred method, Option B will work if you run into a problem using Option A.

Option A
Step 1: Change your IP Addressing on your TFTP Server to the following:

  • IP Address:

We have to do this because when we set the AP into default mode it will automatically use the address of and will send a broadcast looking for a recovery image.

Step 2: Change the name of your Autonomous IOS to:

  • ap3g2-k9w7-tar.default

Step 3: Boot your AP while holding the MODE button. Do NOT release until you see “image_recovery: Download default IOS tar image tftp://”

At this point you will see the IOS downloading to your AP.

Step 4: Once the download is complete your AP should reboot automatically. If not, then enter the following command to boot into the autonomous IOS.
ap: boot flash:/ap3g2-k9w7-mx.152-2.JA/ap3g2-k9w7-xx.152-2.JA

Now that we have the IOS booted we need to configure the boot statements to make sure we boot into the autonomous IOS at startup.

Password: Cisco (default password)
ap.#config t
ap.(config)#boot system flash:/ap3g2-k9w7-mx.152-2.JA/ap3g2-k9w7-xx.152-2.JA

Now scroll down to the Configuration section and get ready to survey!

Option B
First things first, load up your TFTP server and set it to use the folder where your IOS is stored.

Now that your TFTP server is ready, we can get your access point ready to go.

My network is addressed as a network and this is the addressing we will be using for the remaining commands in this guide.

Step 1: Boot your AP while holding the MODE button. Do NOT release until you see “image_recovery: Download default IOS tar image tftp://”

Step 2: At the ‘ap:’ prompt, configure the following commands:
ap: set IP_ADDR
ap: set NETMASK

Step 3: Prepare the AP for the TFTP transmission.
ap: ether_init
ap: tftp_init

Step 4: Using the tar command begin the TFTP transmission.
ap: tar -xtract tftp://(ServerIP)/Filename Flash:
eg: ap: tar -xtract tftp:// flash:

This portion may take some time, but keep an eye on it to make sure there are no prompts that may time the process out.

Step 5: Boot into the new autonomous IOS.
ap: boot flash:/ap3g2-k9w7-mx.152-2.JA/ap3g2-k9w7-xx.152-2.JA

Now that we have the IOS booted we need to configure the boot statements to make sure we boot into the autonomous IOS at startup.

Password: Cisco
(default password)
ap.#config t
ap.(config)#boot system flash:/ap3g2-k9w7-mx.152-2.JA/ap3g2-k9w7-xx.152-2.JA

SSID Configuration
Finally, we can now begin configuring the AP for surveying.
What I prefer to do is to create an SSID on the 2.4GHz frequency and a separate SSID for the 5GHz frequency. It makes it easier for me while in the field to select the correct band I want to survey. We will step through the process for creating both and some of the options we can use.

Step 1: Let’s create the 5GHz SSID:
ap.#Dot11 SSID Survey-5
ap.(config-ssid)#Authentication Open
– This tells the AP to broadcast this SSID.

Step 2: Now let’s configure the 5GHz Radio, Dot11Radio1.
ap.(config)#interface dot11radio1
ap.(config-if)#ssid Survey-5
ap.(config-if)#channel width 40-above
– Set your channel width to what you will be using in production, either 20MHz or 40MHz.
ap.(config-if)#channel 5180 – Locks the AP into using channel 36. This will come in handy when setting up your channel scanning in your surveying program.
ap.(config-if)#power local 17 – this will configure the radio to use 50mW – Refer to Cisco Radio Transmit Power for a handy conversion chart.
ap.(config-if)#no shutdown

At this point you now have the ability to connect to the access point and can survey on 5GHz. Now let’s continue by configuring the 2.4GHz Radio.

Many of the steps will be the same, with minor differences.

Step 1: Let’s create the 2.4GHz SSID:
ap.#Dot11 SSID Survey-2
ap.(config-ssid)#Authentication Open
– This tells the AP to broadcast this SSID

Step 2: Now let’s configure the 2.4GHz Radio, Dot11Radio0.
ap.(config)#interface dot11radio0
ap.(config-if)#ssid Survey-2
ap.(config-if)#channel width 20
– This is the default and does not need to be entered, I just wanted you to know that 20MHz is the only option for 2.4GHz.
ap.(config-if)#channel 1 – Locks the AP into using channel 1. This will come in handy when setting up your channel scanning in your surveying program.
ap.(config-if)#power local 14 – This will configure the radio to use 25mW – Refer to Cisco Radio Transmit Power for a handy conversion chart.
ap.(config-if)#no shutdown

DHCP Configuration
You can enable your AP to be a DHCP server – allowing for quicker configuration changes in the field.
ap.(config)#interface BVI 1
ap.(config-if)#ip address
ap.(config)#ip dhcp excluded-address
ap.(config)#ip dhcp pool NAME
ap.(dhcp-config)#network /24

You can now telnet into your AP using the default username Cisco and password Cisco.

Well, that’s it! You’re done and ready to go out into the wild blue yonder and survey to your hearts content!
In the next blog we will be using the SSIDs that we just created to perform surveys using Airmagnet Pro.
Please leave any feedback in the comments and feel free to ask questions.

Credit for the steps to TFTP the IOS goto Vinay Sharma