Jon Kotek wrote: > server. I am going to push the cisco gear since it can run as a repeater if > I need to, otherwise if the runs of cat5 are fairly spread out I would be > able to run a cheaper solution (WAP11) and go with MAC filtering with WEP. Watch out for repeating - it can flush performance right down the toilet. Lots more contention, lots more hidden-node - think about using cts/rts in a configuration with that much opportunity for hidden-node (might be a good idea if the RF environment sucks anyway.) > Now my other question is in using say a WAP11 AP would that work with roaming > (I am assuming that they want to promote access from all conference rooms) > and still using MAC filtering?? Would I need to update all AP's (I am doing > a WAG of 4 or 5 per floor) that could turn into an admin headache. Otherwise That would suck somewhat. I'm fairly sure you can do the MAC table update via snmp, so it could be automated using your favourite snmp toolkit. I don't think linksys have published an enterprise mib, but I'm fairly sure it could be reverse engineered from snmpwalk & ethereal. Of course, you'd need to ensure that the "backbone" was 100% wired for mac filtering to be at all useful, otherwise the snmp read/write community string will get sent over the air, which makes an attack where someone added their own MAC semi-trivial - either that or accept the risk of that happening. Be aware that WAP-11's are very inferior to Cisco APs, in terms of RF performance (there's at least one person I know of on the list who did a linksys-for-cisco replacement, and can vouch for the vastly reduced coverage/performance - and some additional issues that have eventually been smoothed out by firmware upgrades..) -- andyw at pobox.com Andy Warner Voice: (612) 801-8549 Fax: (208) 575-5634