I am confused between these two options.
Which should I use to navigate switching between available APs in a house when two or three APs are using
the same SSID and security profile but different channels.
Access list = when wireless interface is AP, what clients are allowed to connect
Connect list = when wireless interface is client, to what APs it should connect
So the Access list is what I would use to define what smartphones can connect to the Access Point I am configuring, based on signal strength measurements by the access point?
So the Connect list is what I would use to define which APs the Access Point I am configuring can connect too (and thus not what I need at all)??
Yes (I never did anything with signal strength myself, but I guess it probably does what you want).
What I am trying to accomplish is to avoid the scenario where the smart phone sticks with a weaker signal vice switching to a stronger signal.
I have discovered if one attempts to cut too fine a line, then no connectivity is the result.
What is not clear to me is if a phone is cut-off from a specific AP (lets say -75 is the threshold, and the signal goes to -78, the smart phone I imagine is disconnected from that AP and has to roam for another. What happens if later on the person moves back into range of the initial AP and the signal strength is -70, will the phone be able to reconnect.
Put in another way I guess, is HOW LONG is the smartphone no longer able to connect to the initial AP???
The phone could disconnect and reconnect immediately if it meets the requirements in the access list. If it does not meet the requirements but had bad logic it could keep trying to connect and fail until the signal is within the access list range again.
I have some ‘smart’ plugs that are anything but. The wifi connect logic is all messed up.
Part of my Access List for CAPSMan.
Drop connections with signal up to -74 dB and let connect with better signals.
So the logic is reject all you conections want to disable according to interface name, signal strenth, MAC address and allow then all.
The problem with Access list logic is that it relies on client device to keep trying to connect to the same AP again and again. If the client device is “smart”, then it might remember it was kicked off from certain BSSID and doesn’t try to connect to it again. Which is fine if it can connect to another AP and (while doing it) forgets about the “misbehaving” AP (so it can reconnect at later time). But what if the list of “forbidden” BSSIDs is longer than 1 on client device?
It is really bad luck that WiFi standards were neglecting client device mobility for so long that everybody got used to shitty performance (and shitty work-arounds)… We’ve had mobile networks since more than 30 years ago and they were properly data-enabled for more than 20 years … why, oh why, IEEE wifi working group did not learn from there sooner?
How do you do that?
There is no option for a blank entry?
Its a range so do you mean you put
-120..-74 (forward and authenticate = NO)
-74..0 (forward and authenticate = YES)
Capsman access lists are a bit different.
The rules are always checked sequentially. I would not use overlapping ranges unless there is other criteria used. So for your example, the following should work. For capsman, it is easier to just add the allow rules first and reject rules at the bottom. You could also configure it this way.
-120..-75 (forward and authenticate = NO)
-74..0 (forward and authenticate = YES)
Capsman also allows for a signal out of range parameter, which allows for a device to not be instantly disconnected if it goes out of range for a certain period.
Oh that setting is available as well on the Access List Menu…
Its called Allow Signal Out of Range 00.00.00 with the default being 00.00.10 and assuming that means 10 seconds?
Any particular strategy recommended for this number for
a. the out of range rule
b. the in range rule
I normally leave it to 10 seconds unless you want to give a client more time on that ap if they seem to drift in and out of range, or if they stay at the signal limit often.