The goals of the implementation were:
- Obtain a DSL connection for a building in our stake which did not have any Internet connection
- Extend that connection to each of the administrative computers in the three clerk's offices. W1 and W2 are on the west side of the building, and W3 is on the east side.
- Provide a wireless connection for the bishops' and clerks' offices, chapel, cultural hall, Relief Society room, multi-purpose room.
We ordered and purchased the following hardware:
- DSL modem from our ISP ($60, plus about $60 DSL line installation charge)
- Church-managed Firewall from ldscatalog.com (listed at $500, but CHQ covers cost)
- Two Linksys Ultra RangePlus Wireless-N Broadband Routers (WRT160N) ($80 each)
- Cat5e cables ($50)
- Extension cords, surge suppressors, phone jacks, phone cable ($70)
DSL Connection
We accomplished goal #1 by obtaining a DSL connection from Qwest (the local phone company and our chosen ISP). Qwest ran the wire to the demarcation point. A 6-wire phone cable runs to each clerk's office, and only one pair of wires is used for phone service. With the help of my FM group, we identified an unused pair of wires (green/white) leading to W1 clerk's office. I changed the single phone jack plate to a double, rewiring the existing phone line to use one jack, and the green/white pair to use the other.
Once Qwest had run the wire to the punch panel, I connected their incoming pair of wires to the green/white pair for W1 at the punch panel. I followed Qwest's instructions for connecting the DSL modem we had purchased from Qwest. I connected it to my personal laptop, to avoid exposing an administrative computer to the Internet prior to setting up the firewall. Qwest provided a CD that smoothly went through the configuration and activation process. A few minutes later, I had a working DSL connection.
I then connected the Church-managed firewall to the DSL modem, and connected W1's administrative computer to the firewall. Everything on the network uses dynamic IP addressing. After IP addresses were refreshed, I opened a browser on the administrative computer and saw that I had a connection to the firewall, but I was not connected to the Internet because the firewall had not yet been activated.
I collected all the information required by the firewall Installation Guide (DSL provider, support number, connection speed, firewall serial number, firewall IP address, my name, contact info). I called the Global Service Desk and asked them to activate the firewall. I was transferred to second level support (OTSS) and the technician gathered all that information, then activated the firewall. The whole process took about 10 minutes. At the end, I had an Internet connection on W1's computer.
Wiring to other offices
We chose W1 for the DSL connection because the wall of W1's clerk's office with the phone jack is basically in the middle of the row of offices on the west side of the building. I installed one of the routers between the firewall and the administrative computer. I didn't configure the wireless settings at this point.
From that office, we ran a 50-ft Cat5e cable to W2's clerk's office on that side of the building. Because of the way the walls were constructed, I couldn't drop a cable into the box the phone cables came into. So we drilled a hole in the corner of each ceiling. Not the most attractive, but that's what the FM Group said I would have to do. So far so good. W2's office needed nothing more than a cable -- no additional hardware required. Their computer connected immediately.
Then the fun began. Running the 200-ft cable to W3’s clerk’s office is a tale that I could tell for hours – certainly at least the three hours it took to run that one cable. The attic of our 30-year old building is compartmentalized into areas that are not easy to get to from one another, and there are long stretches of dropped ceilings that you can’t cross. Fortunately, my 14-year-old son on two occasions was able to throw a rope connected to the cable over 25 feet to within 6 inches of my hand that was reaching out through a hole in the wall. We finally reached W3’s office, drilled a hole, and dropped the cable through.
Wireless
In W3’s office we put the second router. I disabled the DHCP, since this router is really functioning only as a switch and wireless access point. I got the router, since it was the cheapest way to get that functionality, and administration is simpler with two matching devices. I configured it to use WPA-PSK security. I configured the other router in W1’s office to use WPA-PSK security, and the same key.
I tested the range by walking around the building with my laptop, which has a built-in 802.11b adapter (it’s a rather old laptop). I was pleasantly surprised to find that I had a reasonable connection throughout the chapel, all the bishop and clerk offices, the RS and multi-purpose rooms, and the cultural hall. Only along the back hall (which contains the Primary room and a dozen classrooms) was I not able to get a signal. I’m guessing that if I had a 802.11n adapter I would be able to get a signal even there. If that were a requirement, I could probably locate another access point or two on that end of the building, but that is not a requirement now and I’m not anxious to face that attic again.
Security
At this point our stake president has said that the WPA key should be shared only with bishoprics, stake presidency, executive secretaries, clerks, and assistants. Other specific individuals may be told the key if bishops make an appropriate request. We want the connection to be used for valid Church purposes, but not so broadly known that it will be used too casually for other purposes.
Conclusions
The process went rather smoothly except for the challenges running the 200-ft cable. The one-time installation costs were around $400; the monthly cost will be $44 plus tax for the business rate for a 1.5Mbps DSL connection. MLS has been configured to use the Internet connection, rather than dial-up, and transmission speeds are much faster. So far, everyone is happy.
I hope this was helpful. If I missed anything or if you have any questions, please post a response.