Member access to WIFI in church building

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
harddrive
Senior Member
Posts: 501
Joined: Thu Jan 03, 2008 7:52 pm

#11

Post by harddrive »

JeffTurgeon wrote:Is there a way to make 1 or maybe 2 ports on the 881w take priority over any other connected device?
As far as I know the 881W probably runs Cisco IOS and not CatOS. One OS is for the router and the other for the switch. Since this is not a switch, I don't believe that you can prioritize a port. You would need to check with the global service desk to see if you can do it. Otherwise the only other way would be to implement QOS and that again doesn't really buy you anything unless the links are congested.
JeffTurgeon wrote: I don't think we can get into the router to do anything though, I've had to have someone from GSC make set-up changes (IE: put each AP on a different channel).

I also like the idea of static IPs by mac (if other method doesn't work). How would this be implemented so say 4 hardwired computers are registered with static IPs setup by their mac ids in the router to be prioritized over all other connections? Sounds like a long night on the phone.
Don't worry about the mac address. You would register the computers to use static addresses by going into the network connection on the computer and type in a static IP address that is outside of the DHCP range and then put in all the DNS entries and so forth.

Again the only priority that you can use is QOS. Otherwise it is first come first serve. The network equipment of today is fast enough to handle the traffic coming at it. I feel like you are trying to over engineer something and the best approach is to keep things simple. If you have enough bandwidth, then don't worry about it. It's only when you run out of bandwidth that you will need the upgrade. If you want to see how much bandwidth you are using, pull up windows task manager and look at the network page and it will tell you. Simple web browsing and sending and receiving of MLS data doesn't take a lot. You only will use a lot when someone is download a large file. Other than that it uses very little.

Hope this helps.
User avatar
johnshaw
Senior Member
Posts: 2273
Joined: Fri Jan 19, 2007 1:55 pm
Location: Syracuse, UT

#12

Post by johnshaw »

I was having an issue at one of my buildings recently reported, our Stake also has a fairly open policy, I asked the GSC to expand the range of IP's and was given an additional address range that fixed the issue. However, when I called about the same issue in a different building (it seems to be following our ward conferences around... stake leaders anyone???) I was told that only the Cisco 881W can do this and that the ASA5505 couldn't. I'm not sure I believe the answer, because I've had dhcp ranges modified before.

one note was that the second DHCP range they put on the router included 50 additional static IP addresses - when I asked why that was I got mostly stumbling over nothing? This didn't make sense to me, and I'm sure it is part of the automation the church has, but it needs to change, I already have a dedicated group of static IP's to handle my needs, I needed more dhcp addresses.... while I got more, I didn't get as many as I could've.
User avatar
rbeede
Member
Posts: 205
Joined: Sat Apr 02, 2011 1:33 pm
Contact:

#13

Post by rbeede »

The software licensing on the ASA is more limited as to the number of allowed devices (or IPs). That is the way Cisco charged money for them. The 881W allow more in their license.
dfdavis
New Member
Posts: 31
Joined: Tue Nov 03, 2009 1:41 pm
Location: USA

#14

Post by dfdavis »

wrigjef wrote:Let me preface this comment by stating that I am not the technology specialist and do not understand the restrictions that any existing firewall may have. Our building does have wireless. Currently leadership actively uses it and the FHC and clerks offices all use a wireless adaptor rather than a hard line. The internet connection was originally put in place for CES because our building houses Area CES offices. Leadership is very particular about who has the password, with only bishoprics and a handful of others have it. As a clerk, I never got the password but never really needed it because the connection in in the clerk’s office is always on. It took several weeks of going back and forth between stake technology people, CES, Bishops and finally the stake President, but as a building librarian I finally got the password so I could bring my personal laptop from home, connect it to the copier/printer and print stuff off lds.org.

My question is, is it local or church policy to be so tight with the password? I understand we don't want members doing non-church related things on the net while in the building but at the same time we have teachers that would like to be able to connect and stream video content for lessons. Isn't there a firewall setting that can make only selected domains (like lds.org, mormon.org, new.familysearch.org) accessible?

I had to say something here regarding the original post....This has also been a questionable thing for me too. I am the stake technology person and find that the directions are hard to determine. First of all.. I do understand very well this is finally the wishes of our Stake president. Several months ago, I attended a 2 hour plus online training session regarding the WiFi usage in our buildings. It was made very clear that the directions were that it was the wishes of our church leaders that all members be given access to the WiFi so as the LDS.org materials were available to all. Then on the other hand..look at the email you get everytime you activate a new 881W. That message is to guard the password and only the Stake President and maybe a few others have the authority to give out the password. I do not wish to be put in the position of "internet police" and have worked hard not to be. I have angered some of my fellow members when I have told them I cannot give them the password. It is hard to follow the given deffinition and responsibilities of the Stake Technology Specialist when the actual practice...or "your mileage may vary.
Donald F. Davis Jr.
Stake IT
Bloomington Indiana :)
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#15

Post by aebrown »

dfdavis wrote:Several months ago, I attended a 2 hour plus online training session regarding the WiFi usage in our buildings. It was made very clear that the directions were that it was the wishes of our church leaders that all members be given access to the WiFi so as the LDS.org materials were available to all.

I attended that same training, and although I would agree somewhat with your conclusion, I saw the direction as future plans, not immediate implementation instructions. Specifically, although the long-term plans are for making "LDS.org materials available to all," that same meeting discussed plans for controlling access to WiFi in meetinghouses through LDS Account authentication. That is not yet available. I see no reason for anyone to assume that the wide-spread access has to happen before that important piece of network security and control is in place.
dfdavis wrote: I have angered some of my fellow members when I have told them I cannot give them the password.

That's sad that anyone would react that way when you are simply following the directive from your stake president, when he has the keys to preside in the stake, and is specifically directed to decide network access policies in his stake.
dfdavis wrote: It is hard to follow the given deffinition and responsibilities of the Stake Technology Specialist when the actual practice...
I have seen nothing in your posts that seems to be outside the given definition and responsibilities of the STS. A wide range of actual practice is possible within the policies and guidelines, as directed by local leaders.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
dfdavis
New Member
Posts: 31
Joined: Tue Nov 03, 2009 1:41 pm
Location: USA

#16

Post by dfdavis »

aebrown wrote:I attended that same training, and although I would agree somewhat with your conclusion, I saw the direction as future plans, not immediate implementation instructions. Specifically, although the long-term plans are for making "LDS.org materials available to all," that same meeting discussed plans for controlling access to WiFi in meetinghouses through LDS Account authentication. That is not yet available. I see no reason for anyone to assume that the wide-spread access has to happen before that important piece of network security and control is in place.



That's sad that anyone would react that way when you are simply following the directive from your stake president, when he has the keys to preside in the stake, and is specifically directed to decide network access policies in his stake.



I have seen nothing in your posts that seems to be outside the given definition and responsibilities of the STS. A wide range of actual practice is possible within the policies and guidelines, as directed by local leaders.

I really appreciate your kind perspective. My wife and I are not life long members. We joined the church in 2009. Trust me.... there are lots of the leadership tree and regulations... I have a hard time understanding.
The problem with the training thing we both heard.... I have a lot of younger people and my FM group that are planning as we speak to implement all of what we heard. Before the security is in place to support it. I have finally.....whew.... convinced my self it is not all my responsibility at this point. Let happen whatever does, keep things as secure as I can. Things right now are a very long way from what they were when I received this calling. For that I guess I am happy. It is good to feel some sort of feeling of accomplishment. These callings are most of the time...way under the radar screen and most people have no idea what we actually do.
Donald F. Davis Jr.
Stake IT
Bloomington Indiana :)
ricnel
New Member
Posts: 14
Joined: Fri Jan 21, 2011 11:50 am

#17

Post by ricnel »

This is in response to the original post and shows our Stake progression of very limited internet access to a very broad almost unlimited access. (Sorry if it is a bit rambling.) This time line of our Stake buildings' access to the internet took place over the past few years.

Our Stake President wanted wireless access for the Stake Presidency only. To accomplish this, we ran ethernet wires from our Family History Center to the Stake offices and put in a wireless router. By direction of the Stake President, the password was not given out to anyone other than the Stake Presidency.

It was subsequently decided to provide hard wire internet access for the clerk's and bishop's offices. This was done. Once the clerks and bishops had internet access, everyone wanted wireless access. Pursuant to the Stake President's direction, we started to provide hard wire ports to the main rooms in our Stake Center. This included the High Counsel room, RS room, Multi-purpose room, Cultural Hall, Chapel, Primary Room and Scout Room. (All of this was done during the time the Stake was to foot the bill for internet access.)

Last year it was announced that all of the Church's buildings would have wireless internet access and that the Church (Salt Lake) via the FM Group would be paying for the monthly internet charges, equipment, and installation. This caused some concern by our Stake Presidency as they were not too keen on wireless internet access and we had been trying to keep everything to wired access.

I attended the meeting last year which discussed use of the internet and the fact that the wireless internet access was going to be controlled by the LDS Account Authentication - you would log into the wireless internet with your LDS account login information. This cured most of our Stake Presidencies concerns. It was also evident that the Church wanted the members to have access to the internet for teching, training, etc.

We then moved on to requesting that the FM Group install wireless internet for all 5 of our buildings. This was accomplished a short time ago. In speaking with the installer, he advised me of the password and that the password was a Church standard password. If I went into any Church building with a wireless access point listed as "LDSAccess" the password would be the same one he had given me. I was advised that the LDS Account Authentication software was not finished yet, and the planned rollout date was sometime in 2013.

Within a day or 2 of the completed wireless internet installation, a 14 year old young man visiting from another Stake told all of the kids in our ward what the password was to the wireless internet. All of the youth had the password before we were able to discuss it with the Stake Presidency and formulate our Stake's policy as to who would receive the password.

In the end, the Stake Presidency decided to advise all of the leadership of the password and that it was to be communicated to anyone who need to use the internet. Everyone now has it.
john84601
New Member
Posts: 47
Joined: Sun Mar 11, 2012 2:24 pm

#18

Post by john84601 »

THEN
Once upon a time... church buildings use to use 'residential' type locks. The keys for these locks could be (and often were) copied at any hardware store. Although some member’s willingness to allow their keys to be copied was 'disappointing', I wouldn't quite have classified it as a 'moral crisis'.

As it turns out... there were two solutions to this problem
1) Change the locks often.
2) Get better locks.


NOW
I think the same applies to internet access in the building. WiFi in the buildings is a resource that members can benefit from. Many will use it appropriately and some will not. (Fortunately, it’s all filtered). You cannot carry the burden of how members use this resource. All you can do is follow the policy (and Stake President direction) and encourage members to make good choices. However IMHO, I think there are (at least) two solutions to encouraging good use of the WiFi.

1) Change the password often (maybe twice a year - right around stake conference?).
2) Get a better lock (or login system). This appears to be coming in 2013. I guarantee members will be less casual about giving out their own personal username and password… and that they will use it for more appropriate purposes.

Just my opinion...

JW
diazt
New Member
Posts: 1
Joined: Mon Apr 06, 2015 12:19 pm

Re: Member access to WIFI in church building

#19

Post by diazt »

I was Counselor of the Primary in Cambridge MA. I wished to know the password many times as I prepared classes, sharing times, etc. But the only person that could make use of it was the Primary President, the Bishop, and some that work in the offices. No one wanted to facilitate to me. I also have an Autistic boy who needs visual aids and different lds apps to help him be calm at Church. I think Leaders are being unjust with the members as the internet it should be available for everyone, not just for leaders. No everybody has smartphones and means to pay data plans. Even national libraries and schools have free access to internet. Why not our Church?? We also need to use our own agency, and not be restricted.
lajackson
Community Moderators
Posts: 11460
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

Re: Member access to WIFI in church building

#20

Post by lajackson »

diazt wrote:Even national libraries and schools have free access to internet. Why not our Church?? We also need to use our own agency, and not be restricted.
Because the Church is not in the business of providing free Internet access to the world. However, I suspect your experience was some time ago, since I know of no reason your leaders would not give you the password today.

Realize, of course, that even leaders and teachers who have access to the Church WiFi are instructed not to stream videos and other materials over the system. They are instructed to download the items in advance and play them without using the network wherever possible.
Post Reply

Return to “Meetinghouse Internet”