Implementing Multiple SSIDs

By Jim Geier

April 24, 2003

The latest access points offer the configuration of multiple services set identifiers (SSIDs) in order to distinguish separate networks within the same wireless space. Learn the ins and outs of implementing these multiple SSIDs.

A service set identifier (SSID) is a unique label that distinguishes one WLAN from another. Wireless devices use the SSID to establish and maintain connectivity. As part of the association process, a wireless network interface card (NIC) must have the same SSID as the access point. An SSID contains up to 32 alphanumeric characters, which are case sensitive. Traditional access points are only capable of supporting a singe SSID.

Now some companies, such as Cisco and Symbol, are offering enterprise-class access points that support multiple SSIDs. Some examples of products that support multiple SSIDs are the Cisco 1100 Series access point, which can support up to 16 separate SSIDs, and the Symbol Mobius Axon Wireless Switch, which can support up to 32 separate SSIDs. This logically divides the access point into several virtual access points all within a single hardware platform. Many companies want to take advantage of this technology because using access points to support more than one application, such as public Internet access and inventory control, increases flexibility and keeps costs down.

Options for Multiple SSIDs

Multiple SSIDs allow users to access different networks through a single access point. Network managers can assign different policies and functions for each SSID, increasing the flexibility and efficiency of the network infrastructure.

Here are some possible settings you could assign to each SSID:

  • Virtual Local Area Network (VLAN) . If your network uses VLANs, you can assign an SSID to VLAN1, and the access point groups client devices using that SSID into VLAN1. This enables the separation of wireless applications based on security and performance requirements. For example, you could enable encryption and authentication on one SSID to protect private applications and no security on another SSID to maximize open connectivity for public usage.
  • SSID broadcasting. In some cases, such as public Internet access applications, you can broadcast the SSID to enable user radio cards to automatically find available access points. For private applications, it's generally best to not broadcast the SSID for security reasons -- it invites intruders. Multiple SSIDs means you can mix and match the broadcasting of SSIDs.
  • Maximum number of client associations. You can set the number of users that can associate via a particular SSID, which makes it possible to control usage of particular applications. This can help provide a somewhat limited form of bandwidth control for particular applications.

Shared WLANs Come Alive

The use of multiple SSIDs means more flexibility when deploying a shared WLAN infrastructure. Instead of supporting only one type of application, possibly one that requires significant authentication and encryption, the WLAN can also maintain other applications that don't require such stringent controls. For example, the access point could support both public and operational users from a single access point.

The benefits of a shared infrastructure are certainly cost savings and enabling of mobile applications. Rather than having two separate WLANs (which probably isn't feasible), a company can deploy one WLAN and satisfy all requirements. The combination of multiple applications enables the ones having lower return on investment to be part of the WLAN. Sometimes a company needs to have several applications supported together to make the costs of deploying a WLAN feasible.

Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs and offers workshops on deploying WLANs.

Join Jim for discussions as he answers questions in the 802.11 Planet Forums.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.