After a failed attempt at one of the Netgear access points, I decided to give Cisco a try. I have to admit, I had high expectations from Cisco. In my book they are “the name” when it comes to networking. And they really lived up to my expectations. First off, some information about the unit. The AIR-AP1042N-A-K9 is the exact unit I bought. It is a dual-band dual-radio access point, meaning it works in both 2.4GHz and 5GHz concurrently. It also works with PoE. They also have an 1100 and 1200 series which have more features, but none of the features they added seemed like things that are worthwhile to me. That doesn’t mean they are not worth getting, they just didn’t add anything I cared about for my setup.
The unit itself is much smaller that the WNDAP360, especially in terms of looks. In reality it is about 8.6×8.6″ and about 1.5″ tall (contrasted to 10x10x2″ on the Netgear) but that 1.5″ smaller size makes a huge difference. The construction is also much better. This thing weighs in at 2.1lbs by itself. In comparison the WNDAP360 had a shipping weight of 1.9lbs. It feels much studier, like it is made out of metal and sturdy plastic (which it is) instead of cheap thin plastic. The console port is an RJ-45, and if you have other Cisco equipment you probably have that cable laying around. If not they are easy to make or buy. Otherwise it has an (optional) power plug and the gigabit Ethernet port. By the way, for some reason the picture came out looking kind of red and green, in reality it is a nice bland white. By bland I mean it isn’t super reflective so it tends to blend in with the walls better than the WNDAP360 did, and much better than our DAP-2553 units do (they are black).
Configuration on this thing is, as expected from Cisco, a bear. If you don’t have a masters degree or 10 years experience you might want to think about something else. Okay, a bit of an exaggeration, but that is my general take on Cisco. Cisco is not for those that want a simple “point and click” or “plug and play” device. Cisco makes great equipment, but you have to spend a lot of time learning how to properly configure them. Now, most of our switches here are Linksys (now Cisco) so they have a very similar IOS software so I am already pretty familiar with the command line interface so for me this wasn’t too hard to setup.
I had seen a number of reviews on various buying sites talking about the GUI being slow and troublesome. Yes, it is. After setting this thing up my gut feeling is that the GUI was put in because people wanted a GUI. I found almost no documentation on how to properly set this thing up, it’s like you are expected to just magically know how to do it (again, that fits my picture of Cisco). Things that should be extremely simple like setting up multiple SSIDs are extremely complex because you have to do things in a certain order and if you don’t follow that order in the GUI you get generic “failed” errors instead of a proper error message that says “to do this you must first enable this option” so there is a lot of guess work involved. The manual was more like a reference manual on the individual commands rather than a “howto”.
Here are the features that it has that I really wanted. Each frequency can have up to 8 SSIDs assigned to it. So if you want to have the same SSID on both 2.4GHz and 5GHz, you can have up to 8 total SSIDs. If however you want to keep them completely separate (i.e. staff on 5GHz and guest on 2.4GHz) you can have up to 16 SSIDs (8 on 2.4GHz and 8 on 5GHz). The supported authentication methods are Open, WEP, WPA Personal, WPA Enterprise and MAC authentication (both a local list and via RADIUS). The MAC via RADIUS authentication is the one I really wanted. I want to setup a network of “dedicated devices” (such as TVs) that will be allowed on our network, but I don’t want to just use WPA Personal and have a single password that if it gets out causes all kinds of trouble. So now I can use WPA Personal and have it match a list of MAC addresses that is centrally managed.
The dual-radio is also a feature I wanted and it works great. Another major feature was the ability to limit the number of users per SSID. For example, during our weekend services we get over 200 users on our public guest network. In fact, we get so many guest users that our staff can not login to WiFi anymore. I wanted a way to limit the number of guest users without limiting the staff users. Other APs that I have played with only let you limit the number of total connections (which means staff still has issues). I setup this unit to allow 30 guest users; what is nice is that the limit is per-radio. So the guest network can have up to 30 2.4GHz users and 30 5GHz users. At peak usage during a service, the unit had a total of 43 2.4GHz users online at one time (30 guest and 12 staff) including my iPhone. My iPhone worked perfectly. I was able to surf the internet without any issues. The DAP-2553 units we have now start having noticeable issues at 35 users, like having to click retry to get a page to load. So it seems to handle more users, probably due to better programming and a little more expensive radio.
I will say that otherwise this unit worked as expected. Things like client roaming worked properly. 5GHz worked as expected. I don’t have clients drop randomly. I have been running this for about 1 month and not run into any issues. One other notable fact is the firmware. There are 2 different firmware images. A “light” version and the “full” version. The “light” version is the AIR-LAP1042N and the “full” version is the AIR-AP1042N. The difference is this. The “light” version is designed to work with a central management device and does not function on it’s own. Meaning you buy this special Cisco device and then you manage all your APs centrally (and it provides even better features like load balancing, helping you find dead spots, etc.). A few other companies do the same but here is the difference. The other companies you buy one or the other and that is what you get. With the Aironet devices, a firmware upgrade (or crossgrade) lets you switch between the two. If you buy a stand-alone unit now you can “crossgrade” the firmware to the light version to use with the management device. You don’t have to throw away your units and start over. This is a major win for me. I can buy now and actually continue to use them in 2-3 years when I decide I want the management device.
Summary
This is a great unit if you need the features. At the $400 price point it is pretty expensive, compared to what I am used to buying, but as I said it provides the features I want: 2.4GHz and (working) 5GHz; Up to 8 SSIDs (per radio); per-SSID user limits; and RADIUS based MAC authentication. Yes, I can buy 3 DAP-2553 units for that price, but those units don’t give me the features I am trying to use. If you don’t need these advanced features I highly recommend the DAP-2553. If you do need the features, these Cisco Aironet units are a great buy.
Pros
- Dual-radio simultaneous support for 2.4GHz and 5GHz
- Up to 8 SSIDs per radio (up to 16 total between the two radios/bands)
- Standard PoE support
- Central management available
- Per-SSID connection limits
- RADIUS based MAC filtering
- Solid construction
- RADIUS based admin authentication (both for GUI and CLI)
Cons
- Steep price: $400
- Difficult to use GUI