OIT Network Systems

Temporary Visitor Wireless Network Access (TVWNA)

NOTE: This document described TVWNA as it functioned until March 21 2013. On that day, OIT overhauled visitor wireless service to add capacity for more simultaneous clients. Much of the service's behavior has changed as a result. The information in this document does not accurately describe the way visitor wireless service behaves beginning March 21 2013. Documentation describing the behavior of the service is not presently available.

OIT Temporary Visitor Wireless Network Access (TVWNA, pronounced "tuna") provides short-term Internet connectivity to wireless devices brought by visitors to Princeton University.

The service is available in nearly all University buildings on the main campus; see OIT's Wireless Coverage Map.

TVWNA is intended to provide service to wireless devices belonging to short-term visitors. It provides service to a device on up to seven days within a calendar month. TVWNA is not intended to provide service to devices belonging to Princeton University faculty, staff, and students, or to longer-term visitors. It does not provide service to wired-only devices.

TVNWA should not be confused with Visitor IP (VIP) Service, a different service that provides Internet connectivity to wired devices brought by visitors to Palmer House (a University guest house).

Contents

  1. Quick Start
  2. Technical Requirements
  3. How Can I Tell Whether I'm Using TVWNA Service?
  4. TVWNA Service is for Short-Term Visitors
    1. TVWNA Campers
    2. Persistent TVWNA Campers
    3. Keep in Mind
  5. TVWNA Does Not Provide Access to Campus-Only Resources
  6. Wireless Client Configuration
    1. Network Name (SSID)
    2. Authentication
    3. No Network Password
    4. Roaming
  7. Wireless Client Hardware Requirements
    1. 802.11b and 802.11g
    2. 802.11a
    3. 802.11n
    4. 802.11ac
    5. Summary
  8. Wireless (In)Security
  9. Caveats
  10. Troubleshooting
  11. Related Resources
  12. If You Need Additional Assistance
  13. Announcements

Quick Start

To get started using TVWNA right away, you may follow these instructions:

  1. To see whether TVWNA is available in your current location, check whether your wireless device is able to see a wireless network (SSID) named puvisitor.

    A detailed list of these locations is not available, but a rough guide is available in OIT's Wireless Coverage Map.

  2. Be sure your device is not configured to try to connect to any wireless network with a name that starts with puwireless. Those networks are part of OIT Wireless Service. A device that tries to connect to OIT Wireless Service and is not permitted to connect (because it is not eligible) will be unable to connect to TVWNA two minutes. If your device periodically retries to connect to OIT Wireless Service, it will keep preventing itself from connecting to TVWNA. So if your device was previously configured to connect to any puwireless network(s) and still remembers those network(s), reconfigure your device to "forget" those network(s). After doing so, you will need to wait two minutes before you can connect to TVWNA.

  3. Be sure your device is not configured to try to connect to any wireless network it sees. That might cause it to try to connect to a puwireless network. When it fails to connect to a puwireless network because it is not eligible to do so, it will be unable to connect to TVWNA for two minutes. If your device periodically retries to connect to OIT Wireless Service, it will keep preventing itself from connecting to TVWNA.

  4. Configure your wireless device to connect to the wireless network (SSID) named puvisitor, with no network password.

  5. Configure your wireless client to obtain its IP information via DHCP.

The way you perform the steps above is different for every operating system; if you need a detailed step-by-step procedure for your computer's operating system, consult the instructions that accompany your operating system. The OIT KnowledgeBase contains configuration procedures for several common operating systems; see Wireless: OIT Visitor Wireless for short stays on campus using PUvisitor (FAQ).

The remainder of this document contains more details about TVWNA, as well as information that should assist you in troubleshooting any difficulties using the service.


Technical Requirements

A device must meet the following technical requirements to use TVWNA:


How Can I Tell Whether I'm Using TVWNA Service?

Our current convention for the Internet hostnames associated with TVWNA IP addresses is: tvwna-LETTER-NUMBER.princeton.org, where LETTER denotes which OIT DHCP server owns the TVWNA IP address. This convention may change in the future.

The Identify My Computer tool will identify the IP address and hostname your computer is currently using, and also tell you if it is a TVWNA IP Address.


TVWNA Service is for Short-Term Visitors

We limit how long a particular client may use TVWNA. We do so to discourage abuse by clients whom TVWNA is not intended to service; to discourage faculty, staff, and students from using TVWNA as an alternative to registering devices in the Host Database. We also do so to help preserve an adequate supply of IP addresses for legitimate TVWNA clients.

A device may use TVWNA on any seven days within a single calendar month. We define "use" as any time during which the device was leased a TVWNA IP address. Any use on a day counts, regardless of the length of use on that day.

TVWNA Campers

Once a device has used TVWNA on seven days within a calendar month, the device is declared a TVWNA Camper. (The device may use TVNWA throughout the seventh day; once the seventh day is over, it is declared a TVWNA Camper.)

A TVWNA Camper cannot use TVWNA during the remainder of that calendar month. The wireless hardware addresses of current TVWNA Campers appear in Devices Blocked from Temporary Visitor Wireless Network Access.

If a TVWNA Camper tries to use TVWNA, it will not be able to associate to the Wireless Access Point (i.e. connect to the puvisitor network).

You may determine how many days during the current month your device has used TVWNA; you will first need to discover your device's wireless hardware address. Look for that hardware address in Temporary Visitor Wireless Network Access Clients This Month.

If your device is currently using TVWNA, its hardware address will also appear in Current Temporary Visitor Wireless Network Access IP Address Assignments. And if your device has already been declared a TVWNA Camper, its hardware address will appear in Devices Blocked from Temporary Visitor Wireless Network Access.

At the start of each month, the list of TVWNA Campers is cleared. You can review historic lists of TVWNA Campers from several past months in Old TVWNA Campers.

Persistent TVWNA Campers

If a device is declared a TVWNA Camper as a result of seven days of TVWNA usage during the first fifteen days of a month, and this happens for three months in a row, the device is declared a Persistent TVWNA Camper.

A Persistent TVWNA Camper cannot use TVWNA for a year. The year starts on the date the device was declared a Persistent TVWNA Camper.

If a Persistent TVWNA Camper tries to use TVWNA, it will not be able to associate to the Wireless Access Point (i.e. connect to the puvisitor network).

The wireless hardware addresses of current Persistent TVWNA Campers appear in Devices Blocked from Temporary Visitor Wireless Network Access. The date on which the device was declared a Persistent TVWNA Camper appears, along with the months of TVWNA Camping that contributed to the devices being so declared. A device is removed from the list one year after the date it was added.

Keep in Mind

Keep in mind that TVWNA is intended to serve short-term visitors to the Princeton University campus. Princeton University faculty, staff, and students are not expected to use TVWNA; they are expected to instead register their devices in the Princeton University Host Database. Princeton University faculty, staff, and students should not use TVWNA as a substitute for registering their devices in the Host Database and using the OIT network services intended for their use. Misuse of TVWNA by Princeton University faculty, staff, and students violates our acceptable use policy for the service; in such cases, the device may be blocked from further use of the service, and/or the matter may be referred to an appropriate University authority.

Long-term visitors are expected to be visiting at the invitation of some University staff or faculty member. That person (the University sponsor of the visitor) should register the device in the Princeton University Host Database, much like any other office device at the University.


TVWNA Does Not Provide Access to Campus-Only Resources

TVWNA is intended to function as an "Internet Hot Spot," providing Internet connectivity to visitors. It's not intended to provide these visitors with access to services that should be available only to "on-campus devices" or "Princeton University" devices.

Accordingly, TVWNA clients enjoy the same access to the campus network as do devices elsewhere on the Internet. That means, for example, that they cannot access campus services specifically configured to serve only on-campus devices.

The IP addresses and DNS hostnames assigned to TVWNA clients are distinct from those assigned to devices registered in the Princeton University Host Database.


Wireless Client Configuration

Network Name (SSID)

All the TVWNA Wireless Access Points are configured to provide a wireless network with the single network name: puvisitor. The network name is sometimes referred to as the SSID (Service Set Identity).

Any wireless client you wish to use with TVWNA should be configured to connect specifically to the network name puvisitor.

We strongly advise against the alternative, of configuring your client to connect to "ANY" wireless network it finds; some client software may describe this as "using the broadcast SSID (Service Set Identity)." There are many private wireless networks throughout campus; allowing your device to try to connect to "ANY" network it overhears would cause your device to sometimes connect to some of them, instead of TVWNA. That will lead to a variety of difficulties for the wireless client. It will also cause your client to try sometimes to connect to puwireless networks; attempting to do so will interfere with your device's ability to connect to the puvisitor networks, as described below.

Be sure your device is not configured to try to connect to any wireless network with a name that starts with puwireless. Those networks are part of OIT Wireless Service. A device that tries to connect to OIT Wireless Service and is not permitted to connect (because it is not eligible for OIT Wireless Service) will be unable to connect to TVWNA for two minutes. If your device periodically retries to connect to OIT Wireless Service, it will keep preventing itself from connecting to TVWNA. So if your device was previously configured to connect to any puwireless network(s) and still remembers those network(s), reconfigure your device to "forget" those network(s).

Authentication

We use 802.11 "open" authentication, not 802.11 "shared" authentication.

Clients that can support 802.1x authentication should disable this when connecting to TVWNA. The service does not currently use 802.1x.

No Network Password

TVWNA does not use a network password (e.g. WEP key, WPA key, WPA2 key).

Roaming

TVWNA supports moving from one Wireless Access Point's coverage area to another overlapping coverage area without restarting or reconfiguring the computer.


Wireless Client Hardware Requirements

Our service is intended to provide service to clients which support a number of the IEEE 802.11 standards.

802.11b and 802.11g

The basis of our service is the IEEE 802.11g standard, and our service includes backward compatibility for 802.11b. All locations where our service is installed support 802.11g and 802.11b clients. 802.11b and 802.11g services always operate in the 2.4 GHz frequency range.

Our 802.11b service supports data rates of 5.5 and 11 Mbps. Our 802.11g service supports data rates of 5.5, 6, 9, 11, 12, 18, 24, 36, 48, and 54 Mbps.

Our 802.11b and 802.11g services do not support data rates of 1 and 2 Mbps, because clients communicating so slowly (either due to poor signal or lack of support for 802.11b) would monopolize the available bandwidth, leaving little for faster clients.

We do not support clients that speak only the original version of IEEE 802.11 (no letter after the '11'). That's the specification that predated 802.11b, and also operated in the 2.4 GHz frequency range. Those clients only support data rates of 1 and 2 Mbps, neither of which we support.

Some vendors sold 802.11g equipment before that standard was finalized in November 2001; such equipment was based on earlier drafts of the standard. Some of these early 802.11g devices may experience compatibility problems both with 802.11b networks, and with other vendor's 802.11g devices. Some 802.11g devices that do not comply the final version of the 802.11g standard may even interfere with surrounding 802.11b networks. If you have an 802.11g device, contact the vendor for updates to bring it into full compliance with the final version of the 802.11g standard. If you have difficulty using an 802.11g device, a workaround may be to reconfigure it to limit itself to 802.11b.

802.11a

We began upgrading our service in 2010 to add support for IEEE 802.11a service. In locations that have been upgraded, in addition to the existing 802.11b and 802.11g service, we also provide 802.11a service. By September 2014 this upgrade had been completed in all of the undergraduate dormitory buildings, the Graduate College, Lawrence Apartments, and 63 academic and administrative buildings (including all of the largest or most-populated ones). During the 2014-2015 academic year we expect to upgrade additional academic/administrative buildings.

802.11a service operates solely in the 5 Ghz frequency range.

In those locations that have been upgraded, the 802.11a service makes use of channels throughout the set permitted in the 5 GHz range in our regulatory domain as of late 2010. (2010 was the year in which we began providing any service in the 5 GHz frequency range.) Those 5 GHz channels are: 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 136, 140, 149, 153, 157, and 161. Clients with older 5 GHz wireless interfaces may support only a subset of those channels. As a result, such older 5 GHz wireless clients will not always be able to "hear" our 5 GHz service even in the areas where the service is available. We use many of the 5 GHz channels (instead of only the "lowest common denominator" set supported by the oldest 5 GHz clients) to allow us to provide the maximum bandwidth for modern 5 GHz clients. Older clients that can't hear the newer 5 GHz channels will still be able to use our 2.4 Ghz services; the 2.4 GHz services remain available everywhere we provide wireless service; this is one reason that all clients should continue to support 2.4 GHz.

802.11n

We began upgrading our service in 2010 to add support for IEEE 802.11n service. In locations that have been upgraded, in addition to the existing 802.11b and 802.11g service, we also provide 802.11n service. By September 2014 this upgrade had been completed in all of the undergraduate dormitory buildings, the Graduate College, Lawrence Apartments, and 63 academic and administrative buildings (including all of the largest or most-populated ones). During the 2014-2015 academic year we expect to upgrade additional academic/administrative buildings.

802.11n service operates in both the 2.4 Ghz frequency range (the same range used by 802.11b and 802.11g) and in the 5 Ghz frequency range (the same range used by 802.11a).

In those locations that have been upgraded, the 802.11n service in the 5 GHz frequency range makes use of channels throughout the set permitted in the 5 GHz range in our regulatory domain as of late 2010. (2010 was the year in which we began providing any service in the 5 GHz frequency range.) Those 5 GHz channels are: 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 136, 140, 149, 153, 157, and 161. Clients with older 5 GHz wireless interfaces may support only a subset of those channels. As a result, such older 5 GHz wireless clients will not always be able to "hear" our 5 GHz service even in the areas where the service is available. We use many of the 5 GHz channels (instead of only the "lowest common denominator" set supported by the oldest 5 GHz clients) to allow us to provide the maximum bandwidth for modern 5 GHz clients. Older clients that can't hear the newer 5 GHz channels will still be able to use our 2.4 GHz services; the 802.11b and 802.11g 2.4 GHz services remain available everywhere we provide wireless service, and the 802.11n 2.4 GHz service is available in those locations upgraded to add 802.11n support. This is one reason that all clients should continue to support 2.4 GHz.

Most (if not all) 802.11n equipment available through mid-2012 is based upon drafts of the 802.11n specification, rather than the final published specification. Our 802.11n service is presently based on draft 2 of the IEEE 802.11n specification. It is possible the behavior of our 802.11n service will evolve as vendors release updates. You may find that you need to update your client's wireless software to work with (or continue to work with) our 802.11n service.

802.11ac

We began upgrading our service in 2014 to add support for IEEE 802.11ac service. In locations that have been upgraded, in addition to the existing 802.11b, 802.11g, and 802.11n service, we also provide 802.11ac service. By September 2014 this upgrade had been completed in four academic and administrative buildings and no other locations. During the 2014-2015 academic year we expect to upgrade additional academic/administrative buildings.

802.11ac service operates in the 5 Ghz frequency range (the same range used by 802.11a and one of the same ranges used by 802.11n).

In those locations that have been upgraded, the 802.11ac service makes use of channels throughout the set permitted in the 5 GHz range in our regulatory domain as of late 2010. (2010 was the year in which we began providing any service in the 5 GHz frequency range.) Those 5 GHz channels are: 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 136, 140, 149, 153, 157, and 161. Clients with older 5 GHz wireless interfaces may support only a subset of those channels. As a result, such older 5 GHz wireless clients will not always be able to "hear" our 5 GHz service even in the areas where the service is available. We use many of the 5 GHz channels (instead of only the "lowest common denominator" set supported by the oldest 5 GHz clients) to allow us to provide the maximum bandwidth for modern 5 GHz clients. Older clients that can't hear the newer 5 GHz channels will still be able to use our 2.4 Ghz services; the 802.11b and 802.11g 2.4 GHz services remain available everywhere we provide wireless service, and the 802.11n 2.4 Ghz service is available in those locations upgraded to add 802.11n support. This is one reason that every client should continue to support 2.4 Ghz.

Summary

We emphasize that to be eligible for our service, the client must include support for IEEE 802.11b or 802.11g. (That also implies the client supports the 2.4 GHz frequency range, as 802.11b and 802.11g operate solely in that range.)

Examples of clients that do not meet our eligibility requirements include:

Clients that do not meet our eligibility requirements will be unable to "hear" our wireless services in most locations.

Our 802.11b and 802.11g services are available throughout our service area. Many of our locations have been upgraded to add support for 802.11a and 802.11n services, and a handful of locations have also been upgraded to add support for 802.11ac service. Those locations that have been upgraded should also support all 802.11n clients that operate in the 2.4 GHz frequency range; they will suport only 802.11n clients (and 802.11ac clients in those areas with 802.11ac support) that operate in the 5 GHz range and 802.11a clients only if the client supports all the 5 GHz range channels that were defined as of 2010.

Customers purchasing new equipment should prefer hardware that supports all five standards: 802.11b, 802.11g, 802.11a, 802.11n, and 802.11ac. Support for 802.11b or 802.11g is a necessity. Support for 802.11a and 802.11n is not an absolute necessity, but is highly desirable, because it will allow the client to automatically take advantage of our the newer services available in many campus locations. Support for 802.11ac is not a requirement, but will allow the client to automatically take advantage as more campus locations are upgraded in the future to support that service.

Clients that support multiple wireless standards usually require no special configuration to select a particular standard. Once you configure the device to try to connect to a particular network name (SSID), the device will usually look for that network name using all the frequency ranges and protocol standards supported by that device. For example, if the device supports the 802.11b, 802.11g, and 802.11n protocols in the 2.4 GHz frequency range, and supports the 802.11a, 802.11n, and 802.11ac protocols in the 5 GHz frequency range, the device may discover the requested network name is available in both frequency ranges. The device will automatically choose one of the frequency ranges; our service tries to steer such a device toward the 5 GHz frequency range if possible; such steering is not always possible. The device will select one of the protocols supported in that frequency range; usually the device will select the newest protocol.


Wireless (In)Security

It is extremely simple for someone to intercept traffic sent to or from your computer via wireless networking. Modification of the traffic is also possible.

We do not attempt to secure TVWNA using encryption technologies. Those encryption technologies that all wireless clients support (e.g. WEP using a shared key) are ineffective. Newer encryption technologies are not supported by many potential TVWNA clients, and even so, most of these technologies rely on there already being a different secret shared by each client and the network (e.g. an individual user's password), which is not available given that TVWNA customers are not "known".

As you cannot rely on the network to prevent interception or modification of your data, if your data is sensitive, you would be prudent to take steps to ensure that anyone who might intercept your traffic would find it of little value, and to take steps to make it difficult for an interloper to modify your traffic in-transit. For example, instead of using applications that send and receive your data in the clear, use applications that use strong encryption before placing your data on the network. (E.g. avoid cleartext telnet, ftp, and rlogin; instead use ssh, scp/sftp, kerbererized telnet, kerberized ftp, or kerberized rlogin. When using ssh/scp/sftp, verify that the public key of the server to which you are connecting is legitimate. Do not send sensitive data to Web sites unless the Web site connection is using strong encryption and you verify that the Web site's public key is legitimate.)


Caveats


Troubleshooting

If your client is unable to connect to the puvisitor wireless network, or obtain an IP address, check for the following common problems:


Related Resources


If You Need Additional Assistance

If you have questions or need assistance with any of the procedures in this document, please contact the OIT Support and Operations Center.


Announcements


A service of OIT Network Systems
The Office of Information Technology,
Princeton University
Last Updated: August 15 2014