# Backstage WiFi



## SteveB (Nov 10, 2013)

For those of you who work in facilities that has visiting theater companies, outside events;

Do you provide WiFii?.

Is it open to all user, or passcode required ?.


----------



## Footer (Nov 10, 2013)

Free and open on our end. We have it on a segmented part of the network so they can't get into our internal stuff. 

We also have hardlines available on both of our stages and in the guest production office. 

We have access points in our larger theater, onstage in the larger house, in the dressing room areas, and in our smaller space. Unfortunately all of them are linksys routers running DDWRT. It works, not great, but it works.


----------



## MNicolai (Nov 10, 2013)

Most common I've seen is passcode required, but most convenient is open if you've the bandwidth to make it work.

If you've a lot of events where audiences should have ready access to Internet (meetings, conferences, so forth), then open is preferred. If mostly just for the 5-25 touring crew/cast, then closed is probably just as fine if you have pre-printed slips of paper with the code on it you can post in the dressing rooms or hand out.

Free and open WiFi has become so ubiquitous that gone are days when everyone is concerned about the liability and legal ramifications of offering unfettered access to the public. Still, you want to make sure however access is provided that it does not compromise internal network security.


----------



## Amiers (Nov 10, 2013)

We have Wifi in the back. However I have killed the broadcasting signal so that public can't access it unless they really are trying. It is also outside of our internal intranet so as to keep the staff from nosing around or stumbling upon something accidentally.


----------



## SteveB (Nov 10, 2013)

As a request to those who reply, if your facility is not listed on your signature, could you PM me the facility ?.

I'm trying to make a case to our ITS office to install a router backstage. Up to now they have refused to do this, claiming it leaves the college network open to intrusion. BS, I call but need examples. Currently we have a Clear WiFi to 4g service that the PAC office pays for. The 4g bogs down terribly with more then 2 users, no surprise.


----------



## Footer (Nov 10, 2013)

SteveB said:


> As a request to those who reply, if your facility is not listed on your signature, could you PM me the facility ?.
> 
> I'm trying to make a case to our ITS office to install a router backstage. Up to now they have refused to do this, claiming it leaves the college network open to intrusion. BS, I call but need examples. Currently we have a Clear WiFi to 4g service that the PAC office pays for. The 4g bogs down terribly with more then 2 users, no surprise.



You must have some really annoyed road crews (and house crew). Free and open wifi is just part of the package now, just like having a phone line and a fax line for guest use only was. 

Just throwing this out there, when I do our yearly trip down to Hostos they have open wifi in their theatre. It is a guest network and you have to hit a sign on page that I think requires your email address but after that your in. Its annoying, but it does work... and it is a CUNY school. 

Start pulling tech packets from various places. The wifi thing is listed in both of our tech specs. Most places I have been do the same.


----------



## DuckJordan (Nov 10, 2013)

We still sell WiFi, doesn't come with the package. If you need WiFi you pay to use it.


----------



## techieman33 (Nov 10, 2013)

Password required. Having 1000+ people trying to hit a wifi router at the same time will almost always bring a small network to it's knees. There are 2 separate networks, one for building staff with access to the local network, and a guest network that routes straight to the internet.


----------



## zmb (Nov 10, 2013)

I'm on a college campus and for outside events, the group will be issues a username and password combo that expires once their event is over. Everything's routed through the same network regardless of who's using it.


----------



## josh88 (Nov 10, 2013)

In college we used to have unsecured university wifi. This changed to a secured network once the FBI showed up to our theatre. Someone had attracted their attention by running phishing scams, downloads and a bunch of other stuff they wouldn't explain. They had run it through the router the university put in our space and the FBI assumed they would find a person when they arrived, not a stage. That was an interesting week.


Via Tapatalk


----------



## zmb (Nov 10, 2013)

josh88 said:


> In college we used to have unsecured university wifi. This changed to a secured network once the FBI showed up to our theatre. Someone had attracted their attention by running phishing scams, downloads and a bunch of other stuff they wouldn't explain. They had run it through the router the university put in our space and the FBI assumed they would find a person when they arrived, not a stage. That was an interesting week.
> 
> 
> Via Tapatalk


Mine's unencrypted but secured, almost every internal site runs over SSL including the lunch menu. It has a login page that opens if you try to connect to any external site and is using MAC Addresses to control access. The IT page says that it's to keep scams and illegal torrents running from unknown connections. Every campus computer also requires a logon for external web access and to use the edit capabilities of Office.


----------



## JRRichardson (Nov 10, 2013)

WIFI password required and given out freely if asked for and several ports around the building for direct modem connection.. We usually update our password every few months - we had a issues with past local users occupying our 'shop-front' customer car parks for several hours a day while using our internet.


----------



## cpf (Nov 11, 2013)

We have a very nice dual-SSID wifi setup where visitors can log into the public network on their own devices, and an encrypted network that all the "owned" devices connect to. 

The public network is entirely locked down - clients can only access the Internet, and not other parts of the network, and all access is monitored and filtered. 

We also have a standalone wireless AP (encrypted) that connects to all the networked stuff in the booth (lighting board, booth PC...) but not to the outer network.


From live broadcasts to interactive presentations to technology workshops, these networks have been key to the flexibility of the venue.


----------



## Footer (Nov 11, 2013)

How has the locked down thing worked for you guys? Do clients/road co/etc use it or do you have to spend time supporting them to get online? 

My only real issue with going locked down is now I have to play IT guy while still trying to get a show in.


----------



## cpf (Nov 11, 2013)

Footer said:


> How has the locked down thing worked for you guys? Do clients/road co/etc use it or do you have to spend time supporting them to get online?
> 
> My only real issue with going locked down is now I have to play IT guy while still trying to get a show in.



At first the filtering was a bit over zealous (no YouTube, Outlook webmail didn't work) but that got sorted out quite quickly. There's a lot more in place than just web filtering though: inter-client isolation, an isolated VLAN, QoS, etc. However, you'd need to know what those acronyms stood for before you'd ever run into problems with them in "regular" use. Most people are connected and happy before I even mention the WiFi.

That, and in my experience any show that's had specific network requirements (digital snake, IP video, broadcast...) has brought their own equipment and has known how to use it.


----------



## techieman33 (Nov 11, 2013)

We haven't had any issues with requiring a password. The production is given the network name and password during the advance, and we have signs to post in the dressing rooms, production office, etc.


----------



## TheaterEd (Nov 11, 2013)

I'm at a high school. Visitors connect to a guest network that only becomes available after school hours. The last couple of colleges I have been at for workshops had visitor accounts that we could use for wifi.


----------



## patrickh (Nov 11, 2013)

The Gertrude Ford Center, where I work, uses two trunk lines installed during the 2008 presidential debates and the university's login and password. The login and password given out to the company expires each day. The university has a new guest ID and password each day that you must log into the SLP net weaver portal to receive. We post the id and password on the call board and many times in wardrobe and dressing rooms and the green room. It works fantastically and has great speed! The normal employees can connect their device with their personal ID and password. The university recently released a new wifi option that allows you to install a certificate on your device that is registered to you, so you don't have to login every time you power up or come into range. The audio department uses a personal wifi signal generated on their macbook pro to control the mixers from an iPad. the electrics department makes use of our extensive ETCnet package and our audience members usually don't get access to internet unless they just happen to work or study at the university and can log in with their own ID. 1500 people suddenly connected to even a strong wifi router can suddenly bring it to it's knees


----------



## dvsDave (Nov 15, 2013)

Footer said:


> How has the locked down thing worked for you guys? Do clients/road co/etc use it or do you have to spend time supporting them to get online?
> 
> My only real issue with going locked down is now I have to play IT guy while still trying to get a show in.



OpenDNS filtering goes a long way towards locking down an open connection to various sites, by category. 

Sent from my XT1060 using Tapatalk


----------



## zmb (Nov 15, 2013)

patrickh said:


> The Gertrude Ford Center, where I work, uses two trunk lines installed during the 2008 presidential debates and the university's login and password. The login and password given out to the company expires each day. The university has a new guest ID and password each day that you must log into the SLP net weaver portal to receive. We post the id and password on the call board and many times in wardrobe and dressing rooms and the green room. It works fantastically and has great speed! The normal employees can connect their device with their personal ID and password.



Campus internet is indeed amazing being in the top 1% of connections available. Still get over 200 mbps reaching SoCal servers. Never have to wait for anything to buffer or download.


----------



## derekleffew (Nov 15, 2013)

This article may be pertinent: http://www.rawstory.com/rs/2013/11/14/colleges-begin-to-get-a-taste-of-super-wi-fi/ . It sounds like super wifi makes good use of the white space the FCC took away from our wireless mics.


> He said Super Wi-Fi requires no additional equipment for most devices and can have a range of up to five miles (eight kilometers) compared with 350 feet (100 meters) for traditional Wi-Fi.


Sign me up!

-----
Answer to the poll:
Free wifi without a password to slow, ad-ridden network
Free, better wifi with a password to registered hotel guests, but still not optimum.
Paid, very fast wifi with password for those willing to pay $20-100 per day.


----------



## zmb (Nov 15, 2013)

derekleffew said:


> -----
> Answer to the poll:
> Free wifi without a password to slow, ad-ridden network
> Free, better wifi with a password to registered hotel guests, but still not optimum.
> Paid, very fast wifi with password for those willing to pay $20-100 per day.



Or tether to a phone that has an unlimited data plan and is within at least 3G coverage. Often easier and better than hotel WiFi if you're with someone who already has cellular data covered by their company. My hotel experience has been a combination of free, with password, and slow.

Disney has an amazing Wifi network inside the parks now. Isn't the fastest, but covers everywhere and prioritizes the ability to get a connection. No sign in or terms page either, it just works.

Also, what frequencies might Super Wifi work on and how can I get a computer that will support it? I got a new laptop over the summer that only goes up to the N standard and not the faster and better AC standard.


----------



## sdauditorium (Nov 15, 2013)

Ours does require a Security Key to access, but once they have the key, they're all set. We don't have the volume of folks coming in that we're concerned about bandwidth limitations. We do have a separate Wifi network for our LS9 and the like that doesn't broadcast and has separate credentials.


----------



## SteveB (Nov 15, 2013)

sdauditorium said:


> Ours does require a Security Key to access, but once they have the key, they're all set. We don't have the volume of folks coming in that we're concerned about bandwidth limitations. We do have a separate Wifi network for our LS9 and the like that doesn't broadcast and has separate credentials.



OK, so what I'm basically seeing is that the assorted ITS offices at all these facilities seemingly don't have problems providing internet access via WiFi that is segregated from the main systems. 

So it's essentially what we've known all along in that our ITS head is essentially being obstinate in not wanting to be bothered in setting up a useful system for us. 

I'll write up a proposals using examples as found here.

Thanks for the replies.


----------



## Amiers (Nov 16, 2013)

I wouldn't say obstinate. Is it possible that you facility is rather large and being able to provide Wifi for the whole building would be difficult to budget. I am sure you have a hardline network in for an office but if not that would mean coring/trenching to the building hiring in a fiber company to run the fiber and terminate it. Now if none of that even comes close to home then well I would call ITS lazy not stubborn


----------



## SteveB (Nov 16, 2013)

Amiers said:


> I wouldn't say obstinate. Is it possible that you facility is rather large and being able to provide Wifi for the whole building would be difficult to budget. I am sure you have a hardline network in for an office but if not that would mean coring/trenching to the building hiring in a fiber company to run the fiber and terminate it. Now if none of that even comes close to home then well I would call ITS lazy not stubborn



As note, the system in question would be a single WiFi router located for backstage use. 

The facility is currently undergoing a major expansion. In the process the 5 existing fiber optic cables had to be cut, spliced and path re-located. The contractor then proceeded to falsify the test data and got caught, thus the FO system (and in litigation) is off-line and we are running a building with about 50 users on one single Cat5 line gaff-taped between buildings (since last November).

But it has been prior to this that our ITS office, even with functioning FO lines, refused to install an open WiFi router for backstage use, claiming they could not make it secure. As well they were unable to setup the box office system that allows secure credit card ticket purchasing to the software used by the office. This resulted in the general manager having installed 2 DSL lines from Verizon. One was backstage and had reasonable connection speed thru it's WiFi, but for reasons not clear to me, the house IT person recommended we drop the DSL (Verizon business DSL is expensive) and instead move to a Clear 4G WiFi system. This is OK for one or two users but is unacceptable for more then two. Thus and once the FO systems comes back on-line, we will be making a case to have the college get better WiFi installed. Probably another year or two.


----------



## Amiers (Nov 16, 2013)

Well that is very unfortunate on all accounts. I would move to say the IT office is being lazy by not temping in something a bit better then CAT5e strung between buildings. I would go so far as to just DIY router until IT gets in gear.


----------



## blindbuttkicker (Nov 28, 2013)

I know this might be a bit of a different situation, but at my old high school: secured wifi using server/client authentication (student/faculty login) and you had to go and manually "talk" to the authentication server (this is a high school network and has both authentication and handshaking protocols in place as i've toured the It Areas before as a student) in the IT Closet via opening Port 80 manually, and then doing an open proxy and then re-authenticate to keep the server happy otherwise it'd kick you if you didn't login and stop "talking" to you until you said "hey im trying to talk to you" again XD after you got through that server, it passed you over to the wireless VLAN Switch and you're in, then after a while, authentication server would come a knocking and say "who are you" again by requesting user credentials again and it would redo your connection (do a handshake) to make sure your not spoofing your MAC Address, otherwise it'd auto-ban you and never speak to that MAC again and the IT Staff and school admins would become very unhappy because the system would then auto-alert. haha

College Campus: unsecured wifi but login through a splash screen, though they have a secured one, but they don't let students use it (I call BS on that piece of **** grrr hah) I run a VPN and a software client that hides me from the rest of the network so my IP/Mac/network awareness is changed/blocked upon successful connection and all incoming connections are ran by the client first before they hit my laptops OS so Windows cant say "I'm here" so in case a virus or something is on a Machine in the network (scanned the network and about 190+ devices at any given time usually) so I do that to keep me protected because I'm an IT Nut lol so I appreciate my privacy and don't want the campus to see my emails and logins for websites, which is nice because even college IT cant access my history as its under 256 AES encryption and a random key gen every time I hit refresh on a webpage.

Church: two Linksys routers (one downstairs one upstairs) connected to wireless gateway via 2 cables (1 for up 1 for down), connected to VLAN Switch, connected to TWC modem. under Class A internal for wifi use. Secured connections on both (different passwords using WPA2-AES) but password can be found if asked through church office or staff member, passwords changes every few months or so depending. Internal staff network access restricted outside of wired network. wireless accesses internet only. Gets good reception in general area of main building of church and front of sanctuary, but beyond that it drops out.


----------



## AxlD (Feb 9, 2014)

Something that my school does. Since we often have outside events come in
This suggestion would take some set up depending on the IT people.
We have 3 networks
Staff
Student
Public
Staff and Student are password protected
and public is open. staff and students can go to the IT member and get the Wifi on their phone. 
And the public is open to any guests that come into the space. The public Wifi is also shut off over night and when there are no events happening.


----------



## kevlar557 (Apr 3, 2014)

Most places I go to make us pay for WiFi, even if we're working there? Luckily everyone that works for my company has a 4G phone and MiFi, so we typically dont have to worry too much about the client providing internet.


----------



## Jay Ashworth (Apr 3, 2014)

The system Blind is talking about is likely 802.1x authentication, which won't even let you associate to the access points unless you have crypto credentials for the network. It's very spiffy, as long as all your clients are compatible, and you have enough infrastructure (and staffing) to support it...


----------

