Recommended wireless AP for 400 users office

Dear nanog community

I was wondering if you can recommend or share your experience with APs that
you can use in locations that have 300-500 users. I friend recommended me
Ruckus Wireless, it would be great if you can share your experience with
Ruckus or with a similar vendor. My experience with ubiquity for this type
of requirement was not that good.

Thank you and have a great day

Check out Xirrus

Have had a lot of experience with Ruckus(and Unifi unfortunately). The
Ruckus platform is one of the best. If you will be responsible for
supporting the deployment, it will save you a lot of frustration when
compared with UBNT.

+1 Ruckus+ZoneDirector

Mikrotik's also a rather good choice for the Wireless AP side...

Make that +2. I am halfway through an install for about 800 users spread through a multi-story building with around 100 R700 access points and ZD 3000. Once you understand the basics, it is trivial to set up, easy to manage, performance is superb.

Using RADIUS auth you can assign different groups of users to different VLANs (all on a single SSID), just different username/password to connect.

Signal penetration is the best that I have ever seen, and makes the Cisco Aironet enterprise stuff look really really silly.


+1 Xirrus

Aruba Networks is also good for wireless. I support ~2000 users spread out over 50+ buildings on a small college campus. Lots of add on options like Clearpass for NAC and guest provisioning and Airwave for historical data and RF planning.

Good Luck!
Aaron Smith

Just curious. What kind of problems have you seen with the Ubiquiti solution?

I've had a few units in for testing a potential managed wireless for
rural libraries and so far they've been pretty rock solid for the
price. My biggest critique is that they don't support many features
and are fairly static, so you really need to map out your deployment
and handle power level and channel selection manually. That said the
test deployments I have going are very, very small.

What problems have you had with UBNT?

It's zero hand-off doesn't work on unsecured networks, but that's about the extent of the issues I've heard of other than stadium density environments.

Yeah, most people ignore ZH. UBNT marketing hyped it up quite a bit,
and for a residential deployment it can work OK, but if you have any
kind of background in wireless you'll understand that it goes out the
window for a non-trivial deployment due to the requirement of all APs
sharing a channel.

It's too bad they don't support 802.11r (fast roaming) and 802.11k
(radio resource management).

I had a bad experience with it one time at a tradeshow environment. 6 access points setup for public wifi. The radio levels were quite good in various areas of the tradeshow however traffic would keep dropping out at random intervals as soon as about 300 users were online. It wasn't my idea to use UBNT but it definitely turned me off of their product after digging into their gear...

Again as someone pointed out, for residential and perhaps SOHO applications it can probably work well - and in my opinion it's priced for that market.


I've setup at several hotel conference event/trade-shows and office networks with Aruba Networks and it has worked well with multiple access-points getting great coverage and having their adaptive strength features.

Ian Slade
Sr. Network Engineer | SAIC ITO - Network & Security Solutions | 703.676.5234

Did you figure out why it was dropping out? All of it dropping out? Just some APs dropping? Just some users dropping?

Most of the issues are related to firmware. Most of my UBNT experience was
with the UAP-Pro and the UAP-AC, and it wasn't a good experience.
Production firmwares seem to be of beta quality.

For features, they can't compete with Ruckus. One thing I can think of off
the top of my head is support for tagging management on its own VLAN and
tagging wired traffic onto another. If you were to implement this on the
UBNT products you would have to SSH into every single one and implement the
features as you would on a linux box, and it might work. Ruckus, you
configure the VLAN's how you would want through the Zonedirector or the
AP's GUI and it will just work.

They cost more, but you get what you pay for.

That would be a nice feature to have and I have been on them about that.

You can also VLAN allocation through RADIUS. Our setup has a single SSID, 250-odd user accounts. User connects to the SSID & authenticates with their userid/password and is assigned to their VLAN, which connects them to the appropriate DHCP server, gateway, etc.

Makes management and segregation fairly trivial (for non-trivial values of trivial :-)).


Another hat that I haven't seen thrown in the ring yet is Aerohive.

They're great to work with - and the product is decent in terms of
scalability across geographically locations with management being hosted by
them, or you - as/when needed.

Huge list of features and capabilities (from having silly fun with the LEDs
on the units, to 802.1x and WIPS/etc).

It was all users getting randomly disconnected ... the AP's stayed online but the traffic would completely halt for 15-30 seconds at a time. Their association with the AP would stay in tact ....


Ruckus should work fine for you. You need to have a controller and need a good RF plan but as far as capacity, throughput, roaming etc they are really solid. Of course the best is Cisco but if you can't afford them Ruckus is the way to go. I use them in small and very large convention centers and hotels with no reservation.