Wireless Access Point (WAP)
- A network device that creates a wireless local area network (WLAN) by connecting wireless devices to a wired network infrastructure
- Acts as a bridge between wireless clients (stations) and the wired Ethernet network
- Operates at Layer 2 (Data Link) of the OSI model, maintaining MAC address tables for connected devices
- Provides wireless connectivity using IEEE 802.11 standards (Wi-Fi protocols)
Core Functions
- Signal Broadcasting: Transmits beacon frames every 100ms containing SSID (Service Set Identifier) and network parameters
- Authentication & Association: Manages the two-step process where clients first authenticate, then associate with the network, preventing rogue WAPs
- Frame Translation: Converts 802.11 wireless frames to 802.3 Ethernet frames and vice versa
- Power Management: Buffers frames for clients in power-save mode until they wake up to retrieve data
Deployment Modes
| Mode | Description | Use Case | Management |
|---|---|---|---|
| Autonomous | Standalone operation with local configuration | Small networks (1-10 APs) | Individual web interface |
| Lightweight | Centrally managed by Wireless LAN Controller (WLC) | Enterprise networks (10+ APs) | Controller-based |
| Cloud-managed | Managed through cloud dashboard | Distributed locations | Web portal/API |
Key Specifications
- Coverage Range: Typically 100-300 feet indoors (varies by power, obstacles, frequency)
- Frequency Bands: 2.4 GHz (longer range, more interference) and 5 GHz (shorter range, less congested)
- Channel Width: 20 MHz, 40 MHz, 80 MHz, or 160 MHz (wider = faster but more interference prone)
- Power Output: Adjustable from 1mW to 100mW+ (regulatory limits vary by country)
Vocabulary
SSID (Service Set Identifier): Network name broadcast by the AP that clients use to identify and connect to the wireless network
BSS (Basic Service Set): The coverage area of a single access point and its associated clients
ESS (Extended Service Set): Multiple BSSs connected together, allowing seamless roaming between APs
BSSID (Basic Service Set Identifier): The MAC address of the AP’s radio interface, uniquely identifying each BSS
Beacon Frame: Management frame transmitted periodically by APs to advertise their presence and network capabilities
Association: Process where a client joins a specific AP after successful authentication
Common Standards Comparison
| Standard | Max Speed | Frequency | Range | Year |
|---|---|---|---|---|
| 802.11g | 54 Mbps | 2.4 GHz | Good | 2003 |
| 802.11n | 600 Mbps | 2.4/5 GHz | Better | 2009 |
| 802.11ac | 6.93 Gbps | 5 GHz | Good | 2013 |
| 802.11ax (Wi-Fi 6) | 9.6 Gbps | 2.4/5 GHz | Best | 2019 |
Security Considerations
- Never use WEP - easily cracked within minutes using readily available tools
- WPA2-Personal: Uses Pre-Shared Key (PSK) - suitable for home/small office networks
- WPA2-Enterprise: Uses 802.1X authentication with RADIUS server - required for corporate environments
- WPA3: Latest standard with improved encryption (SAE instead of PSK for personal networks)
Notes
- Channel Planning: Use channels 1, 6, and 11 on 2.4 GHz to avoid overlap (each channel is 22 MHz wide)
- Power Management: Higher power doesn’t always mean better performance - can cause interference and prevent clients from transmitting back effectively
- Placement Strategy: Position APs at 2/3 ceiling height, away from metal objects and microwaves (2.4 GHz interference)
- Capacity Planning: Each AP typically supports 25-50 concurrent users effectively, depending on application requirements
- Roaming Threshold: Clients typically roam when signal drops below -70 dBm, but this varies by device manufacturer
- Hidden SSID Myth: Disabling SSID broadcast provides no real security - network is still easily discoverable with basic tools
- Bandwidth Reality: Advertised speeds are theoretical maximum - expect 50-70% of rated speed in real-world conditions due to protocol overhead and environmental factors