[updated Mar. 4, 2015] The growing demand for wireless services on campus over the past few years has presented a number of issues; primarily, it is taxing the supply of available IP addresses that are allocated for our WiFi network. Users have experienced issues ranging from slow or dropped connections, to not being able to access the WiFi network at all.
Over the past two years, IT staff have been hard at work implementing solutions to shore up Sheridan’s wireless infrastructure, including:
In August 2014, Sheridan commissioned a third-party audit of its wireless infrastructure to determine the best strategy to increase Sheridan’s wireless density while accommodating future growth. It was recommended we implement Network Address Translation (NAT). See the article, What is Network Address Translation? for details.
Following a successful pilot in Sheridan’s Trafalgar Road Campus Residence that ran between September 2014 and January 2015, IT has implemented NAT across our wireless networks at all Sheridan campuses on Wednesday, March 4, 2015.
Although NAT is new to Sheridan, most users have likely already encountered NAT as it is employed at WiFi hotspots at airports, hotels, and coffee shops; and if you have a router and broadband Internet connection at home, it is likely employed there as well.
Sheridan’s legacy wireless infrastructure could only accommodate a maximum of 65,000 IP addresses. With NAT, it is conceivable we could accommodate over 500,000 IP addresses per campus!
NAT also offers some security advantages. Using NAT, a computer on an external network cannot connect to your computer unless your computer has initiated the contact. You can browse the Internet and connect to a site, and even download a file; but somebody else cannot latch onto your IP address and use it to connect to a port on your computer.
The vast majority of users accessing Sheridan’s wireless networks should not notice any difference after NAT is implemented. Wireless devices on campus will be assigned a unique, private IP address that can only be used to communicate on campus. When a device tries to access an Internet resource off campus, the source address is translated (using NAT) to a public address that can be routed on the Internet. Any response to that traffic is translated back from the Internet-routable address to the private IP address and sent back to the device.
Some resourceful users may have found ways to keep a device on Sheridan’s wireless network for long periods of time (by using the same IP address continually) and may access that device from off-campus. The off-campus access will no longer be possible under our NAT implementation. However, staff users can take advantage of our Virtual Private Network (VPN) solution to securely access Sheridan resources offsite.
If you have any questions or concerns regarding Sheridan’s implementation of Network Address Translation please contact the IT Service Desk at firstname.lastname@example.org or call ext. 2150.