PUBLIC WIRELESS

Public wireless is available in all buildings on Campus. Faculty and Staff have two options for accessing the public wireless network:

SSID: bacnet    PASSWORD: none

DESCRIPTION: Traffic on this network is not encrypted. Your internet browsing sessions can be easily observed or hijacked by a third party.

SSID: bacnet_secure    PASSWORD: bacnet_secure

DESCRIPTION: Traffic on this network is encrypted. It is far more difficult for a third party to observe or hijack your browsing session.

In addition to the two networks above Students can also request access to a wireless network for gaming and VOIP devices.

SSID: bacnet_gamevoip    PASSWORD: none

DESCRIPTION: This network is for gaming consoles and VOIP devices.  Traffic on this network is not encrypted.  Using your Student email account you can request access to this network using this Google Form.  See this page from NC State on How to find your MAC Address.  You will need your MAC to fill out the Google Form

Understanding the College Wireless Networks

We have three public wireless networks on Campus. BACNET, BACNET_SECURE, and BACNET_GAMEVOIP. All three share the same Internet Connection. The only difference is BACNET_GAMEVOIP goes out a different Firewall for games that require UPnP traffic. BACNET_GAMEVOIP is slower than BACNET and BACNET_SECURE because of the UPnP compliant Firewall (Games require low latency, not high bandwidth).

To ensure that no one person or device consumes all the bandwidth, each device on the network is limited to 10Mbps download speeds. It is generally accepted that it takes 3.5Mbps-5Mbps to stream HD Video (1080p at 60fps). The 10Mbps speed can not be guaranteed and is impacted by the number of devices on the Network, distance from a Wireless Access Point, and Rogue Access Points.   If you are having speed issues scan for Wi-Fi in your area. Any detected networks other than BACNET, BACNET_SECURE and BACNET_GAMEVOIP are causing interference. Please find the broadcasting device and ask the owner to disable wireless.

Wireless traffic at BAC is also designed so that wireless devices can not see each other. This means that you can not use wireless printers that require network visibility.

Gaming on the College Wireless Networks

What NAT type does BAC utilize in the residence halls?

Game Console NAT Types:
Why gaming consoles sometimes have trouble playing online games? The issue comes from the difficulty of configuring NAT on the College network.

Possible NAT types seen on consoles
1. Nintendo: Open, Moderate, Strict
2. Xbox: Open, Moderate, Strict
3. Play Station: Open (type 1), Moderate (type 2), Strict (type 3)

What is NAT?
NAT is a network technology that allows multiple devices inside a private network to share a single publicly routable IP address. A public IP address is required to access anything on the Internet. At BAC there are hundreds, at peak thousands, of devices connecting to our private network which need access to the Internet at any given time. However, BAC does not have enough public IP addresses for every device. The College uses NAT to permit the sharing of address space. Without NAT, only a small subset of the connected devices would be able to access the Internet at a time. At home, an Internet provider only assigns one address for everyone on the home network to share. Home routers use NAT just like BAC does, but on a much smaller scale.

What can be done to change the NAT type?
At home, a user can change the NAT type manually or the gaming console can change it automatically through the use of UPnP. However, those changes will make it so that only one gaming console will have an “Open” NAT type at a time. Also, UPnP is strictly designed for home use and is not a feature available on enterprise-level networks. Requiring an open NAT and utilizing UPnP shows that gaming consoles are designed to be used on a home network where it is the only console trying to use the Internet. The only way to change the NAT type in an enterprise-level network where there are hundreds of game consoles active at the same time is to make sure that every device on the entire network has its own, non-shared public IP address. The College only has 20 IP Addresses that we can assign to gaming traffic. The real limitation is in how the game consoles are designed to work and not by the College blocking anything.

BAC in trying to better support gaming devices has done something that we know of no other College doing. We have built an enterprise-class UPnP capable firewall for the BACNET_GAMEVOIP SSID. This firewall allows for more NAT types and allows more games to be played on our network than at other Colleges. However, we still have the IP Address limitations, and not all multiplayer games will work on our network. The problem games are usually those that change host when moving from lobby to gameplay.

The BAC network is an important resource for education and entertainment, including online gaming. The College has done all that it can do to support gaming on an enterprise network. As gamers ourselves, we understand the value of gaming and do our best to provide support for gaming here at Belmont Abbey College.

Is the network secure?

BAC Wi-Fi access is as secure as any open public access network. It is always a good idea to make sure your computer has a local firewall turned on and that your Anti Virus and system software is up-to-date. It is also a good idea to make sure you are on an SSL-encrypted web page prior to sending or receiving confidential data.

BACNET_SECURE should be used instead of BACNET. BACNET and BACNET_GAMEVOIP are not encrypted. Using BACNET and BACNET_GAMEVOIP is like sending a postcard. Anyone can read it along the way. BACNET_SECURE is like sending a letter. Only the sender and recipient should be able to read it.

Belmont Abbey College assumes no risk for any viruses, identity theft, or any other malicious or unwanted activities which can occur to individuals accessing a public network.

Note: Belmont Abbey College reserves the right to monitor Wi-Fi activity, filter content and otherwise control or prohibit wireless access usage.