Siege warfare IT project: A cautionary tale

Consultant Bob Eisenhardt shares how a client's simple request for a public Wi-Fi turned into a nine-month nightmare project.

My wife and I arrived home in January of this year after a 10-day trip around Israel with our rabbi as our group guide and a 12-hour plane flight. I was still tired the next day when the phone rang with what turned out to be a nine-month project during which I felt akin to Buster Keaton racing through a hurricane. Gentle reader, I am sharing my story of this siege warfare IT project in the hopes that you'll learn from my experience.

Stage one

My largest client had a rep from their bad ISP provider stop by two weeks earlier than scheduled and install a new modem-router. The client called me because they had some Internet issues.

While still on Masada time, I drove up and made the appropriate modifications. The device was a Westell 7500, a combination modem-router with a public and private LAN but only a private Wi-Fi. I changed the Wi-Fi to match internal settings and set up port forwardings and departed. Like Peter Falk as Columbo, they asked "Just one more thing, a small matter. Can we have a public Wi-Fi for our waiting room?" My answer, "Of course, it will be easy."

It would be easy if the client had my good ISP provider connect and a cable modem Arris TM802 with a lovely Netgear WNDR3400 wireless router, which easily provides for private and isolated public Wi-Fi with real throw power. It took eight months to get there.

Stage two

The client purchased a similar router (that was later sold out to another client), and I sat down to bridge the Westell to the Netgear. I could get the wireless network to be 95% connected but never quite through to the Internet. I tried DNS settings, changing addresses, and numerous albeit frustrating modifications, none of which worked.

The bad ISP support tech would only talk about their Westell and go no farther. The Windows server was providing DHCP and DNS addressing. It had to be an isolated public network so that HIPAA data on the server could not be accessed. After 10 hours I threw in the towel.

Stage three

I set the project aside, because new ideas often surface in a relaxed atmosphere, but none did. Later, the bad ISP techs told me the Westell 7500 was incompatible with Netgear routers.

As the Westell used a simple RJ11 phone connect, Speedtest showed downloads of 4 or 5 mpbs. I advised the client to consider a new ISP provider, but the client stayed with the bad provider and installed a new office phone system the staff absolutely hated.

Stage four

A new modem-router arrived onsite (unscheduled as usual), and I was once again called to duty. The bad ISP tech told me I could not have access to the router and that the router had to control DHCP addressing. I refused the upgrade, advising the tech that I would never surrender those control functions at 15 years onsite. The bad ISP tech then said "well, we shall see about that." The conversation turned hostile and after a heated argument with the owner and the bad tech, the new device was set aside. To my delight, the departing tech then made an ad-hoc modification that collapsed the client's entire phone system for a half hour. Some things do indeed happen at the right time.

Stage five

At my urging, the client made arrangements to throw out the bad ISP service, and a date was made to install a proper cable modem-router that could provide wireless, public, and private from the good provider I have at home.

The new device arrived onsite (unscheduled again), and I waited two hours for a delayed tech. The tech installed the device, provided me with all the IP addresses for the new network, and left. All of the IP addresses were wrong! Three tech support phone calls the next day were worthless until I spoke with a tech who gave me everything I needed to know and had fast Internet directly through a laptop. I documented those numbers and saved them.

An associate owner said he had a sealed Belkin router I could use (they did not want to purchase if they did not have to, which was just penny pinching). I was not surprised that the smaller router was a home-toy device and did not do public and private Wi-Fi. I took the Belkin router for my home network and brought my Netgear WNDR3400 up to the client site, connected it to the good ISP provider modem router with five dedicated IP solid addresses, and it worked fine. The Speedtest was upwards of 50 gpbs download.

I drove up on the morning of Yom Kippur to complete the task and discovered I had left everything at home, as fasting is a huge disruption of my morning routine. I decided that now God was against my working this day and wisely went home.

Stage six

A few nights later I drove up to connect up the Netgear to the laptop for one last test, and it was perfect. I connected the Netgear to a gigabit switch and deleted the bad ISP provider DNS servers in forwarding, replaced them with two good ones, and finally snapped off the cursed Westell 7500 for good. Without any further modifications, the Internet flew at every workstation, and wireless Internet was even faster than their previously wired connect. Public and private Wi-Fi was easily enabled just as I wanted it to be eight months ago.


I attempted many things on this project; it was a delicate balancing act of listening to the client, working with multiple tech support idiots, carefully analyzing brick walls, angering the Gods, and having a satisfactory payoff visit in the last two hours of the project. And it all started with a simple request for a public Wi-Fi after a trip down from Masada.

Editor's Picks