Can a device connect to a new network with a previously used SSID and password?

Imagine I own two buildings, building A and B are 10 miles apart.

I connect my device to the WiFi in building A (enter password etc) before heading to building B. Is there any configuration which will allow my device to connect to building B WiFi automatically?

I'm thinking that if I use the same SSID and password in B as I used for A, my device will connect to B. But this seems like a bit of a security flaw.

update:

If I cloned the MAC address, assuming there is no way for the access points to be on the same physical network, could they use some kind of virtual network over the internet to be able to achieve the desired behaviour?

Mike Monteith

Posted 2014-05-02T14:27:08.467

Reputation: 123

2Indeed. I recently replaced a router that is entirely different and didn't have to configure my devices because I used the same SSIDs. I am not sure how you see it as a security flaw. – Ramhound – 2014-05-02T14:35:10.827

I thought it might be a security flaw, since a malicious network owner could set up his own network outside a hotel, using the same SSID and password as the hotel. Then guests of the hotel would be connecting to his malicious network rather than the trusted hotel-owned one when they go outside. – Mike Monteith – 2014-05-02T14:38:37.523

@Ramhound Did you have to clone the MAC Address. See Below... – eyoung100 – 2014-05-02T14:45:09.143

@ECarterYoung - I did not. The MAC addresses are entirely different. The router I had is not even plugged in. – Ramhound – 2014-05-02T14:58:23.513

@MikeMonteith - In that situation where BOTH access points are broadcasting their SSID which are exactly same you are indeed correct that would present a problem. What you describe isn't actually that though. – Ramhound – 2014-05-02T15:00:15.753

@Ramhound I edited my answer see below – eyoung100 – 2014-05-02T15:02:22.203

@@ECarterYoung - The router is connected to a modem. In a situation as described in the question each router would be connected to a network device would it not? I stand by my statement. – Ramhound – 2014-05-02T15:09:04.340

Yes in the OP's case, he is trying to connect two buildings together without the proper user topology. Your statement is correct that each device in the subnet is connected to some sort of switch and the switch is connected to the router – eyoung100 – 2014-05-02T16:06:32.650

Answers

We have multiple branches with employee WiFi and all we had to do was make sure the SSID, password, authentication type and encryption method matched in all WAPs.

Once we did that the users can move branch to branch without having to create a new WiFi network profile/connection for each one, the existing one just auto-connects.

Security is handled by other methods (MAC filtering for WAP connections, proper network security, etc.).

Ƭᴇcʜιᴇ007

Posted 2014-05-02T14:27:08.467

Reputation: 103 763

Again this is because of the Gateway Server... see below – eyoung100 – 2014-05-02T15:03:42.800

Each branch has it's own subnet (interconnected via VPN), with it's own gateway -- so I'm not sure what you mean by "Gateway Server". – Ƭᴇcʜιᴇ007 – 2014-05-02T15:07:10.343

So there is indeed a VPN between all of the routers in your multiple branches. Is this VPN is necessary for my desired functionality also? – Mike Monteith – 2014-05-02T15:10:26.893

The VPN is the Gatweay Server that ties all of them together. Gateway must be the wrong term... I'll change it if you have a better one – eyoung100 – 2014-05-02T15:12:42.433

@MikeMonteith No, it's there to provide network connectivity between branches -- for AFTER you get connected to WiFi. :) If I went to a (different) branch and turned off every device in the place except the WAP, I'd still be able to connect to it using the existing profile. Whether I get a valid IP address from DHCP or not, or can actually communicate with any other device has nothing to do with it. :) – Ƭᴇcʜιᴇ007 – 2014-05-02T15:13:26.243

@ECarterYoung The VPN (and the IP network itself) has nothing to do with whether a WiFi profile will work to connect with a different WAP. – Ƭᴇcʜιᴇ007 – 2014-05-02T15:15:44.763

I dont think that's what the OP is getting at though. I agree the WAP IP's are identical, but before I assume which way to go lets ask @MikeMonteith which answer he was looking for? Do you want both Network A's to share your info between Buildings? – eyoung100 – 2014-05-02T15:21:40.553

1I just don't want customers to have to keep adding a new wireless profile every time they visit a new site. All the customers need access to is the internet. – Mike Monteith – 2014-05-02T15:34:48.673

That wont work by default, as each router broadcasts that it is an access point. When doing so the router also broadcasts it's MAC Address. Since the two MAC addresses differ the password and username, although identical, are attached to the routers MAC Address. It will work, if you were to clone the MAC Address in building A into Building B, only if the routers in A and B are on the same Network.

In Ramounds Case, Router A, and Router B share the same default settings, therefore he said yes, because A and B were on the same network, just not at the same time, and he had no intermediate server in between.

This is commonly called a Gateway Server because it serves as the Gateway between the two buildings, ie it lets traffic in and out from building A and lets traffic in from Building B. There is also a Gateway Server in Building B that does the same for Building B.

As techie explained via my use of gateway server, each building gets its own subnet, and the subnets(whole groups of PC's) for each building are connected together via the VPN

Example: I setup a network at Young's hotel, and call the Network Building A. Ramound stays at my hotel but works at his own across the street. He goes to his hotel the next day and sets up Building A identical SSID's etc.

I can guarantee, that each hotel visitor will see 2 networks, each named Building A, because in a corporate environment, there is another layer of security, namely the servers. The corporate network at my hotel is not the same corporate network as Ramhound's because the servers are different The domain names are different etc.

Re: Update. No the distance between the buildings and the fact that there is no network server connecting either network together prohibits you from virtually connecting the buildings together. The only thing you have achieved is seamless access to the internet in each building but the information shared by the company at both buildings will always be in a "disconnected state" until you add some type of network server. How is the 3rd party service you use going to see all the information you want shared. See the following photo:

enter image description here

eyoung100

Posted 2014-05-02T14:27:08.467

Reputation: 419

Cable Companies do this all the time... ie they sell you a modem that conects to only 1 PC... you buy a router and hook it to modem. The connection no longer works because the cable company is monitoring your MAC address. If you clone the mac address of the modem in the router your connection starts working again. – eyoung100 – 2014-05-02T15:07:37.170

The buildings are 10 miles apart. In your examples both networks would be seen because of the lack of distance between them. – Ramhound – 2014-05-02T15:07:50.247

True But each router has a different MAC address, and the connection info is attached to the MAC address. Therefore your connection Profile would have 2 Network A's unless there was a gateway server bridging both together as in techies answer – eyoung100 – 2014-05-02T15:10:37.360