7 common mistakes when designing enterprise Wi-Fi

In enterprise Wi-Fi, most problems look like "the Wi-Fi is bad" but actually stem from a few typical mistakes made at the design stage. The 7 mistakes we've encountered most often in the field over the years, and their fixes.

1. Calculating AP count "by square meters"

The formula "Y APs are enough for X square meters" is often wrong. What really matters is user density, the number of concurrent devices and the application type. A meeting room where 100 people are video conferencing needs far more APs than a 200 m² office with 30 users.

2. Skipping the site survey

The "let's look at the floor plan and place APs" approach is one of the most expensive mistakes. Without a predictive and passive site survey, walls, glass, elevator shafts and interference sources go unseen. Fixing it later by adding APs is always more expensive.

3. Leaving channel and power settings on auto

Most enterprise systems do automatic channel selection, yes — but manual control is needed especially on 2.4 GHz. Use only channels 1-6-11 on 2.4 GHz, and don't put neighboring APs on the same channel. On 5 GHz, plan DFS channels deliberately.

4. Managing everything with a single SSID

Employee, IoT, guest and VoIP devices shouldn't be placed on the same SSID. At least 3 SSIDs with VLAN separation are recommended:

• Corporate: 802.1X / EAP, identity-based
• Guest: isolated, with a captive portal
• IoT: separate VLAN, internet access but closed to the internal network

5. Not separating guest Wi-Fi from the internal network

Preventing the guest connection from leaking into the office network is ensured by a single VLAN rule. Without it, malware on a guest laptop can gain access to your servers.

6. Not calculating the PoE budget

Modern APs require PoE+ or PoE++. A 24-port switch has a limited total PoE budget; if all ports are full and all are APs, the switch can't keep up and APs shut down one by one. Switch and UPS capacity must be planned according to AP count.

7. Neglecting roaming

If a VoIP or video connection drops as a user moves around the building and switches between APs, roaming isn't optimized. 802.11k/r/v support and correct signal thresholds are critical; be sure to check them especially in environments using handheld terminals and VoIP.

Wireless design is as critical as pulling the cable. In our network infrastructure projects we always start with a site survey, document it and finish with verification. If you need it, we can schedule a free assessment call.