Configure a Wireless Router : Configure a Wireless Router LAN Switching and Wireless – Chapter 7
Objectives : Objectives Describe the components and operations of basic wireless LAN topologies.
Describe the components and operations of basic wireless LAN security.
Configure and verify basic wireless LAN access.
Configure and troubleshoot wireless client access.
Welcome to a Wireless World : Welcome to a Wireless World Business expectations' call for more flexible access to the LAN
Wireless LAN’s provide benefits
Flexibility to connect with mobile devices
Reduced infrastructure cost
Increased productivity
802.11 Wireless Standards - Graphic : 802.11 Wireless Standards - Graphic Describe the 802.11 wireless standards
802.11 Wireless Standards - Details : 802.11 Wireless Standards - Details
Cisco Celebrates 802.11n Ratification : Cisco Celebrates 802.11n Ratification
802.11 Signaling (modulation) : 802.11 Signaling (modulation) DSSS – Direct-Sequence Spread Spectrum
Simpler/less expensive to engineer
OFDM – Orthogonal Frequency Division Multiplexing
Faster data rates
Multiple Input/Multiple Output
High rate stream broken into lower rate streams using multiple radios
Signaling used by the new 802.11n standard
Wi-Fi Certification – alliance ensuringinteroperability between vendors
802.11 Components : 802.11 Components Wireless NIC
Ad-Hoc or Infrastructure Mode
Wireless Access Points
Collision Avoidance (CSMA/CA) – AP acknowledgements
Request to Send/Clear to Send Media Contention
Wireless Topologies : Wireless Topologies Independent Basic Service Set (IBSS)
Ad-Hoc mode – peer communication
No access points
Basic Service Set (BSS)
Infrastructure mode
Service Set Identifier (SSID)
Extended Service Set (ESS)
Infrastructure mode
Multiple access points
BSSID = AP MAC address
10-15 % signal overlap
Wireless Operations : Wireless Operations Beacons
Frames transmitted by AP to advertise presence
Probes
Frames used by clients for discovery
Authentication
Shared key or NULL authentication if none configured (no security)
Association
Parameters exchanged between client and AP (MAC address)
Association Identifier (AID) given to client (similar to switch port)
WLAN Security Threats : WLAN Security Threats Users and Abusers
War Drivers (NetStumbler)
Hackers/Crackers (AirCrack)
Employees
Rogue Access Points
Unauthorized and uncontrolled AP’s
Man-in-the-Middle Attacks
Cain & Abel
Denial of Service
2.4 Ghz interference
Bogus CTS or disassociate commands
SMAC – Spoofing Tool : SMAC – Spoofing Tool
Early Methods to Secure WLANs : Early Methods to Secure WLANs Non-broadcast SSID
Attempt to “hide” the Service Set ID
Sniffers can detect SSID in frames exchanged with AP
MAC address filtering
Database of allowed MAC’s
Does not prevent spoofed addresses
Still recommended in conjunction with authentication
Wireless Security Protocols : Wireless Security Protocols Original 802.11 authentication techniques
Open (automatic authentication)
Shared key (WEP) Current standard 802.11i
Wireless Security Protocols - continued : Wireless Security Protocols - continued IEEE 802.1x – authentication process
Works with the original 802.11 association process
Creates a virtual port to forward frames
EAP – Extensible Authentication Protocol
802.1x frames carry EAP packets
EAP talks to an authentication server
RADIUS – Remote Authentication Dial In User Process
Successful authentication leads to data encryption Often referred to as “Enterprise”
WLAN Encryption : WLAN Encryption 802.11i certifies two protocols (also supports RADIUS)
Temporal Key Integrity Protocol
Advanced Encryption Standard
May be referred to as Pre-Shared Keys (PSK)
Examples of standard/encryption alignment:
PSK or PSK2 with TKIP is the same as WPA
PSK or PSK2 with AES is the same as WPA2
PSK2, without an encryption method specified, is the same as WPA2
Configuring an Access Point : Configuring an Access Point Configurations vary based on hardware vendor
Curriculum references a Linksys WRT300N
Common steps to setup a WLAN include:
Configuring a Wireless NIC : Configuring a Wireless NIC Curriculum uses Windows to configure the NIC
However, third party utilities may override Windows options
Basic Options include:
SSID (or WLAN name)
Net Authentication
Data encryption
Network (or pre-shared)
key
Troubleshooting Wireless Client Access : Troubleshooting Wireless Client Access Wireless connectivity issues can be difficult to diagnose
Verify network connectivity by other clients
Check Layer 3 addresses (DHCP)
Check security mode and encryption
Update wireless drivers
Verify signal level and location of AP
Access Point Firmware : Access Point Firmware Entry level or SOHO routers have simplistic OS’s
Problems or errors in OS is updated in firmware
Binary file downloaded from vendor
Update process varies by vendor
Incorrect AP Channel Settings : Incorrect AP Channel Settings US implementation of 802.11 provides for only 11 channels
Within the unlicensed radio spectrum, the channels overlap
22 Mhz width for each channel
Within the same beaconarea, AP’s must be separatedby five channels
Example:
Channel 1 and 6
Or
Channel 5 and 10
Channel Settings - Graphic : Channel Settings - Graphic Source - Wikipedia
Common RF Interference Issues : Common RF Interference Issues
Correcting Antenna Misplacement : Correcting Antenna Misplacement
Planning a Wireless LAN : Planning a Wireless LAN Wireless is a shared medium – supported device density varies
Use a physical map to indicate “cell” coverage
General recommendations:
Position AP’s above obstructions
Position close to ceiling in center of coverage area
Position where user’s congregate
Perform a Wireless Site Survey : Perform a Wireless Site Survey Identify possible sources of signal interference
Identify physical infrastructure issues
Identify coverage and signal strengths
Network Stumbler – Free Analyzer : Network Stumbler – Free Analyzer
Air Magnet – Commercial Analyzer : Air Magnet – Commercial Analyzer
Wireless LANs in the Enterprise * : Wireless LANs in the Enterprise * Standalone Access Points
Easy to implement and inexpensive
Do not scale well in the Enterprise
Solution: Cisco Unified Wireless
Incorporates Lightweight Access Points and Wireless LAN Controller
Configuration is pushed to LAP, easier to manage, reduces cost
Provides for:
Quality of Service
Roaming users
Wireless VOIP phones * Not test items
Benefits of Controller and LAP’s : Benefits of Controller and LAP’s Scalability
Lightweight AP’s easily added and managed
Availability
Controller can automatically adjust signal strength for failed AP
Security
Uniform policies implemented across the WLAN
Manageability
System wide RF management
LAP’s talk to Controller over wired network
Controller can also “sample” RF signalsto map network and tune power
Controller determines which LAP a userconnects to
Chapter 7 Labs : Chapter 7 Labs 7.5.1 – Basic Wireless Configuration
7.5.2 – Challenge Wireless Configuration
7.5.3 – Troubleshooting Wireless Configuration
Slide 32 :