Cisco Exploration 3

Module 7 – Basic Wireless Concepts and Configuration

Jim Johnston Class Notes
 
WLAN – Wireless LAN
WLANs connect to Access Points (APs).
 
802.11 details collision-avoidance instead of collision-detection found in 802.3 standards. 
WLANs use a different frame format that requires extra Layer 2 information.
 
802.11 is an IEEE standard that describes the use of RF as a physical and MAC sub-layer
standard.
 
802.11 Standards
 
 802.11
o 2.4 GHz
o 1-2 Mbps
 802.11b
o 2.4 GHz
o 11Mbps
 802.11g
o 2.4GHz
o 54Mbps
 802.11a
o 5.0GHz
o 54Mbps
 802.11n (4  draft)
th

o 2.4GHz
o 248Mbps
o achieves high rate through MIMO technology (multiple input / output)
 
Pro-cons of 2.4GHz vs. 5 GHz RF
 2.4 GHz travels through walls better
 2.4 GHz travels farther distance
 2.4 GHz can have interference because so many devices use same RF
 5 GHz is not widely supported
 
The ITU-R allocates RF bands, the following are unlicensed frequency bands 9MHz, 2.4
GHz, 5GHz.  Locally the FCC administrates the use of these bands and in Europe the ETSI.
 
“The Wi-Fi Alliance is an association of vendors whose objective is to improve the
interoperability of products that are based on the 802.11 standard by certifying vendors for
conformance to industry norms and adherence to standards.”
Wireless End Devices
 
You can make an end device through the following methods:
 PCMCIA slot (older method of inserting a wireless NIC into laptop)
 USB
 Internal Pre-installed (laptops)
 
Access Points
 
Similar to 802.3 Ethernet hub.  RF is a shared medium.  Instead of detecting collisions
802.11 helps avoid collisions (CSMA/CA).  APs send acknowledgements to sending
devices that data has been received.
 
RF signals attenuate, therefore the further you are from the AP the weaker your signal and
the less bandwidth you have access to.
 
Home wireless routers are actually three devices in one: AP, switch, router.
 
SSID – shared service identifier
Each network should have its own unique identifier to differentiate between other
networks.  Multiple APs can share this SSID.
 
In the US the 2.4GHz band is broken down into 11 channels.  Each of these channels is
separated by 5MHz but has a channel bandwidth of 22MHz, this implies that channels
overlap.  Because channels overlap if you have more than one AP you must configure them
to operate on different channels.  In a situation of 3 or more APs you should use the
following channels for APs near each other: 1, 6, 11.  In a 2 or less AP environment you
can use channels 5 and 10.
 
Basic Service Sets
 
A single access point in infrastructure mode manages the wireless parameters and the
topology is simply a BSS.  The coverage area for all IBSSs and BSSs is a basic service area
(BSA).  An IBSS is an independent BSS such as ad hoc networks that do not connect
through an AP.
 
When one AP does not provide enough coverage more APs can be used through a common
distribution system into an extended service set (ESS).  Each AP is differentiated by it’s
unique BSSID, which is the APs MAC address.   The coverage area of an ESS is an
extended service area (ESA).
 
To create roaming capabilities between APs a 15% non-similar channel overlap should be
created.
 
Primary Components
 
Primary components for connecting and advertising networks are:
  Beacons – used by APs to advertise networks
 Probes – used by end devices to find networks
 Authentication – artifact of 802.11 but still required
 Association – process of establishing data link between end device and AP
 
3 Stage Join Process (Association)
 Client probes for AP
 Authentication (NULL or WEP Key) – WEP key is not recommended because it is
flawed.
 Association – client learns BSSID and AP maps an association identifier (AID) to a
logical port, this allows the infrastructure switch to keep track of frames destined for
the WLAN client.
 
Unauthorized Access
 
Three major categories
1. War drivers
2. Hackers (Crackers)
3. Employees
 
Rogue access points – unintended APs installed in or around your WLAN.
 
Man-in-the-middle attacks are very easy to produce on a WLAN meanwhile on a wired
network it is required that the middle man has physical access to a switchport.
 
Denial of Service (DoS) on RF signals is simulated by an attacker creating noise preventing
users from connecting to APs.
 
Flawed Security Protection
 Shared WEP keys, easily cracked and 32 bit manually installed creates many man
made errors.
 Cloaking SSIDs – not true security
 Filtering MAC addresses – MAC address cloning and management issue
 
The security standard that should be used today is 802.11i, which is similar to Wi-Fi
Alliance WPA2 standard.  For enterprises this includes connection to a RADIUS server
(Remote Authentication Dial in User Service).
 
Extensible Authentication Protocol (EAP) is a framework for authenticating network
access. 
 Virtual port is created between client and AP.
 AP blocks all data except 802.1x based traffic.
 802.1x traffic is sent to a AAA server running a RADIUS protocol.
 After successful authentication an EAP success message is sent from AAA to AP,
which allows data to now travel through virtual port.
  Before opening port, data link encryption is activated to prevent another user from
connecting to virtual port.
 
Encryption Methods
1. Temporal Key Integrity Protocol (TKIP) – provides support for legacy WLAN
equipment
2. Advanced Encryption Standard (AES) – today’s standard in defense
 
TKIP Primary Functions
1. Encrypts Layer 2 payload
2. Carries out Message Integrity Check (MIC)
 
AES has same functions as TKIP but includes more Layer 2 from the MAC header to allow
destination hosts to recognize if non-encrypted bits have been tampered with.
 
On some Linksys devices WPA or WPA2 may not be present visibly but they are available
through pre-shared keys (PSK).
 
Configuring Wireless Linksys Routers
 
Difference between “Personal” and “Enterprise” is that enterprise uses a AAA server. 
PSK2 matches up with WPA2 standard.  After March 2006 all WLAN devices must
support WPA2.
 
Mounting your APs
 
Keep the following in mind:
 Ensure that access points are not mounted closer than 7.9 inches (20 cm) from the
body of all persons.
 Do not mount the access point within 3 feet (91.4 cm) of metal obstructions.
 Install the access point away from microwave ovens. Microwave ovens operate on
the same frequency as the access point and can cause signal interference.
 Always mount the access point vertically (standing up or hanging down).
 Do not mount the access point outside of buildings.
 Do not mount the access point on building perimeter walls, unless outside coverage
is desired.
 When mounting an access point in the corner of a right-angle hallway intersection,
mount it at a 45-degree angle to the two hallways. The access point internal
antennas are not omni directional and cover a larger area when mounted this way.