Escolar Documentos
Profissional Documentos
Cultura Documentos
Router
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe the components and operations of basic
wireless LAN topologies.
Describe the components and operations of basic
wireless LAN security.
Configure and verify basic wireless LAN access.
Configure and troubleshoot wireless client access.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Basic Wireless LAN Topologies
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Wireless vs Ethernet
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Similarities Between WLAN and LAN
A wireless LAN is an 802 LAN.
Transmits data over the air vs. data over the wire
Looks like a wired network to the user
Defines physical and data link layer
Uses MAC addresses
The same protocols/applications run over both WLANs
and LANs.
IP (network layer)
IPSec VPNs (IP-based)
Web, FTP, SNMP (applications)
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Differences Between WLAN and LAN
WLANs use radio waves as the physical layer.
WLANs use CSMA/CA instead of CSMA/CD to access the network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
More on CSMA/CA
CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance)
The wireless 802.11 standard uses CSMA/CA or "collision avoidance." The method is
used because the wireless stations have no way to detect collisions WHILE sending.
Attempts to avoid collisions rather than detect them
How it works:
Transmitting device listens to the network (senses the carrier) and waits for it to be
free
Device then waits a random period of time and transmits.
If the receiver gets the frame intact, it sends back an ACK to the sender.
If no ACK is received, the message is re-transmitted.
If the channel is not clear, the node waits for a randomly chosen period of time
(backoff factor), and then checks again to see if the channel is clear.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
802.11 wireless standards
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Components and Operations of Basic
Wireless LAN Topologies
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Setting Up A Wireless Network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Basic Service Set (BSS) - Infrastructure
•Access Points
An access point (AP) is a WLAN device that can act as the center point of a
stand-alone wireless network. An AP can also be used as the connection
point between wireless and wired networks. In large installations, the
roaming functionality provided by multiple APs allows wireless users to
move freely throughout the facility, while maintaining seamless,
uninterrupted access to the network.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Independent Basic Service Set
(IBSS) Ad-Hoc
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Extended Infrastructure – ESS
• 2 or more BSSs that are connected by a
common distribution system
• Allows the creation of a wireless
network of arbitrary size and complexity.
• All packets in an ESS must go through
one of the APs.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
The 802.11 Join Process
Stage 1 - Probing
• Stage 2 – Authentication
• Stage 3 – Assosiation
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
How to plan a wireless LAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Channel Setup
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Access point coverage & comparison
As a client moves away from the AP, the
transmission signals between the client and AP
weaken.
Rather than decreasing reliability, the AP shifts
to a slower data rate, which gives more accurate
data transfer. This is called data rate or multi-rate
shifting.
This happens without losing the connection, and
without any interaction from the user.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Rate Shifting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Unlicensed Frequency Bands
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Radio Frequency Transmission
Higher data rates have a shorter transmission range.
The receiver needs more signal strength and better SNR to
retrieve information.
Higher transmit power results in greater distance.
Higher frequencies allow higher data rates.
Higher frequencies have a shorter transmission range.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
802.11b
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
802.11b Standard
Standard was ratified in September 1999
Operates in the 2.4-GHz band
Specifies Direct Sequence Spread Spectrum (DSSS)
Specifies four data rates up to 11 Mbps
1, 2, 5.5, 11 Mbps
Provides specifications for vendor interoperability (over
the air)
Defines basic security, encryption, and authentication for
the wireless link
Is the most commonly deployed wireless LAN standard
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
2.4-GHz Channels
Channel Channel Center Channel Frequency Regulatory Domain
Identifier Frequency Range [MHz]
Americas Europe, Middle Japan
East, and Asia
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
2.4-GHz Channel Use
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
802.11b Access Point Coverage
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
802.11a
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
802.11a Standard
Standard was ratified September 1999
Operates in the 5-GHz band
Uses orthogonal frequency-division multiplexing (OFDM)
Uses eight data rates of up to 54 Mbps
6, 9, 12, 18, 24, 36, 48, 54 Mbps
Has from 12 to 23 nonoverlapping channels (FCC)
Has up to 19 nonoverlapping channels (ETSI)
Regulations different across countries
Transmit (Tx) power control and dynamic frequency
selection required (802.11h)
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
IEEE 802.11h
Spectrum Management
Primary use of 5 GHz bands outdoors is radar in many
countries.
802.11h is an addition to the 802.11 family of standards.
802.11h rules are designed to minimize interference.
Uses Dynamic Frequency Selection (DFS) and Transmit
Power Control (TPC).
Radios must comply to benefit from 11 new channels.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
802.11a Channel Reuse
802.11h DFS not available
Manual channel assignment required
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31
802.11g
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32
802.11g Standard
Standard was ratified June 2003
Operates in the 2.4-GHz band as 802.11b
Same three nonoverlapping channels: 1,
6, 11
DSSS (CCK) and OFDM transmission
12 data rates of up to 54 Mbps
1, 2, 5.5, 11 Mbps (DSSS / 802.11b)
6, 9, 12, 18, 24, 36, 48, 54 Mbps (OFDM)
Full backward compatiblity to 802.11b
standard
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 33
802.11g Protection Mechanism
Problem: 802.11b stations cannot decode 802.11g radio
signals.
802.11b/g AP communicates with
802.11b clients with max. 11 Mbps.
802.11b/g AP communicates with
802.11g clients with max. 54 Mbps.
802.11b/g AP activates RTS/CTS to
avoid collisions when 802.11b clients
are present.
Additonal overhead reduces
throughput.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 34
Self Check
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 35
802.11
Standards
Comparison
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 36
802.11 RF Comparison
802.11b – 2.4 GHz 802.11g – 2.4 GHz 802.11a – 5 GHz
Most commonly Higher throughput Highest throughput
Pro
deployed WLAN
standard OFDM technology OFDM technology
reduces multipath reduces multipath
issues issues
Provides up to 23
nonoverlapping
channels
Interference and noise Interference and noise Lower market
Con
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 37
802.11 Standards Comparison
802.11b 802.11g 802.11a
No of non- 3 3 Up to 23
overlapping
channels
Transmission DSSS DSSS OFDM OFDM
Data rates [Mbps] 1, 2, 5.5, 11 1, 2, 5.5, 11 6, 9, 12, 18, 24, 6, 9, 12, 18, 24,
36, 48, 54 36, 48, 54
Throughput Up to 6 Up to 22 Up to 28
[Mbps]
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 38
Threats to wireless LAN security
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 39
Wireless LAN Security
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 40
WLAN Security Hierarchy
Enhanced Security
Basic Security 802.1x,
Open Access TKIP/WPA
40-bit or 128-bit Encryption,
No Encryption, Static WEP
Basic Mutual
Encryption Authentication,
Authentication
Scalable Key
Mgmt., etc.
Virtual
Private Business
Remote Network Traveler,
Access (VPN) Telecommuter
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 41
WEP WEP is a key.
WEP scrambles communications
between AP and client.
AP and client must use same WEP
keys.
WEP keys encrypt unicast and
multicast.
WEP is easily attacked
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 42
WPA
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 44
EAP
Extensible Authentication Protocol (802.1x
authentication)
Provides dynamic WEP keys to user devices.
Dynamic is more secure, since it changes.
Harder for intruders to hack…by the time they have
performed the calculation to learn the key, they key has
changed!
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 45
Wireless Encryption
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 46
How to secure a wireless LAN from the
key security threats
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 47
Configure a wireless access point
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 48
Configure a wireless NIC
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 49
Configure and Troubleshoot Wireless
Client Access
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 50
How to solve incorrect channel settings
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 51
Solve common RF interference issues
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 52
Correct antenna placement
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 53
Authentication problems
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 54
Summary
Wireless LANs use standards such as
IEEE 802.11a
IEEE 802.11b
IEEE 802.11g
IEEE 802.11n
Basic Service set
–Mobile clients use a single access point for connectivity
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 55
Summary
WLAN security practices/methods include
–MAC address filtering
–SSID making
–Implementing WPA2
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 56
Resources
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 57
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 58