WSEC   Lab 2    Multi-cell channel selection                       Student _____________________________________________

 

 

 

 

The purpose of this Lab is to establish, configure, and test an ESS WLAN consisting of two cells (two APs). The APs will operate on different channels (Ch 1 and Ch 11) to prevent RF interference (RFI or EMI). EMI is the leading cause of denial-of-service (DoS) whether intentionally generated or not.

 

A router/switch is used to link one cell of the WLAN to the infrastructure LAN and to provide DHCP services. A laptop will be used to “roam” from cell to cell to test the ESS link. Additionally, the effect of changing the SSID and RF power level upon ESS cells will be examined.

 

 

Required devices: 

 

  1. Minimally three PCs. PC #1 with ethernet NIC configured and assigned a static IP address (192.168.1.110) that will constitute LAN #1, a laptop with Cisco 350 Series WNIC installed, configured, and assigned a static IP address (192.168.1.120) that will roam from cell to cell, and PC #3 (configured for dynamic assignment of an IP address) connected to the router/switch that will constitute the infrastructure LAN #2. More PCs are suggested (on LAN #2) so that all students can fully participate simultaneously. Laptops recommended.
  2. Router/switch that provides DHCP services and connectivity to LAN #2. Linksys BEFSR41.
  3. Two each access points (APs). Cisco 350 Series with dual diversity antennas (omni-directional) vertically polarized. Label one as CELL #1 and the second as CELL #2.

 

 

Instructor notes:

 

  1. This Lab should be conducted with the instructor demonstrating the procedure first and the students following along and taking notes. If there are enough laptops to go around, the students can run the setup themselves as the instructor demos.
  2. The Cisco Aironet Client Utility (ACU) must be installed on all PCs (see Cisco WNIC documentation on CD).
  3. The Linksys router/switch must be installed (connected to one or more PCs with ethernet NIC configured) and configured for DHCP. The PCs connected to the router/switch ports represent the infrastructure LAN #2 (also DHCP enabled). Save at least one port for the AP connection.
  4. This Lab requires that you have mastered all previous Labs and can quickly perform configurations of the APs, PCs, and the router/switch unit.
  5. Read through the AP documentation provided by Cisco.
  6. Allow enough time so that all of the students can roam the laptop from cell 1 to cell 2 and observe: association, disassociation from cell one, then association to the second AP, disassociation from the second cell, then re-association back to cell one. It could take over 90 minutes for 20 students to perform this activity.

 

 

 

 

PROCEDURE:

Part 1. Roaming

 

1.      Obtain the AP labeled as CELL #2. Record its MAC address here: _______________________________ .  This AP is connected to the router/switch via the power injector. Be careful with the connections to the AP power injector! PC #3 (and others- if available) is to be connected to a free port on the router/switch . (See Lab 6). Wait a minute or so for the AP to bootup then direct the browser of PC #3 to the router’s ethernet IP address (http://192.168.1.1),  login to the router’s setup page, and then determine the IP address of the AP labeled as CELL #2. Write down the IP address here: ____________________________________

 

2.      Now direct the browser on PC #3 to the IP address of CELL #2 and open the Management Pages:

·        Set the Configuration Server Protocol to “NONE”

·        Set the Role in Radio Network to “ROOT Access Point”.

·        Decrease the AP RF power level to “1mW”.

·        Set the SSID to ENT-116A

·        Set the Allow Broadcast SSID to Associate to “NO”

·        Set Radio Channel to “11” with “NO” to Search for less-congested Radio Channel.

·        All other settings should be in the default state

 

3.      Obtain the AP labeled as CELL #1. Record its MAC address here: _______________________________. Connect this AP to the router/switch and perform the exact same configuration as CELL #2 (steps 1,2 above) except that the Radio Channel for CELL #2 should be set to “1” instead of “11”.  Write down the IP address assigned to CELL #2 here _____________________________. When done with the configuration, disconnect CELL #1 from the router/switch. Connect PC #1 to CELL #1 AP via the power injector and locate CELL #1 and PC #1 in a far corner of the room. Apply power and direct the browser of PC #1 to the IP address of CELL #1 and check the AP’s configuration once again.

 

4.      Locate CELL #2 (along with the attached router/switch and PC #3) in a corner opposite to CELL #1. Apply power and recheck the AP’s configuration using PC #3. Two 1mW RF cells are now operational.

 

5.      Position the roaming laptop (with configured WNIC) near CELL #1 and wait for the AP to associate. Confirm association from the ACU running on the laptop. Note the S/N ratio here: ________________

 

6.      Roam with the laptop from CELL #1 over to CELL #2. At some point you should disassociate from CELL #1 and then associate with CELL #2. Record the approximate point where this occurs __________________ from CELL #1 to CELL #2. Now reverse your roaming back in the direction of CELL #1 and see if it re-associates with CELL #1 after disassociating with CELL #2. ___________ (yes/no?). What is the S/N ratio when the disassociation occurs? ____________.

 

NOTE: You may need to disconnect power to CELL #1 AP in order to associate with CELL #2. Why is this?     

               _______________________________________________________________________

 

 

PART 2.   SSID WLAN Control in an ESS

 

7.      Using PC #3, change the SSID of CELL #2 AP to  ENT-11A  instead of  ENT-116A (that it is currently set to).

 

8.      Take the laptop and start at CELL #1 (make sure CELL #1 is operational. Wait there until association occurs) and then move towards CELL #2. Does the laptop ever associate with CELL #2? Where? ___________ What is happening here? ______________________________________________________________________________________________________________________________________________

 

How can you use this result to manage users in an extended WLAN with many cells? Is this in any way related to WLAN security? _____________________________________________________________________________________________________________________________________________________________________________________________________________________

 

 

PART 3.   RF  Power Control to shape ESS cells

 

9.      Change the SSID of CELL #2 back to  ENT-116A . Confirm that the laptop can roam from cell to cell once again.

 

10. Change the RF power level of CELL #1 from 1mW up to 100mW . Attempt to roam from CELL #1 to CELL #2. What happens? _____________________________________________________________________________________________________________________________________________________________________________________________________________________

 

11. How can this result be used to shape ESS cells and to assist in WLAN security? Explain. ____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

 

12. Draw some conclusions about this Lab. _____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________