Chapter 7 : CCNA Cisco Academy: LAN Switching and Wireless. This chapter discusses the basic wireless concepts: - Comparison between WLAN and LAN. - The difference between wireless PAN, LAN, MAN and WAN. - Infrared and Radio Frequency (RF). - Benefits and limitations of the wireless technology. - Difference between licensed and unlicensed bands. - Wi-Fi and the key organizations influencing WLAN standards. - Wireless infrastructure components which are the wireless NIC, Wireless Access Points and wireless routers. - The Hidden node problem. - Configuration parameters SSID, network modes and channels. - Wireless 802.11 typologies: Ad hoc (IBSS), BSS and ESS. Client and Access Point Association: Beacons, probe, authenticate and associate. - Threats to Wireless Security- Unauthorized Access: War Drivers, Hackers and employees. - Man-in-the-Middle Attacks, Denial of Service. - Wireless Security Protocol Overview: open authentication, WEP authentication. - Encryption – TKIP and AES. - Configuring the Wireless Access Point - Configuring security: personal and enterprise (AAA and EAP ). - WLAN Troubleshooting: Incorrect Channel Settings, Solving RF Interference, Access Point Misplacement and Authentication and Encryption

1. LAN Switching and Wireless

2. If you found any mistake’s’ on these slides or if you have any
other questions or comments, please feel free to contact me at:
abdu.elsaid@gmail.com or abdu.elsaid@yahoo.com
Linkedin : https://www.linkedin.com/in/AbdelkhalikMosa
Twitter : https://twitter.com/AbdelkhalikMosa
Facebook : https://www.facebook.com/Abdelkhalik.Mosa
Thanks,
Abdelkhalik Mosa
Suez Canal University
Faculty of Computers and Informatics - Ismailia - Egypt
Note …

3. Introduction
• Wireless technologies use electromagnetic waves to carry
information between devices.
• WLANs use radio frequencies (RF) instead of cables at the
Physical layer and MAC sub-layer of the Data Link layer.

4. Wireless LAN Vs. Ethernet LAN

5. Wireless PAN, LAN, MAN and WAN
PAN : Personal Area Networks
LAN : Local Area Networks
WLAN : Wireless Local Area Networks
MAN : Metropolitan Area Networks
WAN : Wide Area Networks

6. Introduction: Infrared
• Infrared (IR) is relatively low energy and cannot penetrate
through walls or other obstacles.
• A specialized communication port known as an Infrared Direct
Access (IrDA) port uses IR to exchange information between
devices.
• IR only allows a one-to-one type of connection.
• IR is also used for remote control devices, wireless mice, and
wireless keyboards.
• IR generally used for short-range, line-of-sight, communications.

7. Introduction: Radio Frequency (RF)
• RF waves can penetrate through walls and other obstacles,
allowing a much greater range than IR.
• Certain areas of the RF bands have been set aside for use by
unlicensed devices such as WLANs, and computer peripherals.
– This includes the 900 MHz, 2.4 GHz, and the 5 GHz frequency ranges.
These ranges are known as the ISM bands.

8. Benefits of Wireless Technology

9. Limitations of Wireless Technology

10. Wireless LANs (WLANs)
• 802.11 wireless LANs extend the 802.3 Ethernet LAN
infrastructures to provide additional connectivity options.

11. Wireless LAN Standards
• The governmental agencies in countries, license some frequency
bands, leaving some frequency bands unlicensed.
• Licensed bands:
– The most common are AM and FM radio, shortwave radio (for
police department communications), and mobile phones.
• Unlicensed frequencies:
– Can be used by all kinds of devices; however, the devices must
still conform to the rules set up by the regulatory agency.
• A device using an unlicensed band must use power levels at or
below a particular setting so as not to interfere too much with
other devices sharing that unlicensed band.

12. Wireless LAN Standards
• OFDM have faster data rates than DSSS.
• DSSS is simpler and less expensive to implement than OFDM.

13. Wireless Fidelity (Wi-Fi) Certification
• Wi-Fi Alliance, a global, nonprofit, industry trade association
devoted to promoting the growth and acceptance of WLANs.
• The Wi-Fi Alliance is an association of vendors whose objective is
to improve the interoperability of products that are based on the
802.11 standard.
• The Wi-Fi logo on a device means it meets standards and should
interoperate with other devices of the same standard.
• The three key organizations influencing WLAN standards are:
ITU-R regulates allocation of RF bands.
IEEE specifies how RF is modulated to carry info.
Wi-Fi ensures that vendors make devices that
are interoperable.

14. Wireless Infrastructure Components: Wireless NIC
Wireless NIC encodes a data stream onto an RF signal.

15. Wireless Infrastructure Components: Wireless Access Points
• An access point is a Layer 2 device that functions like a 802.3
Ethernet hub.
• An access point connects wireless clients to the wired LAN.
• Association is the process by which a client joins an 802.11
network.
• RF signals attenuate as they move away from their point of
origin, causing the Hidden node problem.
• One means of resolving the hidden node problem is a CSMA/CA
feature called request to send/clear to send (RTS/CTS).

16. Wireless Infrastructure Components: Wireless Access Points
• The hidden node problem

17. Wireless Infrastructure Components: Wireless Routers
• Wireless routers perform the role of access point, Ethernet
switch, and router.

18. Configurable Parameters for Wireless Endpoints
Network Modes
Channels
SSID

19. 802.11 Topologies: Ad Hoc (IBSS)
Independent Basic Service Set (IBSS)

20. 802.11 Topologies: BSS
Basic Service Set (BSS)

21. 802.11 Topologies: ESS
Extended Basic Service Set (ESS)

22. Client and Access Point Association: Beacons
• Beacons: Frames used by the WLAN network to advertise its
presence.

23. Client and Access Point Association: Probes
• Probes: Frames used by WLAN clients to find their networks.

24. Client and Access Point Association: Authentication

25. Client and Access Point Association: Association
• Association: The process for establishing the data link between
an access point and a WLAN client.

26. Threats to Wireless Security: Unauthorized Access
• Major categories of threats that lead to unauthorized access:
1. War Drivers:
• Find open networks and use them to gain free internet
access.
2. Hackers:
• Exploit weak privacy measures to view sensitive WLAN
information and even break into WLANs.
3. Employees:
• Plug consumer-grade APIs/gateways into company
Ethernet ports to create their own WLANs.

27. Threats to Wireless Security: Man-in-the-Middle Attacks

28. Threats to Wireless Security: Denial of Service

29. Wireless Security Protocol Overview
• Open Authentication: no authentication.
• WEP authentication: was supposed to provide privacy to a link.
Static, crackable, and not scalable.
Cloaking SSIDs and filtering MAC addresses were used.

30. Authenticating to the Wireless LAN

31. Authenticating to the Wireless LAN
• EAP is a framework for authenticating network access.

32. Encryption – TKIP and AES
• TKIP is the encryption method certified as WPA.
It encrypts the Layer 2 payload.
It carries out a message integrity check (MIC) in the encrypted
packet which ensures against a message being tampered with.
• AES is the encryption method certified as WPA2.
• PSK or PSK2 with TKIP is the same as WPA.
• PSK or PSK2 with AES is the same as WPA2.
• PSK2, without an encryption method, is the same as WPA2.

33. Controlling Access to the Wireless LAN
• The concept of depth means having multiple solutions available.
• Implement this three-step approach:
1. SSID cloaking: Disable SSID broadcasts from access points
2. MAC address filtering: Permit or deny clients based on their
MAC address
3. WLAN security implementation: WPA or WPA2.
• Neither SSID cloaking nor MAC address filtering are considered
a valid means of securing a WLAN for the following reasons:
1. MAC addresses are easily spoofed.
2. SSIDs are easily discovered even they aren’t broadcasted.

34. Configuring the Wireless Access PointSetup

35. Configuring the Wireless Access Point
Management

36. Configuring Basic Wireless Settings
NetworkMode

37. Configuring Basic Wireless Settings
NetworkName(SSID)

38. Configuring Basic Wireless Settings
RadioBand

39. Configuring Basic Wireless Settings
WideChannel

40. Configuring Basic Wireless Settings
StandardChannel

41. Configuring Security
• "Personal“ means no AAA server is used.
• "Enterprise“ means a AAA server and EAP authentication is used.

42. Configuring Security

43. Configuring a wireless NIC
Scan for SSIDs
Selecting the Wireless
Security Protocol

44. WLAN Troubleshooting: Incorrect Channel Settings

45. WLAN Troubleshooting: Incorrect Channel Settings

46. WLAN Troubleshooting: Incorrect Channel Settings

47. WLAN Troubleshooting: Solving RF Interference

48. WLAN Troubleshooting: Solving RF Interference

49. WLAN Troubleshooting: Solving RF Interference

50. WLAN Troubleshooting: Access Point Misplacement

51. WLAN Troubleshooting: Access Point Misplacement

52. WLAN Troubleshooting: Access Point Misplacement

53. WLAN Troubleshooting: Authentication and Encryption

54. WLAN Troubleshooting: Authentication and Encryption

55. WLAN Troubleshooting: Authentication and Encryption