Understanding Wired and Wireless Networks | 61 6. Execute a Bing search in the images section for the term “wireless bridge.” Examine the results. A wireless bridge is similar to a wireless repeater, but the bridge can con- nect different 802.11 standards together; this is known as bridge mode. 7. Access a wireless access point simulator. We use the D-link DIR-655 emulator later in this lesson. Take a look at the following link now, and login to the DIR-655 Device UI emulator to become acquainted with its interface. There is no password: http:support.dlink.comemulatorsdir655 Table 3-4 IEEE 802.11 WLAN standards IEEE 802.11 S TANDARD D ATA T RANSFER R ATE M AX . F REQUENCY 802.11a 54 Mbps 5 GHz 802.11b 11 Mbps 2.4 GHz 802.11g 54 Mbps 2.4 GHz 802.11n 600 Mbps 300 Mbps typical 5 GHz andor 2.4 GHz CERTIFICATION READY How do you identify wireless networking standards? 1.4 Identifying Wireless Networking Standards In order to set up a functional wireless LAN, a network administrator has to know several wireless standards, as well as ways to secure the wireless network transmissions. A wireless LAN WLAN is a network composed of at least one WAP and at least one com- puter or handheld device that can connect to the WAP. Usually these networks are Ethernet based, but they can be based off other networking architectures. In order to ensure com- patibility, the WAP and other wireless devices must all use the same IEEE 802.11 WLAN standard. These standards are collectively referred to as 802.11x not to be confused with 802.1X, and they are defined by the data link layer of the OSI model. The term “WLAN” is often used interchangeably with Wi-Fi. However, Wi-Fi refers to a trademark created by the Wi-Fi Alliance. Wi-Fi products and technologies are based on the WLAN standards. These WLAN standards dictate the frequency or frequencies used, speed, and so on. Table 3-4 shows the most common standards and their maximum data transfer rate and frequency. In the United States, 802.11b and g have 11 usable channels, starting with channel 1 centered at 2.412 GHz and ending with channel 11 centered at 2.462 GHz. This is a smaller range than some other countries use. Many of the channels in a WLAN overlap. To avoid this, organizations may put, for example, three separate WAPs on channels 1, 6, and 11, respectively. This keeps them from overlapping and interfering with each other. If two WAPs on channels 4 and 5 are in close proximity to each other, there will be a decent amount of interference. It’s also wise to keep WLAN WAPs away from Bluetooth devices and Bluetooth access points, because Bluetooth also uses the 2.4 GHz frequency range. It should go without saying that compatibility is key. However, many WAPs are backward compatible. For example, an 802.11g WAP might also allow 802.11b connections. Perhaps it even allows 802.11a connections, which would be an example of wireless bridging. But generally, companies are looking for the fastest compatible speed possible from all of their wireless networking equipment—and today, that means 802.11n. 802.11n is superior to older WLAN standards in the following ways: • Multiple-Input Multiple-Output MIMO: This means that wireless devices can have more antennas, up to four maximum. 62 | Lesson 3 • Frame aggregation: This is the sending of two or more frames of data in a single trans- mission. By aggregating frames, the amount of data transferred on the data link layer can be doubled in the 802.11n standard. • Channel bonding: Here, two channels that do not overlap are used together in an effort to double the physical data rate PHY. Channel bandwidth therefore becomes 40 MHz instead of the previously used 20 MHz. Of course, all this great technology can be easily manipulated if it is not protected. To mitigate risk, encryption should be used. There are several types of encryption available for wireless networks, but the most secure is WPA2 when used with AES, as shown in Table 3-5. Without the proper encryption turned on at the client, and without knowledge of the correct key or pass phrase, a client computer will not be able to connect to the WAP. Table 3-5 Wireless encryption options W IRELESS E NCRYPTION E NCRYPTION L EVEL P ROTOCOL D ESCRIPTION K EY S IZE WEP Wired Equivalent Privacy 64-bit WPA2 Wi-Fi Protected Access 256-bit TKIP Temporal Key Integrity Protocol 128-bit AES Advanced Encryption Standard 128-, 192-, and 256-bit WEP also has 128-bit and 256-bit versions, but these versions are not commonly found in wireless network hardware. WEP in general is an out of date protocol, and it is not recom- mended. However, if there are no other options available to you, WEP is far superior to no encryption Another way to secure a wireless connection is to use 802.1X. IEEE 802.1X is port-based network access control PNAC. This provides strong authentication to devices that need to connect to the WLAN; it can also be used for regular wired LANs. There are three compo- nents to an 802.1X set-up. The first is the supplicant, or the computer that is attempting to connect to the WLAN. The second is the authenticator, or the wireless access point. The third is the authentication server; often this will be a RADIUS server, which enables advanced authentication techniques. RADIUS servers can be setup within Windows Server 2003 prod- ucts by installing the Internet Authentication Service IAS. Windows Server 2008 includes RADIUS within the Network Policy Server NPS. There several different ways to connect to a wireless network—primarily infrastructure mode and ad-hoc mode: • Infrastructure mode is more common. It occurs when wireless clients connect to and are authenticated by a wireless access point, which can be expanded by creating a wire- less distribution system—a group of WAPs interconnected wirelessly. When utilizing infrastructure mode, the base unit normally a WAP will be configured with a service set identifier SSID. This then becomes the name of the wireless network, and it is broadcast over the airwaves. Thus, when clients want to connect to the WAP, they can identify it by the SSID. • Ad-hoc mode is less common, and it is used more often in a handheld computer envi- ronment. Ad-hoc also referred to as peer-to-peer or P2P networks occur when all of the clients communicate directly with each other. There is no “base” so to speak, meaning a wireless access point. Generally, this type of network is configured so that two individual wireless devices can connect to each other and communicate, perhaps privately. Understanding Wired and Wireless Networks | 63 EXAMINE WIRELESS NETWORKING SETTINGS GET READY. In the following exercise, we will access the D-Link DIR-655 emulator and show some standard wireless configurations. To do so, perform these steps:

1. Log in to the DIR-655 emulator and view basic settings:

a. Connect to a router. The username cannot be changed, and the password is

blank, meaning there is no password. This displays the main Device Informa- tion page. Examine this page. Note the LAN IP address of the device. It should be 192.168.0.1, the default for D-Link WAPs. If a client wants to connect to this device, it has to be confi gured via DHCP or statically, but it will need to be on the 192.168.0 network.

b. Scroll down and examine the wireless settings. Wireless should be enabled by

default. Note the mode, channel width, channel used, and so on.

2. Modify the SSID:

a. Click the Setup link on the top banner.

b. Click the Wireless Settings link on the left side.

c. Click the Manual Wireless Network Setup button. This should display the

Wireless page. d. Look for the Wireless Network Name. This is the SSID. The default for D-Link devices is none other than dlink. It is highly recommended that you modify the default SSID on any WAP. Change it now to something a bit more complex.

3. Modify the wireless configuration:

a. Examine the 802.11 Mode drop-down menu. Note the variety of settings. Mod-

ify this so that it says 802.11n only.

b. Deselect the Enable Auto Channel Scan checkbox. This should enable the

Wireless Channel drop-down menu. Select channel 11, which is centered at 2.462 GHz. Subsequent WAPs should be set to channel 6 and channel 1 in order to avoid channel overlapping.

c. Modify the Channel Width setting to 40 MHz. This will incorporate channel

bonding.

4. Enable encryption:

a. At the Security Mode drop-down menu, select WPA-Personal. This should

display additional WPA information. You would only select WPA-Enterprise if you had the aforementioned RADIUS server available.

b. Scroll down, and in the WPA Mode drop-down menu, select WPA2 Only.

c. In the Cipher Type drop-down menu, select AES.

d. Finally, type in a complex Pre-Shared Key. This is the pass-phrase that clients

need to enter in order to connect to the WLAN. This is the highest level of security this device offers aside from WPA-Enterprise. Your configuration should look similar to Figure 3-8.

5. Disable the SSID:

a. When all clients are connected to the WAP, the SSID should be disabled. This

will not allow new connections to the WAP unless the person knows the SSID name, but computers that have already connected may continue to do so.

b. To do this, click the Invisible radio button in the Visibility Status fi eld.

64 | Lesson 3 Figure 3-8 D-Link DIR-655 wireless configuration

6. Save the settings:

a. At this point, you should save the settings. The emulator doesn’t allow any-

thing to be saved. It reverts back to defaults when you log out or disconnect from the Web site, so clicking Save Settings won’t do anything. But on an actual DIR-655, the settings would save and a reboot would be necessary.

b. It’s also important to back up the confi guration. This can be done by clicking

Tools on the top banner, then System on the left side and selecting Save Confi guration; this is a real time saver in case you have to reset the unit. It is also wise to update the device to the latest fi rmware. Save your settings before doing so because they will be lost when the upgrade is complete; if saved, they can later be loaded back in.