SRWE_Module_13_WLAN_Conf.pdf
Document Details
Uploaded by TopnotchPhosphorus
TAFE
Tags
Full Transcript
17/08/2022 Module 13: WLAN Configuration Switching, Routing, and Wireless Essentials v7.0 (SRWE) 1...
17/08/2022 Module 13: WLAN Configuration Switching, Routing, and Wireless Essentials v7.0 (SRWE) 1 OFFICIAL Module Objectives Module Title: WLAN Configuration Module Objective: Implement a WLAN using a wireless router and WLC. Topic Title Topic Objective Remote Site WLAN Configure a WLAN to support a remote site. Configuration Configure a Basic WLAN on Configure a WLC WLAN to use the management interface and the WLC WPA2 PSK authentication. Configure a WPA2 Enterprise Configure a WLC WLAN to use a VLAN interface, a DHCP server, WLAN on the WLC and WPA2 Enterprise authentication. Troubleshoot WLAN Issues Troubleshoot common wireless configuration issues. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 OFFICIAL 2 1 17/08/2022 13.1 Remote Site WLAN Configuration © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 3 OFFICIAL Remote Site WLAN Configuration Video – Configure a Wireless Network This video will cover the following: Use the Wireless Router Web Page Change the Password Change the WAN and LAN settings Connect the Wireless Network © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 OFFICIAL 4 2 17/08/2022 OFFICIAL Remote Site WLAN Configuration The Wireless Router Remote workers, small branch offices, and home networks often use a small office and home router. These “integrated” routers typically include a switch for wired clients, a port for an internet connection (sometimes labeled “WAN”), and wireless components for wireless client access. These wireless routers typically provide WLAN security, DHCP services, integrated Name Address Translation (NAT), quality of service (QoS), as well as a variety of other features. The feature set will vary based on the router model. Note: Cable or DSL modem configuration is usually done by the service provider’s representative either on-site or remotely. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 OFFICIAL 5 OFFICIAL Remote Site WLAN Configuration Log in to the Wireless Router Most wireless routers are preconfigured to be connected to the network and provide services. Wireless router default IP addresses, usernames, and passwords can easily be found on the internet. Therefore, your first priority should be to change these defaults for security reasons. To gain access to the wireless router’s configuration GUI Open a web browser and enter the default IP address for your wireless router. The default IP address can be found in the documentation that came with the wireless router or you can search the internet. The word admin is commonly used as the default username and password. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 OFFICIAL 6 3 17/08/2022 OFFICIAL Remote Site WLAN Configuration Basic Network Setup Basic network setup includes the following steps: Log in to the router from a web browser. Change the default administrative password. Log in with the new administrative password. Change the default DHCP IPv4 addresses. Renew the IP address. Log in to the router with the new IP address. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 OFFICIAL 7 OFFICIAL Remote Site WLAN Configuration Basic Wireless Setup Basic wireless setup includes the following steps: View the WLAN defaults. Change the network mode, identifying which 802.11 standard is to be implemented. Configure the SSID. Configure the channel, ensuring there are no overlapping channels in use. Configure the security mode, selecting from Open, WPA, WPA2 Personal, WPA2 Enterprise, etc.. Configure the passphrase, as required for the selected security mode. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 OFFICIAL 8 4 17/08/2022 OFFICIAL Remote Site WLAN Configuration Configure a Wireless Mesh Network In a small office or home network, one wireless router may suffice to provide wireless access to all the clients. If you want to extend the range beyond approximately 45 meters indoors and 90 meters outdoors, you create a wireless mesh. Create the mesh by adding access points with the same settings, except using different channels to prevent interference. Extending a WLAN in a small office or home has become increasingly easier. Manufacturers have made creating a wireless mesh network (WMN) simple through smartphone apps. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 OFFICIAL 9 OFFICIAL Remote Site WLAN Configuration NAT for IPv4 Typically, the wireless router is assigned a publicly routable address by the ISP and uses a private network address for addressing on the LAN. To allow hosts on the LAN to communicate with the outside world, the router will use a process called Network Address Translation (NAT). NAT translates a private (local) source IPv4 address to a public (global) address (the process is reversed for incoming packets). NAT makes sharing one public IPv4 address possible by tracking the source port numbers for every session established by a device. If your ISP has IPv6 enabled, you will see a unique IPv6 address for each device. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 OFFICIAL 10 5 17/08/2022 OFFICIAL Remote Site WLAN Configuration Quality of Service Many wireless routers have an option for configuring Quality of Service (QoS). By configuring QoS, you can guarantee that certain traffic types, such as voice and video, are prioritized over traffic that is not as time-sensitive, such as email and web browsing. On some wireless routers, traffic can also be prioritized on specific ports. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 OFFICIAL 11 OFFICIAL Remote Site WLAN Configuration Port Forwarding Wireless routers typically block TCP and UDP ports to prevent unauthorized access in and out of a LAN. However, there are situations when specific ports must be opened so that certain programs and applications can communicate with devices on different networks. Port forwarding is a rule-based method of directing traffic between devices on separate networks. Port triggering allows the router to temporarily forward data through inbound ports to a specific device. You can use port triggering to forward data to a computer only when a designated port range is used to make an outbound request. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12 OFFICIAL 12 6 17/08/2022 OFFICIAL Remote Site WLAN Configuration Packet Tracer – Configure a Wireless Network In this Packet Tracer activity, you will complete the following objectives: Connect to a wireless router Configure the wireless router Connect a wired device to the wireless router Connect a wireless device to the wireless router Add an AP to the network to extend wireless coverage Update default router settings © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 OFFICIAL 13 OFFICIAL Remote Site WLAN Configuration Lab – Configure a Wireless Network In this lab, you will configure basic settings on a wireless router and connect a PC to router wirelessly. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 OFFICIAL 14 7 17/08/2022 13.2 Configure a Basic WLAN on the WLC © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 15 OFFICIAL Configure a Basic WLAN on the WLC Video – Configure a Basic WLAN on the WLC This video will cover the following: Review the topology Access the GUI for the WLAN controller Information about the wireless network on the Network summary screen Configure a new WLAN Secure the new WLAN © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 OFFICIAL 16 8 17/08/2022 OFFICIAL Configure a Basic WLAN on the WLC WLC Topology The topology and addressing scheme used for this topic are shown in the figure and the table. The access point (AP) is a controller-based AP as opposed to an autonomous AP, so it requires no initial configuration and is often called lightweight APs (LAPs). Device Interface IP Address Subnet Mask LAPs use the Lightweight Access Point R1 F0/0 172.16.1.1 255.255.255.0 Protocol (LWAPP) to communicate with a R1 F0/1.1 192.168.200.1 255.255.255.0 WLAN controller (WLC). S1 VLAN 1 DHCP Controller-based APs are useful in WLC Management 192.168.200.254 255.255.255.0 situations where many APs are required in AP1 Wired 0 192.168.200.3 255.255.255.0 the network. PC-A NIC 172.16.1.254 255.255.255.0 As more APs are added, each AP is PC-B NIC DHCP automatically configured and managed by Wireless the WLC. Laptop NIC DHCP © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 OFFICIAL 17 OFFICIAL Configure a Basic WLAN on the WLC Log in to the WLC Configuring a wireless LAN controller (WLC) is not that much different from configuring a wireless router. The WLC controls APs and provides more services and management capabilities. The user logs into the WLC using credentials that were configured during initial setup. The Network Summary page is a dashboard that provides a quick overview of configured wireless networks, associated access points (APs), and active clients. You can also see the number of rogue access points and clients. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 OFFICIAL 18 9 17/08/2022 Configure a Basic WLAN on the WLC OFFICIAL View AP Information Click Access Points from the left menu to view an overall picture of the AP’s system information and performance. The AP is using IP address 192.168.200.3. Because Cisco Discovery Protocol (CDP) is active on this network, the WLC knows that the AP is connected to the FastEthernet 0/1 port on the switch. This AP in the topology is a Cisco Aironet 1815i which means you can use the command-line and a limited set of familiar IOS commands. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 OFFICIAL 19 OFFICIAL Configure a Basic WLAN on the WLC Advanced Settings Most WLC will come with some basic settings and menus that users can quickly access to implement a variety of common configurations. However, as a network administrator, you will typically access the advanced settings. For the Cisco 3504 Wireless Controller, click Advanced in the upper right-hand corner to access the advanced Summary page. From here, you can access all the features of the WLC. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 OFFICIAL 20 10 17/08/2022 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN Wireless LAN Controllers have Layer 2 switch ports and virtual interfaces that are created in software and are very similar to VLAN interfaces. Each physical port can support many APs and WLANs. The ports on the WLC are essentially trunk ports that can carry traffic from multiple VLANs to a switch for distribution to multiple APs. Each AP can support multiple WLANs. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 OFFICIAL 21 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN (Cont.) Basic WLAN configuration on the WLC includes the following steps: 1. Create the WLAN 2. Apply and Enable the WLAN 3. Select the Interface 4. Secure the WLAN 5. Verify the WLAN is Operational 6. Monitor the WLAN 7. View Wireless Client Information © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 OFFICIAL 22 11 17/08/2022 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN (Cont.) 1. Create the WLAN: In the figure, a new WLAN with an SSID name Wireless_LAN is created. 2. Apply and Enable the WLAN: Next the WLAN is enabled the WLAN settings are configured. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 OFFICIAL 23 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN (Cont.) 3. Select the Interface: The interface that will carry the WLAN traffic must be selected. 4. Secure the WLAN: The Security tab is used to access all the available options for securing the LAN. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 OFFICIAL 24 12 17/08/2022 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN (Cont.) 5. Verify the WLAN is Operational: The WLANs menu on the left is used to view the newly configured WLAN and its settings. 6. Monitor the WLAN: The Monitor tab is used to access the advanced Summary page and confirm that the Wireless_LAN now has one client using its services. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 OFFICIAL 25 OFFICIAL Configure a Basic WLAN on the WLC Configure a WLAN (Cont.) 7. View Wireless Client Details: Click Clients in the left menu to view more information about the clients connected to the WLAN. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 OFFICIAL 26 13 17/08/2022 OFFICIAL Configure a Basic WLAN on the WLC Packet Tracer – Configure a Basic WLAN on the WLC In this lab, you will explore some of the features of a wireless LAN controller. You will create a new WLAN on the controller and implement security on that LAN. Then you will configure a wireless host to connect to the new WLAN through an AP that is under the control of the WLC. Finally, you will verify connectivity. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 OFFICIAL 27 13.3 Configure a WPA2 Enterprise WLAN on the WLC © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28 28 14 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Video – Define an SNMP and RADIUS Server on the WLC This video will cover the following: Configure the WLAN controller to send SNMP traps to an external server Configure the WLAN controller to use an external RADIUS server to authenticate WLAN users Verify connectivity with the RADIUS server © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 OFFICIAL 29 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC SNMP and RADIUS PC-A is running Simple Network Management Protocol (SNMP) and Remote Authentication Dial-In User Service (RADIUS) server software. The network administrator wants the WLC to forward all SNMP log messages (i.e., traps) to the SNMP server. The network administrator wants to use a RADIUS server for authentication, authorization, and accounting (AAA) services. Users will enter their username and password credentials which will be verified by the RADIUS server. The RADIUS server is required for WLANs that are using WPA2 Enterprise authentication. Note: SNMP server and RADIUS server configuration is beyond the scope of this module. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30 OFFICIAL 30 15 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure SNMP Server Information To enable SNMP and configure settings: 1. Click the MANAGEMENT tab to access a variety of management features. 2. Click SNMP to expand the sub-menus. 3. Click Trap Receivers. 4. Click New... to configure a new SNMP trap receiver. Enter the SNMP Community name and the IP address (IPv4 or IPv6) for the SNMP server and then click Apply. The WLC will now forward SNMP log messages to the SNMP server. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31 OFFICIAL 31 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure RADIUS Server Information To configure the WLC with the RADIUS server information: 1. Click SECURITY. 2. Click RADIUS 3. Click Authentication 4. Click New... to add PC-A as the RADIUS server. Enter the IPv4 address for PC-A and the shared secret that will be used between the WLC and the RADIUS server and then click Apply. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32 OFFICIAL 32 16 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure RADIUS Server Information (Cont.) After clicking Apply, the list of configured RADIUS Authentication Servers refreshes with the new server listed. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33 OFFICIAL 33 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Video – Configure a VLAN for a New WLAN This video will cover the following: Review the topology Deploy a new VLAN interface Associate the new VLAN interface with a WLAN © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34 OFFICIAL 34 17 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Topology with VLAN 5 Addressing Each WLAN configured on the WLC needs its own virtual interface. The WLC has five physical data ports that can be configured to support multiple WLANs and virtual interface. The new WLAN will use interface VLAN 5 and network 192.168.5.0/24 and therefore R1 has been configured for VLAN 5 as shown in the topology and show ip interface brief output. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 OFFICIAL 35 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a New Interface VLAN interface configuration on the WLC includes the following steps: 1. Create a new interface. 2. Configure the VLAN name and ID. 3. Configure the port and interface address. 4. Configure the DHCP server address. 5. Apply and Confirm. 6. Verify Interfaces. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36 OFFICIAL 36 18 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a New Interface (Cont.) 1. Create a new interface: Click CONTROLLER > Interfaces > New... 2. Configure the VLAN name and ID: In the example, the new interface is named vlan5, the VLAN ID is 5, and applied. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37 OFFICIAL 37 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a New Interface (Cont.) 3. Configure the port and interface address: On the interface Edit page, configure the physical port number (i.e., the WLC G1 interface is Port Number 1 on the WLC), the VLAN 5 interface addressing (i.e., 192.168.5.254/24), and the default gateway (i.e., 192.168.5.1) © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38 OFFICIAL 38 19 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a New Interface (Cont.) 4. Configure the DHCP server address: The example configures a primary DHCP server at IPv4 address 192.168.5.1 which is the default gateway router address which is enabled as a DHCP server. 5. Apply and Confirm: Scroll to the top and click Apply and then click OK for the warning message. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39 OFFICIAL 39 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a New Interface (Cont.) 6. Verify Interfaces: Click Interfaces to verify that the new vlan5 interface is shown in the list of interfaces with its IPv4 address. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40 OFFICIAL 40 20 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Video – Configure a DHCP Scope This video will cover the following: Review the topology Explain the role of the WLC DHCP server Create a new DHCP scope © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41 OFFICIAL 41 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a DHCP Scope DHCP scope configuration includes the following steps: 1. Create a new DHCP scope. 2. Name the DHCP scope. 3. Verify the new DHCP scope. 4. Configure and enable the new DHCP scope. 5. Verify the enable DHCP scope © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42 OFFICIAL 42 21 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a DHCP Scope (Cont.) 1. Create a new DHCP scope: To configure a new DHCP scope, click Internal DHCP Server > DHCP Scope > New.... 2. Name the DHCP scope: The scope is named Wireless_Management and then applied. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43 OFFICIAL 43 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a DHCP Scope (Cont.) 3. Verify the new DHCP scope: In the DHCP Scopes page click the new Scope Name to configure the DHCP scope. 4. Configure and enable the new DHCP scope: On the Edit screen for the Wireless_Management scope, configure a pool of addresses (i.e., 192.168.200.240/24 to.249), the default router IPv4 address (i.e., 192.168.200.1), then Enabled and Apply. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44 OFFICIAL 44 22 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a DHCP Scope (Cont.) 5. Verify the enable DHCP scope: The network administrator is returned to the DHCP Scopes page and can verify the scope is ready to be allocated to a new WLAN. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45 OFFICIAL 45 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Video – Configure a WPA2 Enterprise WLAN This video will cover the following: Review the topology Create a WLAN Configure the WLC to use the RADIUS server Secure the new WLAN with WPA2-Enterprise Verify WPA2-Enterprise Security © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46 OFFICIAL 46 23 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a WPA2 Enterprise WLAN By default, all newly created WLANs on the WLC will use WPA2 with Advanced Encryption System (AES). 802.1X is the default key management protocol used to communicate with the RADIUS server. Next, create a new WLAN to use interface vlan5. Configuring a new WLAN on the WLC includes the following steps: 1. Create a new WLAN. 2. Configure the WLAN name and SSID. 3. Enable the WLAN for VLAN 5. 4. Verify AES and 802.1X defaults. 5. Configure WLAN security to use the RADIUS server. 6. Verify the new WLAN is available. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47 OFFICIAL 47 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a WPA2 Enterprise WLAN (Cont.) 1. Create a new WLAN: Click the WLANs tab and then Go to create a new WLAN. 2. Configure the WLAN name and SSID: Enter the profile name and SSID, choose an ID of 5, and then click Apply to create the new WLAN. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48 OFFICIAL 48 24 17/08/2022 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a WPA2 Enterprise WLAN (Cont.) 3. Enable the WLAN for VLAN 5: Once the WLAN, change the status to Enabled, choose vlan5 from the Interface/Interface Group(G) dropdown list, and then click Apply and click OK to accept the popup message. 4. Verify AES and 802.1X defaults: Click the Security tab to view the default security configuration for the new WLAN. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49 OFFICIAL 49 OFFICIAL Configure a WPA2 Enterprise WLAN on the WLC Configure a WPA2 Enterprise WLAN (Cont.) 5. Configure the RADIUS server: To select the RADIUS server that will be used to authenticate WLAN users, click the AAA Servers tab and in the dropdown box, select the RADIUS server that was configured on the WLC previously, and then Apply your changes. 6. Verify that the new WLAN is available: To verify that the new WLAN is listed and enabled click on the WLANs submenu. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50 OFFICIAL 50 25 17/08/2022 Configure a WPA2 Enterprise WLAN on the WLC OFFICIAL Packet Tracer – Configure a WPA2 Enterprise WLAN on the WLC In this Packet Tracer activity, you will configure a new WLAN on a wireless LAN controller (WLC), including the VLAN interface that it will use. You will configure the WLAN to use a RADIUS server and WPA2-Enterprise to authenticate users. You will also configure the WLC to use an SNMP server. Configure a new VLAN interface on a WLC. Configure a new WLAN on a WLC. Configure a new scope on the WLC internal DHCP server. Configure the WLC with SNMP settings. Configure the WLC to use a RADIUS server to authenticate WLAN users. Secure a WLAN with WPA2-Enterprise. Connect hosts to the new WLC. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51 OFFICIAL 51 13.4 Troubleshoot WLAN Issues © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52 52 26 17/08/2022 OFFICIAL Troubleshoot WLAN Issues Troubleshooting Approaches Network problems can be simple or complex, and can result from a combination of hardware, software, and connectivity issues. Technicians must be able to analyze the problem and determine the cause of the error before they can resolve the network issue. This process is called troubleshooting. Troubleshooting any sort of network problem should follow a systematic approach. A common and efficient troubleshooting methodology is based on the scientific method and can be broken into the six main steps shown in the table on the next slide. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53 OFFICIAL 53 OFFICIAL Troubleshoot WLAN Issues Troubleshooting Approaches (Cont.) Step Title Description The first step in the troubleshooting process is to identify the problem. While tools 1 Identify the Problem can be used in this step, a conversation with the user is often very helpful. After you have talked to the user and identified the problem, you can try and establish Establish a Theory of Probable 2 a theory of probable causes. This step often yields more than a few probable causes Causes to the problem. Based on the probable causes, test your theories to determine which one is the cause of the problem. A technician will often apply a quick procedure to test and see 3 Test the Theory to Determine Cause if it solves the problem. If a quick procedure does not correct the problem, you might need to research the problem further to establish the exact cause. Establish a Plan of Action to Resolve After you have determined the exact cause of the problem, establish a plan of action 4 the Problem and Implement the to resolve the problem and implement the solution. Solution Verify Full System Functionality and After you have corrected the problem, verify full functionality and, if applicable, 5 Implement Preventive Measures implement preventive measures. Document Findings, Actions, and In the final step of the troubleshooting process, document your findings, actions, and 6 Outcomes outcomes. This is very important for future reference. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54 OFFICIAL 54 27 17/08/2022 OFFICIAL Troubleshoot WLAN Issues Wireless Client Not Connecting If there is no connectivity, check the following: Confirm the network configuration on the PC using the ipconfig command. Confirm that the device can connect to the wired network. Ping a known IP address. If needed, reload drivers as appropriate for the client or try a different wireless NIC. If the wireless NIC of the client is working, check the security mode and encryption settings on the client. If the PC is operational but the wireless connection is performing poorly, check the following: Is the PC out of the planned coverage area (BSA)? Check the channel settings on the wireless client. Check for interference with the 2.4 GHz band. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55 OFFICIAL 55 OFFICIAL Troubleshoot WLAN Issues Wireless Client Not Connecting (Cont.) Next, ensure that all the devices are actually in place. Consider a possible physical security issue. Is there power to all devices and are they powered on? Finally, inspect links between cabled devices looking for bad connectors or damaged or missing cables. If the physical plant is in place, verify the wired LAN by pinging devices, including the AP. If connectivity still fails at this point, perhaps something is wrong with the AP or its configuration. When the user PC is eliminated as the source of the problem, and the physical status of devices is confirmed, begin investigating the performance of the AP. Check the power status of the AP. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56 OFFICIAL 56 28 17/08/2022 OFFICIAL Troubleshoot WLAN Issues Troubleshooting When the Network Is Slow To optimize and increase the bandwidth of 802.11 dual-band routers and APs, either: Upgrade your wireless clients - Older 802.11b, 802.11g, and even 802.11n devices can slow the entire WLAN. For the best performance, all wireless devices should support the same highest acceptable standard. Split the traffic - The easiest way to improve wireless performance is to split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band. Therefore, 802.11n (or better) can use the two bands as two separate wireless networks to help manage the traffic. There are several reasons for using a split-the-traffic approach: The 2.4 GHz band may be suitable for basic Internet traffic that is not time-sensitive. The bandwidth may still be shared with other nearby WLANs. The 5 GHz band is much less crowded than the 2.4 GHz band; ideal for streaming multimedia. The 5 GHz band has more channels; therefore, the channel chosen is likely interference-free. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57 OFFICIAL 57 OFFICIAL Troubleshoot WLAN Issues Troubleshooting When the Network Is Slow (Cont.) By default, dual-band routers and APs use the same network name on both the 2.4 GHz band and the 5 GHz band. It may be useful to segment the traffic. The simplest way to segment traffic is to rename one of the wireless networks. To improve the range of a wireless network, ensure the wireless router or AP location is free of obstructions, such as furniture, fixtures, and tall appliances. These block the signal, which shortens the range of the WLAN. If this still does not solve the problem, then a Wi-Fi Range Extender or deploying the Powerline wireless technology may be used. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58 OFFICIAL 58 29 17/08/2022 OFFICIAL Troubleshoot WLAN Issues Updating Firmware Most wireless routers and APs offer upgradable firmware that should be periodically verified. On a WLC, there will most likely be the ability to upgrade the firmware on all APs that the WLC controls. In the figure, the firmware image that will be used to upgrade all the APs is downloaded. On a Cisco 3504 Wireless Controller, click WIRELESS > Access Points > Global Configuration and then scroll to the bottom of the page for the AP Image Pre-download section. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59 OFFICIAL 59 OFFICIAL Troubleshoot WLAN Issues Packet Tracer – Troubleshoot WLAN Issues In this Packet Tracer, you will complete the following objectives: Troubleshoot wireless LAN connectivity issues in a home network. Troubleshoot wireless LAN connectivity issues in an enterprise network. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60 OFFICIAL 60 30 17/08/2022 13.5 Module Practice and Summary © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61 61 OFFICIAL Module Practice and Quiz Packet Tracer – WLAN Configuration In this Packet Tracer activity, you will configure both a wireless home router and a WLC- based network. You will implement both WPA2-PSK and WPA2-Enterprise security. Configure a home router to provide Wi-Fi connectivity to a variety of devices. Configure WPA2-PSK security on a home router. Configure interfaces on a WLC. Configure WPA2-PSK security on a WLAN and connect hosts to the WLAN. Configure WPA2-Enterprise on a WLAN and connect hosts to the WLAN. Verify connectivity. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62 OFFICIAL 62 31 17/08/2022 OFFICIAL Module Practice and Quiz Packet Tracer Physical Mode – Wireless Technology Exploration In this Packet Tracer Physical Mode activity, you will complete the following objectives: Part 1: Explore the Wireless Network Part 2: Add Wi-Fi Connectivity to a Boardroom Part 3: Add Wireless Connectivity to a Coffee Shop in a Cellular Dead Zone Part 4: Add Wireless Connectivity to a Home Office © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63 OFFICIAL 63 OFFICIAL Module Practice and Quiz What Did I Learn In This Module? Remote workers, small branch offices, and home networks often use a wireless router, which typically include a switch for wired clients, a port for an internet connection (sometimes labeled “WAN”), and wireless components for wireless client access. Most wireless routers are preconfigured to be connected to the network and provide services. The wireless router uses DHCP to automatically provide addressing information to connected devices. Your first priority should be to change the username and password of your wireless router. If you want to extend the range beyond approximately 45 meters indoors and 90 meters outdoors, you can add wireless access points. The router will use a process called Network Address Translation (NAT) to convert private IPv4 addresses to internet-routable IPv4 addresses. By configuring QoS, you can guarantee that certain traffic types, such as voice and video, are prioritized over traffic that is not as time-sensitive, such as email and web browsing. Lightweight APs (LAPs) use the Lightweight Access Point Protocol (LWAPP) to communicate with a WLAN controller (WLC). © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64 OFFICIAL 64 32 17/08/2022 OFFICIAL Module Practice and Quiz What Did I Learn In This Module? (Cont.) Configuring a wireless LAN controller (WLC) is similar to configuring a wireless router except that a WLC controls APs and provides more services and management capabilities. Use the WLC interface to view an overall picture of the AP’s system information and performance, to access advanced settings and to configure a WLAN. SNMP is used monitor the network. The WLC is set to forward all SNMP log messages, called traps, to the SNMP server. For WLAN user authentication, a RADIUS server is used for authentication, accounting, and auditing (AAA) services. Individual user access can be tracked and audited. Use the WLC interface to configure SNMP server and RADIUS server information, VLAN interfaces, DHCP scope, and a WPA2 Enterprise WLAN. There are six steps to the troubleshooting process. When troubleshooting a WLAN, a process of elimination is recommended. Common problems are: no connectivity and poorly performing wireless connection when the PC is operational. To optimize and increase the bandwidth of 802.11 dual-band routers and APs, either: upgrade your wireless clients or split the traffic. Most wireless routers and APs offer upgradable firmware. Firmware releases may contain fixes for common problems reported by customers as well as security vulnerabilities. You should periodically check the router or AP for updated firmware. © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65 OFFICIAL 65 Module 13: WLAN Configuration OFFICIAL New Terms and Commands Network Address Translation (NAT) Wireless Mesh Network (WMN) Port Forwarding Port Triggering © 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66 OFFICIAL 66 33 17/08/2022 67 34