CCNA Wireless Cram Sheet
Types of WLAN technology
Narrowband (unlicensed bands)
· 900 MHz – used by old cordless phones
· 2.4 GHz – used by cordless phones, WLAN, Bluetooth and microwaves
· 5G GHz – used by WLAN, new cordless phones
· Uses spread spectrum – signalling over multiple frequencies.
· Limited range
· Lower bandwidth than narrow band
· Wider coverage.
· Personal Communication Services (PCS) – Sprint PCS is an example supplier of this technology.
Circuit and Packet Data
· Lower data rate than both of the above.
· Wider coverage (national).
· High fee per megabit – although flat-rate contracts are common nowadays
· 3G is an example of this technology.
Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
WLAN devices cannot send and receive at the same time. Devices use RTS (ready-to-send) and CTS (clear-to-send) signals.
Wireless AP’s are similar in function to Ethernet Hubs; each AP has a finite bandwidth therefore the more devices attached to the AP, the less bandwidth each device has available to it.
Signal Strength Issues
· Absorption – walls, ceilings and floors absorb signals.
· Scattering – rough walls and carpets scatter signals.
· Reflection – metal and glass reflect signals.
· (Interference – Microwaves, rouge AP’s and cordless phones can interfere)
· FCC – Federal Communications Commission
· ETSI – European Telecommunications Standards Institute
· ITU-R – International Telecommunications Union-Radio Communications Sector
· IEEE – Institute of Electrical and Electronic Engineers – defines mechanical process of how WLAN is implemented in 802.11
· WiFi Alliance – Cisco is a founding member of this organisation. Ensures interoperability between manufacturers.
OFDM – Octagonal Frequency Division Multiplexing; uses spread spectrum.
DSSS – Direct-Sequence Spread Spectrum; One channel to send data across all frequencies in the channel
MIMO – Multiple Input Multiple Output; uses DSSS and OFD across 14 overlapping channels at 5MHz intervals.
· 802.11b and 802.11g can interpolate, 802.11g is backwards compatible.
· 802.11a is not compatible with 802.11b or 802.11g.
· 802.11n is compatible with 802.11a, 802.11b and 802.11g however is will be slower in interoperability mode. Also 802.11n has not been ratified, so there may be interoperability issues between vendor hardware. 802.11n requires multiple antennae for MIMO.
· War Driving – a potential hacker uses a laptop to find a wireless network and tries to break in.
· Service Set Identifier (SSID) used to identify network to clients, this is broadcast.
· Client Send AP MAC Address and required security information
802.11 Defined Security
The 802.11 standard defines two security methods, both of which are weak by today’s standards:
· Open Authentication (no security!)
· Shared Key Authentication – static encryption using WEP
A well-secured WLAN has the following security configurations:
SSID Cloaking and MAC Address Filtering
SSID Cloaking –Administrator would disable SSID broadcast. However, client can send AP a null string SSID value. Therefore MAC Address filtering was often enabled. Unfortunately it is also possible to spoof a MAC address.
Wireless Encryption Protocol (WEP)
Uses RC4 encryption and a static 64-bit key can easily be broken as only 40-bits are encrypted and 24 bits are clear-text IV(Initialization Vector). It was later upgraded to 128-bit, but the IV was still clear text meaning it took slightly longer (minutes) to break-in.
TKIP (Temporal Key Integrity Protocol)
Initially Cisco hardware specific, later became and open standard – beware no interop between Cisco original and now open TKIP. Per-packet keying and hashing using CMIC (Cisco Message Integrity Check) – each packet is digitally signed.
Extensible Authentication Protocol is a 2-layer process with 2 varieties:
· EAP (WLAN)
EAP defines a standard way of encapsulating authentication information such as certificates/usernames/passwords that an AP can use for authentication.
EAP is an extension of PPP and has several extensions:
· EAP-MD5 – CHAP authentication with static password
· EAP-TCS – X.509v3 certificates
· LEAP – Lightweight EAP, password and per-session WEP keys
· PEAP – One Time Password OTP SSL secures communications and MS-CHAP used to encrypt username and password. Digital certificate required on server.
· EAP-FAST – Shared secret key used to encrypt authentication information.
· EAP-GTC – authentication by Generic Card Token.
802.1x and RADIUS defines how to packetize the EAP information and move it across the network. In the RADIUS model:
· Client is the Supplicant
· AP is the Authenticator
· RADIUS Server is the Authentication Server
WiFi Protected Access (WPA)
Designed as an interim solution, until 802.11i (WPA2) was ratified, for wireless security by the WiFi Alliance.
Authentication handled by 802.1x and TKIP used with WEP. The TKIP flavour used by WPA is non-proprietary and is NOT compatible with the Cisco TKIP implementation.
Personal Mode – Pre-shared Key (PSK) used to authenticate, key stored on client and server -designed for SOHO use.
Enterprise Mode – allows for large organisations to have a centralised credential server. Uses 802.1x for authentication.
Doesn’t use WEP, using AES (Advanced Encryption Standard) alongside CBC-MAC protocol (CCMP)
AES-CCMP incorporates AES 128-bit encryption with 2 cryptographic technologies:
· Counter mode makes eavesdropping more difficult by stopping patterns in WLAN traffic
· CBC-MAC ensures frames have not been tampered
WLAN Access Modes
Ad-Hoc (IBSS – Independent Basic Service Set) – peer-to-peer – presents security and scalability issues
Infrastructure (BSS – Basic Service Set or ESS – Extended Service Set) – via an AP
· BSS – Basic Service Set – provides per-device BSSID. Used for non-roaming devices.
· ESS – Extended Service Set – provides a single SSID for all devices. Only each AP has its own BSSID.
· BSA – Basic Service Area – single AP (cell)
· ESA – Extended Service Area – multi-APs (cells) on different channels, but the same frequency (i.e 2.4GHz/5GHz) on non-VOIP networks overlap should be 10-15%, on VOIP it should be 15-50%.
An AP is a layer 3 device and in larger organisations ‘IP helper’/DHCP forwarding may be required on the AP.
Configuring APs/Troubleshooting WLAN
Cisco recommends using the SDM (Security Device Manager) to configure APs.
Common troubleshooting tasks:
· Check signal strength, check device placement and either adjust aerial or replace it with a more powerful one
· Check encryption settings, do the device and AP support the same encryption standards
· WLAN NIC firmware update may resolve connectivity issues.