Console Server. Con. Cisco Aironet Port Figure 1: Aironet configuration
|
|
- Aubrey Hunt
- 6 years ago
- Views:
Transcription
1 Lab details At present C.6 has three Cisco Aironet 1200 access points, and three Linksys access points. The Cisco Aironets can be accessed through a console server using the console address and a specific TCP port. There are also 12 Cisco 350 Aironet wireless clients, and eight Belkin wireless clients. Con Console Server Con Cisco Aironet Port 2001 Con Cisco Aironet Port 2002 Cisco Aironet Port 2003 Figure 1: Aironet configuration Thus the access is: Cisco Aironet 1 Address: Port: 2001 Cisco Aironet 2 Address: Port: 2002 Cisco Aironet 3 Address: Port: 2003 Make sure that your Ethernet connection is enabled, and do not create your wireless network on the network. Thus you will be assigned one of the groups, and you should create wireless networks with five wireless clients. The details are: Group 1: SSID: APskills1 IP address of Access Point: Range of addresses: to Group 2: SSID: APskills2 IP address of Access Point: Range of addresses: to Group 3: SSID: APskills3 IP address of Access Point: Range of addresses: to Author: W.Buchanan 1
2 Open authentication 1. For this part of the lab, you should setup a network for five wireless clients, and will be assigned one of the access points to connect to. Initially use HyperTerminal or TELNET to connect, such as shown in Figure 2 and Figure 3. Figure 2: Connection details Figure 3: Connection details Author: W.Buchanan 2
3 2. Assign each you wireless clients a static IP address which relates to the subnet, such as shown in Figure The configure the access point with: Figure 4: Client details hostname ap int bvi1 ip address interface d0 channel 11 station-role root encryption key 1 size 40bit aaaaaaaaaa transmit-key encryption mode ciphers tkip wep40 no ssid tsunami ssid APskills authentication open guest-mode end 4. Next, if you have a Cisco 350 wireless client, setup the SSID and Client name as shown in Figure 5 and 6, and define the WEP encryption key, as shown in Figure 7. From the clients, ping each node on the network, and, on the wireless access point, determine the associations with: ap#sh dot assoc Client Stations on Dot11Radio0: SSID [APskills]: MAC Address IP address Device Name Parent State client Bill self Assoc 5. Check that the device is associated, such as shown in Figure 8. Author: W.Buchanan 3
4 Figure 5: Creating a new profile Figure 6: Cisco wireless client details Figure 7: WEP client details Author: W.Buchanan 4
5 Figure 8: Association Checking basic details 6. The Cisco wireless client have additional details, such as: A Site survey (Figure 9). Testing link strength (Figure 10). Statistics of the connection (Figure 11). Link status (Figure 12). What the signal strength: Which channel is the client connect to: What is the IP address of the access point: Link speed: Bytes transmitted: Rating of signal strength against signal quality (poor, fair, good or excellent): SSID mismatches: Ack packets transmitted: Author: W.Buchanan 5
6 Figure 9: Association Figure 10: Association Author: W.Buchanan 6
7 Figure 11: Connection details Figure 12: Link status Author: W.Buchanan 7
8 LEAP 7. The access point can be setup so that it authenticates the user onto the network. One method, recommended by Cisco Systems, is LEAP which supports a username and a password, which is authenticated by a local or a remote RADIUS server. In this case a local RADIUS server, running on the access point, is used to authenticate the user. A basic configuration of the access point is: hostname ap aaa new-model hostname ap aaa new-model aaa group server radius rad_eap server auth-port 1812 acct-port 1813 aaa group server radius rad_mac aaa group server radius rad_acct aaa group server radius rad_admin aaa group server radius dummy server auth-port 1812 acct-port 1813 aaa group server radius rad_pmip aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa authorization ipmobile default group rad_pmip aaa accounting network acct_methods start-stop group rad_acct aaa session-id common int bvi1 ip address radius-server local nas key sharedkey user aaauser password aaauser user bbbuser password bbbuser radius-server host auth 1812 acct 1813 key sharedkey interface d0 channel 11 station-role root encryption key 1 size 40bit aaaaaaaaaa transmit-key encryption mode ciphers tkip wep40!!!!! remember to change the SSID to your requirement ssid APskills authentication network-eap eap_methods guest-mode end Author: W.Buchanan 8
9 8. This sets up two users of aaauser and bbbuser, with a shared key between the access point and the local RADIUS server of sharedkey. Next setup the wireless clients to connect to the network by defining LEAP security, such as shown in Figure 13 and Figure 14. Figure 13: Defining LEAP Figure 14: LEAP settings Author: W.Buchanan 9
10 9. Next, show the associations: ap#sh dot assoc Client Stations on Dot11Radio0: SSID [APskills] : MAC Address IP address Device Name Parent State client BIll self EAP-Assoc cd client XP3 self EAP-Assoc Do the clients connect to the network: What are the associations on the access point? List their details: How do the associations differ from before: 10. If you managed to successful connect to the network, next change the user ID for the LEAP details, such as shown in Figure 15. Do the clients connect to the network: Redefine the LEAP details so that the client re-associates. Is it successful: Figure 15: LEAP settings Author: W.Buchanan 10
11 Filtering (continued from previous week) 11. The wireless access point can be used to filter mac addresses for a source and destination. Its format is: access-list [deny permit] [source ac] [source mask] [dest mac] [dest mask] For example to disallow the node with the mac address of b54.d83a access to 0060.b39f.cae1: access-list 1101 deny b54.d83a b39f.cae access-list 1101 permit ffff.ffff.ffff ffff.ffff.ffff and it is applied with the following: int d0 l2-filter bridge-group-acl bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 output-pattern 1101 bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ap#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet d.65a9.cb1b ARPA BVI1 Internet b39f.cae1 ARPA BVI1 Internet c85.87f1 ARPA BVI1 Internet b54.d83a ARPA BVI1 ap# Determine all the mac addresses on your network: Block the access of one computer to another. What is the access-list used: Is the access blocked, and can the other nodes still access each other: 12. Next remove the access list with: no access-list 1101 and now add a new one which block access from one computer to two of the hosts on the network. Author: W.Buchanan 11
12 Is the block successful: IP filtering 13. The wireless access point can be used to filter mac addresses for a source and destination. Its format is: access-list [< > < >] [deny permit] [source ac] [source mask] [dest mac] [dest mask] For example to disallow the node with the mac address of b54.d83a access to 0060.b39f.cae1: access-list 1101 deny b54.d83a b39f.cae access-list 1101 permit ffff.ffff.ffff ffff.ffff.ffff and it is applied with the following: int d0 l2-filter bridge-group-acl bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 output-pattern 1101 bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled in this case an example of the ARP cache is: ap#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet d.65a9.cb1b ARPA BVI1 Internet b39f.cae1 ARPA BVI1 Internet c85.87f1 ARPA BVI1 Internet b54.d83a ARPA BVI1 ap# Determine all the mac addresses on your network: IP: MAC address: IP: MAC address: IP: MAC address: IP: MAC address: IP: MAC address: Block the access of one computer to another. What is the access-list used: What is the output from the show arp command on the wireless access point: Author: W.Buchanan 12
13 Is the access blocked, and can the other nodes still access each other: 14. Next remove the access list with: no access-list 1101 and now add a new one which blocks access from one computer to two of the hosts on the network. Is the block successful: 15. Next, remove the access list, and bar a node access to the complete network. Is the block successful: IP filtering 16. The access point supports IP-based access-lists. For example, the following blocks a host at access to , and is applied to the D0 port: ip access-list extended Test deny ip host host permit ip any any interface d0 channel 11 ip access-group Test in station-role root encryption key 1 size 40bit aaaaaaaaaa transmit-key encryption mode ciphers tkip wep40 no ssid tsunami ssid APskills authentication open guest-mode end Apply this configuration. Can the node communicate with the wireless access point: 17. Write an access-list which blocks access from to , and also blocks access from to The rest of the communications should be ALLOWED. REMEMBER, before you start, to remove the old access-list (no access-list extended Test). What is the access-list: Do the blocks work, and can the other nodes still communicate: Author: W.Buchanan 13
14 18. Write an access-list which allows access from access to , and also allows access from to The rest of the communications should be BLOCKED. REMEMBER, before you start, to remove the old access-list (no access-list extended Test). What is the access-list: Do the allows work, and are the other nodes blocked: TCP filtering 19. Along with IP filtering, it is possible to filter for the TCP port. For example the following blocking of any source host to any destination on port 80: ip access-list extended Test deny tcp any any eq 80 permit ip any any interface d0 channel 11 ip access-group Test in station-role root encryption key 1 size 40bit aaaaaaaaaa transmit-key encryption mode ciphers tkip wep40 ssid APskills authentication open guest-mode end 20. Test the above script and make sure that none of the nodes can access the web server on the access point: Is web access blocked: 21. Modify the access-list so that the node which has an IP address of cannot access the web server on the access point: Is web access blocked: 22. Using the client and the server program, write an access-list which will block communications between two of the nodes on the network for client-server communications on port 1001: Is the access blocked: 23. Remove the previous access-list, and determine if the nodes can now connect to each other on port 1001: Author: W.Buchanan 14
15 Is the access allowed: ICMP filters 24. It is possible to block ICMP in the filtering, such as blocking a ping from to : ip access-list extended Test deny icmp permit ip any any Is it possible to ping the access-point ( ) from : Is it possible to ping the access-point ( ) from other nodes: 25. Now block ping access from to Is it possible to ping the access-point ( ) from : Is it possible to ping all the other nodes: Tutorial For a network which has an access point at and five wireless clients from to , with an SSID of APskills, complete the following: 26. Create a firewall that blocks ping access to all other nodes on the network. Test it, and then restore ping access. 27. Create a firewall that bars TELNET access from to the wireless access point. All other nodes should be able to telnet into the access point. Next do the opposite where only the node is allowed to TELNET into the access point, and the rest are not. 28. Create a firewall that bars SNMP access from all the nodes on the network to the wireless access point. All other nodes should be able to telnet into the access point. 29. Enable the small-servers on the wireless access point, and access the time server port (port 7), and prove that it works from each of the clients. Implement a firewall on the wireless access point to bar time server access from to the access point. Make sure that all the other nodes can still access the port. 30. Create a network of wireless clients where the access point has an address of , and create a firewall which blocks all the address which have even numbered IP addresses access to the web server on the access point, such as: Author: W.Buchanan 15
16 cannot access the wireless access point web server cannot access the wireless access point web server. And so on. What is the access-list: Does it work: 31. Create a network of wireless clients where the access point has an address of , and create a firewall which blocks all the address which have odd numbered IP addresses access to the web server on the access point, such as: cannot access the wireless access point web server cannot access the wireless access point web server. And so on. What is the access-list: Does it work: 32. Create a network of wireless clients, which have the address: , , , , and Define a firewall rule that hosts with an IP address above are allowed access to the web server on the access point, but ones below this are barred. What is the access-list: Does it work: For a network which has an access point at and five wireless clients from to , with an SSID of APskills, complete the following: 33. Create a firewall rule which allows hosts with address from to access to the Web server on the access point, and bars the rest of the nodes access to the Web server on the access point. 34. Create a firewall rule which allows hosts with address from to access to the Web server on the access point, and bars the rest of the nodes access to the Web server on the access point. Author: W.Buchanan 16
Wireless Filtering and Firewalling
Wireless Filtering and Firewalling Outline: The objective of this lab is demonstrate the principles of creating filtering rules on the wireless access point. At the start of the lab, the access point settings
More information7 Filtering and Firewalling
7 Filtering and Firewalling 7.1 Introduction Security is becoming a major concern in IT, and A major concern in networking and the Internet, and wireless systems are probably more open to abuse than any
More informationConfiguring the WMIC for the First Time
Configuring the WMIC for the First Time This document describes how to configure basic settings on a Cisco Wireless Mobile Interface Card (WMIC) for the first time. Before You Start Before you install
More informationConfiguring the Access Point/Bridge for the First Time
CHAPTER 2 Configuring the Access Point/Bridge for the First Time This chapter describes how to configure basic settings on your access point/bridge for the first time. You can configure all the settings
More informationEAP FAST with the Internal RADIUS Server on the Autonomous Access Point Configuration Example
EAP FAST with the Internal RADIUS Server on the Autonomous Access Point Configuration Example Document ID: 116580 Contributed by Surendra BG, Cisco TAC Engineer. Oct 10, 2013 Contents Introduction Prerequisites
More informationIntegration Guide. Trakker Antares 2400 Family and Cisco Aironet 123X
Integration Guide Trakker Antares 2400 Family and Cisco Aironet 123X Intermec Technologies Corporation Corporate Headquarters 6001 36th Ave. W. Everett, WA 98203 U.S.A. www.intermec.com The information
More informationTACACS+ on an Aironet Access Point for Login Authentication Configuration Example
TACACS+ on an Aironet Access Point for Login Authentication Configuration Example Document ID: 70149 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram
More informationIntegration Guide. CK30/CK31 and Cisco Aironet 1231/1242
Integration Guide CK30/CK31 and Cisco Aironet 1231/1242 Intermec Technologies Corporation Worldwide Headquarters 6001 36th Ave.W. Everett, WA 98203 U.S.A. www.intermec.com The information contained herein
More informationLEAP Authentication on a Local RADIUS Server
LEAP Authentication on a Local RADIUS Server Document ID: 44100 Contents Introduction Prerequisites Requirements Components Conventions Overview of Local RADIUS Server Feature Configure CLI Configuration
More informationWireless LANs (CO72047) Bill Buchanan, Reader, School of Computing.
Bill Buchanan, Reader, School of Computing. W.Buchanan (1) Lab setup W.Buchanan (2) W.Buchanan (3) Console Server Con Cisco Aironet 1200 192.168.1.100 Port 2001 Con Cisco Aironet 1200 192.168.1.100 Port
More informationApproved APs: AP 1121, 1131, 1231, 1232, 1242, BR 1310
Cisco 1100 and 1200 Series APs Using the Wireless LAN Services Module (WLSM) Configuration and Deployment Guide This document describes the required settings and configuration for Cisco 1100 and 1200 Series
More informationLab Configuring LEAP/EAP using Cisco Secure ACS (OPTIONAL)
Lab 8.4.5.2 Configuring LEAP/EAP using Cisco Secure ACS (OPTIONAL) Estimated Time: 60 minutes Number of Team Members: Students can work in teams of two. Objective In this lab, the student will learn about
More informationSecuring a Wireless LAN
Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access
More informationProf. Bill Buchanan Room: C.63
Wireless LAN CO72047 Introduction Prof. Bill Buchanan Contact: w.buchanan@napier.ac.uk Room: C.63 Telephone: X2759 MSN Messenger: w_j_buchanan@hotmail.com WWW: http://www.dcs.napier.ac.uk/~bill http://buchananweb.co.uk
More informationConfiguring a Wireless LAN Connection
CHAPTER 9 The Cisco Secure Router 520 Series routers support a secure, affordable, and easy-to-use wireless LAN solution that combines mobility and flexibility with the enterprise-class features required
More informationConfiguring a Basic Wireless LAN Connection
This module describes how to configure a wireless LAN (WLAN) connection between a wireless device, such as a laptop computer or mobile phone, and a Cisco 800, 1800 (fixed and modular), 2800, or 3800 series
More information8 VLANs. 8.1 Introduction. 8.2 vlans. Unit 8: VLANs 1
8 VLANs 8.1 Introduction Layer 2 devices, such as network switches and wireless access points can be used to create virtual LANs (vlans), which can enhanced network security as it can be used to isolate
More informationConfiguring Repeater and Standby Access Points
CHAPTER 19 This chapter descibes how to configure your access point as a hot standby unit or as a repeater unit. This chapter contains these sections: Understanding Repeater Access Points, page 19-2 Configuring
More informationProcedure: You can find the problem sheet on the Desktop of the lab PCs.
University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.
More informationUsing Cisco Workgroup Bridges
Information About Cisco Workgroup Bridges, page 1 Restrictions for Cisco Workgroup Bridges, page 3 WGB Configuration Example, page 4 Viewing the Status of Workgroup Bridges (GUI), page 5 Viewing the Status
More informationConfiguring Repeater and Standby Access Points and Workgroup Bridge Mode
CHAPTER 19 Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter descibes how to configure your access point as a repeater, as a hot standby unit, or as a workgroup bridge.
More informationProf. Bill Buchanan Room: C.63
Wireless LAN CO72047 Unit 7: Filtering Prof. Bill Buchanan Contact: w.buchanan@napier.ac.uk Room: C.63 Telephone: X2759 MSN Messenger: w_j_buchanan@hotmail.com WWW: http://www.dcs.napier.ac.uk/~bill http://buchananweb.co.uk
More informationConfiguring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services
CHAPTER 11 Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access point/bridges for wireless domain services
More informationField Verified. Configuration Guide. Cisco. 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM)
Cisco 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) January 2008 Edition 1725-36045-001 Version E Trademark Information Polycom and the logo designs SpectraLink LinkPlus
More informationConfiguring Repeater and Standby Access Points and Workgroup Bridge Mode
20 CHAPTER Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter describes how to configure your access point as a repeater, as a hot standby unit, or as a workgroup bridge.
More information3 Wireless Emulator (Challenges)
3 Wireless Emulator (Challenges) 3.1 Introduction The following relates to the wireless emulator challenges. 3.2 Challenge 1 (BVI 1) The following sets up the BVI 1 port: > enable (config)# int bvi 1 (config-if)#
More informationConfiguring VLANs CHAPTER
CHAPTER 13 This chapter describes how to configure your access point/bridge to operate with the VLANs set up on your wired LAN. These sections describe how to configure your access point/bridge to support
More informationSecuring Wireless LAN Controllers (WLCs)
Securing Wireless LAN Controllers (WLCs) Document ID: 109669 Contents Introduction Prerequisites Requirements Components Used Conventions Traffic Handling in WLCs Controlling Traffic Controlling Management
More informationHPE IMC UAM 802.1X Authentication and ACL Based Access Control Configuration Examples
HPE IMC UAM 802.1X Authentication and ACL Based Access Control Configuration Examples Part Number: 5200-1368 Software version: IMC UAM 7.2 (E0406) Document version: 2 The information in this document is
More informationSecurity Setup CHAPTER
CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP
More informationContents. Introduction
Contents Introduction Prerequisites Requirements Components Used Network Diagrams Configure Step 1. Modify Interface IP configuration on ASA Step 2. Modify DHCP pool settings on both inside and wifi interfaces
More informationCisco Unified Communications Manager Express 7921 Push-to-talk
Cisco Unified Communications Manager Express 7921 Push-to-talk Application Note May 13, 2008 Cisco Revision History Revision Date Author Comments 1 03/29/2007 Tony Huynh Version 1.0 Table of Contents 1
More informationNumerics INDEX. 2.4-GHz WMIC, contrasted with 4.9-GHz WMIC g 3-6, x authentication 4-13
INDEX Numerics 2.4-GHz WMIC, contrasted with 4.9-GHz WMIC 1-8 802.11g 3-6, 3-9 802.1x authentication 4-13 A AAA server group 4-25 aaa authentication login command 4-24 aaa authorization command 4-27 aaa
More informationWorkgroup Bridges. Cisco WGBs. Information About Cisco Workgroup Bridges. Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9
Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9 Cisco WGBs Information About Cisco A workgroup bridge (WGB) is a mode that can be configured on an autonomous IOS access point to provide wireless
More informationChapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION
CCNPv7.1 SWITCH Chapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION Topology Objectives Background Secure the server farm using private VLANs. Secure the staff VLAN from the student VLAN. Secure the
More informationConfiguring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services
12 CHAPTER Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services This chapter describes how to configure your access points for wireless domain services (WDS),
More informationConfiguring RADIUS Servers
CHAPTER 7 This chapter describes how to enable and configure the Remote Authentication Dial-In User Service (RADIUS), that provides detailed accounting information and flexible administrative control over
More informationLab 5.6b Configuring AAA and RADIUS
Lab 5.6b Configuring AAA and RADIUS Learning Objectives Install CiscoSecure ACS Configure CiscoSecure ACS as a RADIUS server Enable AAA on a router using a remote RADIUS server Topology Diagram Scenario
More informationConfiguring Repeater and Standby Access Points and Workgroup Bridge Mode
CHAPTER 19 Configuring Repeater and Standby Access Points and Workgroup Bridge Mode This chapter describes how to configure your access point as a repeater, as a hot standby unit, or as a workgroup bridge.
More informationLab Configuring and Verifying Extended ACLs Topology
Topology 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 8 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.10.1
More informationConfiguring Multiple SSIDs
CHAPTER 7 This chapter describes how to configure and manage multiple service set identifiers (SSIDs) on the access point. This chapter contains these sections: Understanding Multiple SSIDs, page 7-2,
More information2 Wireless Networks. 2.1 Introduction. 2.2 IEEE b. Unit 2: Wireless Networks 1
2 Wireless Networks 2.1 Introduction This unit gives an outline of the issues involved in wireless networks, and which must be considered in their design. As the world moves slowly towards a massive wireless
More informationChapter 6 Global CONFIG Commands
Chapter 6 Global CONFIG Commands aaa accounting Configures RADIUS or TACACS+ accounting for recording information about user activity and system events. When you configure accounting on an HP device, information
More informationaccounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through
accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through encryption mode wep 1 accounting (SSID configuration) accounting (SSID configuration mode)
More informationDGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 9-1 Port Security Global Settings window
9. Security DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Port Security 802.1X AAA RADIUS TACACS IMPB DHCP Server Screening ARP Spoofing Prevention MAC Authentication Web-based
More informationObject Groups for ACLs
The feature lets you classify users, devices, or protocols into groups and apply those groups to access control lists (ACLs) to create access control policies for those groups. This feature lets you use
More informationaccounting (SSID configuration mode) through encryption mode wep
accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration), page 3 antenna, page 4 authentication key-management, page 6 authentication network-eap, page 8 authentication
More informationUsing PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer
Using PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer Q. What is PEAP? A. Protected Extensible Authentication Protocol is an IEEE 802.1x EAP security method that uses an
More informationConfiguring Authentication Types
CHAPTER 11 This chapter describes how to configure authentication types on the access point. This chapter contains these sections: Understanding Authentication Types, page 11-2, page 11-10 Matching Access
More informationWISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac
WISNETWORKS User Manual V1.1 2016/3/21 Software version 1.0.0021 Table of contents 1. Setup& WMI... 3 1.1 Hardware Setup... 3 1.2 Web Management Interface... 3 2. Status... 4 2.1 Overview... 4 2.1.1 System...
More information!! Configuration of RFS4000 version R!! version 2.3!! ip access-list BROADCAST-MULTICAST-CONTROL permit tcp any any rule-precedence 10
Configuration of RFS4000 version 5.5.1.0-017R version 2.3 ip access-list BROADCAST-MULTICAST-CONTROL permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic" permit udp any eq 67
More informationConfiguring OfficeExtend Access Points
Information About OfficeExtend Access Points, page 1 OEAP 600 Series Access Points, page 2 OEAP in Local Mode, page 3 Supported WLAN Settings for 600 Series OfficeExtend Access Point, page 3 WLAN Security
More informationConfigure Flexconnect ACL's on WLC
Configure Flexconnect ACL's on WLC Contents Introduction Prerequisites Requirements Components Used ACL Types 1. VLAN ACL ACL Directions ACL Mapping Considerations Verify if ACL is Applied on AP 2. Webauth
More informationConfiguring Cipher Suites and WEP
10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast
More informationThis document is a tutorial related to the Router Emulator which is available at:
Introduction This document is a tutorial related to the Router Emulator which is available at: http://www.dcs.napier.ac.uk/~bill/router.html A demo is also available at: http://www.dcs.napier.ac.uk/~bill/router_demo.htm
More informationCisco Structured Wireless-Aware Network (SWAN) Implementation Guide
Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide The Cisco Structured Wireless-Aware Network (SWAN) provides the framework to integrate and extend wired and wireless networks to deliver
More informationCCNA MCQS with Answers Set-1
CCNA MCQS with Answers Set-1 http://freepdf-books.com CCNA MCQS with Answers Set-1 Question 1# - Which of the following are ways to provide login access to a router? (choose all that apply) A. HTTP B.
More informationSecure ACS for Windows v3.2 With EAP TLS Machine Authentication
Secure ACS for Windows v3.2 With EAP TLS Machine Authentication Document ID: 43722 Contents Introduction Prerequisites Requirements Components Used Background Theory Conventions Network Diagram Configuring
More informationConfiguring WEP and WEP Features
CHAPTER 9 This chapter describes how to configure Wired Equivalent Privacy (WEP), Message Integrity Check (MIC), and Temporal Key Integrity Protocol (TKIP). This chapter contains these sections: Understanding
More informationC H A P T E R Overview Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide OL
CHAPTER 1 Cisco Aironet 1400 Series s (hereafter called bridges) provide building-to-building wireless connectivity. Operating in the 5.8-GHz, UNII-3 band and conforming to the 802.11a standard, the 1400
More informationObject Groups for ACLs
The feature lets you classify users, devices, or protocols into groups and apply those groups to access control lists (ACLs) to create access control policies for those groups. This feature lets you use
More informationCisco Secure ACS for Windows v3.2 With PEAP MS CHAPv2 Machine Authentication
Cisco Secure ACS for Windows v3.2 With PEAP MS CHAPv2 Machine Authentication Document ID: 43486 Contents Introduction Prerequisites Requirements Components Used Background Theory Conventions Network Diagram
More informationConfiguring VLANs CHAPTER
CHAPTER 8 This chapter describes how to configure your access point to operate with the VLANs set up on your wired LAN. These sections describe how to configure your access point to support VLANs: Understanding
More informationITCertMaster. Safe, simple and fast. 100% Pass guarantee! IT Certification Guaranteed, The Easy Way!
ITCertMaster Safe, simple and fast. 100% Pass guarantee! http://www.itcertmaster.com Exam : 350-050 Title : CCIE Wireless Exam (V2.0) Vendor : Cisco Version : DEMO Get Latest & Valid 350-050 Exam's Question
More informationConfiguring Spanning Tree Protocol
CHAPTER 7 This chapter descibes how to configure Spanning Tree Protocol (STP) on the Cisco wireless mobile interface card (WMIC). Note For complete syntax and usage information for the commands used in
More informationRG-WLAN Series Access Point. Web-Based Configuration Guide, Release 11.1(5)B8
RG-WLAN Series Access Point Web-Based Configuration Guide, Release 11.1(5)B8 Copyright Statement Ruijie Networks 2016 Ruijie Networks reserves all copyrights of this document. Any reproduction, excerption,
More informationSummary. Deployment Guide: Configuring the Cisco Wireless Security Suite 1 OL
Summary Numerous papers have been written on the topic of IEEE 802.11 security for wireless LANs (WLANs). The major vulnerabilities of 802.11 security can be summarized as follows: Weak device-only authentication:
More informationLab - Troubleshooting Standard IPv4 ACL Configuration and Placement Topology
Lab - Troubleshooting Standard IPv4 ACL Configuration and Placement Topology 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 8 Addressing Table Objectives
More informationThis document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and
This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNA Exploration:
More informationConfiguring RADIUS and TACACS+ Servers
CHAPTER 13 This chapter describes how to enable and configure the Remote Authentication Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+), that provides
More informationLab 8.5.2: Troubleshooting Enterprise Networks 2
Lab 8.5.2: Troubleshooting Enterprise Networks 2 Topology Diagram Addressing Table Device Interface IP Address Subnet Mask Default Gateway Fa0/0 192.168.10.1 255.255.255.0 N/A R1 Fa0/1 192.168.11.1 255.255.255.0
More informationexam. Number: Passing Score: 800 Time Limit: 120 min CISCO Interconnecting Cisco Networking Devices Part 1 (ICND)
100-105.exam Number: 100-105 Passing Score: 800 Time Limit: 120 min CISCO 100-105 Interconnecting Cisco Networking Devices Part 1 (ICND) Exam A QUESTION 1 Which route source code represents the routing
More informationEAP Authentication with RADIUS Server
EAP Authentication with RADIUS Server Document ID: 44844 Refer to the Cisco Wireless Downloads in order to get Cisco Aironet drivers, firmware and utility software. Contents Introduction Prerequisites
More informationFirewall Authentication Proxy for FTP and Telnet Sessions
Firewall Authentication Proxy for FTP and Telnet Sessions Last Updated: January 18, 2012 Before the introduction of the Firewall Authentication Proxy for FTP and Telnet Sessions feature, users could enable
More informationEnGenius Quick Start Guide
T he operates seamlessly in the 2.4 GHz frequency spectrum supporting the 802.11b (2.4GHz, 11Mbps) and the newer, faster 802.11g (2.4GHz, 54Mbpswireless standard. High output power and high sensitivity
More informationISR Wireless Configuration Example
ISR Wireless Configuration Example Document ID: 116579 Contributed by Surendra BG, Cisco TAC Engineer. Oct 16, 2013 Contents Introduction Prerequisites Requirements Components Used Background Information
More informationConfiguring Authentication Proxy
The Cisco IOS Firewall Authentication Proxy feature provides dynamic, per-user authentication and authorization, authenticating users against industry standard TACACS+ and RADIUS authentication protocols.
More informationAuthor: Bill Buchanan. Wireless LAN. Unit 2: Wireless Fundamentals
Wireless LAN Unit 2: Wireless Fundamentals Wireless connections which technology? Areas covered: Basic radio parameters. This area covers the main type of wireless communications. IEEE 802.11b issues.
More informationcable modem dhcp proxy nat on Cisco Cable Modems
cable modem dhcp proxy nat on Cisco Cable Modems Document ID: 12176 Contents Introduction Prerequisites Requirements Components Used Conventions Dynamic NAT Versus Static NAT Configuration Using cable
More informationCCNA Exam File with Answers. Note: Underlines options are correct answers.
CCNA Exam File with Answers. Note: Underlines options are correct answers. 1. Which of the following are ways to provide login access to a router? (choose all that apply) A. HTTP B. Aux Port /TELNET C.
More informationWireless LAN Controller Web Authentication Configuration Example
Wireless LAN Controller Web Authentication Configuration Example Document ID: 69340 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Web Authentication Process
More informationPT Activity: Configure AAA Authentication on Cisco Routers
PT Activity: Configure AAA Authentication on Cisco Routers Instructor Version Topology Diagram Addressing Table Device Interface IP Address Subnet Mask R1 Fa0/0 192.168.1.1 255.255.255.0 S0/0/0 10.1.1.2
More informationRG-WLAN Series Access Point. Web-Based Configuration Guide, Release 11.1(5)B3
RG-WLAN Series Access Point Guide, Release 11.1(5)B3 Copyright Statement Ruijie Networks 2015 Ruijie Networks reserves all copyrights of this document. Any reproduction, excerption, backup, modification,
More informationLab Configuring Dynamic and Static NAT (Solution)
(Solution) Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway Gateway G0/1 192.168.1.1 255.255.255.0 N/A S0/0/1 209.165.201.18 255.255.255.252 N/A ISP S0/0/0 (DCE)
More informationConfiguring the CSS as a Client of a TACACS+ Server
CHAPTER 4 Configuring the CSS as a Client of a TACACS+ Server The Terminal Access Controller Access Control System (TACACS+) protocol provides access control for routers, network access servers (NAS),
More informationLab - Troubleshooting ACL Configuration and Placement Topology
Topology 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 8 Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway HQ G0/1 192.168.1.1
More informationLab 1.3.2: Review of Concepts from Exploration 1 - Challenge
Lab 1.3.2: Review of Concepts from Exploration 1 - Challenge Topology Diagram Learning Objectives Upon completion of this lab, you will be able to: Create a logical topology given network requirements
More informationAccess Point as a Workgroup Bridge Configuration Example
Access Point as a Workgroup Bridge Configuration Example Document ID: 68472 Contributed by Ishaan Sanji, Cisco TAC Engineer. May 14, 2014 Contents Introduction Prerequisites Requirements Components Used
More informationChapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM
Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM This lab has been updated for use on NETLAB+ Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces.
More informationSwitch and Wireless LAN Controller Configuration Required to Support Cisco ISE Functions
Switch and Wireless LAN Controller Configuration Required to Support Cisco ISE Functions To ensure Cisco ISE is able to interoperate with network switches and functions from Cisco ISE are successful across
More informationBridging Traffic CHAPTER3
CHAPTER3 This chapter describes how clients and servers communicate through the ACE using either Layer 2 (L2) or Layer 3 (L3) in a VLAN configuration. When the client-side and server-side VLANs are on
More informationLab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)
(Instructor Version Optional Lab) Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or
More informationHot Standby Access Points
Hot Standby Access Points This module describes how to configure your wireless device as a hot standby unit in the following sections: Understanding Hot Standby, page 1 Configuring a Hot Standby Access
More informationWireless Domain Services FAQ
Wireless Domain Services FAQ Document ID: 65346 Contents Introduction What is WDS? How do I configure my AP as a WDS? On what platforms does Cisco Structured Wireless Aware Network (SWAN) WDS run? How
More informationWISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac
WISNETWORKS User Manual V1.1 2016/3/21 Software version 1.0.0021 Table of contents 1. Setup& WMI... 3 1.1 Hardware Setup... 3 1.2 Web Management Interface... 3 2. Status... 4 2.1 Overview... 4 2.1.1 System...
More informationChapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM
Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces. 2016 Cisco and/or its affiliates. All
More informationCisco IOS Firewall Authentication Proxy
Cisco IOS Firewall Authentication Proxy This feature module describes the Cisco IOS Firewall Authentication Proxy feature. It includes information on the benefits of the feature, supported platforms, configuration
More informationConfiguring Authentication Proxy
Configuring Authentication Proxy Last Updated: January 7, 2013 The Cisco IOS Firewall Authentication Proxy feature provides dynamic, per-user authentication and authorization, authenticating users against
More informationCisco IOS Wireless LAN Command Reference
Cisco IOS Wireless LAN Command Reference Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408
More informationLevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0
LevelOne WAP-0005 108Mbps PoE Wireless AP User Manual V3.0.0 i TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 FIGURE 1: WIRELESS ACCESS POINT... 1 FEATURES OF YOUR WIRELESS ACCESS POINT... 1 Security Features...
More information