wifi training 2
TRANSCRIPT
![Page 1: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/1.jpg)
WiFi Fundamentals
Wi-Fi, or Wireless Fidelity, is freedom: it allows you to connect to the Internet from your couch at home, a bed in a hotel room or a conference room at work without wires.
Wi-Fi is a wireless technology like a cell phone. Wi-Fi enabled computers send and receive data indoors and out; anywhere within the range of a base station.
Its just as fast as a cable modem connection.
Allows you to access the Internet while on the move ; you can remain online while moving from one area to another, without a disconnection or loss in coverage.
![Page 2: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/2.jpg)
Sample WiFi Illustration
![Page 3: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/3.jpg)
Components required – for a SOHO environment
A PC, laptop or PDA, running Windows 98 or above.
A wireless PCMCIA card, or a wireless adapter.
A Network Interface Card (optional) - Only if a LAN connection is required)
An Access Point - essentially a compact radio transmitter with an antenna that connects to a wired connection, such as an Ethernet, DSL, or Cable Network.
A valid internet connection.
![Page 4: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/4.jpg)
Components required – for a larger environment
Multiple Access Points - To provide overlapping coverage throughout a site. Access points can be installed almost anywhere. Repeaters can be installed in areas where cabling is difficult.
Network switch - A device that joins multiple computers together. A set of Access Points can be connected to a single network switch.
Wireless LAN bridge (optional) – A wireless LAN workgroup bridge enables connection between two different hotspot networks.
![Page 5: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/5.jpg)
Components required – for a larger environment
Authentication and Billing Server – Enables control access to the Wi-Fi hotspot network by conducting authentication checks similar to credit card or member ID authentication. Also tracks wireless usage for billing purposes and provides payment transaction services.
Wireless Access Gateway – A device which connects wireless subscribers to the wired network. It employs one Ethernet port to interface with the router (network side) and one wireless subscriber port that supports IEEE 802.11b/g standard (subscriber side)
![Page 6: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/6.jpg)
IEEE Wireless StandardsWireless Standard
802.11b 802.11g 802.11a
Frequency Range 2.4 – 2.4835 GHz 2.4 – 2.4835 GHz 5.725 - 5.850 GHz
Max Speed 11 MBPS 54 MBPS 54 MBPS
Max Encryption 128 bit WEP 128 bit WEP 152 bit WEP
256 bit AES
Discrete Channels 3 3 8
Natively Compatible
802.11b, 802.11g 802.11b, 802.11g 802.11a
Potential user Entry level and home networks
Larger networks, small business
Large business concerned with security
![Page 7: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/7.jpg)
Characteristics of an AP• We use Accton, DAX and SMC Access Points, which support
802.11b/g protocols.• AP antennas are either uni-directional (helical and patch) or omni-
directional.• The 3 discrete channels are 1, 6 and 11, each has an R/F range of
22MHz.• The transmission power of an AP is measured either in Milliwat or
DBM
• An AP can be identified based on a unique MAC address, an IP address, or an assigned name.
30 mw 15 dbm
67 mw 18 dbm
100 mw 20 dbm
![Page 8: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/8.jpg)
Antenna Basics An antenna propagates and receives RF signals from the air and
makes them available to the receiver Frequency – Antennas should be tuned to either 2.4 GHz (802.11 b/g)
or 5 GHz (802.11a) Power - Antennas can handle specific amounts of power put out by
the transmitter. Antennas are generally rated >1W Radiation pattern – Defines the radio wave propagation of the
antenna. An isotropic pattern means the AP transmits radio waves in all directions equally (beach ball pattern)
Gain – Represents how well the antenna increases effective signal power, with decibels as unit of measure. For instance, AP transmitting at 100mw with 3 dB gain produces 200mw effective output. dBi is the gain relative to an isotropic source.
![Page 9: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/9.jpg)
Antenna Basics SNR (Signal to Noise Ratio) – Ratio of amplitude of radio signal to
amplitude of noise in a transmission channel. The greater the ratio, the better the transmission.
Receiver sensitivity – A measurement of the weakest signal a receiver can receive and still correctly translate it into data.
Omni-directional antennas – Propagate RF signals in all directions equally in the horizonal plane, but limit range on the vertical plane. Radiation pattern resembles a doughnut with the antenna at the center of the hole.
Directional antenna - Transmits and receives RF energy more in one direction than others. Radiation pattern is similar to a flashlight or spotlight. The higher gain antennas have a narrower beam width, which limits coverage on the sides of the antennas.
![Page 10: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/10.jpg)
WiFi Security Wireless Encryption methods operate strictly between the computer
and the AP.
SSID (Service Set ID) – A unique identifier that acts as a password when a device tries to connect to an AP. Sent in plain text.
WEP (Wired Equivalent Privacy) – Defined in the 802.11b standard. Designed to provide the same kind of security as a wired LAN. Uses a 40 or 64 bit key to encrypt data over radio waves.
WPA (Wifi Protected Access) – Provides a higher level of security than WEP. Uses RADIUS authentication and advanced encryption protocols. Will be compatible with the 802.11i standard.
MAC Address Filtering – It is possible to program an AP to accept only certain MAC addresses and filter out all others.
![Page 11: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/11.jpg)
Access Point Configuration Set the antennas of the AP at right angles to each other, preferably
in the horizontal and vertical positions.
They can be configured in the following ways :
o Web management – Connect the AP to your PC or switch LAN port, and ensure your PC is on the same subnet as the AP. Entering the AP’s IP Address in your browser will take you to the configuration screen.
o Configuration utility – The Access Point CD contains a configuration utility, which can be installed on your PC and used to configure connected APs.
o COM port – Some APs (DAX, for instance) can be connected to the PC via com port and configured using hyperterminal
![Page 12: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/12.jpg)
Access Point ConfigurationSome important configuration parameters are :
IP Address, Subnet mask and default gateway – Our access points are in the 10.44 range. A default /8 subnet mask is preferred.
AP name – The name should identify the location of the AP.
SSID – All APs on an ESS should be set to the same SSID. We use ‘Microsense’.
Wireless channel – Set to either 1, 6 or 11, as appropriate.
WEP encryption – Disabled
DHCP client – Disabled, as we assign static IPs to our Access Points.
![Page 13: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/13.jpg)
OS Support for PCMCIA cards
Win XP Win 2000 Win 98
Orinoco Plug n’ play Plug n’ play -
Accton Drivers required Drivers required -
Cisco Plug n’ play Drivers required -
Proxim - - Drivers required
![Page 14: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/14.jpg)
User authentication in hotels
A user is authenticated and permitted to access the internet based on the MAC address of the PCMCIA card.
When the user inserts the PCMCIA card and browses, the signal is picked up by the nearest AP.
The user is taken to a default XML login page, currently hosted on a web server at Microsense Mumbai.
The user selects his hotel name and usage plan, and enters his name and room no.
The MAC address of the card is then added to an ‘accept’ list and the user is allowed to browse.
Billing details are stored on the hotel PMS (Property Management System) for Taj hotels, and on a central Microsense server for ITC hotels
For subsequent sessions, the MAC address is verified in the list and user is directly allowed to browse.
![Page 15: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/15.jpg)
![Page 16: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/16.jpg)
Manual AuthenticationTo be used when the Taj login page does not display.
Enter ‘203.199.75.20/nomxm/index.html’ in the address bar of your browser.
Click ‘Subscriber Add’. Enter the IP address of the hotel’s Nomadix Access Gateway, and
the MAC address of the PCMCIA card. Enter the expiration time in hours or minutes. Click ‘Submit’. Click ‘Cache Update’ and fill in the Nomadix IP address and card
MAC address. Click ‘Submit’. An ‘OK’ message is generated after each submit. An ‘ERR’
message would mean that the details were entered incorrectly. If this occurs, please re-enter the information
![Page 17: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/17.jpg)
![Page 18: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/18.jpg)
![Page 19: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/19.jpg)
Nomadix Access GatewayAG2000w
This is a wireless gateway that connects the wireless clients on the subscriber end, to the RADIUS server and internet on the network end.
Supports the 802.11 b/g/a protocols.
Contains integrated hotspot connectivity.
Employs one ethernet port to interface with the network side, and one wireless subscriber port that supports 802.11b/g/a.
Supports upto 50 users.
![Page 20: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/20.jpg)
Nomadix Access Gateway
HSG (HotSpot Gateway)
An Access Gateway designed for small to medium-sized HotSpots. Works with wired as well as wireless clients.
Supports 50 – 150 users
Employs one fast Ethernet port to interface with the network side, and two fast Ethernet ports to interface with the subscriber side.
Does not contain integrated HotSpot connectivity.
![Page 21: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/21.jpg)
Nomadix Access Gateway
USG (Universal Subscriber Gateway)
Designed for large public-access HotSpots. Works with wireless as well as wired clients.
Supports upto 2000 users.
Contains one fast Ethernet port to interface with the subscriber side, one fast ethernet port to interface with the network side, and two DB9 ports for Management and to a hotel’s Property Management System.
Does not contain integrated HotSpot connectivity.
![Page 22: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/22.jpg)
Salient features of AG2000 w
AAA services – Enables authentication using an internal or external web server. We use this to direct users to the Taj authentication page.
Access Control – Restricts access based on protocols or IP addresses.
DHCP – Assigns dynamic IP addresses to Wifi clients from a DHCP pool.
iNAT – Provision for a range of external public IP addresses, to allow multiple users to connect over the same VPN
Passthrough addresses – Specifies addresses that can circumvent the authentication process
SMTP redirection – Allows redirection SMTP email to a local SMTP relay server. This ensures no reconfiguration is required by the user to send mail.
![Page 23: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/23.jpg)
Salient features of AG2000 w
SNMP – Allows SNMP protocol to function, to enable tracking. DAT – This feature allows users with any IP settings (static,
dynamic, with any IP address) to connect without reconfiguration. Subscriber Administration – Various options to add, delete a
subscriber by username or MAC, and list the current subscribers. Subscriber interface – Allows specification of billing plans, and
personalization of subscriber interface if inbuilt AAA is used. System – Various settings to manually add/delete ARP, route
settings, MAC filtering etc Wireless configuration – Allows configuration of wireless settings,
such as SSID, channel, rate, WEP encryption and others.
![Page 24: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/24.jpg)
Features of a Hub
Hubs work on the TCP/IP physical layer. Used to extend an ethernet wire to allow more end
stations to communicate with each other, as if they were on the same segment.
Does not manipulate or view the traffic that crosses it.
Devices are on the same collision and broadcast domain.
Devices share the same bandwidth
![Page 25: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/25.jpg)
Bridges and Layer 2 Switches
Bridges and Layer 2 switches function on the data-link layer.
In a switch, frame-forwarding is handled by specialized hardware called ASICs. They support greater speeds and low latency
Creates a MAC address table based on source address of frames, and uses this to forward frames to the appropriate segment.
All devices are on the same broadcast domain, but on different collision domains.
Switches contain a greater number of ports than bridges.
![Page 26: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/26.jpg)
Ethernet Standards
Thin Ethernet, 10 Base 2
Thick Ethernet, 10 Base 5
Twisted Pair Ethernet, 10 Base T
Fast Ethernet, 100 Base T
Gigabit Ethernet, 1000 Base T
Speed 10 Mbps 10 Mbps 10 Mbps 100 Mbps 1000 Mbps
Max Length
185 m 500 m 100 m 100 m 100 m
Cable RG-58 type coax, 50 ohm
impedance
RG-58 type coax,
50 ohm impedance
UTP. RJ-45
Connectors
UTP. RJ-45
Connectors
UTP. RJ-45 Connectors
![Page 27: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/27.jpg)
Connectors & ConnectionsRJ-11 – Contain 2 or 4 contacts. Used for telephone wires. RJ-45 – Contain 8 contacts. Used for Ethernet cables.
Straight-through cables – RJ-45 connectors on both ends show all of the wires in the same order. Used for :
- Switch to router cabling- Switch to PC or server cabling- Hub to PC or Server
Crossover cables – Connectors on both ends show that some of the wires on one side of the cable are crossed to a different pin on the other side. Used for :
- Switch to switch cabling- Switch to hub- Hub to Hub- Router to router- PC to PC
![Page 28: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/28.jpg)
CAT 5, 6 and 7 CAT5 Cable – CAT 5 is the 5th generation of Ethernet
cabling. Is a multi-twisted cable consisting of 4 pairs of copper wires. Its supports Fast Ethernet.
CAT5e Cable – Stands for Cat5 enhanced. Ordinary CAT5 utilize only 2 of 4 pairs for Fast Ethernet. CAT6 supports all 4 pairs and supports Gigabit Ethernet (1000mbps). Is backward compatible with CAT 5.
Cat6 Cable – Similar to CAT5e, but has improvements which enable a higher Signal-to-noise ratio, allowing higher reliability and higher data rates.
![Page 29: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/29.jpg)
![Page 30: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/30.jpg)
IP Address BasicsClass A addresses : 0-network.host.host.hostInitial Byte – 0 – 127
Class B – 10-network.network.host.hostInitial Byte – 128 – 191
Class C – 110-network.network.network.hostInitial Byte – 192 - 223
Private IP – Used on a internal LAN which is not accessed by the public. 10.0.0.0 – 10.255.255.255172.16.0.0 – 172.31.255.255192.168.0.0 – 192.168.255.255
Public IP – Used for direct access to public networks, such as the internet.
![Page 31: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/31.jpg)
IP Address BasicsSubnet Mask : A 32 bit figure, similar to IP addresses. Accompanies
the IP address and is used to divide a network into subnets. A ‘1’ bit indicates ‘network’ and ‘0’ indicates ‘host’. A valid subnet mask has the leftmost bits to 1 and rightmost bits to 0.
Port Numbers - Below 1024 – Well-known ports - Above 1024 – Dynamically assigned ports FTP – 21Telnet – 23SMTP – 25DNS – 53TFTP – 69HTTP - 80SNMP – 161
![Page 32: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/32.jpg)
PMS Server (Fidelio) Contains the hotel billing information A windows-based machine, connected to the Nomadix
network end, acts as interface for PMS. The connection is through RS-232 serial port.
Authentication by Fidelio User’s last name and room no. is sent to Fidelio. Based on room no, Fidelio invokes the username string. This string is compared to the last name as entered by user. If
it matches, user is authenticated and MAC address added to MAC table.
Hitting Alt+F4 on the PMS server will display the exact authentication process
![Page 33: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/33.jpg)
Mail Server Is usually installed on the PMS interface server.
Is used for SMTP redirection, which is a feature of Nomadix.
Regardless of the server the user has configured, mails are redirected to the configured mail server.
User does not need to make any configuration changes in his e-mail client. Changing the user server settings to include the IP of the mail server will not make a difference.
![Page 34: WiFi Training 2](https://reader030.vdocument.in/reader030/viewer/2022020717/54f837674a7959303c8b4da2/html5/thumbnails/34.jpg)
Mail Server Mail server may hang, or processing delayed, if a
large amount of spam, or virus-infected mails are sent.
Would also hang if the server machine itself is infected by a virus.
In certain hotels, admin users are given a separate connection to the internet, so do not use our mail server.
In other cases, admin users’ MAC addresses are added to Nomadix with unlimited access, so are redirected to out mail server.