You are on page 1of 169

Wireless LANs

Introducing WLANs

Wireless Data Technologies

Wireless Data Technologies (Cont.)
(Wide Area Network) (Metropolitan Area Network) (Local Area Network) (Personal Area Network)



Standards Speed Range Applications
Bluetooth <1 Mbps Short Peer to peer, device to device

802.16 MMDS, LMDS 22+ Mbps Medium–long Fixed, lastmile access

GSM, GPRS, CDMA, 2.5–3G 10–384 kbps Long PDAs, mobile phones, cellular access

IEEE 802.11a, 802.11b, 802.11g 1–54+ Mbps Medium Enterprise networks

• An access point is a shared device and functions like a shared Ethernet hub.Wireless LAN (WLAN) • A WLAN is a shared network. . • The same radio frequency is used for sending and receiving (transceiver). • Data is transmitted over radio waves. • Two-way radio communications (half-duplex) are used.

WLAN Evolution • Warehousing • Retail • Health care • Education • Businesses • Home .

What Are WLANs? They are: • Local • In building or campus for mobile users • Radio or infrared • Not required to have RF licenses in most countries • Using equipment owned by customers They are not: • WAN or MAN networks • Cellular phones networks • Packet data transmission via celluar phone networks – Cellular digital packet data (CDPD) – General packet radio service (GPRS) – 2.5G to 3G services .

Similarities Between WLAN and LAN
• A WLAN is an 802 LAN. – Transmits data over the air vs. data over the wire – Looks like a wired network to the user – Defines physical and data link layer – Uses MAC addresses • The same protocols/applications run over both WLANs and LANs. – IP (network layer) – IPSec VPNs (IP-based) – Web, FTP, SNMP (applications)

Differences Between WLAN and LAN
• WLANs use radio waves as the physical layer. – WLANs use CSMA/CA instead of CSMA/CD to access the network. • Radio waves have problems that are not found on wires. – Connectivity issues. • Coverage problems • Multipath issues • Interference, noise – Privacy issues. • WLANs use mobile clients. – No physical connection. – Battery-powered. • WLANs must meet country-specific RF regulations.

• Different wireless data technologies with different characteristics are available. • WLANs were introduced to provide local connectivity with higher data rates. • WLANs use half-duplex transmission. • WLANs have similarities and differences compared to wired LANS.

Wireless LANs Describing WLAN Topologies .

WLAN Topologies • Wireless client access – Mobile user connectivity • Wireless bridging – LAN-to-LAN connectivity • Wireless mesh networking – Combination of bridging and user connectivity .

WLAN and LAN .

4. • Client can be configured without SSID. • Access point broadcasts one SSID in beacon. A point adds client MAC address to association table. 2. Client initiates association. • Client association steps: 1. Client sends probe request. 5. A point sends probe response.Service Set Identifier (SSID) • SSID is used to logically separate WLANs. • The SSID must match on client and access point. A point accepts association. 3. .

WLAN Access Topology .

Wireless Repeater Topology .

Workgroup Bridge Topology .

Alternative Peer-to-Peer Topology .

Infrastructure mode • Basic Service Set – Mobile clients use a single access point for connecting to each other or to wired network resources. . • Extended Services Set – Two or more Basic Service Sets are connected by a common distribution system.Service Sets and Modes Ad hoc mode • Independent Basic Service Set (IBSS) – Mobile clients connect directly without an intermediate access point.

Roaming Through Wireless Cells Roaming .

Client Roaming • Maximum data retry count exceeded • Too many beacons missed • Data rate shifted • Periodic intervals • Roaming without interruption requires the same SSID on all access points. .

Layer 3 Roaming .Layer 2 vs.

Wireless VLAN Support • Multiple SSIDs • Multiple security types • Support for multiple VLANs from switches • 802.1Q trunking protocol .

• VLAN numbers are unique. • Access points handle up to 16 VLANs.) • VLANs propagate across access points.Wireless VLAN Support (Cont. .

Enterprise Voice Architecture .

devices are connected with redundant connections between nodes.Wireless Mesh Networking In a mesh network topology. .

• Access point authenticates to controller and downloads configuration and radio parameters. • Cisco uses mesh access points. – Rooftop access points (RAP) connect via wired connection. – Mesh access points (MAP) connect via self-configuring backhaul connection. .Wireless Mesh Networking • Mesh access points automatically establish connection to controller. • Adaptive Wireless Path (AWP) protocol establishes best path to root.

Each access point carries a feasible successor or successors if topology or link health changes. AWP uses a “parent sticky” value to mitigate route flaps. .Adaptive Wireless Path Protocol (AWP) AWP protocol establishes an optimal path to root.

. • Rugged mesh solutions for enterprise customers.Key Market Segments for Outdoor Wireless Enterprise outdoor • Indoor and outdoor wireless solutions for education customers. Service provider • Hot spots become hot zones with Wi-Fi access. Public sector • Connecting peripheral devices across the mesh. • Establishing hot zones for public safety or municipal departments.

• WLAN mesh networks extend the wireless network beyond the boundaries of wired LANs. • WLANs support VLANs and QoS.Summary • Types of WLAN topologies are client access. . • Wireless networks are built with multiple wireless cells. and mesh networking. bridging. • WLAN roaming occurs seamlessly between wireless cells.

Wireless LANs Explaining WLAN Technology and Standards .

and medical frequency band • No license required • No exclusive use • Best effort • Interference possible . scientific.Unlicensed Frequency Bands • ISM: Industry.

g.Radio Frequency Transmission • Radio frequencies are radiated into the air via an antenna. • Radio waves are reflected by objects (e.g. creating radio waves.. walls). metal surfaces). • Radio waves are absorbed when they are propagated through objects (e. • This absorption and reflection can cause areas of low signal strength or low signal quality. ..

Radio Frequency Transmission • Higher data rates have a shorter transmission range. • Higher transmit power results in greater distance. . • Higher frequencies allow higher data rates. • Higher frequencies have a shorter transmission range. – The receiver needs more signal strength and better SNR to retrieve information.

dual-band products. 802.WLAN Regulation and Standardization Regulatory agencies • FCC (United States) • ETSI (Europe) Standardization • IEEE 802.11g. . • Certified products can be found at / Certfication of equipment • Wi-Fi Alliance certifies interoperability between • http://standards. and security testing. • Certifications include 802.wi-fi.

.11b © 2005 Cisco Systems.802. All rights reserved. Inc.

5.802.5. 2.4-GHz band • Specifies direct sequence spread spectrum (DSSS) • Specifies four data rates up to 11 Mbps – 1. encryption.11b Standard • Standard was ratified in September 1999 • Operates in the 2. 11 Mbps • Provides specifications for vendor interoperability (over the air) • Defines basic security. and authentication for the wireless link • Is the most commonly deployed WLAN standard .

Middle East.4-GHz Channels Channel Identifier 1 2 3 4 5 6 7 8 9 10 11 12 13 14 Channel Center Frequency 2412 MHz 2417 MHz 2422 MHz 2427 MHz 2432 MHz 2437 MHz 2442 MHz 2447 MHz 2452 MHz 2457 MHz 2462 MHz 2467 MHz 2472 MHz 2484 MHz Channel Frequency Range [MHz] 2401 – 2423 2406 – 2428 2411 – 2433 2416 – 2438 2421 – 2443 2426 – 2448 2431 – 2453 2436 – 2458 2441 – 2463 2446 – 2468 2451 – 2473 2466 – 2478 2471 – 2483 2473 – 2495 Regulatory Domain Americas X X X X X X X X X X X Europe. and Asia X X X X X X X X X X X X X Japan X X X X X X X X X X X X X X .2.

• There are three nonoverlapping channels: 1. 11. 6. • Europe: 13 channels.2. • Three access points can occupy the same area. .4-GHz Channel Use • Each channel is 22 MHz wide. • Using any other channels will cause interference. • North America: 11 channels.

802.11b/g (2.4 GHz) Channel Reuse

802.11b Access Point Coverage


© 2005 Cisco Systems, Inc. All rights reserved.

18.802. 24. 48. 54 Mbps • Has from 12 to 23 nonoverlapping channels (FCC) • Has up to 19 nonoverlapping channels (ETSI) • Regulations different across countries – Transmit (Tx) power control and dynamic frequency selection required (802.11a Standard • Standard was ratified September 1999 • Operates in the 5-GHz band • Uses orthogonal frequency-division multiplexing (OFDM) • Uses eight data rates of up to 54 Mbps – 6. 12. 9. 36.11h) .

11h • 802. • With 802. – 23 channels in the United States (FCC) – 19 channels in Europe (ETSI) – UNII-3 band currently not allowed in most of Europe .11h in February 2004.5-GHz Channels with 802.11h implements TPC and DFS. the FCC added 11 channels.

11h DFS not available • Manual channel assignment required • 802.11h DFS implemented • Channel assignment done by Dynamic Frequency Selection (DFS) • Only frequency bands can be selected .802.11a Channel Reuse • 802.

All rights reserved. .11g © 2005 Cisco Systems. Inc.802.

11 • DSSS (CCK) and OFDM transmission • 12 data rates of up to 54 Mbps – 1. 48.4-GHz band as 802. 2. 5.5. 36. 54 Mbps (OFDM) • Full backward compatiblity to 802.11b) – 6. 24.11g Standard • Standard was ratified June 2003 • Operates in the 2.11b – Same three nonoverlapping channels: 1. 11 Mbps (DSSS / 802. 12. 6. 9.11b standard .802. 18.

11b/g access point communicates with 802. • 802. • 802. 54 Mbps.802. • 802. .11b client learns from CTS frame the duration of the 802.11g radio signals.11g transmission. • Reduced throughput is caused by additional overhead.11b/g access point activates RTS/CTS to avoid collisions when 802. 11 Mbps.11g clients with max.11b clients with max.11b clients are present.11b/g access point communicates with 802.11g Protection Mechanism • Problem: 802.11b stations cannot decode 802. • 802.

.802. Inc.11 Standards Comparison © 2005 Cisco Systems. All rights reserved.

802.4-GHz band the 2.11a – 5 GHz • Highest throughput • OFDM technology reduces multipath issues • Provides up to 23 nonoverlapping channels Pro Con • Interference and noise • Lower market penetration • Interference and noise from other services in from other services in the 2.11 RF Comparison 802.11g – 2.11b clients .11b – 2.4 GHz • Most commonly deployed WLAN standard 802.4-GHz band • Only three • Only 3 nonoverlapping nonoverlapping channels channels • Distance limited by • Throughput degraded multipath issues in the presence of 802.4 GHz • Higher throughput • OFDM technology reduces multipath issues 802.

6.802. 2.4 GHz 3 OFDM 802.11a 1999 5 GHz Up to 23 OFDM 6. 18. 24. 12. 5. 11 802.5. 54 36.11g 2003 2.11b Ratified Frequency band No of channels Transmission Data rates [Mbps] Throughput [Mbps] 1999 2. 12. 9. 9. 11 Up to 6 DSSS 1. 2. 18.5. 5. 36. 48.11 Standards Comparison 802. 48.4 GHz 3 DSSS 1. 24. 54 Up to 28 Up to 22 .

Range Comparisons .

11b: WLAN 11-Mbps at 2.11j: 5-GHz channels for Japan http://standards.11d: Multiple regulatory domains Security 802.11f: Inter-Access Point Protocol (IAPP) 802.11g: WLAN 54-Mbps at 2.11 Standards 802.4 GHz 802.4 GHz 802.4 GHz 802.Ratified IEEE 802.11e: Quality of service 802.11h: Dynamic Frequency Selection (DFS) Transmit Power Control (TPC) at 5 GHz 802.11a: WLAN 54-Mbps at 5 GHz .11: WLAN 1 and 2 Mbps at 2.

Worldwide Availability

General Office WLAN Design
• Eight 802.11g access points deployed • 7 users per access point with no conference rooms provides 3.8 Mbps throughput per user • 7 users + 1 conference room (10 users) = 17 total users, provides 1.5 Mbps throughput per user
Conference Room Reception Conference Room

54 Cubes—4 Conference Rooms
Conference Room Conference Room

120 Feet

95 Feet

WLAN as a Shared Medium: Best Practices
2.4-GHz 802.11b bandwidth calculations
• 25 users per cell; general office maximum users limited by bandwidth • Peak true throughput 6.8 Mbps – 6.8 Mbps * 1024/25 = 278.5 kbps per user

2.4-GHz 802.11g bandwidth calculations
• 20 users per cell; general office maximum users limited by bandwidth • Peak true throughput 32 Mbps – 32 Mbps * 1024/20 = 1683 kbps per user

5-GHz 802.11a bandwidth calculations
• 15 users per cell; general office users limited by coverage, not bandwidth • Peak true throughput 32 Mbps – 32 Mbps * 1024/15 = 2188 kbps per user

Inc.WLAN Security © 2005 Cisco Systems. All rights reserved. .

11 standard ease of use and deployment • Availability of sniffers • Statistics on WLAN security • Media hype about hot spots.11 wireless equipment • 802. war driving • Nonoptimal implementation of encryption in standard Wired Equivalent Privacy (WEP) encryption • Authentication vulnerability . WLAN hacking.Why WLAN Security? • Wide availability and low cost of IEEE 802.

WLAN Security Threats .

Privacy and Confidentiality Encryption Protect data as it is transmitted and received. . Protection and Availability Intrusion Detection System (IDS) Track and mitigate unauthorized access and network attacks.Mitigating the Threats Control and Integrity Authentication Ensure that legitimate clients associate with trusted access points.

g. PEAP.1x EAP • Dynamic keys • Improved encryption • User authentication • 802.. breakable keys • Not scalable Interim (2001) 802. EAPFAST) Present Wireless IDS • Identification and protection against attacks.1x EAP (LEAP.11i WPA2 (2004) • AES strong encryption • Authentication • Dynamic key management .Evolution of WLAN Security Initial (1997) Encryption (WEP) • No strong authentication • Static. PEAP) • RADIUS Interim (2003) Wi-Fi Protected Access (WPA) • Standardized • Improved encryption • Strong. DoS IEEE 802. user authentication (e. LEAP.

• Client associates to access point with strongest signal. and other information. • Client will repeat scan if signal becomes low to reassociate to another access point (roaming). • Client scans all channels. . data rates. • Client listens for beacons and responses from access points. MAC address and security settings are sent from the client to the access point and checked by the access point.Wireless Client Association • Access points send out beacons announcing SSID. • During association SSID.

WPA and WPA2 Authentication .

WPA and WPA2 Encryption .

1x EAP Mutual Authentication TKIP Encryption WPA / WPA2 802.11i Security WPA Passphrase WEP Encryption .WLAN Security Summary 802.

• Focus on proper planning and implementation. • Estimate potential security threats and the level of security needed.Security Evaluation • Evaluate effectiveness of encrypted WLAN statistics. • Evaluate tools and options applicable to WLAN design. • Evaluate amount of WLAN traffic being sent when selecting security methods. .

11 standards. • 802.4-GHz and 5-GHz frequency bands are used by WLAN 802.11a has a shorter range than 802. • 802. • For maximum efficiency. • 802. . • 802. • The throughput per user depends on the data rate and the number of users per wireless cell.11g has data rates of up to 54 Mbps at 2.11a has data rates of up to 54 Mbps at 5 GHz.4 GHz.Summary • The 2. • Different WLAN security types with authentication and encryption satisfy the security requirements of enterprise and home users.11b has data rates of up to 11 Mbps at 2. limit the number of users per cell.11g.4 GHz.

WLAN Lab .

Wireless LANs Configuring Cisco WLAN Clients .

11a/b/g WLAN Client Adapters 802.11a/b/g dual-band client adapters • Supports all three current standards – 54 Mbps in 2.4 and 5 GHz bands – 802.11b support provides investment protection • CardBus or PCI card • Supported operating systems – Windows 2000 and Windows XP • Utilities – ADU: Aironet Desktop Utility – ACM: Aironet Client Monitor – ACAU: Aironet Client Administration Utility .Cisco 802.

reboot the laptop. ADU. – Protection to ensure that machine is left in a stable state. (If it is not identified as new hardware. LEAP. – Drivers.Client Adapter Installation Wizard • Requires a forced reboot at the completion of the install (prompts in the beginning as a warning). • Shows multiple status screens.) . • Card must be inserted at the beginning of the setup and must be identified by the computer as new hardware. firmware. and so on.

Cisco ADU Installation Multiple options for installation .

Install Cisco Aironet Site Survey Utility .

Choose Configuration Tool .

ADU Main Screen Shows client IP address .

Advanced Status Information .

ADU: Main Profile Screen • Multiple profiles • Auto profile selection • Can scan for access point SSIDs .

ADU: General Settings Create/modify profile .

ADU: Security Settings • Wi-Fi Protected Access (WPA)/WPA2 support • Advanced Encryption Standard (AES) and Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) supported .

ADU: Advanced Settings Selectively choose wireless modes to decrease association time. .

ADU Diagnostics: Advanced Statistics Used predominately during troubleshooting .

ADU Diagnostics: Adapter Information Driver version Adapter MAC address .

ADU Troubleshooting .

Not Associated .Cisco Aironet System Tray Icon Desktop Logo ACU Status Excellent ACU Status Good ACU Status .Fair ACU Status Poor ACU Status – No Radio ACU StatusAuthenticating ACU Status.

Cisco Aironet Site Survey Utility .

) .Cisco Aironet Site Survey Utility (Cont.

Windows XP WLAN Configuration .

Comparison of Windows XP and Cisco ADU Feature Configuration parameters Create profiles Enable/disable radio Static WEP LEAP EAP-TLS or PEAP Status window Troubleshooting Statistics Windows XP Limited Yes No Yes No Yes Limited No No Cisco ADU Extensive Yes Yes Yes Yes Yes Extensive Yes Yes .

Aironet Client Administration Utility (ACAU) • Creates file with profiles and settings • Profiles imported during the installation of ADU and firmware – For AIR-CB21AG and AIR-PI21AG – Installs across network – Encrypted setup files – Windows 2000 and Windows XP only .

Aironet Configuration Administration Utility Easy binary configurations for security and utility .

Cisco Wireless IP Phone • For workers who need to communicate while moving about their workplace or campus • Same features as Cisco wired IP Phones • Graphical. menu-driven user interface • Multiline appearance (up to six extensions) • Phone book with speed dials • LEAP security • Auto VLAN configuration and Cisco CallManager registration .

Cisco Compatible Extensions • No-cost licensing of technology for use in WLAN adapters and devices • Independent testing to ensure interoperability with Cisco infrastructure • Marketing of compliant products by Cisco and product suppliers under “Cisco Compatible” brand .

com/go/ciscocompatible/wireless .Cisco Compatible Extensions (Cont. mobility.) Cisco Compatible client devices • Features – Assured compatibility with 300+ devices – Standards-based – Enhanced security. and performance • Benefits – Accelerates innovation – Supports diverse enterprise applications – Ensures multivendor interoperability

1x LEAP Cisco TKIP V2 • PEAP-GTC • WPA V3 • WPA2 • EAP-FAST V4 • NAC (wireless) • EAP-TLS • PEAP-MSCHAP • MBSSID • Call Admission Control (CAC) • U-APSD • TSPEC CAC • Voice metrics • eDCF • Multiple SSIDs/VLANs VLANs and QoS on AP • Wi-Fi Multimedia (WMM) Voice over IP • AP-assisted roaming • CCKM with LEAP • RF scanning and reporting • Transmit power sync • CCKM with EAP-FAST • Proxy ARP information element • Single sign-on: LEAP.Cisco Compatible Extensions Features V1 Security • • • • WEP IEEE 802. EAP-FAST Performance and Management • CCKM with other EAP types • AP-directed roaming • Location • Keep Alive link test .

Cisco Compatible Extensions Program • Develops interoperability with semiconductor and client vendors • Provides additional functionality and performance improvement while working with Cisco access points and Cisco wireless infrastructure – Objective: The Cisco Compatible Extensions program provides customers with a broad range of WLAN client devices that have tested interoperability with Cisco Aironet innovations. – Phase 1: • Specification: Cisco provides specification to WLAN silicon providers. . – Phase 3: • Compatibility: Approved products are marketed. – Phase 2: • Interoperability test: Devices are tested by approved thirdparty vendor for the specification.

11a/b/g client adapter is configured via Cisco ADU. • The Cisco Aironet Site Survey Utility provides information about available WLANs. • The Cisco Compatible Extensions program enhances WLAN features for WLAN adapters from multiple vendors. . • The Cisco Wireless IP Phone provides integration of IP telephony into WLANs. • The Cisco 802. • Cisco ACAU provides preconfiguration of WLAN profiles for software distribution. • Cisco ADU can be used for troubleshooting the client adapter.11a/b/g WLAN client adapter installs driver and utilities.Summary • The installation wizard for the Cisco 802. • Cisco ADU provides more features than Windows XP for the Cisco client adapter configuration.

Wireless LANs Implementing WLANs .

Cisco WLAN Implementation Autonomous WLAN solution • Autonomous access points Lightweight WLAN solution • Lightweight access points • WLAN controller .

Autonomous WLAN Solution • Autonomous access point – Cisco IOS software • Network infratructure – PoE switch and router • Wireless Domain Services (WDS) – Management support • Wireless LAN Solution Engine (WLSE) – Centralized management • Acess Control Server (ACS) – RADIUS/TACACS+ security .

Lightweight WLAN Solution • Lightweight access point • Network infratructure – PoE switch and router • Cisco Wireless LAN controller (WLC) – Access point configuration • Cisco Wireless Control System (WCS) – Management • Location appliance – Location tracking • Cisco Secure Acess Control Server (ACS) – RADIUS/TACACS+ security .

Lightweight WLAN Solution .

• Data and control messages are exchanged between the access point and the WLAN controller using LWAPP. • All client data traffic is sent via the WLAN controller. .Lightweight Access Point Protocol • Real-time frame exchange and certain real-time portions of MAC management are accomplished within the access point. • Authentication. • Control messages are encrypted. and mobility are handled by WLAN controllers. security management.

• The WLAN controller and access point can be in the same or different broadcast domains and IP subnets. • The access point must obtain an IP address via DHCP. . Layer 3 mode • Layer 3 LWAPP is in a UDP/IP frame. • The WLAN controller and the access point must be in the same broadcast domain and IP subnet.LWAPP Layer 2 mode • Layer 2 LWAPP is in an Ethernet frame.

• The access point chooses the access point manager IP address with the least number of access points and sends the join request. • The controller responds with a discovery response from the manager IP address that includes the number of access points currently associated to the access point manager interface. • All subsequent communication is to the WLAN controller access point manager IP address. • In Layer 3 mode.Association of Access Point to WLAN Controller • Access points use LWAPP in Layer 2 and Layer 3 mode to associate to the WLAN controller. the access point sends an LWAPP discovery request to the controller management IP address via a directed broadcast. .

Cisco Aironet WLCs
• Scalability • Integrated Radio Resource Management (RRM) • Zero-configuration deployment • Multilayered security • Intrusion detection, location, and containment • Mobility management • Reliability • Intuitive management interfaces WLC 4400 WLC 2000

Comparison of the WLAN Configuration
Autonomous WLAN solution
• Autonomous access points • Configuration of each access point • Independent operation • Centralized management via WLSE • Access point redundancy

Lightweight WLAN solution
• Lightweight access points • Configuration via WLC • Dependent on WLC • Centralized management via WCS • WLC redundancy

WLAN Components
Autonomous Solution Autonomous access points Wireless Domain Services (WDS) WLAN Solution Engine (WLSE) PoE switches, routers DHCP, DNS, AAA Lightweight Solution Lightweight access points WLAN controller Cisco Wireless Control System (WCS) PoE switches, routers DHCP, DNS, AAA

Wireless clients Access points Control WLAN management Network infrastructure Network services

Advance services support. Advanced threat detection. location-based security. asset tracking. ease of deployment. Plug and play. Client Devices 90% of Wi-Fi silicon is Cisco Compatible certified. Secure. scalability. identity networking. and guest access. Mobility Platform Ubiquitous network access in all environments. Network Unification Integration into all major switching and routing platforms.Cisco Unified Wireless Network Unified Advanced Services Unified cellular and Wi-Fi VoIP. and management for wireless LANs as wired LANs. reliability. World-Class Network Management Same level of security. . innovative WLAN controllers.

1230AG. NAC. .Cisco Unified Wireless Network (Cont. Cisco WCS. built-in support of leading-edge applications. Cisco Wireless Location Appliance. Cisco 4400 and 2000 Wireless LAN Controllers. not an afterthought. 1130AG. Client Devices Secure clients that work out of the box. Network Unification Seamless network infrastructure across a range of platforms. Mobility Platform Access points dynamically configured and managed through LWAPP. and 1000. Wi-Fi phones. Cisco Wireless Control System (WCS). ISR. and 3750 integration. Cisco Aironet Access Points: 1500. Future Cisco Catalyst 6500. and RF firewalls. 1300. Cisco Compatible client devices & Cisco Aironet clients. World-Class Network Management World Class NMS that visualizes and helps secure your air space. 1240AG. SDN.) Unified Advanced Services Cisco Self-Defending Network Unified. Bridges: 1400 and 1300. Series WiSM.

Cisco Aironet Access Points and Bridges Indoor Access Points Features • Industry’s best range and throughput • Enterprise-class security • Many configuration options • Simultaneous air monitoring and traffic delivery • Wide area networking for outdoor areas Mobility Platform 1130AG 1000 Indoor Rugged Access Points 1240AG 1230AG Benefits • Zero-touch management • No dedicated air monitors • Support for all deployment scenarios (indoor and outdoor) • Secure coverage to advanced services Outdoor Access Points/Bridges 1500 1400 1300 .

All rights reserved. Inc. .Power over Ethernet © 2005 Cisco Systems.

power injector • Powered devices – Access points.Power over Ethernet (PoE) • Sending operating power over Ethernet Category 5 cable • Power-sourcing equipment (PSE) – Switches. IP phones • Up to 15.4W power per port • Distances up to 100 meters • Alternative: AC power adapter .

6 Pair 4.8 .3af • Cisco proprietary inline power Two approved methods for “inserting” power into Ethernet cable: Pair 1.2 and 3.PoE Delivery Detection of power requirements • IEEE 802.5 and 7.

8 • Requires eight-wire cabling • Does not extend 100-m total length limit • Not possible for 1000TX .5 and 7.Midspan Power Injection • Uses pairs 4.

Power-Sourcing Equipment • Power injector – AIR-PWRINJ3/AIR-PWRINJ-FIB • Powering switch – Cisco Catalyst 3560-PS/3750-PS – Cisco Express CE500-LC/CE500-PC – Cisco Catalyst 4500/6500 switch with inline power line cards – Router module NM-16ESW-PWR – Router card HWIC-4ESW-POE – Router with PoE support .

1242AG – Switches: 3560. . 3750 – Router: 1812. HWIC-4ESW-POE • Automatic detection. no configuration is required. – IEEE 802. • New Cisco devices (PSEs and powered devices) support both PoE methods.3af – Cisco proprietary PoE • Examples: – Access points 1131AG.Investment Protection • Cisco has shipped over 18 million ports with PoE installed.

PoE Switch switch(config-if)# power inline {auto | never} • PoE configuration switch# show power inline [interface] • Display PoE statistics switch# show power inline Available:370.---------.4 Gi0/3 auto off 0.------.4 Gi0/4 auto on 15.0 n/a n/a 15.4 Gi0/5 auto off 0.4 Gi0/8 auto on 15.4 Ieee PD 3 15.0 n/a n/a 15.4 Gi0/7 auto off 0.0(w) Used:61.-----.0 n/a n/a 15.----.4 Gi0/6 auto on 15.4 Gi0/2 auto on 15.---Gi0/1 auto off 0.6(w) Remaining:308.0 n/a n/a 15.-----.4 Ieee PD 3 15.4 .4 Ieee PD 3 15.4 Ieee PD 3 15.4(w) Interface Admin Oper Power Device Class Max (Watts) --------.

PoE Switch Port Status .

Antennas © 2005 Cisco Systems. . Inc. All rights reserved.

Antenna Concepts Directionality • Omnidirectional antennas (360 degree coverage) • Directional antennas (limited range of coverage) Gain • Measured in dBi (gain over theoretical isotropic) • More gain means focusing in certain directions. limited range of coverage Polarization • Vertical polarization for WLAN .

• Reference for all antennas. .Antenna Theory • A theoretical isotropic antenna has a perfect 360-degree vertical and horizontal beamwidth.

Omnidirectional Antenna: Dipole Energy lobes “pushed in” from the top and bottom Higher gain • Smaller vertical beamwidth • Larger horizontal lobe Side View (Vertical Pattern) Vertical Beamwidth New Pattern (with Gain) Typical dipole pattern Top View (Horizontal Pattern) 2-dBi Dipole "Standard Rubber Duck" .

causing the energy to be condensed in a particular area. Very little energy is in the back side of a directional antenna.Directional Antenna Lobes are pushed in a certain direction. Side View (Vertical Pattern) Top View (Horizontal Pattern) 6.5-dBi Diversity Patch Wall Mount – 55 degrees .

4-GHz Rubber Antenna (Round. No Dot) 5-GHz (802.11a) antennas have blue ID markers.4-GHz and 5-GHz) antennas have yellow dots. Dual-band (2.Connectorized 5-GHz Antennas Cisco 5-GHz Rubber Antenna (Flat with Blue Dot) Cisco 2. .

4 GHz 2.5-dBi Yagi 21-dBi dish 3.5-dBi dipole 6-dBi omni 7-dBi patch Horizontal Beamwidth 360o 360o 80o 60o 47o 30o 12.4 GHz 2.5o 360o 360o 70o Vertical Beamwidth 65o 38o 55o 60o 55o 25o 12.4 GHz 2.2-dBi dipole 5.4 GHz 2.5o 40o 17o 50o .4 GHz 5 GHz 5 GHz 5 GHz Antenna 2.4 GHz 2.2-dBi omni 6-dBi diversity patch 9-dBi patch 10-dBi Yagi 13.Cisco Access Point/Bridge Antennas Frequency 2.4 GHz 2.

they arrive at the receiver slightly delayed. combining with the original signal. • Diversity systems use two antennas in different positions to reduce the degradation. . • As radio waves bounce. • OFDM overcomes multipath distortion through parallel frequency use.Multipath Distortion • Multipath distortion (a form of radio degradation) occurs when radio signals bounce off metal objects in a room. such as metal cabinets or ceiling lights. causing distortion. • Multiple signals at receiver cause distortion of the signal.

Definition of Decibel Decibel (dB) • Ratio of one value to another • dBm = Power based on 1 milliwatt • 0 dBm = 1 mW • dBi = Antenna gain based on isotropic antenna [dB] = 10 log10 (Ratio) 0 dB 10 dB +3 dB –3 dB +10 dB –10 dB 13 dB = 10 + 3 20 dB = 10 + 10 17 dB = 20 – 3 1:1 10:1 Multiply by 2 Divide by 2 Multiply by 10 Divide by 10 20 = 10 * 2 100 = 10 * 10 50 = 100 / 2 .

• Power coming off an antenna is Effective Isotropic Radiated Power (EIRP). • EIRP [dBm] = Power [dBm] – cable_loss [db] + antenna_gain [dBi] . • FCC and ETSI use EIRP for power limits in regulations for 2.Effective Isotropic Radiated Power • Transmit power is rated in dBm or mW.4-GHz and 5-GHz WLANs.

8 7.25 . Cisco offers these cables: • LMR400-style cables – 20 and 50 feet – Total loss of 1. avoiding long cable runs when possible.8-GHz Loss (db/100 feet) 10. respectively • LMR600-style cables – 100 and 150 feet – Total loss of 4.4 dB.4 5.4-GHz Loss (db/100 feet) 6. respectively Cable Type LMR400 LMR600 LMR400 LMR600 2.6 4.6 dB.4 and 6.3 and 3.Antenna Cable Loss Use cable that is supplied with the antenna.

Point-to-multipoint • FCC allows increasing the gain of an antenna/cable system if the transmitter power is reduced below 30 dBm in a 1:1 ratio. .4-GHz EIRP Rules for FCC-Governed Areas Point-to-Multipoint Transmitter Power FCC Maximum Cisco Maximum Reduced Tx Power 1W 100 mW 20 mW Transmitter Maximum dBm Gain 30 dBm 20 dBm 13 dBm 6 dBi 16 dBi 23 dBi EIRP 36 dBm 36 dBm 36 dBm The above values reflect the 1:1 rule.2. • Reduce transmit power below maximum of 30 dBm by 1 dBm and increase antenna/cable system gain by 1-dBi.

2 dBm 20 dBm 20 dBm 20 dBm • Currently ETSI allows a maximum of 20 dBm EIRP on point-to-multipoint and point-to-point installations—17 dBm maximum transmitter power with 3 dBi in gain attributed to antenna and cable combination.4-GHz EIRP Rules for ETSI-Governed Areas Transmitter Power ETSI Maximum Cisco Maximum Reduced Tx Power Reduced Tx Power Reduced Tx Power 50 mW 50 mW 20 mW 10 mW 1 mW Transmitter dBm 17 dBm 17 dBm 13 dBm 10 dBm 0 dBm Maximum Gain 3 dBi 2. • Reduce transmit power below maximum of 17 dBm by 1 dBm and increase antenna/cable system gain by 1 dBi. .2.2 dBi 7 dBi 10 dBi 20 dBi EIRP 20 dBm 19.

400 – 2. 11 36 – 48 52 – 64 100 – 140 149 – 161 Indoor Outdoor Indoor only Indoor Outdoor Indoor Outdoor Indoor Outdoor 30 dBm 6 dBi 36 dBm 16 dBm 6 dBi 22 dBm 24 dBm 6 dBi 30 dBm 24 dBm 6 dBi 30 dBm 30 dBm 6 dBi 36 dBm • 5. of Channels (26 total) FCC Channel Identifier Usage TX Power Ant.EIRP Rules: Summary No.470 – 5.725 5.725 MHz and above currently not allowed in most of Europe .725 – 5.250 5. Gain EIRP ETSI EIRP 20 dBm 23 dBm 23 dBm 30 dBm n/a Frequency [GHz] 2.483 5.825 3 4 4 11 4 1.150 – 5.350 5. 6.250 – 5.

controllers. . • EIRP limits are defined by FCC and ETSI regulations.Summary • Autonomous and lightweight WLAN solutions are the Cisco implementations of WLAN. gain. • Characteristics of antennas are directionality. • LWAPP is the protocol used between lightweight access points and WLAN controllers. • Access points and IP phones can be powered over Ethernet cable. and polarisation. and security server. management systems. • Multipath distortion can cause low quality data transmission. • The Cisco Unified Wireless Network provides a unified enterpriseclass wireless solution. • WLAN components include clients. • Cisco Aironet access points are available for indoor or outdoor use. • Antenna and RF power is measured in decibels. infrastructure devices. access points.

Wireless LANs Configuring WLANs .

Autonomous Access Point Configuration .

Autonomous Access Point Configuration • Configuration – Web browser (preferred) – Cisco IOS command line • Serial console • Telnet or SSH – CiscoWorks WLSE (optional) • IP address required except for serial console .

Autonomous Access Point IP Address Set IP address on access point. • DHCP server • Serial console • CDP (switch) • Other access point . • DHCP (default) • Serial console Find IP address of access point.

1200. and 1300 Series • Access point (fallback to radio island) • Access point (fallback to radio shutdown) • Access point (fallback to repeater) • Repeater (nonroot access point) • Root bridge • Nonroot Bridge • Root bridge with wireless clients • Nonroot Bridge With Wireless Clients • Workgroup bridge • Scanner Bridge modes not supported on the Cisco 1100 Series .Role of Autonomous Acess Points in a Radio Network Cisco Aironet 1100.

Access Point Homepage .

IP address.Express Setup Initial configuration of access point: hostname. SNMP .

WLAN Controller Configuration .

Telnet.Lightweight WLAN Controller Configuration Initial setup • Command line via serial console • Web browser via service port – No service port on the Cisco WLC 2006 Ongoing configuration • Requires IP address to be configured on controller • Web browser • Command line via serial console. or SSH • Cisco WCS (optional) • DHCP server for access points required (Layer 3 mode) .

of interfaces Service Static Subnet A 0 or 1 Initial configuration Out-of-band configuration N/A N/A Management Static Subnet B 1 per controller Ongoing configuration In-band configuration Layer 2 Native/ untagged AP-Manager Static Subnet B 1 or more Virtual Static Unique IP for mobility group 1 Mobility DHCP relay Web authetication IPSec Layer 3 Native/ untagged N/A N/A None User VLANs User data User Dynamic User subnets 0 or more Function Layer 3 LWAPP LWAPP 802.Lightweight WLAN Controller Interfaces Interface Type Category IP Address No.1Q VLAN .

d8888.0) . Y8b d8 . Boot Options Please choose an option from below: 1. 2. d8P Y8 `88' 88' YP 8P 88 `8bo.2.1. 8b 88 `Y8b.78.WLAN Controller Boot Menu Cisco Bootloader (Version 3.. 5. d8P Y8 8P 8b Y8b d8 `Y88P' . 88 88 88 88 `8b d8' `Y88P' Booting Primary Image.0) Manually upgrade primary image Change active boot image Clear Configuration Please enter your choice:_ .78.d88b.88.o88b.0) (active) Run backup image (Version 3..2.. Press <ESC> now for additional boot options. db 8D `Y88P' Y888888P `8888Y' . d888888b .o88b. 3.. Model WLC2006 Run primary image (Version 3.105.8P Y8. 4. .

Detecting hardware .111. .111.111. .255.168.1 VLAN Identifier (0 = untagged): 0 Port Num [1 to 4]: 1 DHCP Server IP Address: 192.111.CLI Wizard Configuration Tool Booting Primary Image.255. Press <ESC> now for additional boot options.168. > .0 Default Router: 192..168. using same values AP Manager Interface DHCP Server (192.. < Output omitted > (Cisco Controller) Welcome to the Cisco Wizard Configuration Tool Use the '-' character to backup System Name [Cisco_33:ef:80]: 1WLC1 Enter Administrative User Name (24 characters max): cisco Enter Administrative Password (24 characters max): ***** Management Management Management Management Management Management Interface Interface Interface Interface Interface Interface IP Address: 192.206 Netmask: 255..168.1 AP Manager Interface IP Address: 192.3 AP-Manager is on Management subnet.1): < continued .111..168. ..

Enter Country Code (enter 'help' for a list of countries) [US]: Enable Enable Enable Enable 802.11g Auto-RF Network [YES][no]: Network [YES][no]: Network [YES][no]: [YES][no]: Configuration saved! Resetting system with new configuration..78.) < continued .1.11a 802.CLI Wizard Configuration Tool (Cont. > Virtual Gateway IP Address: 1.11 Mobility/RF Group Name: group1 Network Name (SSID): wlan1 Allow Static IP Addresses [YES][no]: no Configure a RADIUS Server now? [YES][no]: no Warning! The default WLAN security policy requires a RADIUS server.0) Booting Primary Image. . Please see documentation for more details. Cisco Bootloader (Version 3...11b 802..2.1..

required for web management (Cisco Controller) > config network telnet enable • Enables CLI access via Telnet (Cisco Controller) > config prompt name (name) > • Configures the prompt.WLAN Controller CLI Commands (Cisco Controller) > config network webmode enable • Enables Web access via SSL. usually set to the system name .

1/24 • Username: admin • Password: admin .168.Controller Web Configuration Wizard Login • Initial setup via web browser through service port • Not available on Cisco 2006 WLC • Default IP address 192.1.

Controller Initial Web Configuration Wizard The wizard prompts for the initial setup parameters (similar to the CLI setup dialog). .

WLAN Controller Web Login https://<ip-addr> .

Multicast. and wireless clients CONTROLLER Provides controllerwide configurations. its access points. such as RADIUS connectivity COMMANDS Provides administrative options such as upgrades and backups . such as Layer 2/3 mode. such as SSIDs and security policies for all user groups WIRELESS Provides access point configurations. clients management. and mobility settings SECURITY Provides integration into security structure. such as IP addressing and SNMP MONITOR Provides a view of this controller.WLAN Controller Web Menu Bar WLANs Provides WLAN configurations. and various RF settings MANAGEMENT Provides integration into the network.

Monitor > Summary .

2006 WLC : Monitor > Statistics > Ports .

2006 WLC : Monitor > Ports > View Stats .


WLANs > Edit .

Controller > General .

Controller > Interfaces .

Interfaces > Edit .

Wireless > All APs .

Wireless > All APs > AP Detail .

) .Wireless > All APs > AP Detail (Cont.

Access Points > 802.11b/g Radios .

Access Points > 802.11b/g > Configure .

Management .

Commands .

access points. repeater. • Autonomous access points can be configured easily via a web browser. VLANs. access point. • WLAN configuration includes SSIDs. and management system. or scanner. and management. web browser. CLI. • An autonomous access points can act as a bridge. • WLAN controllers can be initialized via CLI or web browser. . • WLAN controllers can be configured via CLI or web browser. security.Summary • Autonomous access points can be configured via console.

WLAN Lab .

and mesh networking. • WLAN standard 802. web browser. security. • WLAN components can be configured via CLI. • WLAN configuration includes SSIDs. bridging. . • Autonomous and lightweight WLAN solutions are the Cisco WLAN implementations. VLANs. and management.11b/g provides data rates of up to 54 Mbps at 2. and management system. access points. • Types of WLAN topologies are client access.Module Summary • WLANs are shared networks that provide access to networks for multiple users at high data rates.4 GHz and 802.11a provides data rates of up to 54 Mbps at 5 GHz.