Remote Site WLAN Configuration
Remote Site WLAN Configuration

Remote Site WLAN Configuration

Remote Site WLAN Configuration
5

Summary

This topic configure a WLAN to support a remote site. Start learning CCNA 200-301 for free right now!!

Note: Welcome: This topic is part of Module 13 of the Cisco CCNA 2 course, for a better follow up of the course you can go to the CCNA 2 section to guide you through an order.

Video – Configure a Wireless Network

Click Play in the figure to view a demonstration of how to configure a wireless network.

The Wireless Router

Remote workers, small branch offices, and home networks often use a small office and home router. These routers are sometimes called an integrated router because they typically include a switch for wired clients, a port for an internet connection (sometimes labeled “WAN”), and wireless components for wireless client access, as shown for the Cisco Meraki MX64W in the figure. For the rest of this module, small office and home routers are referred to as wireless routers.

Cisco Meraki MX64W

Cisco Meraki MX64W
Cisco Meraki MX64W

The next figure shows a topology depicting the physical connection of a wired laptop to the wireless router, which is then connected to a cable or DSL modem for internet connectivity.

Connection wireless router
Connection wireless router

These wireless routers typically provide WLAN security, DHCP services, integrated Name Address Translation (NAT), quality of service (QoS), as well as a variety of other features. The feature set will vary based on the router model.

Note: Cable or DSL modem configuration is usually done by the service provider’s representative either on-site or remotely through a walkthrough with you on the phone. If you buy the modem, it will come with documentation for how to connect it to your service provider which will most likely include contacting your service provider for more information.

Log in to the Wireless Router

Most wireless routers are ready for service out of the box. They are preconfigured to be connected to the network and provide services. For example, the wireless router uses DHCP to automatically provide addressing information to connected devices. However, wireless router default IP addresses, usernames, and passwords can easily be found on the internet. Just enter the search phrase “default wireless router IP address” or “default wireless router passwords” to see a listing of many websites that provide this information. For example, username and password for the wireless router in the figure is “admin”. Therefore, your first priority should be to change these defaults for security reasons.

To gain access to the wireless router’s configuration GUI, open a web browser. In the address field, enter the default IP address for your wireless router. The default IP address can be found in the documentation that came with the wireless router or you can search the internet. The figure shows the IPv4 address 192.168.0.1, which is a common default for many manufacturers. A security window prompts for authorization to access the router GUI. The word admin is commonly used as the default username and password. Again, check your wireless router’s documentation or search the internet.

Log in Wireless Router
Log in Wireless Router

Basic Network Setup

Basic network setup includes the following steps:

  1. Log in to the router from a web browser.
  2. Change the default administrative password.
  3. Log in with the new administrative password.
  4. Change the default DHCP IPv4 addresses.
  5. Renew the IP address.
  6. Log in to the router with the new IP address.

Click each step for more information and an example GUI.

1. Log in to the router from a web browser.

After logging in, a GUI opens. The GUI will have tabs or menus to help you navigate to various router configuration tasks. It is often necessary to save the settings changed in one window before proceeding to another window. At this point, it is a best practice to make changes to the default settings.

Click the next step

 Log in router from a web browser
Log in router from a web browser

2. Change the default administrative password.

To change the default login password, find the administration portion of the router’s GUI. In this example, the Administration tab was selected. This is where the router password can be changed. On some devices, such as the one in the example, you can only change the password. The username remains admin or whatever the default username is for the router you are configuring.

Click the next step.

Change default administrative password
Change default administrative password

3. Log in with the new administrative password.

After you save the new password, the wireless router will request authorization again. Enter the username and new password, as shown in the example.

Click the next step.

 Log in new administrative password
Log in new administrative password

4. Change the default DHCP IPv4 addresses.

Change the default router IPv4 address. It is a best practice to use private IPv4 addressing inside your network. The IPv4 address 10.10.10.1 is used in the example but it could be any private IPv4 address you choose.

Click the next step.

Change default DHCP IPv4 addresses
Change default DHCP IPv4 addresses

5. Renew the IP address.

When you click save, you will temporarily lose access to the wireless router. Open a command window and renew your IP address with the ipconfig /renew command, as shown in the example.

Click the next step.

Renew IP address
Renew IP address

6. Log in to the router with the new IP address.

Enter the router’s new IP address to regain access to the router configuration GUI, as shown in the example. You are now ready to continue configuring the router for wireless access.

Log in router with new IP address
Log in router with new IP address

Basic Wireless Setup

Basic wireless setup includes the following steps:

  1. View the WLAN defaults.
  2. Change the network mode.
  3. Configure the SSID.
  4. Configure the channel.
  5. Configure the security mode.
  6. Configure the passphrase.

Click each step for more information and an example GUI.

1. View the WLAN defaults.

Out of the box, a wireless router provides wireless access to devices using a default wireless network name and password. The network name is called the Service Set Identified (SSID). Locate the basic wireless settings for your router to change these defaults, as shown in the example.

Click the next step.

View WLAN defaults
View WLAN defaults

2. Change the network mode.

Some wireless routers allow you to select which 802.11 standard to implement. The example shows that “Legacy” has been selected. This means wireless devices connecting to the wireless router can have a variety of wireless NICs installed. Today’s wireless routers configured for legacy or mixed mode most likely support 802.11a, 802.11n, and 802.11ac NICs.

Click the next step.

Change network mode
Change network mode

3. Configure the SSID.

Assign an SSID to the WLANs. OfficeNet is used in the example for all three WLANs (the third WLAN is not shown). The wireless router announces its presence by sending broadcasts advertising its SSID. This allows wireless hosts to automatically discover the name of the wireless network. If the SSID broadcast is disabled, you must manually enter the SSID on each wireless device that connects to the WLAN.

Click the next step.

Configure the SSID
Configure the SSID

4. Configure the channel.

Devices configured with the same channel within the 2.4GHz band may overlap and cause distortion, slowing down the wireless performance and potentially break network connections. The solution to avoid interference is to configure non-overlapping channels on the wireless routers and access points that are near to each other. Specifically, channels 1, 6, and 11 are non-overlapping. In the example, the wireless router is configured to use channel 6.

Click the next step.

Configure the channel
Configure the channel

5. Configure the security mode.

Out of the box, a wireless router may have no WLAN security configured. In the example, the personal version of Wi-Fi Protected Access version 2 (WPA2 Personal) is selected for all three WLANs. WPA2 with Advanced Encryption Standard (AES) encryption is currently the strongest security mode.

Click the next step.

Configure security mode
Configure security mode

6. Configure the passphrase.

WPA2 personal uses a passphrase to authenticate wireless clients. WPA2 personal is easier to use in a small office or home environment because it does not require an authentication server. Larger organizations implement WPA2 enterprise and require wireless clients to authenticate with a username and password.

Configure the passphrase
Configure the passphrase

Configure a Wireless Mesh Network

In a small office or home network, one wireless router may suffice to provide wireless access to all the clients. However, if you want to extend the range beyond approximately 45 meters indoors and 90 meters outdoors, you can add wireless access points. As shown in the wireless mesh network in the figure, two access points are configured with the same WLAN settings from our previous example. Notice that the channels selected are 1 and 11 so that the access points do not interfere with channel 6 configured previously on the wireless router.

Configure a Wireless Mesh Network
Configure a Wireless Mesh Network

Extending a WLAN in a small office or home has become increasingly easier. Manufacturers have made creating a wireless mesh network (WMN) simple through smartphone apps. You buy the system, disperse the access points, plug them in, download the app, and configure your WMN in a few steps. Search the internet for “best wi-fi mesh network system” to find reviews of current offerings.

NAT for IPv4

On a wireless router, if you look for a page like the Status page shown in the figure, you will find the IPv4 addressing information that the router uses to send data to the internet. Notice that the IPv4 address is 209.165.201.11 is a different network than the 10.10.10.1 address assigned to the router’s LAN interface. All the devices on the router’s LAN will get assigned addresses with the 10.10.10 prefix.

NAT for IPv4
NAT for IPv4

The 209.165.201.11 IPv4 address is publicly routable on the internet. Any address with the 10 in the first octet is a private IPv4 address and cannot be routed on the internet. Therefore, the router will use a process called Network Address Translation (NAT) to convert private IPv4 addresses to internet-routable IPv4 addresses. With NAT, a private (local) source IPv4 address is translated to a public (global) address. The process is reversed for incoming packets. The router is able to translate many internal IPv4 addresses into public addresses, by using NAT.

Some ISPs use private addressing to connect to customer devices. However, eventually, your traffic will leave the provider’s network and be routed on the internet. To see the IP addresses for your devices, search the internet for “what is my IP address.” Do this for other devices on the same network and you will see that they all share the same public IPv4 address. NAT makes this possible by tracking the source port numbers for every session established by a device. If your ISP has IPv6 enabled, you will see a unique IPv6 address for each device.

Quality of Service

Many wireless routers have an option for configuring Quality of Service (QoS). By configuring QoS, you can guarantee that certain traffic types, such as voice and video, are prioritized over traffic that is not as time-sensitive, such as email and web browsing. On some wireless routers, traffic can also be prioritized on specific ports.

The figure is a simplified mockup of a QoS interface based on a Netgear GUI. You will usually find the QoS settings in the advanced menus. If you have a wireless router available, investigate the QoS settings. Sometimes, these might be listed under “bandwidth control” or something similar. Consult the wireless router’s documentation or search the internet for “qos settings” for your router’s make and model.

Quality of Service Wireless
Quality of Service Wireless

Port Forwarding

Wireless routers typically block TCP and UDP ports to prevent unauthorized access in and out of a LAN. However, there are situations when specific ports must be opened so that certain programs and applications can communicate with devices on different networks. Port forwarding is a rule-based method of directing traffic between devices on separate networks.

When traffic reaches the router, the router determines if the traffic should be forwarded to a certain device based on the port number found with the traffic. For example, a router might be configured to forward port 80, which is associated with HTTP. When the router receives a packet with the destination port of 80, the router forwards the traffic to the server inside the network that serves web pages. In the figure, port forwarding is enabled for port 80 and is associated with the web server at IPv4 address 10.10.10.50.

Port Forwarding Wireless
Port Forwarding Wireless

Port triggering allows the router to temporarily forward data through inbound ports to a specific device. You can use port triggering to forward data to a computer only when a designated port range is used to make an outbound request. For example, a video game might use ports 27000 to 27100 for connecting with other players. These are the trigger ports. A chat client might use port 56 for connecting the same players so that they can interact with each other. In this instance, if there is gaming traffic on an outbound port within the triggered port range, inbound chat traffic on port 56 is forwarded to the computer that is being used to play the video game and chat with friends. When the game is over and the triggered ports are no longer in use, port 56 is no longer allowed to send traffic of any type to this computer.

Packet Tracer – Configure a Wireless Network

In this activity, you will configure a wireless router and an access point to accept wireless clients and route IP packets.

Lab – Configure a Wireless Network

In this lab, you will configure basic settings on a wireless router and connect a PC to router wirelessly.

Glossary: If you have doubts about any special term, you can consult this computer network dictionary.

Ready to go! Keep visiting our networking course blog, give Like to our fanpage; and you will find more tools and concepts that will make you a networking professional.