Cisco CCNA 200-301 – Wireless Networking Fundamentals Part 4

  • By
  • March 21, 2023
0 Comment

8. Switch Configuration for Wireless – Lab Demo

Lecture. You’ll see how to configure a switch to support wireless networks with wireless LAN controller, with a lab demo. I’m going to use packet tracer for this demo, so you can see that I’ve got it open here. I’ve got my switch here in the middle. That’s what I’m going to be configuring here and it’s connected to a wireless LAN controller, a couple of access points in my admin laptop. And later on I’m going to configure a corporate and guest W lands.

So because I’ve got the two different W lands there, I’m going to need to have two different VLANs to support both of them. So what I’m going to configure here is I’m going to create my corporate VLAN and I’m going to create my guest VLAN. I’m also going to create a management VLAN as well for the wireless traffic. So the different types of traffic that is going to be on that management vuan, when my admin laptop is connecting him to the wireless LAN controller to configure it, that’s going to be on the management VLAN and management IP subnet.

Also, when the wireless LAN controller is communicating with the APS, that is going to be on the management VLAN as well. So I’m going to have that management VLAN with its associated IP subnet and that’s going to be used both for management of the WLC and also for WLC traffic to the APS and back again. You could split that into two different Vlons. I’m going to just use one VLAN for it here. So I’m going to have three different VLANs, the management VLAN, the corporate vuan and the guest vuan. I’m also going to need to configure my switch ports as well.

The WLC connection to the switch, that needs to be a trunk port to support all those different VLANs for the AP connections going to the switch. Those are going to be configured as access ports in the management VLAN. Okay? So let’s get this all configured. So I will click on my multilayer switch. I’m coming in here, by the way, in packet tracer. A trunk port to the wireless LAN controller is not supported. So do not follow along with me as I do these lab demos, okay? Use the supplied lab exercise at the end of a section which does have a trunk port going to the WLC.

But I’ve got a workaround in there that’s going to make everything work. So don’t follow along with me. Wait till you get to the end of a section, use the supplied lab exercise and then everything will work just fine. Okay? So I’m on the switch here, I’ll go to the command line, I’m going to go to the enable prompt and then I’m going to go to global configuration. So first thing I’m going to do is I’m going to create those VLANs. So first VLAN I’ll do is the management VLAN for the design of what VLAN numbers you’re going to use and what the associated IP subnets are going to be.

In a real world environment, you would work with the network designer to decide which VLANs and which IP subnets. So let’s say that I’ve done that already, and we’ve decided that the management VLAN is going to be View Antenna. So I’ll create VLAN Ten, and I’m going to give it the name of management. And then I’m going to want to have an Svi, a switch to Virtual interface in View Antenna as well.

So I’ll create that. I’ll say Interface View on ten here on my multilayer switch, and I’m going to give that IP address one, nine, two, dot one, six, eight. And this is going to be dot ten, which matches up with VLAN Ten. And I will give this IP address dot one, the subnet mask 255-255-2550. So this is on my multilayer switch. And my multilayer switch is going to be the default gateway for all of these different VLANs and IP subnets. It’s going to be able to route the traffic between them. So that’s why I’m creating the interface VLAN Ten. Okay, so I’ve got the VLAN created and I’ve given it an IP address on the VLAN interface. And my APS and also the management IP address for my wireless LAN controller are going to be in this VLAN and in this IP subnet with my APS. When they get plugged in and they come online, I’m going to want them to communicate, to connect to the wireless LAN controller and download their configuration from there. So I’m going to be plugging the APS in. I want them to get connectivity to the wireless LAN controller. So we’re going to need to get an IP address. So I need to configure a DHCP scope for that. You could use an external DHCP server for this.

I’m going to do it here on the switch. So I’ll go back down to global configuration, and my subnet is 19216 810 or 24. I’m already using IP address one. So I don’t want to go and give that out to host. So let’s say that I will allocate addresses 19216 810 101, two, five, four, with my DHCP scope. So I need to exclude the addresses one thing, two one 6810, one to one thing, two one, 6810, 100. So that it starts giving out, starting with Address 101. So the command to do that, I will say IP DHCP excluded address. And I want to exclude one thing, two one, 6810, one to 19216 810 100. So I’ll start with the next address, which is 19216 810 101.

But I need to create my DHCP scope. So I say Ipdhcp pool and give it a name. I’ll call it Management, which ties up with the VLAN name. And then the network that I’m going to be assigning addresses from is 19216 810 or the subnet mask is 255-25-5255 dot or the default router. So the default gateway for this network is here on the switch, it’s 192168, dot ten, dot one. And the other thing that I want to do is tell the access points where their wireless LAN controller is.

So for that, I’ll say option 43 IP. And my wireless LAN controller has got IP address 192 168 1011. I’ve already statically assigned the IP address to the wireless LAN controller. Now, in this example, because the wireless LAN controller and the APS are in the same VLAN and the same IP subnet, I didn’t actually need to do that because the APS would find a wireless LAN controller from a broadcast anyway. But if the APS and the wireless LAN controller are on a different subnet, well, routers don’t forward broadcast, so that would not work. So in that case, you would definitely want to add the option 43 to your DHCP scope. Okay, so that is my management VLAN and DHCP scope. All done. Next up, I need to create the VLANs for my wireless networks as well.

So there was going to be one for corporate and one for guests. So let’s do corporate first. And again, I’ve spoken to the network designer and they’ve told me use VLAN 22. So I’ll create VLAN 22. I will say name corporate. And then again, this multilayer switch is going to be the default gateway for the IP subnet. So I need to create an interface for that. So I will say, just to show you, this is back at Global Config again, I’ll say interface, it’s VLAN 22 and I’ll give it IP address 192168. We’ll say this is in subnet 1921-6822 again to tie up with the VLAN number and one for the default gateway subnet mask 255-25-5255. Okay, so that is my corporate VLAN configured.

Now, the wireless clients that are connecting into the corporate WLAN, they’re going to need to get an IP address as well. So I also need a DHCP scope for them. But rather than creating it here on the switch, it’s actually possible to configure a DHCP scope in the wireless land controller. So for my wireless clients, I’m going to create the DHCP scopes there in the wireless LAN controller. You’ll see how you do that later on when I do that demo? Okay, so I’ve got my VLAN created for corporate. I need to do it for Guest as well. So I’ll say VLAN and we’re using VLAN 23 here, the name is Guest. And then because my switch here is a default gateway again, I need to say interface VLAN 23 and give it the IP address 192-16-8231 with a slash 24 subnet mask. I don’t need to do a no shut on these interfaces because they’re virtual interfaces. They are not shut down anyway by default. Okay, so I’ve got my VLANs configured. Let’s just check that. That all looks okay. So I will do a show VLAN. And in here I can see there’s a couple of VLANs that were already created in my lab environment. Here which was for the Radius server and also for my Admin laptop so they were done already.

I can see the VLANs that I’ve created there’s von Ten Management and then vuan 22 Corporate and vuan 23 guest so that looks good and I’ll do a show IP interface brief and go down to the bottom and there I can see VLAN ten and VLAN 22 and VLAN 23. I can see the status is up down here. That’s okay, it’s just because none of my switch ports have been allocated to that VLAN yet. When I’ve done that then the VLANs will come completely up. Okay so that is my VLANs all created and also my DHCP scope done as well. Now what I need to do is configure the switch ports. So I will have a look back at the diagram again. So I need to configure this switch port here connected to the wireless LAN controller as a trunk port and I also need to configure these switch ports here connected to my APS as access ports in the management VLAN. So let’s do the wireless LAN controller first. So back on the switch again, I’m going to go back to global configuration again and it is interface gigabit ethernet 10 five which is connected to my wireless LAN controller.

So let me just put in a description to see that. So I’ll see a description WLC and then I need to configure this as a trunk port. The model of switch I’m working on here does support both one Q and ISL trunking so I need to specify that it is switch port trunk encapsulation is one Q that I’m using here. The switch port mode is trunk and then best practice, I want to limit the VLANs on this port to the ones that are actually going to be used. So I will say switch port trunk allowed VLAN and I’m going to allow my management VLAN ten and then my VLANs for my wireless networks which was 22 and 23 and then the connection to the wireless LAN controller is not doubling back into other switches again. So I know that I’m never going to have a spanning three loop going through this port so I can also say spanning three portfast just to disable spanning three on the port.

Okay, done. So that is my switchboard connected to my wireless LAN controller. Done. I also need to configure the switchboards connected to the APS so I’ll do them both at the same time. So I will say interface range and they are connected to gigabit ethernet one three and one four. So I’ll configure them both at the same time. I’ll put a description in, so I’ll say description wireless AP and then I will say switch port mode is access and then switchport if I can type it right, switchport access VLAN was VLAN ten the management VLAN and again I can disable spanning to you on here. So I’ll say spanning to portfast. Okay, and that is it. Done. What should be happening now is that the access points are going to get their IP address from the DHCP server running here on my switch. They’ll then discover where their wireless LAN controller is and they should register to it. So let’s just check that that is working.

So I’ll go back to my main packet tracer window here. I’ll go to the Admin laptop, which has got connectivity to the wireless LAN controller. I’ll go to my desktop and then the web browser. And I need to use Https to get to the admin GUI on my wireless LAN controller. And it has got IPRs. One thing, two, one 6810, eleven. So I’ll click on Go and then that brings me to the login page for the wireless LAN controller. I’ll click on Login, enter in my username and password and that will open up the dashboard on the wireless land controller.

And in here, in the access point summary section, I can see that I have got two access points which are registered. Okay? So that is all good. I could also go to the access points in here on a real world wireless Van controller to get more information, including their IP address. But this is all good. In packet tracer I can see that the APS are registered. So now I’m ready to move on with the rest of the configuration, actually creating my W Lans on the wireless LAN controller. And I’ll do that.

9. Wireless Network Configuration – Lab Demo

In this lecture you’ll learn about RF, that’s radio frequencies and channels. WiFi services operate in the two 4 frequency spectrum that’s allocated for ism industrial, scientific and medical use. You’ll see more about what that means in a second. Because of this, a radio operator’s license is not required wired and ism industrial, scientific and medical use. Devices do not have regulatory protection against interference from other users of the band. So let’s see what this means. So I will open up a chart here. This is the radio frequency allocations in the US. So this is controlled by the government. And here you can see all of the frequencies that are assigned to the different types of radio communication. For example, you can see that for FM broadcasting for radio, that is 88 to 108. You can also see maritime communications in here, fixed satellite, et cetera. And right in the middle here you see industrial, scientific and medical. So it’s the industrial, scientific and medical that is used for the WiFi communications. But there’s loads of other types of communications happening over the airwaves as well.

So taking the FM broadcasting as an example, if you wanted to set up a radio station in your area, well, you can’t do that and then just start broadcasting on a particular frequency in this range. It’s regulated by the government. So you would have to apply for a license to do that. And one of the things that the local authorities will do is they’ll check that nobody else is using that frequency. Because if you think about, for example, my local radio station back home, they broadcast on 96. 9. If somebody else started broadcasting on 96. 9, then those two signals would interfere with each other. You would be hearing both stations at the same time. And of course, if you’re hearing both at the same time, then neither one of them is going to make sense.

So that’s why there is the regulatory compliance in all of these other bands to make sure that people are not stepping on each other’s toes. But for WiFi networks, well, everybody’s got a WiFi network at home. It wouldn’t be practical for everybody to have to apply to their local authority to use a particular frequency in their home. So because of that, really it’s unregulated and anybody can use any frequency that they want as long as it is in these industrial, scientific and medical ranges. So it’s not regulated, which means it’s easy to get set up, but it does mean that there’s a pretty high chance that we’re going to get interference. So let’s talk about that more as we go through the lecture. So I’ll go back to the slides again. Before we talk about the radio frequencies more, let’s talk about the standards and how they have evolved over time. So the standard for WiFi communications is IEEE 800 and 211 that first came out in 1997 and operated in the 2. 4 GHz frequency range and the maximum bandwidth was two megabits per second. So it was pretty slow. So not long after that, in 1999, 8211 A and 8211 B both came out. 8211 B also operates at 2. 4 is 5. Maximum bandwidth with eleven B is eleven megabits per second. For 8211 A it was 54 megabits per second. So that did give a pretty good speed increase. Then in 2003, 8211 G came out. That also operates at 2. 4.

Because it’s operating at 2. 4 GHz, this can be backwards compatible with 800 and 211 B, which is also 2. 4 is 5 GHz. So A and G are not compatible with each other. Now, with the backwards compatibility, maybe you had a wireless device which only supported 800 and 211 B, did not support 800 and 211 G. Well, in that case, if you had some devices on your network which did support 800 and 211 G, then they could operate at up to 54 megabits per second. The old devices which only supported eleven B, they could operate up to eleven megabits per second. In 2009, 8211 N came out, and it’s capable of operating at both 2. 4 and 5 GHz.

Big speed improvement there, up to 600 megabits per second. And because it supports 2. 4 and 5 GHz, it’s backwards compatible with A, B and G. Again, if you’ve got older wireless clients which only supported A, B or G, they would only get the speed that was supported there. But if you did have a wireless client that supported 800 and 211 N, up to 600 megabits per second there. And finally, in 2013, 8211 AC came out. It’s at 5 GHz, it sports up to 3500 megabits per second, and it is backwards compatible with A and N. Because it’s 5 GHz, it’s not compatible with the older 2. 4 GHz only Standards cisco access points support all standards. If you’ve got a Cisco AP, it’s not like you have to pick and choose just one of these. You can have multiple different options here, all enabled on the AP at the same time. Okay, so let’s look at the 2. 4 GHz spectrum and the 2. 4 GHz spectrum. It’s a spectrum. It is a range of frequencies. It’s not just exactly 2. 4 GHz, it actually ranges from 2. 4 to 2. 4835 GHz or 2. 4 to 2. 497 in Japan.

And that spectrum, so that frequency range is divided up into smaller 22 MHz ranges of frequencies, which are called channels. So a channel is just a range of frequencies that can be used for your WiFi. Each access point operates in one channel. And as you can see in the diagram here, some channels overlap and can cause interference with each other. Just like if we had two radio stations which were playing out music at the same frequency, they are going to be on top of each other. It’s causing interference. So you can see here, that channel one is shown in blue. It goes from there to there, and then channel two goes from here. So there’s a lot of overlap between channel one and channel two. Also channel three is overlapping there as well, and you can see it’s all the way until we get up to channel six, where it is not overlapping with channel one.

So in the 2. 4 GHz spectrum in the US, there’s actually only three channels which do not overlap with each other. Those are one, six and eleven. So if you’ve got neighboring APS, you want to use non overlapping channels to make sure that they don’t overlap with each other. Okay, looking next at the 5 GHz spectrum, 2. 4 GHz channels are 22 MHz wide. 5 GHz channels are 20 MHz wide, and they have less overlap than the 2. 4 GHz channels. So it’s not such a problem here. Neighboring AP should still be separated by at least one channel though, to reduce the chance of interference. With the 5 GHz spectrum, channels can be bonded. So with single channel, it is 20 MHz wide. You can bond two together to make it 40 MHz wide. You can bond four together to get 80, and you can bond eight together to get 160. And that multiplies the data rates by two, four or eight, depending on whether you’re going for 80 or 160. So let’s have a look at that. So you can see the 5 GHz spectrum here are all the different channels up here at the top. So if we’re just using the single channels, we’re not bonding at 20 MHz. You can see we’ve got channels 36, 44 and so on. We could bond channels 36 and 40 together, that would double it to 40. That’s going to give us more bandwidth, more throughput there. We could double that again at 80 MHz, that would be channels 36 to 48. Or we could go up to 168, which would be 36 all the way up here.

Okay, so that was the 5 GHz spectrum. Now I have been talking in this lecture about the interference. I mentioned about how the Ism band is unlicensed. So you do not have any guarantee that the frequency belongs to just you. Natural fact, it’s unlikely that that is going to be the case. And many devices can cause interference in the 2. 4 GHz spectrum, such as microwave ovens and wireless video cameras, fluorescent lights and baby monitors. Comparing 2. 4 and 5 has got greater range. It goes further, it’s also got better propagation, meaning it gets through obstacles better as well. But the 2. 4 GHz range is more crowded, there’s more things, there more chance of having interference. 5 AC has higher throughput than is available with any of the 2. 4 GHz options. So you might think, well then for sure I’m going to be using 8211 AC. But your client stations might not be compatible with it yet. They might only be compatible with 2. 4 GHz, which would force you to use that or to upgrade them. Because of all the potential for interference.

Site surveys should be carried out for WiFi networks. The purpose is to find the best placement of access points for maximum coverage of the required area and minimum leakage outside it. You want wireless to be available everywhere you want it inside the building. You don’t want it going outside the building because that would be a security concern. The site survey is also going to discover potential sources of interference as well. So the way that you do this is you use some software on your laptop, you can walk around the building and this software, it’s going to detect any potential sources of interference. It can also help you with the AP placement as well. And a wireless LAN controller can manage a channel allocation and a power level of the APS to get the best wireless quality. And let’s have a look at an example of using some software on my laptop which can give me information about the different wireless frequencies in my area here around about my house.

So I have got some free software called Insider open here. I’ve just opened it and you can see it is monitoring the wireless frequencies right around my laptop here. And you can see that I’ve got home WiFi available. That’s my home wireless network here and that is supporting 800 and 211 AC. So it’s great. It’s the latest standard and you can see it’s available on both 2. 4 roundabout me. Nobody else is operating at 5 GHz, so that’s great. I should get really good quality there. But if I connected my laptop at 2. 4 GHz, you can see there’s all these other wireless networks round about me as well. And you can see that the channels are all overlapping down here. So to minimize the interference when I’m connected over wireless, I’m using the 5 GHz range. Okay, that was everything I wanted to show you here. See you in the next.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img