ITCwiki - User contributions [en]

Franske CNT-2612

2011-05-08T21:23:15Z

JDO2010: /* Projects */

This is the homepage for the CNT-2612: CCNP 1 Network Switching classes taught by Dr. Ben Franske.

= General Course Information =
* [[Franske CNT-2612 Syllabus|Course Syllabus]]
* [[Franske CNT-2612 SP11 Schedule|Spring 2011 Course Schedule]]
* [[Franske CNT-2612 Labs and Homework|Lab and Homework List]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* Assessments and online curriculum available at [http://cisco.netacad.net http://cisco.netacad.net]

= Projects =
* [http://wiki.ihcnt.net/w/IOS_vs._CatOS:_Basic_Configuration IOS vs. CatOS: Basic Configuration]
* [http://wiki.ihcnt.net/w/AAA_with_802.1x_and_port_based_authentication AAA with 802.1x and Port-based Authentication]
* [[IPv6 Tunnel]]

= Resources =

2010-12-07T21:44:17Z

JDO2010: /* Different Types of Steganography */

==What is Steganography==
Steganography is defined by [http://www.merriam-webster.com/dictionary/steganography Merriam-Webster] as the art or practice of concealing a message, image, or file.

==Different Types of Steganography==
===Micro Dots===
===Null Ciphers===
===Hidden Text Within Webpages===
===Hiding Files in plain sight===

==Programs Associated with Steganography==

==How to Hide Data in an Image==

==How to get Data out of an Image==

==How to run analysis on an image==

Steganography

2010-10-05T21:21:30Z

JDO2010: /* What is Steganography */

Steganography

2010-10-05T21:12:08Z

JDO2010: /* What is Steganography */

==What is Steganography==
Steganography is defined by [[Merriam-Webster|http://www.merriam-webster.com/dictionary/steganography]]

==Different Types of Steganography==

==Programs Associated with Steganography==

==How to Hide Data in an Image==

==How to get Data out of an Image==

==How to run analysis on an image==

Steganography

2010-10-05T20:52:02Z

JDO2010: Created page with '==What is Steganography== ==Different Types of Steganography== ==Programs Associated with Steganography== ==How to Hide Data in an Image== ==How to get Data out of an Ima…'

==What is Steganography==

==Different Types of Steganography==

==Programs Associated with Steganography==

==How to Hide Data in an Image==

==How to get Data out of an Image==

==How to run analysis on an image==

Franske CNT-2311

2010-05-14T03:57:32Z

JDO2010: /* Projects */

This is the homepage for the CNT-2311 classes taught by Dr. Ben Franske.

== General Course Information ==
* [http://spreadsheets.google.com/viewform?formkey=dFZwb1VFOXh2bTJfS0FuRV92ZnR6eHc6MA Student Sign-In for 1/19/2010]
* [[Franske CNT-2311 SP10 Syllabus|Spring 2010 Course Syllabus]]
* [[Franske CNT-2311 SP10 Schedule|Spring 2010 Course Schedule]]
* [[Franske CNT-2311 SP10 Commands|Spring 2010 Commands by Session]]
* [[Franske CNT-2311 Labs|Lab List]]
* [[Franske CNT-2311 Lab Point Sheet|Lab/Homework Point Sheet]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* [[Franske CNT-2311 Network Simulation Project|Network Simulation Project]]

== Projects ==

* [[Dual Booting]]

* [[Grub2]]

* [[Linux VLAN Trunking]]

* [[Installing Webmin]]

*[[Nat Masquerading and Firewall]]

* [http://cnt.lextron.net/Control_Web_Access_With_Squid Control Web Access with SQUID]

* [[Installing MyBB Forum]]

* [[openvpn]]

* [[Zoneminder]]

== Resources ==
=== Software ===
* [http://www.virtualbox.org Virtualbox]
=== Major Linux Distributions ===
* [http://www.debian.org Debian]
** [http://www.ubuntu.com Ubuntu]
* [http://www.redhat.com Redhat Enterprise Linux (RHEL)]
** [http://centos.org CentOS]
** [http://fedoraproject.org Fedora]
* [http://www.gentoo.org Gentoo]
* [http://www.opensuse.org OpenSUSE (Novell)]
=== Online Linux Tutuorials ===
* [http://www.linux.org/lessons/beginner Beginning Linux from Linux.org]\
* [https://help.ubuntu.com/community/PostfixBasicSetupHowto Postfix Basic Setup]

Zoneminder

2010-05-14T03:56:45Z

JDO2010:

ZoneMinder is a security camera program for Ubuntu. With it you can use your server as a security camera DVR that you can view online and record to the hard disk of the server. Make sure to plug in a USB webcam or similar device before you continue.
=Install Zoneminder=
:*Use Aptitude to install ZoneMinder
:* sudo aptitude install zoneminder
:* Aptitude will ask you if you want to install a bunch of extra packages. Make sure to say yes to that.
=Configure ZoneMinder from the web interface=
# Find your IP address using the ifconfig command
# Go to a web browser and type ''ip-address''/zm in the URL bar
#* You will then see the zoneminder console.
# Click on "Add New Monitor" [[File:ZM_console.png|400px|thumb|right|This is what the ZoneMinder console looks like after it has been configured. Here, the camera name is "Downstairs"]]
# Fill in the Name, Source Type, and Function. For now, just set the function to Monitor.
# Put in a Maximum FPS (frames per second). If you don't know what to put just type 15
# Put the same value as Max FPS into the Alarm Max FPS field.
# Click on the source tab on the top of the window.
# You will have to find the Device Path of your specific camera. Mine was /dev/video0. You could look in your syslog to find this.
# You will also need to find the Device Format, Capture Palette, Capture Width, and Capture Hight from the cameras manufacturer.
# Click "Save"
#* If everything is working you should see the camera monitor you just made in the list. If you click on it you can view the camera as jpegs.
=Hardware=
You can use almost any USB webcam or if you want a real security camera please use [http://www.zoneminder.com/wiki/index.php/Hardware_Compatibility_List this list] to find compatible cameras and capture cards.

Zoneminder

2010-05-11T15:45:16Z

JDO2010:

2010-05-10T14:51:25Z

JDO2010:

ISDN WAN Connections

2010-05-10T14:38:39Z

JDO2010: Created page with '=Basic Rate Interface (BRI)= This was set up in a lab enviroment using an Adtran Atlas 550 to simulate WAN connection. This will document configuring an ISDN BRI connection with…'

Main Page

2010-03-05T15:50:52Z

JDO2010: /* Technical Information */

<big>'''Welcome to the CNT Wiki'''</big>

To prevent spam on this wiki we require user account creation to create and edit pages.

==Program Information==
* [[Open Lab Schedule Spring 2010|Open lab schedule]] for the current semester.

== Course Information ==
=== Courses taught by [[User:BenFranske|Dr. Ben Franske]] ===
* [[Franske CNT-2300|CNT-2300]]
* [[Franske CNT-2311|CNT-2311]]
* [[Franske CNT-2510|CNT-2510]]
* [[Franske CNT-2520|CNT-2520]]
* [[Franske CNT-2530|CNT-2530]]
* [[Franske CNT-2540|CNT-2540]]

== Technical Information ==
* [[Introduction to DOS]] - Work In Progress
* [[Router Documentation]]
* [[Switch Documentation]]
* [[VMWare Setup|Instructions for creating VMWare machines from the CNT template]]
* [[VirtualBox Startup Script|Instructions for creating a VirtualBox startup script to save VMs in specific location]]
* [[Vyatta|Using the Vyatta open source routing platform]]
* [[Networkingcables]]
* [[Cisco Wireless Access Points|How to configure Cisco 1200 and 1242 series access points]]

== Software Resources ==
* [http://msdn08.e-academy.com/inverhills_CNT MSDN Academic Alliance] (Microsoft Software, requires IHCC login)
* [http://info.inverhills.edu/eacademy/eacademyvmware.asp VMware eAcademy] (VMware Software, requires IHCC login)

Cisco Areonet 1200

2010-03-05T15:47:38Z

JDO2010: moved Cisco Areonet 1200 to Cisco Wireless Access Points

#REDIRECT [[Cisco Wireless Access Points]]

Cisco Wireless Access Points

2010-03-05T15:47:38Z

JDO2010: moved Cisco Areonet 1200 to Cisco Wireless Access Points

This article was written to set up a Cisco Aironet 1200 or 1242 series access point without connecting it to a wired network. These settings will enable basic wireless services including DHCP for wireless devices. The particular access point that was used to research and produce this article contained Cisco’s IOS operating system so much of the command line configuration is similar to that if Cisco’s switches and routers.

==Plug in the access point==
==Create a physical connection to the access point.==
# This can be done with a rollover cable and a DB-9 to RJ45 adapter
# Connect the DB-9 to RJ45 adapter to the 9-pin DB-9 serial port on the back of the host PC
# Connect one end for the rollover cable to the RJ-45 console port located at the rear of the access point between the two antennas
# Connect the other end of the rollover cable to the RJ-45 connecter on the DB-9 to RJ45 adapter.
==Create an interface connection to the access point via HyperTerminal or other command line terminal==
# Open HyperTerminal from Start>All Programs>Accessories>Communications
# Create a new connection
## HyperTerminal should prompt you to create a new connection when it first opens
===Cisco recommends the following settings===
# 9600 baud rate
# 8 data bits
# no parity
# 1 stop bit
# no flow control
==Log in to the access point command line==
[[File:hyperterminal.jpg|thumb|450px]]
# Once the HyperTerminal connection is made, press '''Enter''' to access the command line interface and User Exec mode command prompt. None of the configuration we are doing will be in user EXEC mode so we will not spend any time on this area.
# At the command prompt, issue the command '''enable''' and press enter. This is the command to enter the privileged EXEC mode prompt.
# At this point, the system will prompt you for a password. The default password for this line of access points is '''Cisco''' and is case sensitive. This will also be the default password for the web browser interface in later sections. Type the password at the command prompt and press '''Enter'''.
# This should result in a command prompt ending with the pound (#) character.
==Remove the old configuration file==
# To remove any old configurations and prevent old settings from interfering, remove the starting configuration file by issuing the command '''erase startup-config''' at the command prompt.
# At this point, the system will prompt you to confirm your actions. Press '''Enter''' to confirm and return to the command prompt.
==Reload or restart the access point==
# At this point, you may either unplug the access point and plug it back in, or issue the command '''reload''' at the command prompt. If you choose to issue the '''reload''' command, it will prompt you again to confirm your actions. Press '''Enter''' to confirm and proceed with restarting the access point.
==Perform basic security configuration==
# Issue the command '''configure terminal''' at the command prompt and press '''Enter'''. This is known as “Global Configuration Mode”.
# If you wish, here you may issue the command '''<nowiki>hostname <</nowiki>'''''hostname''> at the command prompt where ''hostname'' will be the name of the access point. For the purpose of this article, we left this as the default value of “ap”.
# You may also wish to change the default password with the command '''enable secret'''<nowiki> <</nowiki>''password>''. This will change the default password for the privileged EXEC mode. This will also change the default password to access the web browser interface.
==Configure the BVI1 interface with an IP address==
# At the command prompt, issue the command '''interface bvi 1''' and press '''Enter''' to enter the interface configuration mode for the BVI1 interface. For the web browser interface to work, an IP address needs to be assigned to this interface. If you are configuring this on a wired network, this could be the network IP address of the access point. For our purposes, we configured this as a standalone access point and used the private address 192.168.1.1 with the subnet mask 255.255.255.0. Being as this address is in the subnet of the network that will occupy the access point, we then have the option use any device connected to the access point to access the web browser interface.
# At the command prompt, issue the command '''ip address '''''ip address subnet mask'', where ''ip address'' ''subnet mask'' is the combination of IP address and subnet mask that you wish to use.
# At this point, you can issue the command '''no shutdown''' as you would during most cases of interface configuration, but, like loopback interfaces, the BVI1 interface is a virtual interface and is always up so this step is not necessary.
# At the command prompt, issue the command '''end''' and press '''Enter''' to return to the global configuration command prompt.
==Configure the Dynamic Host Configuration Protocol (DHCP)==
# At this point we will configure the access point to provide DHCP service. To do this, choose a suitable network IP address and subnet mask to serve your purpose.
# At the command prompt, issue the command '''<nowiki>ip dhcp excluded-address <</nowiki>'''''<nowiki>low address> <high address></nowiki>'' and press '''Enter'''. The purpose of this command is to exclude a contiguous range of addresses used for management purposes such as static addresses for printers and other hardware and peripherals. You may enter a single address or a contiguous range of addresses.
# At the command prompt, issue the command '''ip dhcp pool''' ''<nowiki><name></nowiki>'', where ''name'' is a name chosen to represent the IP address pool and press '''Enter'''. For our purposes, we used the SSID of the access point. At this point, after pressing '''Enter''', you are placed in DHCP configuration mode.
# At the command prompt, issue the command '''network''' ''<nowiki><ip address> <subnet mask></nowiki>'' where ''<nowiki>ip address> <subnet mask></nowiki>'' are the network IP address and subnet mask that you chose in step A. For our purposes, we stuck with the combination of 192.168.1.0 255.255.255.0.
# At the command prompt, issue the command '''lease '''''<nowiki><days> <hours> <minutes></nowiki>'' to set the IP address lease period and press '''Enter'''. You may use '''infinite''' instead of defining the days, hours and minutes.
# At the command prompt issue the command '''end''' and press '''Enter''' to return to the privileged EXEC mode prompt.
# At this point, DHCP has been configured and the web browser interface should be operational and accessible. At the command prompt, issue the command '''copy running-config startup-config''' to save the changes.
==Configure the host network interface card (NIC) IPv4 settings with an IP address==
# Configure the IPv4 settings of the PC network interface card so that it has a static IP address that is on the same subnet as the BVI1 interface as well as the same subnet mask. For our purposes, we used 192.168.1.2 255.255.255.0.
==Connect an Ethernet patch cable to the access point==
# Here, we are using a cabled connection because the SSID and wireless interfaces have not yet been configured. Using an Ethernet patch cable, plug one RJ-45 connector in the NIC on the PC and the other RJ-45 connector into the Fast Ethernet interface located at the rear of the access point between the two antennas.
=Cisco Aironet 1200=
==Connect to the web browser interface of the access point==
[[File:9.jpg|thumb|450px]]
# Open a web browser such as Internet Explorer or Firefox.
# In the address bar, type '''http://'''''ip address'' where ''ip address'' is the IP address of the BVI1 interface, and press '''Enter'''.
# At this point, you will receive a login prompt window. Leaving the username field blank, press the '''Tab''' key to move the cursor to the password field. If you set the password in step C of section VII, then the password you chose there is the same password needed here. If you left it as the default, the password should be '''Cisco'''. Enter the password and press '''Enter'''. This step should end with the web browser interface being displayed on the web browser.
==Configure service set identifier (SSID)==
# When the web browser interface starts, you are placed on the home screen. Here you should see a router configuration summary on the main screen. On the left side of the summary is a navigation panel. For our configuration we are going to navigate directly to the '''Express Security''' page. We are doing this for two reasons. We need to configure an SSID for wireless devices to connect to and we need to enable the wireless interfaces which need the SSID to work.\
# On the top of the '''Express Security''' page, you will see a field for an SSID name and a check box to allow broadcasting of the SSID. Enter a name and check the box to enable SSID broadcast. There are a lot of other options on this page, but for our immediate purpose, these are the only changes we will make here. Once you have set the SSID name and allowed it to broadcast, scroll down to the bottom of the page and click '''Apply'''.
==Enable the wireless interfaces==
[[File:14.jpg|thumb|450px]]
# Navigate to the '''Interfaces''' page in the navigation menu on the left side of the screen. You will notice that the navigation panel expands to show each of the individual interfaces.
# Navigate to the '''Radio0-802.11B''' interface page. Here you will notice four tabs.
## RADIO0-802.11B STATUS - shows a summary interface status
## DETAILED STATUS - self explanatory
## SETTINGS - the changeable settings page
## CARRIER BUSY TEST - self explanatory
## Navigate directly to the '''Settings''' tab. Here you will notice all the settings available to configure the interface.
## For our purpose, click the '''enable''' option to enable the interface.
## Scroll down to the '''Data Rates''' setting and click on the '''Best Throughput''' button.
## Scroll sown to the bottom of the page and click the '''Apply''' button. It will take a few seconds for the interfaces to show enabled. If you still have access to the command line interface session, you will notice some system messages as the interface comes up.
# Perform steps B through F for interface '''Radio0-802.11A'''.
==Configure cipher type==
# In the navigation menu on the left side of the screen, navigate to the '''Security''' page. Again you will notice that the navigation menu expands to show sub sections of the security menu.
# Navigate to the '''Encryption '''sub section. Here you will notice that there is a page tab for each of the wireless interfaces. In this access point, you can configure different security measures for each interface. You will be setting them both the same.
# Click on the '''Cipher''' option and then use the scroll menu to the right and select '''TKIP''' as the encryption type. We are bypassing WEP on this page as WEP has been found to be broken and insecure and we are choosing to use the more secure WPA option (next section).
# You will only be using one security key so choose an appropriate passphrase and type it into the '''Encryption Key 2''' field. You can choose a different key size of you choose to do so, but for our purposes, we left ours at 128 bits.
# Scroll down to the bottom of the page. As we are applying these settings to both wireless interfaces, we can click on the '''Apply-All''' button. This will save you from having to configure encryption settings for both interfaces.
==Configure WPA==
# Here, we will now configure SSID authentication essentially by using the previously defined encryption key as the pre-shared key (PSK). In the navigation menu on the left side of the screen, navigate to the '''SSID''' '''Manager''' page.
# In the '''Current SSID List''' window, click and select the SSID name.
# Scroll down to the '''Authentication Settings''' section and make sure '''Open Authentication''' is selected. For a basic wireless configuration, you can leave the rest of this section configured with the defaults.
# Scroll down to the '''Authenticated Key Management''' section. Use the dropdown menu for Key Management to select '''Mandatory''' and then click and select the WPA option.
# Select either '''ASCII''' or '''Hexadecimal''' style passphrase, then enter an appropriate passphrase into the field for '''WPA Pre-shared Key'''.
# For the rest of this page, you can leave the rest of the configuration with the default settings. Scroll down to the bottom of the page and click on '''Apply'''.
=Cisco 1242=
The process for setting up a Cisco 1242 series access point and pretty much the same as the 1200. The main difference in the setup procedure is in the online interface. I am starting off right after you have configured the BVI1 interface on your access point.
==Open Online Interface==
#Open a web browser (Internet Explorer, Firefox, Google Chrome, etc).
#In the URL bar, type 192.168.1.1
#Use '''admin''' for the username and '''Cisco''' as the password.
==Express Security==
#Click on the "Express Security" tab on the left side of the page.
#Type a name for your new wireless network in the SSID field.
#If you want client to be able to easily find your network, then make sure to check the "Broadcast SSID in Beacon" box.
#If your network is configured to use VLANs, then enter in the VLAN ID into the "Enable VLAN ID" field.
#Click Apply at the bottom of the page.

==Encryption Manager==
#Click on the "Security" tab on the left side of the page.
#Click on "Encryption Manager" from the list that drops down below the Security tab.
#Make sure that "Cipher" is filled in.
#Select "AES CCMP + TKIP" from the dropdown menu.
#Click Apply-All at the bottom of the page.

==SSID Manager==
#Click on "SSID Manager" right below the "Encryption Manager" tab.
#Select your SSID from the list.
#Make sure the correct radio interfaces are selected.
#Scroll down to "Client Authenticated Key Management"
#Under Key Management, select "Mandatory" from the dropdown list.
#Check the "Enable WPA" box and select "WPAv2" from the second dropdown menu.
#Under WPA pre-shared key, type in a strong password that users will use to connect to your network.

==Turn on Radio Interface==
#Click on the "Network Interfaces" tab.
#Click on the "Radio0-802.11G" tab.
#Click on the "Settings" tab at the top of the page.
#Check the "Enable" circle.
#Click Apply at the bottom of the page.

You should now have completed setting up basic wireless service with DHCP enabled to automatically negotiate network addressing. You should be able to connect a wireless device with the NIC to set to obtain an IP address automatically. There are a couple of ways to check who is connected to your network at any given time. In the web browser interface, selecting the '''Association''' page from the navigation menu will show you a graphical table with a MAC address and the IP address that is associated with it. You can get this same information using the command line interface by issuing the command '''show ip dhcp binding''' in the privileged EXEC mode command prompt.

2010-03-05T04:49:36Z

JDO2010:

This article was written to set up a Cisco Aironet 1200 or 1242 series access point without connecting it to a wired network. These settings will enable basic wireless services including DHCP for wireless devices. The particular access point that was used to research and produce this article contained Cisco’s IOS operating system so much of the command line configuration is similar to that if Cisco’s switches and routers.

==Plug in the access point==
==Create a physical connection to the access point.==
# This can be done with a rollover cable and a DB-9 to RJ45 adapter
# Connect the DB-9 to RJ45 adapter to the 9-pin DB-9 serial port on the back of the host PC
# Connect one end for the rollover cable to the RJ-45 console port located at the rear of the access point between the two antennas
# Connect the other end of the rollover cable to the RJ-45 connecter on the DB-9 to RJ45 adapter.
==Create an interface connection to the access point via HyperTerminal or other command line terminal==
# Open HyperTerminal from Start>All Programs>Accessories>Communications
# Create a new connection
## HyperTerminal should prompt you to create a new connection when it first opens
===Cisco recommends the following settings===
# 9600 baud rate
# 8 data bits
# no parity
# 1 stop bit
# no flow control
==Log in to the access point command line==
[[File:hyperterminal.jpg]]
# Once the HyperTerminal connection is made, press '''Enter''' to access the command line interface and User Exec mode command prompt. None of the configuration we are doing will be in user EXEC mode so we will not spend any time on this area.
# At the command prompt, issue the command '''enable''' and press enter. This is the command to enter the privileged EXEC mode prompt.
# At this point, the system will prompt you for a password. The default password for this line of access points is '''Cisco''' and is case sensitive. This will also be the default password for the web browser interface in later sections. Type the password at the command prompt and press '''Enter'''.
# This should result in a command prompt ending with the pound (#) character.
==Remove the old configuration file==
# To remove any old configurations and prevent old settings from interfering, remove the starting configuration file by issuing the command '''erase startup-config''' at the command prompt.
# At this point, the system will prompt you to confirm your actions. Press '''Enter''' to confirm and return to the command prompt.
==Reload or restart the access point==
# At this point, you may either unplug the access point and plug it back in, or issue the command '''reload''' at the command prompt. If you choose to issue the '''reload''' command, it will prompt you again to confirm your actions. Press '''Enter''' to confirm and proceed with restarting the access point.
==Perform basic security configuration==
# Issue the command '''configure terminal''' at the command prompt and press '''Enter'''. This is known as “Global Configuration Mode”.
# If you wish, here you may issue the command '''<nowiki>hostname <</nowiki>'''''hostname''> at the command prompt where ''hostname'' will be the name of the access point. For the purpose of this article, we left this as the default value of “ap”.
# You may also wish to change the default password with the command '''enable secret'''<nowiki> <</nowiki>''password>''. This will change the default password for the privileged EXEC mode. This will also change the default password to access the web browser interface.
==Configure the BVI1 interface with an IP address==
# At the command prompt, issue the command '''interface bvi 1''' and press '''Enter''' to enter the interface configuration mode for the BVI1 interface. For the web browser interface to work, an IP address needs to be assigned to this interface. If you are configuring this on a wired network, this could be the network IP address of the access point. For our purposes, we configured this as a standalone access point and used the private address 192.168.1.1 with the subnet mask 255.255.255.0. Being as this address is in the subnet of the network that will occupy the access point, we then have the option use any device connected to the access point to access the web browser interface.
# At the command prompt, issue the command '''ip address '''''ip address subnet mask'', where ''ip address'' ''subnet mask'' is the combination of IP address and subnet mask that you wish to use.
# At this point, you can issue the command '''no shutdown''' as you would during most cases of interface configuration, but, like loopback interfaces, the BVI1 interface is a virtual interface and is always up so this step is not necessary.
# At the command prompt, issue the command '''end''' and press '''Enter''' to return to the global configuration command prompt.
==Configure the Dynamic Host Configuration Protocol (DHCP)==
# At this point we will configure the access point to provide DHCP service. To do this, choose a suitable network IP address and subnet mask to serve your purpose.
# At the command prompt, issue the command '''<nowiki>ip dhcp excluded-address <</nowiki>'''''<nowiki>low address> <high address></nowiki>'' and press '''Enter'''. The purpose of this command is to exclude a contiguous range of addresses used for management purposes such as static addresses for printers and other hardware and peripherals. You may enter a single address or a contiguous range of addresses.
# At the command prompt, issue the command '''ip dhcp pool''' ''<nowiki><name></nowiki>'', where ''name'' is a name chosen to represent the IP address pool and press '''Enter'''. For our purposes, we used the SSID of the access point. At this point, after pressing '''Enter''', you are placed in DHCP configuration mode.
# At the command prompt, issue the command '''network''' ''<nowiki><ip address> <subnet mask></nowiki>'' where ''<nowiki>ip address> <subnet mask></nowiki>'' are the network IP address and subnet mask that you chose in step A. For our purposes, we stuck with the combination of 192.168.1.0 255.255.255.0.
# At the command prompt, issue the command '''lease '''''<nowiki><days> <hours> <minutes></nowiki>'' to set the IP address lease period and press '''Enter'''. You may use '''infinite''' instead of defining the days, hours and minutes.
# At the command prompt issue the command '''end''' and press '''Enter''' to return to the privileged EXEC mode prompt.
# At this point, DHCP has been configured and the web browser interface should be operational and accessible. At the command prompt, issue the command '''copy running-config startup-config''' to save the changes.
==Configure the host network interface card (NIC) IPv4 settings with an IP address==
# Configure the IPv4 settings of the PC network interface card so that it has a static IP address that is on the same subnet as the BVI1 interface as well as the same subnet mask. For our purposes, we used 192.168.1.2 255.255.255.0.
==Connect an Ethernet patch cable to the access point==
# Here, we are using a cabled connection because the SSID and wireless interfaces have not yet been configured. Using an Ethernet patch cable, plug one RJ-45 connector in the NIC on the PC and the other RJ-45 connector into the Fast Ethernet interface located at the rear of the access point between the two antennas.
=Cisco Aironet 1200=
==Connect to the web browser interface of the access point==
[[File:9.jpg]]
# Open a web browser such as Internet Explorer or Firefox.
# In the address bar, type '''http://'''''ip address'' where ''ip address'' is the IP address of the BVI1 interface, and press '''Enter'''.
# At this point, you will receive a login prompt window. Leaving the username field blank, press the '''Tab''' key to move the cursor to the password field. If you set the password in step C of section VII, then the password you chose there is the same password needed here. If you left it as the default, the password should be '''Cisco'''. Enter the password and press '''Enter'''. This step should end with the web browser interface being displayed on the web browser.
==Configure service set identifier (SSID)==
# When the web browser interface starts, you are placed on the home screen. Here you should see a router configuration summary on the main screen. On the left side of the summary is a navigation panel. For our configuration we are going to navigate directly to the '''Express Security''' page. We are doing this for two reasons. We need to configure an SSID for wireless devices to connect to and we need to enable the wireless interfaces which need the SSID to work.\
# On the top of the '''Express Security''' page, you will see a field for an SSID name and a check box to allow broadcasting of the SSID. Enter a name and check the box to enable SSID broadcast. There are a lot of other options on this page, but for our immediate purpose, these are the only changes we will make here. Once you have set the SSID name and allowed it to broadcast, scroll down to the bottom of the page and click '''Apply'''.
==Enable the wireless interfaces==
[[File:14.jpg]]
# Navigate to the '''Interfaces''' page in the navigation menu on the left side of the screen. You will notice that the navigation panel expands to show each of the individual interfaces.
# Navigate to the '''Radio0-802.11B''' interface page. Here you will notice four tabs.
## RADIO0-802.11B STATUS - shows a summary interface status
## DETAILED STATUS - self explanatory
## SETTINGS - the changeable settings page
## CARRIER BUSY TEST - self explanatory
## Navigate directly to the '''Settings''' tab. Here you will notice all the settings available to configure the interface.
## For our purpose, click the '''enable''' option to enable the interface.
## Scroll down to the '''Data Rates''' setting and click on the '''Best Throughput''' button.
## Scroll sown to the bottom of the page and click the '''Apply''' button. It will take a few seconds for the interfaces to show enabled. If you still have access to the command line interface session, you will notice some system messages as the interface comes up.
# Perform steps B through F for interface '''Radio0-802.11A'''.
==Configure cipher type==
# In the navigation menu on the left side of the screen, navigate to the '''Security''' page. Again you will notice that the navigation menu expands to show sub sections of the security menu.
# Navigate to the '''Encryption '''sub section. Here you will notice that there is a page tab for each of the wireless interfaces. In this access point, you can configure different security measures for each interface. You will be setting them both the same.
# Click on the '''Cipher''' option and then use the scroll menu to the right and select '''TKIP''' as the encryption type. We are bypassing WEP on this page as WEP has been found to be broken and insecure and we are choosing to use the more secure WPA option (next section).
# You will only be using one security key so choose an appropriate passphrase and type it into the '''Encryption Key 2''' field. You can choose a different key size of you choose to do so, but for our purposes, we left ours at 128 bits.
# Scroll down to the bottom of the page. As we are applying these settings to both wireless interfaces, we can click on the '''Apply-All''' button. This will save you from having to configure encryption settings for both interfaces.
==Configure WPA==
# Here, we will now configure SSID authentication essentially by using the previously defined encryption key as the pre-shared key (PSK). In the navigation menu on the left side of the screen, navigate to the '''SSID''' '''Manager''' page.
# In the '''Current SSID List''' window, click and select the SSID name.
# Scroll down to the '''Authentication Settings''' section and make sure '''Open Authentication''' is selected. For a basic wireless configuration, you can leave the rest of this section configured with the defaults.
# Scroll down to the '''Authenticated Key Management''' section. Use the dropdown menu for Key Management to select '''Mandatory''' and then click and select the WPA option.
# Select either '''ASCII''' or '''Hexadecimal''' style passphrase, then enter an appropriate passphrase into the field for '''WPA Pre-shared Key'''.
# For the rest of this page, you can leave the rest of the configuration with the default settings. Scroll down to the bottom of the page and click on '''Apply'''.

You should now have completed setting up basic wireless service with DHCP enabled to automatically negotiate network addressing. You should be able to connect a wireless device with the NIC to set to obtain an IP address automatically. There are a couple of ways to check who is connected to your network at any given time. In the web browser interface, selecting the '''Association''' page from the navigation menu will show you a graphical table with a MAC address and the IP address that is associated with it. You can get this same information using the command line interface by issuing the command '''show ip dhcp binding''' in the privileged EXEC mode command prompt.

File:14.jpg

2010-03-05T04:36:43Z

JDO2010:

File:9.jpg

2010-03-05T04:33:27Z

JDO2010:

File:Hyperterminal.jpg

2010-03-05T04:27:33Z

JDO2010:

Cisco Wireless Access Points

2010-03-04T19:31:18Z

JDO2010:

<center>Cisco Aironet 1200 Series Wireless Access Point: Basic Wireless Configuration</center>

This article was written to set up a Cisco Aironet 1200 series access point without connecting it to a wired network. These settings will enable basic wireless services including DHCP for wireless devices. The particular access point that was used to research and produce this article contained Cisco’s IOS operating system so much of the command line configuration is similar to that if Cisco’s switches and routers.

==Plug in the access point==
==Create a physical connection to the access point.==
# This can be done with a rollover cable and a DB-9 to RJ45 adapter
# Connect the DB-9 to RJ45 adapter to the 9-pin DB-9 serial port on the back of the host PC
# Connect one end for the rollover cable to the RJ-45 console port located at the rear of the access point between the two antennas
# Connect the other end of the rollover cable to the RJ-45 connecter on the DB-9 to RJ45 adapter.
==Create an interface connection to the access point via HyperTerminal or other command line terminal==
# Open HyperTerminal from Start>All Programs>Accessories>Communications
# Create a new connection
## HyperTerminal should prompt you to create a new connection when it first opens
===Cisco recommends the following settings===
# 9600 baud rate
# 8 data bits
# no parity
# 1 stop bit
# no flow control
==Log in to the access point command line==
# Once the HyperTerminal connection is made, press '''Enter''' to access the command line interface and User Exec mode command prompt. None of the configuration we are doing will be in user EXEC mode so we will not spend any time on this area.
# At the command prompt, issue the command '''enable''' and press enter. This is the command to enter the privileged EXEC mode prompt.
# At this point, the system will prompt you for a password. The default password for this line of access points is '''Cisco''' and is case sensitive. This will also be the default password for the web browser interface in later sections. Type the password at the command prompt and press '''Enter'''.
# This should result in a command prompt ending with the pound (#) character.
==Remove the old configuration file==
# To remove any old configurations and prevent old settings from interfering, remove the starting configuration file by issuing the command '''erase startup-config''' at the command prompt.
# At this point, the system will prompt you to confirm your actions. Press '''Enter''' to confirm and return to the command prompt.
==Reload or restart the access point==
# At this point, you may either unplug the access point and plug it back in, or issue the command '''reload''' at the command prompt. If you choose to issue the '''reload''' command, it will prompt you again to confirm your actions. Press '''Enter''' to confirm and proceed with restarting the access point.
==Perform basic security configuration==
# Issue the command '''configure terminal''' at the command prompt and press '''Enter'''. This is known as “Global Configuration Mode”.
# If you wish, here you may issue the command '''<nowiki>hostname <</nowiki>'''''hostname''> at the command prompt where ''hostname'' will be the name of the access point. For the purpose of this article, we left this as the default value of “ap”.
# You may also wish to change the default password with the command '''enable secret'''<nowiki> <</nowiki>''password>''. This will change the default password for the privileged EXEC mode. This will also change the default password to access the web browser interface.
==Configure the BVI1 interface with an IP address==
# At the command prompt, issue the command '''interface bvi 1''' and press '''Enter''' to enter the interface configuration mode for the BVI1 interface. For the web browser interface to work, an IP address needs to be assigned to this interface. If you are configuring this on a wired network, this could be the network IP address of the access point. For our purposes, we configured this as a standalone access point and used the private address 192.168.1.1 with the subnet mask 255.255.255.0. Being as this address is in the subnet of the network that will occupy the access point, we then have the option use any device connected to the access point to access the web browser interface.
# At the command prompt, issue the command '''ip address '''''ip address subnet mask'', where ''ip address'' ''subnet mask'' is the combination of IP address and subnet mask that you wish to use.
# At this point, you can issue the command '''no shutdown''' as you would during most cases of interface configuration, but, like loopback interfaces, the BVI1 interface is a virtual interface and is always up so this step is not necessary.
# At the command prompt, issue the command '''end''' and press '''Enter''' to return to the global configuration command prompt.
==Configure the Dynamic Host Configuration Protocol (DHCP)==
# At this point we will configure the access point to provide DHCP service. To do this, choose a suitable network IP address and subnet mask to serve your purpose.
# At the command prompt, issue the command '''<nowiki>ip dhcp excluded-address <</nowiki>'''''<nowiki>low address> <high address></nowiki>'' and press '''Enter'''. The purpose of this command is to exclude a contiguous range of addresses used for management purposes such as static addresses for printers and other hardware and peripherals. You may enter a single address or a contiguous range of addresses.
# At the command prompt, issue the command '''ip dhcp pool''' ''<nowiki><name></nowiki>'', where ''name'' is a name chosen to represent the IP address pool and press '''Enter'''. For our purposes, we used the SSID of the access point. At this point, after pressing '''Enter''', you are placed in DHCP configuration mode.
# At the command prompt, issue the command '''network''' ''<nowiki><ip address> <subnet mask></nowiki>'' where ''<nowiki>ip address> <subnet mask></nowiki>'' are the network IP address and subnet mask that you chose in step A. For our purposes, we stuck with the combination of 192.168.1.0 255.255.255.0.
# At the command prompt, issue the command '''lease '''''<nowiki><days> <hours> <minutes></nowiki>'' to set the IP address lease period and press '''Enter'''. You may use '''infinite''' instead of defining the days, hours and minutes.
# At the command prompt issue the command '''end''' and press '''Enter''' to return to the privileged EXEC mode prompt.
# At this point, DHCP has been configured and the web browser interface should be operational and accessible. At the command prompt, issue the command '''copy running-config startup-config''' to save the changes.
==Configure the host network interface card (NIC) IPv4 settings with an IP address==
# Configure the IPv4 settings of the PC network interface card so that it has a static IP address that is on the same subnet as the BVI1 interface as well as the same subnet mask. For our purposes, we used 192.168.1.2 255.255.255.0.
==Connect an Ethernet patch cable to the access point==
# Here, we are using a cabled connection because the SSID and wireless interfaces have not yet been configured. Using an Ethernet patch cable, plug one RJ-45 connector in the NIC on the PC and the other RJ-45 connector into the Fast Ethernet interface located at the rear of the access point between the two antennas.
==Connect to the web browser interface of the access point==
# Open a web browser such as Internet Explorer or Firefox.
# In the address bar, type '''http://'''''ip address'' where ''ip address'' is the IP address of the BVI1 interface, and press '''Enter'''.
# At this point, you will receive a login prompt window. Leaving the username field blank, press the '''Tab''' key to move the cursor to the password field. If you set the password in step C of section VII, then the password you chose there is the same password needed here. If you left it as the default, the password should be '''Cisco'''. Enter the password and press '''Enter'''. This step should end with the web browser interface being displayed on the web browser.
==Configure service set identifier (SSID)==
# When the web browser interface starts, you are placed on the home screen. Here you should see a router configuration summary on the main screen. On the left side of the summary is a navigation panel. For our configuration we are going to navigate directly to the '''Express Security''' page. We are doing this for two reasons. We need to configure an SSID for wireless devices to connect to and we need to enable the wireless interfaces which need the SSID to work.\
# On the top of the '''Express Security''' page, you will see a field for an SSID name and a check box to allow broadcasting of the SSID. Enter a name and check the box to enable SSID broadcast. There are a lot of other options on this page, but for our immediate purpose, these are the only changes we will make here. Once you have set the SSID name and allowed it to broadcast, scroll down to the bottom of the page and click '''Apply'''.
==Enable the wireless interfaces==
# Navigate to the '''Interfaces''' page in the navigation menu on the left side of the screen. You will notice that the navigation panel expands to show each of the individual interfaces.
# Navigate to the '''Radio0-802.11B''' interface page. Here you will notice four tabs.
## RADIO0-802.11B STATUS - shows a summary interface status
## DETAILED STATUS - self explanatory
## SETTINGS - the changeable settings page
## CARRIER BUSY TEST - self explanatory
## Navigate directly to the '''Settings''' tab. Here you will notice all the settings available to configure the interface.
## For our purpose, click the '''enable''' option to enable the interface.
## Scroll down to the '''Data Rates''' setting and click on the '''Best Throughput''' button.
## Scroll sown to the bottom of the page and click the '''Apply''' button. It will take a few seconds for the interfaces to show enabled. If you still have access to the command line interface session, you will notice some system messages as the interface comes up.
# Perform steps B through F for interface '''Radio0-802.11A'''.
==Configure cipher type==
# In the navigation menu on the left side of the screen, navigate to the '''Security''' page. Again you will notice that the navigation menu expands to show sub sections of the security menu.
# Navigate to the '''Encryption '''sub section. Here you will notice that there is a page tab for each of the wireless interfaces. In this access point, you can configure different security measures for each interface. You will be setting them both the same.
# Click on the '''Cipher''' option and then use the scroll menu to the right and select '''TKIP''' as the encryption type. We are bypassing WEP on this page as WEP has been found to be broken and insecure and we are choosing to use the more secure WPA option (next section).
# You will only be using one security key so choose an appropriate passphrase and type it into the '''Encryption Key 2''' field. You can choose a different key size of you choose to do so, but for our purposes, we left ours at 128 bits.
# Scroll down to the bottom of the page. As we are applying these settings to both wireless interfaces, we can click on the '''Apply-All''' button. This will save you from having to configure encryption settings for both interfaces.
==Configure WPA==
# Here, we will now configure SSID authentication essentially by using the previously defined encryption key as the pre-shared key (PSK). In the navigation menu on the left side of the screen, navigate to the '''SSID''' '''Manager''' page.
# In the '''Current SSID List''' window, click and select the SSID name.
# Scroll down to the '''Authentication Settings''' section and make sure '''Open Authentication''' is selected. For a basic wireless configuration, you can leave the rest of this section configured with the defaults.
# Scroll down to the '''Authenticated Key Management''' section. Use the dropdown menu for Key Management to select '''Mandatory''' and then click and select the WPA option.
# Select either '''ASCII''' or '''Hexadecimal''' style passphrase, then enter an appropriate passphrase into the field for '''WPA Pre-shared Key'''.
# For the rest of this page, you can leave the rest of the configuration with the default settings. Scroll down to the bottom of the page and click on '''Apply'''.

You should now have completed setting up basic wireless service with DHCP enabled to automatically negotiate network addressing. You should be able to connect a wireless device with the NIC to set to obtain an IP address automatically. There are a couple of ways to check who is connected to your network at any given time. In the web browser interface, selecting the '''Association''' page from the navigation menu will show you a graphical table with a MAC address and the IP address that is associated with it. You can get this same information using the command line interface by issuing the command '''show ip dhcp binding''' in the privileged EXEC mode command prompt.