Lab 8.4.5.1 Configuring LEAP/EAP using Local RADIUS Authentication

Similar documents
Wireless Network Configuration Guide

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Case Study - Configuration between NXC2500 and LDAP Server

Installing Windows 95 Drivers and Utilities for the Cisco Aironet 340/350 Series Client Adapters

Abstract. Avaya Solution & Interoperability Test Lab

Interlink Networks Secure.XS and Cisco Wireless Deployment Guide

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Lab Configuring Access Policies and DMZ Settings

D-Link DAP-1360 Repeater Mode Configuration

Step-by-step Guide for Configuring Cisco ACS server as the Radius with an External Windows Database

Configuring the WT-4 for ftp (Ad-hoc Mode)

Instructions for accessing the new TU wireless Network

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

TECH BULLETIN NETGEN1 DOOR CONTROLLER WI-FI NETWORK CONFIG

Configuration of Cisco Autonomous Access Point with 802.1x Authentication for Avaya 3631 Wireless Telephone

Configuring the WT-4 for ftp (Ad-hoc Mode)

Lab Configure Basic AP Security through IOS CLI

Windows Vista: Connecting to the wireless network at Hood College

Pre-lab and In-class Laboratory Exercise 10 (L10)

Detective. Family. HPGe-Based Portable Nuclide Identifiers. Wireless Remote Operation With SOTI s Pocket Controller Software

Product Summary RADIUS Servers

ZyXEL VoIP 2602HWL - Setup guide

SATO Network Interface Card Configuration Instructions

TE100-P21/TEW-P21G Windows 7 Installation Instruction

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Configuring a BEC 7800TN Wireless ADSL Modem

Connecting to the University Wireless Network

Lab Configuring Access Policies and DMZ Settings

NetLINE Wireless Broadband Gateway

User Guide for eduroam

How To Connect To A Wireless Network On Windows 7 (Windows 7) On A Pc Or Mac Or Ipad (Windows) On Pc Or Ipa (Windows 8) On Your Computer Or Mac (Windows). (Windows.7) On An

Connect to the Sheridan College / Gillette College - STUDENT Secure Wireless Network with the PEAP Client (Windows XP Pro)

How to Access Coast Wi-Fi

Manual Wireless Extender Setup Instructions. Before you start, there are two things you will need. 1. Laptop computer 2. Router s security key

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Using the Aironet Client Monitor (ACM)

Movie Cube. User s Guide to Wireless Function

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Step by step guide for connecting PC to wired LAN at dormitories of University of Pardubice

STEP III: Enable the Wireless Network Card. STEP IV: Print out the Printer Settings pages to determine the IP Address

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

Motorola AP-5131 Access Point Quick Setup Guide

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Setting Up Internet Connection Sharing (ICS) on a Server

Using Cisco UC320W with Windows Small Business Server

How to set up as VPN Network

If you need additional assistance please contact our Technical Support Center at 24 hours a day, 7 days a week.

Configuring a customer owned router to function as a switch with Ultra TV

Wireless Client Configuration Guide. for third-party wireless Ethernet adapters

WLAN Outdoor CPE For 2.4G. Quick Installation Guide

Vantage RADIUS 50. Quick Start Guide Version 1.0 3/2005

Wireless LAN Client Configuration Guide for Windows Configuring 802.1X Authentication Client for Windows 7

2 Setting Up the Hardware for a Wired Ethernet Network Setting Up the Software for an Ethernet Network... 21

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

QUANTIFY INSTALLATION GUIDE

Lab Configure Syslog on AP

A Division of Cisco Systems, Inc. GHz g. Wireless-G. Access Point with SRX. User Guide WIRELESS WAP54GX. Model No.

CruzNet Secure Set-Up Instructions for Windows Vista

Quick Installation Guide DAP Wireless N 300 Access Point & Router

Step-by-Step Setup Guide Wireless File Transmitter

How to connect to NAU s WPA2 Enterprise implementation in a Residence Hall:

EW-7438RPn V2 User Manual

Setting up Windows XP for WPA Wireless Access (ISU-OIT-WPA)

WIRELESS SETUP FOR WINDOWS 7

1. Hardware Installation

Setting up SJUMobile (Wireless Internet Access for personal devices)

How To Set up and Configure the WNA-100 Wireless Network Adapter

Symphony Network Troubleshooting

MX7 Tecton. Quick Start Guide. Hand-Held Computer. With Microsoft Windows Embedded CE 6 or Windows Mobile 6.5 Operating System. TECTON-QS Rev A 4/12

Connecting to UNOSECURE using Windows 7

STATIC IP SET UP GUIDE

Enable VPN PPTP Server Function

Actiontec GT784WN Router

STEP III: Enable the Wireless Network Card

Step-by-Step Setup Guide Wireless File Transmitter

Preparing the Computers for TCP/IP Networking

Step-by-Step Setup Guide Wireless File Transmitter

How to convert a wireless router to be a wireless. access point

Wireless LAN Access Point. IEEE g 54Mbps. User s Manual

Mac OS X Secure Wireless Setup Guide

Configuring the CyberData VoIP 4-Port Zone Controller with Audio Out

Wireless G Broadband quick install

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

The ECU Wireless system uses a captive portal authentication system. There are three steps to configure your computer for wireless access:

Elastix Server VoIP Intercom Setup Guide

Mobile Router MR600 User Guide

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

AeroLab Wireless Network Code of Conduct. Connecting to the AeroLab Wireless Network

your Gateway Windows network installationguide b wireless series Router model WBR-100 Configuring Installing

Connecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements

VPN Overview. The path for wireless VPN users

Configuring the WT-4 for Upload to a Computer (Ad-hoc Mode)

SNMP Manager User s Manual

Instructions for connecting to winthropsecure. Windows 7/8 Quick Connect Windows 7/8 Manual Wireless Set Up Apple Quick Connect Apple Settings Check

IntraVUE Plug Scanner/Recorder Installation and Start-Up

StarMOBILE Network Configuration Guide. A guide to configuring your StarMOBILE system for networking

How to Set Up a Wireless Network. How to configure a wireless network for a computer science programming contest using PC 2

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

SOHO 6 Wireless Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0

Transcription:

Lab 8.4.5.1 Configuring LEAP/EAP using Local RADIUS Authentication Objective Topology Estimated Time: 40 minutes Number of Team Members: Students can work in teams of two. In this lab, the student will learn about the second generation of Wireless LAN security and how to implement LEAP on a Wireless LAN for secure client authentication. The main steps to this lab are: 1. Configure AP WEP Key or Cipher 2. Configure RADIUS Server 3. Configure Local RADIUS Server 4. Configure Users 5. Configure and verify LEAP/EAP Authentication on the AP 6. Configure LEAP/EAP on the client (PC2) via ACU 7. Monitor the connection, login, and authentication statistics 1-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Scenario Preparation One way to secure wireless LANs and improve network security is to use authentication for accessing the AP. Wireless clients can use Extensible Authentication Protocol (EAP) to authenticate to a wireless LAN. 802.1x local RADIUS authentication is available on the 1100 and 1200 APs. This allows LEAP/EAP to be used without requiring a Cisco Secure ACS Server. Furthermore, this feature provides a backup for ACS Servers in an Enterprise network. Prior to this lab, the Cisco Aironet AP should be configured to allow clients to associate. The IP address, hostname and SSID should be configured on the AP. A PC should be installed with a Cisco Aironet Client Card, and it should already be associated to the AP. Cable the equipment according to the Topology. Update the Aironet Client Utility version 6.0 or later. Tools and Resources Each team of students will require the following: Cisco Aironet AP Hub or switch A wireless PC, laptop, or handheld (PC2) with a Cisco Aironet Client Adapter Card and utility properly installed and configured. One wired PC (PC1) 2-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 1 Configure the AP WEP Keys or Cipher In order to enable Cisco LEAP on the AP, WEP Encryption or a Cipher must be enabled. a. From the SECURITY>Encryption Manager Page of the AP, configure the Encryption Key 1. b. Click on the WEP Encryption radio button. c. Select Mandatory. d. Click Apply-All. 1. The Cipher option can be used for greater security. What options are available? 3-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 2 Configure RADIUS Server Complete the following steps to configure the Backup RADIUS Server from the SECURITY>Server Manager Page: a. Enter the IP address of the Local RADIUS server in the Server Name/IP entry field. This will be the IP address of the AP where the local RADIUS database is running. Should be 10.0.P.1 b. Enter the Shared Secret key of secretkey c. Click Apply. Step 3 Configure Local RADIUS Server Complete the following steps to configure a Local RADIUS Server from the SECURITY>Local RADIUS Server Page: a. Click on the GENERAL SET-UP tab. b. Enter the IP address of the Local RADIUS server in the Server Name/IP entry field. This will be the IP address of the AP where the local RADIUS database is running, 10.0.P.1 c. Enter the Shared Secret key of secretkey d. Click Apply. 4-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 4 Configure Users Complete the following steps to configure users from the SECURITY>Local RADIUS Server Page: a. Continue from the GENERAL SET-UP tab. b. Enter the following users: User Username Password 1 aaauser aaapass 2 Cisco1 ciscopass c. Click Apply. 5-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 5 Configure Authentication on AP In order to enable Cisco LEAP on the AP, complete the following steps to configure the Authentication Method: e. On the SECURITY>SSID Manager page of the AP, create a new SSID of APP, where P is the Pod number. f. Check the Network EAP box. g. Click the Apply-All button. 6-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 6 Verify the LEAP Configuration From the SECURITY Home page of the AP, verify Network EAP is checked and the only SSID is APP. The default tsunami SSID should be deleted for security. Also verify the Server Based Security is configured correctly as shown. 7-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 7 Configuring LEAP on the ACU In order to enable the EAP in the Aironet client utility, complete the following steps: a. On PC2, configure the TCP/IP settings for the Wireless Network Connection if a DHCP server is not available. Otherwise, when the client authenticates, the wireless PC will not be able to communicate via IP. i. IP address of 10.0.P.12 ii. Subnet mask of 255.255.255.0 iii. Gateway of 10.0.P.254 b. Go to the Network Security tab in the Aironet Client Utility on PC2 and each of the wireless client computers. c. Select the LEAP from the Network Security Type: drop down list and click Configure. 8-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

d. Click on Use Saved User Name and Password. i. Enter aaauser for the User Name. ii. Enter aaapass for the Password. iii. Enter aaapass for the Confirm Password. iv. Uncheck the two checkboxes at the bottom of the LEAP Settings window. v. Click OK. e. In the profile manager, select the profile which LEAP is configured on and click OK. If a save username and password was not configured, an authentication screen should come up asking for a user ID and password. Type in the following. i. The username for authentication is aaauser. ii. The password for authentication is aaapass. f. The ACM icon should change to green once the authentication is complete. g. From PC1, PC2 or the ACS Server, browse to the AP ASSOCIATION page to verify the connection. 2. What are the three authentication states? 9-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

Step 8 Verify the Wireless Connection From the ASSOCIATION page of the AP, verify the association state. This should display all of the connected clients. From the EVENT LOG Page of the AP, check the association logs. From the SECURITY>Local RADIUS Server Page of the AP, click on the STATISTICS tab. Verify the User Information for authentication successes, failures, and blocks. 10-10 Fundamentals of Wireless LANs - Lab 8.4.5.1 Copyright 2003, Cisco Systems, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information