WLAN Concepts.

12.1. Introduction to Wireless. • not interoperable with the

802.11b and 802.11g
12.1.2. Types of Wireless Networks.
802.11b 2.4 GHz • speeds of up to 11 Mbps
• Wireless Personal-Area Networks (WPAN): • longer range than 802.11a
standard 802.15, Bluetooth and ZigBee, short • better able to penetrate
transmitters (20-30 ft) building structures
• Wireless LAN (WLAN): cover medium sized 802.11g 2.4 GHz • speeds of up to 54 Mbps
• backward compatible
networks, based on 802.11, up to 300 ft with 802.11b with
• Wireless MAN(WMAN): larger geographic reduced bandwidth
areas. capacity
• Wireless WAN(WWAN): Suitable for national 802.11n 2.4 GHz 5 • data rates range from 150
GHz Mbps to 600 Mbps with a
and global communications. distance range of up to 70
m (230 feet)
12.1.3. Wireless Technologies. • APs and wireless clients
• Bluetooth: 802.15 standards, device pairing, up require multiple antennas
to 100 m, has to types. using MIMO technology
• backward compatible
o Bluetooth Low Energy (BLE): supports with 802.11a/b/g devices
multiple network technologies like mesh. with limiting data rates
o Bluetooth Basic Rate/Enhanced Rate 802.11ac 5 GHz • provides data rates
(BR/EDR): supports point to point ranging from 450 Mbps to
1.3 Gbps (1300 Mbps)
topologies and is optimized for audio using MIMO technology
streaming. • Up to eight antennas can
• WiMAX (Worldwide Interoperability for be supported
• backwards compatible
Microwave Access): usually for areas that with 802.11a/n devices
doesn’t have wired connection, 802.16 with limiting data rates
standard, provides high speed wireless 802.11ax 2.4 GHz 5 • latest standard released in
broadband, is similar to Wi-Fi, works with GHz 2019
towers that are similar to cellular ones. • also known as Wi-Fi 6 or
High-Efficiency Wireless
• Cellular Broadband: 4G/5G, are multi-access (HEW)
networks, the two types are Global System for • provides improved power
Mobile (GSM) and Code Division Multiple efficiency, higher data
rates, increased capacity,
Access (CDMA). and handles many
• Satellite Broadband: its more expensive. connected devices
• currently operates using
12.1.4. 802.11 Standards 2.4 GHz and 5 GHz but
Multiple-Input and Multiple-Output (MIMO). will use 1 GHz and 7 GHz
when those frequencies
become available
IEEE WLAN Radio Description • Search the internet for
Standard Frequency Wi-Fi Generation 6 for
802.11 2.4 GHz • speeds of up to 2 Mbps more information
802.11a 5 GHz • speeds of up to 54 Mbps 12.1.5. Radio Frequencies.
• small coverage area WLANS operates on:
• less effective at
penetrating building
structures
• 2.4 GHz (UHF) - 802.11b/g/n/ax
• 5 GHz (SHF) - 802.11a/n/ac/ax
12.1.6. Wireless Standard Organizations. • Infrastructure mode: wireless clients connected
• The International Telecommunication Union to a wireless router or AP.
(ITU) for radio frequency spectrum. • Tethering: ad hoc variation when a smart device
• IEEE can be a hotspot.
• Wi-Fi Alliance.
12.3.3. BSS and ESS.
12.2. WLAN Components. • Basic Service Set (BSS): consists of a single AP
interconnecting all associated wireless clients,
12.2.2. Wireless NIC
the circle of coverage areas is called Basic
Wireless deployment requires minimum two
Service Area (BSA).
devices with radio transmitter and receiver at the
same frequencies, this are an end device with a Layer 2 MAC address of the AP is used to uniquely identify
wireless NIC and a network device AP, or each BSS, which is called the Basic Service Set Identifier
(BSSID).
wireless router.
12.2.3. Wireless Home Router. • Extended Service Set (ESS): BSS without
• Access point provides 802.11a/b/g/n/ac enough coverage can be joined by a distribution
wireless access. system (DS) into an ESS, is identified by the
SSID and BSS by its BSSID
• Switch provides a four-port, full-duplex,
10/100/1000 Ethernet switch to interconnect 12.3.4. 802.11 Frame Structure.
wired devices. Frame:
• Router provides a default gateway for
connecting to other network infrastructures, • Frame Control: type or wireless frame.
such as the internet. Subfields:
Provide high speed access, support for video o Protocol Version
streaming, IPv6, QoS and configuration, it o Frame Type
contains a Shared Service Set Identifier (SSID). o Address Type
12.2.4. Wireless Access Points. o Power management
Categories: o Security Settings
• Duration: remaining needed to receive next
• Autonomous: only have CLI or GUI to be frame transmission.
configured, for example is a home router
• Controlled-based: are often called lightweight Wireless Device:
AP (LAPs), they use the Lightweight Access • MAC of the AP
Point Protocol (LWAPP) to communicate with • MAC of the sender.
a WLAN controller (WLC)
• SA/DA/BSSID MAC of destination
12.2.6. Wireless Antennas.
From the AP:
• Omnidirectional Antennas: provide a 360°
coverage, ideal for houses. • MAC of Sender.
• Directional Antennas. • MAC of AP.
• MIMO antennas • SA/DA/BSSID MAC of destination.
• Sequence Control
12.3. WLAN Operation.
• Address 4 usually missing only used in ad hoc.
12.3.2. 802.11 Wireless Topology Modes • Payload (data in transmission).
• Ad hoc mode: peer to peer without wireless • FCS.
(Bluetooth).
12.3.5. CSMA/ CA (?) forwarding of traffic, adds security with
WLANS are half-duplex, they use this method for Datagram Transport Layer Security (DTLS),
corrections. The clients do the following: stablish tunnels on User Datagram Protocol
(UDP).
1. Listens to the channel to see if it is idle, which
means that is senses no other traffic is Ports used: 5256: CAPWAP control messages
currently on the channel. The channel is also for manage AP, 5247: CAPWAP encapsulate
called the carrier. data packets.
2. Sends a request to send (RTS) message to the
AP to request dedicated access to the network. Protocols used: IPv4: 17 , IPv6: 136
3. Receives a clear to send (CTS) message from 12.4.3. Split MAC Architecture.
the AP granting access to send. Key component of CAPWAP is splitting Media
4. If the wireless client does not receive a CTS Access Control (MAC):
message, it waits a random amount of time
before restarting the process. • AP MAC Functions
5. After it receives the CTS, it transmits the data. • WLC MAC Functions
6. All transmissions are acknowledged. If a
AP MAC Functions WLC MAC Functions
wireless client does not receive an
Beacons and probe Authentication
acknowledgment, it assumes a collision responses
occurred and restarts the process.
Packet Association and re-association of
acknowledgements and roaming clients
12.3.6. Wireless Client and AP Association.
retransmissions
Stages:
Frame queueing and Frame translation to other protocols
• Discover a wireless AP packet prioritization

• Authenticate with AP MAC layer data Termination of 802.11 traffic on a

encryption and wired interface
• Associate with AP decryption

Parameters: 12.4.4. DTLS Encryption.

• SSID
• Password
• Network mode (standards)
• Security mode.
• Channel settings: frequency bands used to
transmit wireless data
12.3.7. Passive and Active Discover Mode
• Passive Mode: AP advertises its service by
periodical broadcast beacon frames with the
SSID.
• Active: clients must know the name of the
SSID, client initiate process broadcasting a
request (probe)
12.4. CAPWAP Operation.
12.4.2. Introduction to CAPWAP.
Enables a WLC to manage multiple AP and
WLANS, responsible for encapsulation and
• Enabled by default to secure CATWAP.
• Allows communication between AP and WLC
by encryption.
12.4.5. FlexConnect Aps
Modes:
• Connected mode: WLC is reachable. In this
mode the FlexConnect AP has CAPWAP
connectivity with its WLC and can send traffic
through the CAPWAP tunnel, as shown in the
figure. The WLC performs all its CAPWAP
functions.
• Standalone mode WLC unreachable. The
FlexConnect has lost or failed to establish
CAPWAP connectivity with its WLC. In this
mode, a FlexConnect AP can assume some of
the WLC functions such as switching client data
traffic locally and performing client
authentication locally.
12.5. Channel Management.
12.5.1. Frequency Channel Saturation.
• Direct-Sequence Spread Spectrum (DSSS): for
spreading signal over a larger frequency band,
used by 802.11b devices to avoid
• Frequency-Hopping Spread Spectrum (FHSS):
transmit radio signal by rapidly switching a
carrier signal among many frequency channels,
it uses hops, 802.11 standards.
• Orthogonal Frequency-Division Multiplexing
(OFDM): frequency division by multiplexing,
a single channel used subchannels on adjacent
frequencies, is used by a number of
communication systems 802.11a/g/n/ac,
802.11ax uses a variation called Orthogonal
frequency-division multiaccess (OFDMA).
12.5.2. Channel Selection. (?)
The 802.11b standard identifies 11 channels for
North America, as shown in the figure (13 in
Europe and 14 in Japan).
2.4 GHz Overlapping Channels in North America
Interference occurs when one signal overlaps a
channel reserved for another signal, causing
possible distortion
2.4 GHz Non-Overlapping Channels for
802.11b/g/n
24 channels, bands of 5 GHz are divided into
three sections
12.5.3. Plan a WLAN Deployment.
While planning the location the most important
thing will be the coverage area, adding other
recommendations:
Note the locations where AP can’t be placed.
Note potential interferences.
Position AP above obstructions.
Position AP vertically, and where clients are
supposed to be.
12.6. WLAN Threats.
12.6.2. Wireless Security Overview.
Threats:
• Interception of data: should be encrypted to
prevent it from being read by eavesdropper.
• Wireless intruders: deterred unauthorized users.
• Denial of Service (DoS) Attacks:
o Improperly configured devices.
o Malicious user intentionally interfering
with the wireless communication.
o Accidental Interference
• Rogue Aps: unauthorized AP by a user, can be
infected maliciously if the AP don’t have well
configured security.
12.7. Secure WLANs 12.7.5. Authenticating a Home User.
12.7.2. SSID Cloaking and MAC Address • Personal: pre-shared key (PSK), no especial
Filtering authentication required.
• SSID Cloaking: SSID Broadcast enabled. • Enterprise: requires Remote Authentication
• MAC Address Filtering: for allowing or Dial-In User Service (RADIUS), must
blocking MACs authenticate using 802.1X which uses

12.7.3. 802.11 Original Authentication Methods Extensible Authentication Protocol (EAP) for
authentication.

12.7.6. Encryption Methods.

• Temporal Key Integrity Protocol (TKIP):
support legacy WLAN equipment, 802.11 WEP
encryption Method, carries out a Message
Integrity Check (MIC) in the encrypted packet

Open system authentication: VPN to ensure the message has not been altered.

Shared Key Authentication: mechanism WEP, • Advanced Encryption Standard (AES): used in
WPA, WPA2 and WPA3. WPA2, uses the Counter Cipher Mode with

Authentication Description
Block Chaining Message Authentication Code
Method Protocol (CCMP), allows destination hosts to
Wired Equivalent The original 802.11 specification
Privacy (WEP) designed to secure the data using the recognize if the encrypted and non-encrypted
Rivest Cipher 4 (RC4) encryption
method with a static key, it’s easy to
bits have been altered.
hack, no longer recommended and
should never be used. 12.7.7. Authentication in the Enterprise
Wi-Fi Protected A Wi-Fi Alliance standard that uses • RADIUS Server IP Address
Access (WPA) WEP, but secures the data with the
much stronger Temporal Key • UDP port numbers
Integrity Protocol (TKIP) encryption
algorithm. TKIP changes the key for • Shared Keys.
each packet, making it much more
difficult to hack.
12.7.8. WPA3
WPA2 Current standard for securing
wireless networks. It uses the Features:
Advanced Encryption Standard
(AES) for encryption. AES is • WPA3-Personal: Simultaneous Authentication
currently considered the strongest
encryption protocol. of Equals (SAE)
WPA3 Next generation of Wi-Fi security, all
devices use the latest security • WPA3-Enterprise: Commercial National
methods, disallow outdated legacy
protocols, and require the use of Security Algorithm (CNSA)
Protected Management Frames
(PMF). However, devices with • Open Networks: Opportunistic Wireless
WPA3 are not yet readily available.
Encryption (OWE)
• Internet of Things (IoT) Onboarding: