FWL Skills Final Estimated Time: 90 minutes Number of Students: 2 students can be tested simultaneously Objective The student may read and prepare for 5 minutes. There are 3 main tasks for the hands-on skills final to be completed: 1. Basic Installation and Configuration (45 minutes) 2. Security and Monitoring (20 minutes) 3. Management (20 minutes) Topology 1 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. Scenario FWL, Inc. has recently decided to implement a wireless solution to enable mobility, increase the bandwidth to the branch office, and reduce the overall cost of remote access. Some of the concerns from the Chief Security Officer (CSO) include data theft and wireless attacks on the network. The Chief Executive Officer (CEO) is concerned with employee satisfaction with the wireless experience and expects a jump in productivity. It is the job of the wireless network administrator to ensure the WLAN is properly installed, secured, and tested to achieve these goals. Read the checklist at the end of this document before beginning the exam. Depending on the available time, the instructor will adjust the requirements. Students may be required to use 802.11a, 802.11b, or both. The instructor will assign each student to either the main office or branch office. Preparation The equipment must be setup and cabled according to the topology. Tools and Resources The following are required for each pod. Hardware: • Wired PC • Wireless PC or laptop • Wireless NIC 802.11a, 802.11b, or both • AP 1200 (or 1100) • BR350 • 2 hubs or one switch with 2 VLANs • 3 rubber duck dipole antennas • 2 Category 5 patch cables Software: • ACU v6 or later • PuTTY or equivalent • Kiwi Sylog or equivalent • IE 6 or Netscape 7 Optional: • Windows 2000 Server • Cisco Secure ACS 3.1 or later 2 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. Checklist and Score Report Step 1 Basic Installation and Configuration (45 min) ______/50 o Install (5 points)  NIC • Option 1: 11b (PCM352 or PCI 352) • Option 2: 11a (CB20A)  ACUv6 • Option: Desktop or Laptop o Operating System Options:  Windows  MAC  Linux o Configure  Client (10 points) • Create Profiles: Office 1 and Office 2 (2 must be created) o Client Name:  Option1: 11b • First initial-Last name-b  Option2: 11a • First initial-Last name-a o SSID  Option 1: 11b • Pod1: fwl-ap1-b • Pod2: fwl-ap2-b  Option 1: 11a • Pod1: fwl-ap1-a • Pod2: fwl-ap2-a o Static WEP  Option 1: 40 bit  Option 2: 128 bit o Channel:  Option 1: 11b • Pod1: 1 • Pod2: 11  Option 2: 11a • Pod1: 34 • Pod2: 64 o Power:  Option 1: • 1mW • 5mW o Auto Profiles  Office1  Office2 o IP Addressing:  Pod 1: 172.30.1.10  Pod 2: 172.30.2.10  AP (15 points) • Hostname o Option1: 11b  Fwl-ap1-b  Fwl-ap2-b o Option2: 11a  Fwl-ap1-a  Fwl-ap2-b 3 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. • SSID o Option 1: 11b  Pod1: fwl-ap1-b  Pod2: fwl-ap2-b o Option 1: 11a  Pod1: fwl-ap1-a  Pod2: fwl-ap2-a o Option 3: both 11a and 11b • Static WEP o Option 1: 40 bit o Option 2: 128 bit • Channel: o Option 1: 11b  Pod1: 1  Pod2: 11 o Option 2: 11a  Pod1: 34  Pod2: 64 • Power: 5mW or 10mW • Antenna: Dual Diversity  BR (15 points) • Hostname: o Pod1: fwl-br1 o Pod2: fwl-br2 • SSID: o Pod 1 and 2: fwlskills-br • Radio o Channel: 6 o Power: 5mW or 10mW o Antenna: Left only • WEP: 128 bit o Students must collaborate to establish a common key. o Test Connectivity (5 points)  Verify connectivity from the syslog PC to the AP and bridge BVI.  Verify wireless client to AP connectivity. Telnet from the Student PC to the AP.  Verify connectivity from BR to BR. Telnet from the wireless PC to the peer AP.  Ping the peer syslog server. Step 2 Security and monitoring (20 min) _____/25 o Secure AP (20 points)  General (5 points) • Change from Static WEP to Cipher ( TKIP + WEP 128 bit ) • Disable broadcast SSIDs  Authentication (15 points) • LEAP o Option1: Local Radius  Configure users • FWLuser1, FwLPaS1 • FWLuser2, FwLPaS2 o Option2: ACS  Configure users o Test Connectivity (5 points)  Verify client to AP connectivity. Telnet from the student PC to the AP.  Verify connectivity from BR to BR. Telnet from the student PC to the peer AP. 4 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. Step 3: Management (20 min) _____/25 o Configure (20 points)  Administrator Account (5 points) • Username: fwladmin1 • Password: WiReLeSs  SSH (5 points) • Disable Telnet and HTTP  Backup configurations (5 points) • Client profiles • Bridge configuration • AP configuration  Monitoring (5 points) • Configure Syslog on AP, BR or both • Install and configure Syslog software on wired LAN PC o Test Connectivity (5 points) • Use the PuTTY SSH client to connect to the AP from the wireless PC. • Disassociate from the AP, then re-authenticate and verify the syslog logs are received by the syslog server. • Verify the backup configurations are stored on disk. • Verify the administrator account. • Verify Telnet and HTTP are disabled. • Connect to the peer AP through a wireless connection. Total Score ______/100 5 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. Pass / Fail Must score 85% or better on the first attempt Must score 90% or better on subsequent attempts 6 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems, Inc. . (15 points) • Hostname o Option1: 11b  Fwl- ap1-b  Fwl- ap2-b o Option2: 11a  Fwl- ap1-a  Fwl- ap2-b 3 - 6 Fundamentals of Wireless LANs – Skills Final Form 1 Copyright  2003, Cisco Systems,. First initial-Last name-a o SSID  Option 1: 11b • Pod1: fwl- ap1-b • Pod2: fwl- ap2-b  Option 1: 11a • Pod1: fwl- ap1-a • Pod2: fwl- ap2-a o Static WEP  Option 1: 40 bit  Option 2: 128. 2003, Cisco Systems, Inc. • SSID o Option 1: 11b  Pod1: fwl- ap1-b  Pod2: fwl- ap2-b o Option 1: 11a  Pod1: fwl- ap1-a  Pod2: fwl- ap2-a o Option 3: both 11a and 11b • Static WEP o Option