CNET324 Lab 4-Wireless VLAN with RADIUS Authentication
.docx
keyboard_arrow_up
School
Centennial College *
*We aren’t endorsed by this school
Course
324
Subject
Computer Science
Date
Feb 20, 2024
Type
docx
Pages
22
Uploaded by ColonelPantherPerson857
Lab 5: Wireless VLAN with RADIUS Authentication
Lab 4
Lab 4: Wireless VLAN with RADIUS Authentication *By signing above, you attest that you have contributed to this submission and confirm that all work you have contributed to this submission is your own work. Any suspicion of copying or plagiarism in this work will result in an investigation of Academic Misconduct and may result in a “0” on the
School of Engineering Technology and Applied Science (SETAS)
Information and Computing Engineering Technology (ICET)
CNET 324 - Wireless Networks
Course Lead: Dr. Sattar Hussain Section No.
002
Group No.
06
Obtained Mark
(out of 20)
Due Date
February 12, 2024
Name
Student ID
Signature*
Saad
301284248
S
Shivani Bajaj
301312712
SB
Alka
301281875
A
Lab 5: Wireless VLAN with RADIUS Authentication
Overview
If you use VLANs on your wireless network and assign different SSIDs to these VLANs, you can use
any of the security settings on the Express Security page of the Cisco AP1242G Aironet Access Point.
Without VLANs, encryption settings options apply to an interface are limited. Just as you use the Express Setup page to assign basic setting, you can use the Express Security page
to create unique SSIDs and assign one of four security types to them. For detailed security, refer to the
Cisco IOS Software Configuration Guide for Cisco Access Points
.
When the access point configuration is set to factory defaults, the first SSID that you create by using
the Express Security page overwrites the default SSID, which has no security settings. The SSIDs that
you create appear in the SSID table at the bottom of the page. You can create up to 16 SSIDs on the
access point.
The four security types provided by the Express Setup page are:
No Security: This is the least secure option. You should use this option only for SSIDs used in a
public space and assign it to a VLAN that restricts access to your network.
Static WEP Key: Static WEP keys are vulnerable to attack. If you configure this setting, you should
consider limiting association to the wireless device based on MAC address or, if your network does
not have a RADIUS server, consider using an access point as a local authentication server. EAP Authentication: This option enables 802.1X authentication (such as LEAP, PEAP, EAP-TLS,
EAP-FAST, EAP-TTLS, EAP-GTC, EAP-SIM, and other 802.1X/EAP based products). This setting
uses mandatory encryption, WEP, open authentication + EAP, network EAP authentication, no key
management, RADIUS server authentication port 1645. You are required to enter the IP address and
shared secret for an authentication server on your network (server authentication port 1645). Because
802.1X authentication provides dynamic encryption keys, you do not need to enter a WEP key.
WPA: Wi-Fi Protected Access (WPA) permits wireless access to users authenticated against a
database through the services of an authentication server, then encrypts their IP traffic with stronger
algorithms than those used in WEP.
This setting uses encryption ciphers, TKIP, open authentication + EAP, network EAP authentication,
key management WPA mandatory, and RADIUS server authentication port 1645. As with EAP
authentication, you must enter the IP address and shared secret for an authentication server on your
network (server authentication port 1645).
Learning Objectives
By completion of this lab, students will be able to:
-
Configure VLANs on Cisco Access Points using of the command−line interface (CLI) -
Configure Cisco 2950 Catalyst switch using of the command−line interface (CLI) -
Configure VLANs with RADIUS authentications
-
Test the VALNs connectivity with RADIUS authentication
Required Equipment
-
1 Cisco AP1242G Aironet Access Point
-
2 desktop computers running WINDOWS 7 or Windows 10 operating system
-
2 Laptops with WINDOWS 7 or Windows 10 operating system -
1 Cisco 2950 Catalyst switch
-
2 Whip WiFi 2.4 GHz antennas
Lab 5: Wireless VLAN with RADIUS Authentication
Note: This lab is derived from the application note for AP1242 VLANs on Aironet Access Points
Network Topology
Below is the list of IP addresses used for the devices. All the IP addresses use /24 subnet mask
AP Bridge−Group Virtual Interface (BVI) IP address (VLAN 2): 172.16.1.20
Wireless client (SSID Admin) that connects to VLAN 20 gets a static IP address: 172.16.2.X*
Wireless client (SSID Guest) that connects to VLAN 30 gets a static IP address: 172.16.3.X*
Admin user on the wired network on VLAN 20: 172.16.2.60 (static IP)
Web server on VLAN 30: 172.16.3.60 (Static IP)
* X is any number 2-254
172.16.2.0 subnet
172.16.3.0 subnet
Lab 5: Wireless VLAN with RADIUS Authentication
The numbering plan to be used for this lab is as follows:
Cisco 1242G Factory Setting
Default IP address
10.0.0.1
Subnet Mask
255.255.255.0
User name:
Password:
Cisco
NOTE:
Change LAN settings to static IP address.
Group #
Network Host
Name VLAN to be
used
IP Address
Subnet Mask
1
AP
As per lab instructions
As per lab instructions
255.255.255.0
2
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
3
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
4
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
5
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
6
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
7
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
8
AP
As per lab
instructions
As per lab
instructions
255.255.255.0
Procedure
Important: read the following notes before starting your lab
a)
The following procedure is based on Windows 7. If a different system is used, the procedure
may be slightly different. b)
In each laptop, turn off MacAfee Protection. Turn Off the Windows Firewall for Home or
work (private) networks. Make sure each laptop is disconnected from Centennial WiFi
network.
c)
EACH OF THE PCS , CELLPHONES AND THE AP SHOULD HAVE UNIQUE IP
ADDRESS BUT ALL MUST BE IN THE SAME SUBNET TO COMMUNICATE.
d)
Handle lab equipment with extra care. Dropping or misusing equipment may damage them.
Ask your professor if you are not sure about any step of the lab procedure
e)
Read the label on the power adapter (charger) of the access point. Make sure that you are
using the right one. Using a different charger will damage the wireless access point.
Lab 5: Wireless VLAN with RADIUS Authentication
Task 1: Set up WAP on 802.11g Radio Interface Note: If you have not copied the configuration file from lab 4, repeat these steps exactly as you have done in lab 4
1.
Before you power up the access point
, connect two 2.4-GHz external antennas as shown.
Make sure to connect these antennas to 2.4 GHz side of the AP
. Notice the difference in the
shape of the 2.4 GHz and the 5 GHz antenna. This will help in identifying the 2.4 GHz
antenna. 1.
Use a Hyper terminal or PuTTY to go on CLI.
2.
Use the USB to Serial adapter. Load the drivers if it is required and verify the COMM port by
going through the Device manager.
3.
Set up a terminal emulator on your PC to communicate with the access point. Use the
following settings for the terminal emulator connection: 9600 baud, 8 data bits, no parity, 1
stop bit, and no flow control.
Commands are:
ap > Enable
ap # Config terminal
ap (config) # Interface bvi1
ap (config-if) # IP address 10.0.x.1 255.255.255.0
(Replace x with your group number)
ap (config-if) # end
Exit
4.
Change the Local Area Network (Ethernet) Adapter IP address of to be in the same subnet of
the access point (10.0.x.X) where X any number 2-254.
5.
Open the Browser and type 10.0.x.1. Login with
Username {blank}
Password: Cisco
You should now see the summary status
5 GHz antennas
2.4 GHz antennas
Lab 5: Wireless VLAN with RADIUS Authentication
6.
Go to EXPRESS SET-UP and assign the following:
Host Name
: AP
Configuration Server Protocol
: Static IP
IP Address
: 172.16.1.20
Default Gateway: : Web
Server Address (172.16.3.60)
SNMP COMMUNITY
: defaultCommunity
Role in Radio Network
: Access Point
7.
Click Apply
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
Step-By-Step Assignment Instructions
Assignment Topic:
How data breaches occur and are discovered.
Setup instructions:
Go to https://www.privacyrights.org/data-breaches and review some of the information on data breaches.
Then pick 3 different types of data breaches and report on one data breach each. The types are located on the left hand side.
How to submit:
Submit a summary of each data breach and answer the following questions in your response:
What was the data breach?
How was the data breach found out?
What were the threats?
What were the vulnerabilities and how did the threats interact with them?
Based on what you have learned in the course, what threats or vulnerabilities were present that caused the data breach?
Submissions must be submitted in rich text format. Each summary should be at least 2 paragraphs in length but not more than 1 page. In other words, since you are reviewing 3 data breaches, you will have 6 paragraphs to 3 pages total for the overall submission.
arrow_forward
Debate against the following statement: "It is wrong to post images or videos of someone without their consent." You should be in disagreement with this statement.
arrow_forward
1-page PHI/EPHI Policy (Note: In Week Five, you will practice writing policies again.)
PHI/EPHI Policy Template
Version:
<Indicate the version of the policy, its revision date, and the approver.>
Purpose:
This policy prohibits the use, storage, and discloser of Personal Health Information (PHI) and Electronic Personal Heal information (EPHI), except as specifically permitted or required by HIPAA regulation.
Scope:
<Describe who this applies to in the organization.>
Policy:
1. <Provide accurate definitions used in the policy, like PHI.>
2. <State how data must be stored (e.g., encrypted).>
3. <Indicate covered entities.>
4. <Indicate the consequences for a confidentiality breach.>
5. <Indicate what standards the policy follows (e.g., NIST SP800-53).>
arrow_forward
Several professionals in the field of cybersecurity believe that fingerprinting is unethical and that it violates the privacy concerns of users. A number of browsers have developed methods to avoid leaving a browser fingerprint. Browsers have made many attempts to defend themselves against fingerprint recognition using a variety of methods.
arrow_forward
True or False: HIPAA does not provide for specific circumstances in which law enforcement officers can access PHI
arrow_forward
- A policy conundrum
Your organization has the following statements regarding phishing/social engineering in the employee manual:
All employees are required to complete annual security awareness training as provided by the Information Security team. Employees must successfully complete the training and achieve an established minimum score on any quizzes associated with the training.
The organization will conduct routine evaluations of the effectiveness security awareness training through simulated phishing tests. Employees that incorrectly identify simulated phishing emails must complete additional security awareness training and their manager will be notified. If an employee incorrectly identifies 3 or more simulated phishing emails, additional action may be taken by the employee’s manager, up to and including termination.
Employees are required to report any suspicious emails to the organization’s Information Security team using the Suspicious Mail button located in the…
arrow_forward
Subject: Computer Security
Question:
Why do nurses need to acknowledge sources and seek permissions as appropriate?
Note:
Please provide scholarly references
arrow_forward
Q2- A security threat exists when an unauthorised user is fraudulently accessed the sensitive record and modified it. Briefly describe possible ways that can mitigate this attack and how.
(If you can please identify 5 possible way or as much as you can
arrow_forward
Assuming you get your test answer booklet for this course at the end of the semester
Your antivirus has detected (indicated) that your semester exams are contaminated.
you're infected with a virus, but you only have approximately 5 hours to submit/upload your work
lemsas.net answer booklet Discuss what you would do if you were in this situation.
submitting your response booklet and so avoiding a course failure
arrow_forward
What are the steps for creating and verifying ElGamal digital signatures?
arrow_forward
List Top 10 OWASP Vulnerabilities
arrow_forward
Several experts in the field of cybersecurity argue that fingerprinting is unethical and infringes consumers' privacy concerns.
Several browsers have devised techniques to prevent leaving a browser fingerprint.
Browsers have tried a number of strategies to defend themselves from fingerprint recognition.
arrow_forward
Which dimension(s) of security is spoofing a threat to?A) integrityB) availabilityC) integrity and authenticityD) availability and integrity
arrow_forward
INTERNET and COMPUTER CRIME
1. You are one of the top students in your university’s computer science program of 200 students. You are surprised when you are met after class by two representatives from a federal intelligence agency. Over dinner, they talk to you about the increasing threat of cyberterrorist attacks launched on the United States by foreign countries and the need to counter those attacks. They offer you a position on the agency’s supersecret cyber terrorism unit, at a starting salary 50 percent higher than you know other computer science graduates are being offered. Your role would be to both develop and defend against new zero-day exploits that could be used to plant malware in the software used by the government and military computers. Would such a role be of interest to you? What questions might you ask to determine if you would accept their offer of employment?
2. You are a member of the application development organization for a small but rapidly growing…
arrow_forward
Assignment Content
Imagine you have been hired to conduct a social engineering penetration test by a flooring sales and installation company with showrooms, warehouses, and offices throughout the state. Recently, several employees, including the company’s president, fell prey to a phishing scam. The company’s leadership realized they needed to better understand social engineering to better protect the company, the employees, and their customers. The first step is to present a general overview of social engineering and how social engineering threats function in preparation for the social engineering penetration test to the leadership team.
Create a 10- to 12-slide media-rich presentation with speaker notes providing your client with details on how the social engineering penetration test will be conducted. Include the following information:
Explain the concept of social engineering and how it can threaten the security of an organization.
Describe human-, computer-, and…
arrow_forward
XSS attacks:What is an XSS attack?
arrow_forward
verification of OOA and OOD
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Related Questions
- Step-By-Step Assignment Instructions Assignment Topic: How data breaches occur and are discovered. Setup instructions: Go to https://www.privacyrights.org/data-breaches and review some of the information on data breaches. Then pick 3 different types of data breaches and report on one data breach each. The types are located on the left hand side. How to submit: Submit a summary of each data breach and answer the following questions in your response: What was the data breach? How was the data breach found out? What were the threats? What were the vulnerabilities and how did the threats interact with them? Based on what you have learned in the course, what threats or vulnerabilities were present that caused the data breach? Submissions must be submitted in rich text format. Each summary should be at least 2 paragraphs in length but not more than 1 page. In other words, since you are reviewing 3 data breaches, you will have 6 paragraphs to 3 pages total for the overall submission.arrow_forwardDebate against the following statement: "It is wrong to post images or videos of someone without their consent." You should be in disagreement with this statement.arrow_forward1-page PHI/EPHI Policy (Note: In Week Five, you will practice writing policies again.) PHI/EPHI Policy Template Version: <Indicate the version of the policy, its revision date, and the approver.> Purpose: This policy prohibits the use, storage, and discloser of Personal Health Information (PHI) and Electronic Personal Heal information (EPHI), except as specifically permitted or required by HIPAA regulation. Scope: <Describe who this applies to in the organization.> Policy: 1. <Provide accurate definitions used in the policy, like PHI.> 2. <State how data must be stored (e.g., encrypted).> 3. <Indicate covered entities.> 4. <Indicate the consequences for a confidentiality breach.> 5. <Indicate what standards the policy follows (e.g., NIST SP800-53).>arrow_forward
- Several professionals in the field of cybersecurity believe that fingerprinting is unethical and that it violates the privacy concerns of users. A number of browsers have developed methods to avoid leaving a browser fingerprint. Browsers have made many attempts to defend themselves against fingerprint recognition using a variety of methods.arrow_forwardTrue or False: HIPAA does not provide for specific circumstances in which law enforcement officers can access PHIarrow_forward- A policy conundrum Your organization has the following statements regarding phishing/social engineering in the employee manual: All employees are required to complete annual security awareness training as provided by the Information Security team. Employees must successfully complete the training and achieve an established minimum score on any quizzes associated with the training. The organization will conduct routine evaluations of the effectiveness security awareness training through simulated phishing tests. Employees that incorrectly identify simulated phishing emails must complete additional security awareness training and their manager will be notified. If an employee incorrectly identifies 3 or more simulated phishing emails, additional action may be taken by the employee’s manager, up to and including termination. Employees are required to report any suspicious emails to the organization’s Information Security team using the Suspicious Mail button located in the…arrow_forward
- Subject: Computer Security Question: Why do nurses need to acknowledge sources and seek permissions as appropriate? Note: Please provide scholarly referencesarrow_forwardQ2- A security threat exists when an unauthorised user is fraudulently accessed the sensitive record and modified it. Briefly describe possible ways that can mitigate this attack and how. (If you can please identify 5 possible way or as much as you canarrow_forwardAssuming you get your test answer booklet for this course at the end of the semester Your antivirus has detected (indicated) that your semester exams are contaminated. you're infected with a virus, but you only have approximately 5 hours to submit/upload your work lemsas.net answer booklet Discuss what you would do if you were in this situation. submitting your response booklet and so avoiding a course failurearrow_forward
- What are the steps for creating and verifying ElGamal digital signatures?arrow_forwardList Top 10 OWASP Vulnerabilitiesarrow_forwardSeveral experts in the field of cybersecurity argue that fingerprinting is unethical and infringes consumers' privacy concerns. Several browsers have devised techniques to prevent leaving a browser fingerprint. Browsers have tried a number of strategies to defend themselves from fingerprint recognition.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Np Ms Office 365/Excel 2016 I NtermedComputer ScienceISBN:9781337508841Author:CareyPublisher:CengageFundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningEnhanced Discovering Computers 2017 (Shelly Cashm...Computer ScienceISBN:9781305657458Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. CampbellPublisher:Cengage Learning
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning