Assignment1 - Laurentianweb.cs.laurentian.ca/.../assets/documents/Assignment1.docx · Web viewIn this Assignment, you will be using Packet Tracer, a network simulator software. With
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
ASSIGNMENT 1SETTING UP WIFI NETWORK: SECURE AND OPEN
Administrative Info
Mode of delivery Demonstration and ReportDue July 6, 2017Group As assigned by the professor
A. OBJECTIVES
Learn about network simulation Access Point (AP) usage Wireless router usage Setting up WiFi security: WPA2-PSK, WPA2-Enterprise Setting up and usage of AAA server Setting up and usage of DHCP server Setting up and usage of DNS server
B. INTRODUCTION TO PACKET TRACER
In this Assignment, you will be using Packet Tracer, a network simulator software. With packet tracer, you can quickly build network involving cisco networking devices (e.g. routers, switches, hubs, security appliances, etc.) and standard hosts (e.g. desktop PC, laptop PCs, tablets, smartphone, VoIP phones, etc.). Also, the program provides some simulated servers very useful for network operation and testing. In this activity we will be using web (HTTP) server, DNS server, DHCP server, and AAA (Authentication, Authorization and Accounting) server.
For a quick introduction of the software interface and usage, watch any youtube video.
Also, go over the following video tutorial that comes with the software (Help menuTutorial).
a. Getting Started Interface Overviewb. Logical Workspace Creating a Network Topologyc. Configuring Devices Configuring Devices Using the Config tabd. Configuring Devices Configuring Devices Using the Desktop tabe. Configuring Devices Configuring Devices Using the CLI tab f. LinksysWRT300N Topologiesg. LinksysWRT300N Local Loop Connectionsh. LinksysWRT300N Configuring Linksys Security
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
C. PROCEDURE
In this activity you will create a network for a small organization (any name of your choice) provides WiFi service to its staff, as well as the guest to the office. For testing purposes, you will setup access points (AP) in both secure and open mode. Again, in secure mode, you will setup AP with WPA2-PSK and WPA2-Enterprise authentication. WPA2-Enterprise will use an AAA (radius) server for user authentication.
Additionally, you will setup the access and core network (distribution system), and add necessary servers and networking devices to support the overall deployment.
Note that even though we are providing secure access WiFi, not other security mechanism (e.g. ACL, Firewall, etc.) is implemented in this lab network.
Using the following step, you will gradually build the network, and configure the devices for proper operation.
(I) TOPOLOGY SETUP
(1) Start an empty topology.
(2) From the Devices palette at the bottom of the window, drag and drop the following devices on the topology.
Table 1: Device List for the topology
Device Number Comment
Router (819HGW) 4 1 router for the ISP;
3 for the core network of ABC Co.
Switch (2960-24TT) 4
End Device (Generic, Server-PT)
5 ExtWebSer in the ISP’s network;
IntWebSer in the ABC Co’s LAN1;
DNSSer in the ABC Co’s LAN1;
AAASer in the ABC Co’s LAN1;
DHCPSer in ABC Co’s LAN2
Wireless Devices (Generic, AccessPoint-PT-N)
2 These are pure Access Point, without any routing functionality;
Both are place in LAN2, and will provide secure access to the client
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
Wireless Devices (WRT300N)
3 These are APs with built-in router;
In addition to routing function, there wireless routers provide NAT and DHCP service.
One will be used for guest without any security
One will be used for internal staff with WPA2-PSK (pre-shared key) security mode.
One will be used for internal staff with WPA2-Enterprise security mode, in conjunction with the AAA server
Note about connecting WRT300N to the uplink. Make sure ‘Internet’ interface is used to connect the uplink device (switch or router). This interface represents ‘WAN’ interface of a usual home router.
End Devices (Generic, PC-PT)
2 For testing purposes
One as DHCP client, placed in LAN2
One with static IP, place in the same LAN with Wireless routers.
End Devices (Generic, Laptop-PT)
2
End Devices (Wireless Tablet, TabletPC-PT)
2 One for WPA2-PSK configuration
One for WPA2-Enterprise configuration
End Devices (Smart Device, Smartphon-PT)
1 For guest access
(3) Use the following diagram to connect the devices and create the network topology for the activity.
(4) Using the annotation tools, label the topology. The wireless connections may not show up until you configure the AP or wireless routers.
(5) IMPORTANT: Make sure you connect between proper interfaces (see the names of interfaces) of the routers as indicated in the diagram; because the configuration codes that follow will use these
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
(II) ROUTER CONFIGURATION
Configure all the routers using Command Line Interface (CLI). First set the router’s hostname and display name.
(1) Click on a router to bring the configuration window. In the ‘Config’ tab, set the Display Name and Hostname as (e.g. as ISPR) according to Fig. 1. See the figure below.
Figure 2: Setting router’s Hostname and display name
(2) Go the ‘CLI’ tab (see Fig. 3), enter the configurations. Note that everything on left of # sign or > sign is displayed by the device. You do not have to type. The required configuration for each router is given in the codeboxes below, (I) through (IV).
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
(II I) ACCESS POINT CONFIGURATION
(1) For both the APs, configure ‘Port 1’ according to the figures below. Set (i) SSID, (ii) Channel, (iii) Authentication, (iv) PSK Pass Phrase, and (v) Encryption Type. Note that there is no option of WPA2-Enterprise security option.
(2) Both the APs will be using WPA2-PSK mechanism.
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
(VII) LAPTOP CONFIGURATION
(1) Laptops in Packet Trace do not have built-in wireless interface. Add Linksys-WPC300N module as shown in the figure. (power off, remove LAN interface, add WiFi interface)
(2) From ConfigWireless0, Set IPv4 and security setting of both the laptops according to Fig.10. Leave the default MAC addresses unchanged.
(3) Note that MPC1 will be using WPA-PSK (preshared key). MPC2 will be using WPA2 (Enterprise) access mechanism that requires the user authentication using some AAA server, which you will configure later.
(4) For MPC2, using ‘Desktop’ tab, PC Wireless menu, create different profiles for connecting different wireless routers. See Fig. 10(c).
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
(X) AAA SERVER CONFIGURATION
(1) This AAA server will provide user authentication for AP that uses WAP2-Enterprise. In our topology, WRSecAAA is set up to use this server.
(2) This server will use static IP. Set the IP parameters according to Fig. 15(a).
(3) Set the AAA service parameters according to Fig. 15(b).
(4) For AAA mechanism, we will use Radius protocol.
(5) Client for this server will be WRSecAAA, which was set to use WPA2-Enterprise. Add IP address of WRSecAAA as client with a password (secret) that was set in WRSecAAA also (Fig. 6(c)).
(6) Add some sample users, as shown. One of these user name should be set in MPC2, which we already did in Fig. 10(b) or 10(c).
Figure 15(a): AAASer: AAA Server Setting (IP Setting)
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
(XI) TESTING
If all the configuration steps are done correctly, you will see that all the mobile devices are successfully associated with appropriate APs. Also, the devices should have acquired IP addresses from corresponding DHCP servers.
After implementing all the router configurations given in the codeboxes above, the mobile devices should be able to reach any other device in the network. Note, however, that the devices that are behind a NAT will not be reachable from other devices that are not within the same NAT. For example, if MPC1 is connected to WRSecPSK and MPC2 is connected to WRSecAAA, they are not reachable from each other, as they behind different NATs.
Now that your network is ready and functional, perform extensive reachability and verification tests. Do at least the followings.
a. From all the mobile devices ping both the web servers.b. From all the mobile devices browse both the web servers.c. Investigate the IP configuration of all DHCP clients. Verify if they are acquiring IP addresses
properly. d. You can login to the Linksys router using web interface. Demonstrate.e. For all the wireless routers, show the status and client list.f. From mobile device in one LAN, ping other mobile devices in other LANs.g. From the ISP router, ping the mobile devices.
Perform some tests of your own. You can add new devices, modify the configuration of existing devices, test different protocols etc. To get full marks in this section, you will be required to add 3 new tests, explain reason for each of them and present results with explanation.
Make sure whole network is ready for demonstration to the professor.
CS1: WIRELESS COMMUNICATION AND MOBILE PROGRAMMING
D. REPORT SUBMISSION
1. Prepare an appropriate cover page for the report.
2. Start the report body with a short ‘Introduction’, outlining the objectives of the activity.
3. Provide a clean screen capture of your topology. Make sure the figure is adequately labeled. Refer to this topology diagram when you explain your test scenario/results.
4. Prepare the rest of the report in sections according to the tests you performed. a. Describe the scenario of the test.b. Describe your test action.c. Present the result/output (e.g. screen capture)d. Give your observation/comment on the result.
5. Give a ‘conclusion’ section summarizing the learning.
6. The report should be submitted in MS Word or PDF. Make sure everything is clearly visible.
7. Put names of all members on the cover page. The file name of the word document should be as below.
TeamName-Assign1.docx
10% marks deduction for wrong file naming or format.
8. Send the report by email, by due date.
9. Save all your work for future reference.
10. Demonstrate your work when asked by the professor.