Thick v Thin Access Points Lab Last Update 2014.07.12 1.0.0 1 Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com
Dec 23, 2015
Thick v ThinAccess Points
LabLast Update 2014.07.12
1.0.0
1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com
Objective
• In this lab we will examine the difference between thick and thin access points, as well as the differing methods by which access points can can be managed
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 2
Thick Access Point
• The original form of an access point is a standalone device where all of the decision making and processing goes on in the access point with no consideration of what other access points are doing
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 3
Thin Access Point
• A thin access point has part of its intelligence in the access point and part in a centralized controller
• This controller can be hardware or software based
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 4
Thick or Thin
• In the beginning of 802.11 based wireless networks each access point was managed by connecting to them one at a time
• This worked when there were only a few access points
• Once large wireless networks began to be installed this became inefficient
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 5
Thick or Thin
• The solution was to move all of the management and decision making to a central point
• At this central point a hardware based controller was installed
• All of the traffic went from the AP to the controller and back to the AP
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 6
Thick or Thin
• This approach works for some networks, but it can slow larger, heavily loaded networks
• We now see more powerful access points or systems where the AP has some processing capacity and some is centralized
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 7
Thick or Thin
• In this lab we will look at both methods, thick and thin access points
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 8
Thick Access Point
• First we will look at a thick access• In this example a Linksys WAP610N• Connect the AP to the switch• Power up the AP• You will need to discover the IP address of
the AP as it is set to acquire one from a DHCP server
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 9
Thick Access Point
• Log into the access point using a web browser with the IP address
• Leave the username blank, and enter– admin
• as the password
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 10
Thin Access Point
• Now let’s create a wireless network with two access points and then manage them both from a single program
• The access points are Ubiquiti UniFi AP units
• The management program is called UniFi Controller
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 12
Thin Access Point
• When it starts a small window appears• Click on the
– Launch a Browser to Manage Wireless Network
• button
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 13
Thin Access Point
• Click on the– Proceed anyway
• button• Run the setup process that appears
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 17
Thin Access Point
• If the access points are not connected to the switch that the computer running the management program is connected to this will appear
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 19
Thin Access Point
• Hook them up properly• If the lights indicate that the NIC and
switch are working properly, open port 8443 on the Windows Firewall or just turn it off for now
• Click the– Refresh
• button
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 21
Thin Access Point
• Enter the– Secure SSID using
• NETW360
– Security Key using• 12341234
• Click– Next
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 25
Thin Access Point
• Enter– Admin
• for the Admin Name• Enter
– password• for the Password
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 27
Thin Access Point
• Click– Next
• Click– Finish
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 29
Thin Access Point
• The management login screen will appear
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 31
Thin Access Point
• Enter the login created above• Click
– Login• This screen will appear
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 33
Thin Access Point
• We need to change the map as the one shown by default does not represent our building
• Download the DeVry floor plan from the lab page for this course
• Click– Add a Map
• Enter a map name in the Description field
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 35
Thin Access Point
• Click– Upload my own
• Browse to the location of the file to use as a map
• Click– Continue
• Click– Close
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 36
Thin Access Point
• Next we will adjust the scale of the map• The DeVry building is how long• How could you determine this• Once you know, click the
– Set Map Scale• Button off on the right• It looks like a triangle
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 37
Thin Access Point
• Click and hold to draw a line from one side of the building to the other side
• If you need to redraw the line, just click and hold again to draw a new line
• Once you’re happy with the line, click– Next
• Enter the distance that the line represents in the Distance field
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 38
Thin Access Point
• The distance is specified in meters by default but you can switch to feet using the drop-down menu on the right
• Click– Next
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 39
Place Access Points on Map
• The access points need to be placed on the map
• Drag the access point icons from the Unplaced APs list on the left to the appropriate locations on the map
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 40
Thin Access Point
• The result should look similar to this
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 41
Look Around
• Let’s see what we can do with a system such as this
• Click on one of the access points• Three icons will appear around the access
point• Click on the one that looks like a gear• This shows details on the AP
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 43
Look Around
• Close this detail window• Click on
– Coverage• Click on one of the access points• An estimate of the coverage provided is
show• Such as
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 45
Look Around
• Continue to see what the program can do
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 47
Other Access Points
• In most cases these days your access points will not be the only ones in the area
• There will be access points owned by your neighbors
• These may slow your throughput due to interference, but they do not constitute a security risk
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 48
Rogue Access Points
• Then there are access points that are plugged into your wired network
• These are a major security risk• They must be located and removed• This might happen due to an employee
needing to add wireless access, but you will not provide it, so the employee does it
• The organizations security policy should cover this
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 49
Rogue Access Points
• Find the access point and remove it from the network
• Inform the employee and the supervisor that this is contrary to the security policy
• Worse is an access point connected to your network by a hacker
• These are a much more serious problem
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 50
Rogue Access Points
• Most centralized wireless network management programs will attempt to identify and locate these
• To illustrate this, connect the thick access point to the same switch the two Ubiquiti access points are connected to
• Let’s see how this program handles this task
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 51
Rogue Access Points
• Click on the– Insight
• button off on the right side• From the dropdown menu on the left side
select– Rogue Access Points
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 52
Rogue Access Points
• This will appear showing the access point that has been connected to the wired network, but not added as an approved device
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 54
Clear the Configuration
• Remove the site from the management console
• Reset all the access points to the factory defaults
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 56