20.2.1 Packet Tracer – Configure a Basic WLAN on the WLC (Answers)
|Wireless Host||Wireless NIC||DHCP|
In this lab, you will explore some of the features of a wireless LAN controller. You will create a new WLAN on the controller and implement security on that LAN. Then you will configure a wireless host to connect to the new WLAN through an AP that is under the control of the WLC. Finally, you will verify connectivity.
- Connect to a wireless LAN controller GUI.
- Explain some of the information that is available on the WLC Monitor screen.
- Configure a WLAN on a wireless LAN controller.
- Implement security on a WLAN.
- Configure a wireless host to connect to a wireless LAN.
Background / Scenario
An organization is centralizing control of their wireless LAN by replacing their standalone access points with lightweight access points (LAP) and a wireless LAN controller (WLC). You will be leading this project and you want to become familiar with the WLC and any potential challenges that may occur during the project. You will configure a WLC by adding a new wireless network and securing it with WPA-2 PSK security. To test the configuration, you will connect a laptop to the WLAN and ping devices on the network.
Part 1: Monitor the WLC
Wait until STP has converged on the network. You can click the Packet Tracer Fast Forward Time button to speed up the process. Continue when all link lights are green.
a. Go the desktop of Admin PC and open a browser. Enter the management IP address of WLC-1 from the addressing table into the address bar. You must specify the HTTPS
b. Click Login and enter these credentials: User Name: admin, Password: Cisco123. After a short delay, you will see the WLC Monitor Summary screen.
Note: Packet Tracer does not support the initial dashboard that has been demonstrated in this module.
c. Scroll through the Monitor Summary screen.
What can be learned from this screen?
Answers will vary. A lot of valuable information can be found here, including operating information about the WLC, information about the known access points and connected clients, and rogue APs and clients that have been detected on the network.
Is the WLC connected to an AP?
Yes, the WLC is connected to one AP. This is shown in the Access Point Summary section of the page.
d. Click Detail next to the All APs entry in the Access Point Summary section of the page. What information can you find about APs on the All APs screen?
Information shown on the WLC includes the name of the AP, the IP address of the AP, the device model, MAC, software version, operational status, power source, etc.
Part 2: Create a Wireless LAN
Now you will create a new wireless LAN on the WLC. You will configure the settings that are required for hosts to join the WLAN.
Step 1: Create and enable the WLAN.
a. Click WLANs in the WLC menu bar. Locate the dropdown box in the upper right had corner of the WLANs screen. It will say Create New. Click Go to create a new WLAN.
b. Enter the Profile Name of the new WLAN. Use the profile name Floor 2 Employees. Assign an SSID of SSID-5 to the WLAN. Hosts will need to use this SSID to join the network.
c. Select the ID for the WLAN. This value is a label that will be used to identify the WLAN is other displays. Select a value of 5 to keep it consistent with the VLAN number and SSID. This is not a requirement but it helps with understanding the topology.
d. Click Apply so that the settings go into effect.
e. Now that the WLAN has been created, you can configure features of the network. Click Enabled to make the WLAN functional. It is a common mistake to accidentally skip this step.
f. Choose the VLAN interface that will be used for the WLAN. The WLC will use this interface for user traffic on the network. Click the drop-down box for Interface/Interface Group (G). Select the WLAN-5 This interface was previously configured on the WLC for this activity.
g. Click the Advanced
h. Scroll down to the FlexConnect portion of the page. Click to enable FlexConnect Local Switching and FlexConnect Local Auth.
i. Click Apply to enable the new WLAN. If you forget to do this, the WLAN will not operate.
Step 2: Secure the WLAN.
The new WLAN currently has no security in place. This WLAN will initially use WPA2-PSK security. In another activity, you will configure the WLAN to use WPA2-Enterprise, a much better solution for larger wireless networks.
a. In the WLANs Edit screen for the Floor 2 Employees WLAN, click the Security Under the Layer 2 tab, select WPA+WPA2 from the Layer 2 Security drop down box. This will reveal the WPA parameters.
b. Click the checkbox next to WPA2 Policy. This will reveal additional security settings. Under Authentication Key Management, enable PSK.
c. Now you can enter the pre-shared key that will be used by hosts to join the WLAN. Use Cisco123 as the passphrase.
d. Click Apply to save these settings.
Note: It is not a good practice to reuse passwords when configuring security. We have reused passwords in this activity to simplify configuration.
Step 3: Verify the Settings
a. After Applying the configuration, click Back. This will take you back to the WLANs screen.
What information about the new WLAN is available on this screen?
The WLAN name, SSID, security policy and admin status are available here. The Admin Status value indicates whether WLAN is in operational or not.
b. If you click the WLAN ID, you will be taken to the WLANs Edit screen. Use this to verify and change the details of the settings.
Part 3: Connect a Host to the WLAN
Step 1: Connect to the network and verify connectivity.
a. Go to the desktop of Wireless Host and click the PC Wireless
b. Click the Connect After a brief delay you should see the SSID for the WLAN appear in the table of wireless network names. Select the SSID-5 network and click the Connect button.
c. Enter the pre-shared key that you configured for the WLAN and click Connect.
d. Click the Link Information You should see a message that confirms that you have successfully connected to the access point. You should also see a wireless wave in the topology showing the connection to LAP-1.
e. Click the More Information button to see details about the connection.
f. Close the PC Wireless app and open the IP Configuration app. Verify that Wireless Host has received a non-APIPA IP address over DHCP. If not, click the Fast Forward Time button a few times.
g. From Wireless Host, ping the WLAN default gateway and the Server to verify that the laptop has full connectivity.