3.3.2.7 Packet Tracer – WEP WPA2 PSK WPA2 RADIUS (Answers Solution)

3.3.2.7 Packet Tracer – WEP WPA2 PSK WPA2 RADIUS (Answers)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Addressing Table

Device Private IP Address Public IP Address Subnet Mask Site
NTP/AAA Server 10.44.1.252 209.165.201.5 255.255.255.0 Metropolis Bank HQ

Objectives

Part 1: Configure WEP for Healthcare at Home
Part 2: Configure WPA2 PSK for Gotham Healthcare Branch
Part 3: Configure WPA2 RADIUS for Metropolis Bank HQ

Background

In this activity, you will configure WiFi networks for all three geographic sites. This activity will utilize WEP, WPA2 PSK, and WPA2 RADIUS to demonstrate the varying configuration of WiFi networks and their security considerations. Healthcare at Home will be setup using WEP. Gotham Healthcare Branch will be configured with WPA2 PSK and Metropolis Bank HQ will be using WPA2 Radius. The IP addressing, network configuration, and service configurations are already complete. You will use the wireless routers and client devices in the differing geographic regions to setup multiple secure wireless networks.

Part 1: Configure WEP for Healthcare at Home

Step 1: Setup the Wireless SSID.

a. Click the Healthcare at Home site and click PC0.

b. Select Desktop Click Command Prompt. At the prompt, enter ipconfig.

PC> ipconfig

FastEthernet0 Connection:(default port)

   Link-local IPv6 Address.........: FE80::20B:BEFF:FEB4:1262
   IP Address......................: 10.44.3.100
   Subnet Mask.....................: 255.255.255.0
   Default Gateway.................: 10.44.3.1

What is the IP address for the default gateway?
The IP address for the default gateway is 10.44.3.1.

c. Navigate to the Web Browser and enter the IP address for the default gateway. Enter admin as the username and password when prompted. Click OK.

d. The Wireless Router is the default gateway for this network. Click Wireless

e. Change the SSID from DefaultWIFI to Home.

f. Set the SSID to Broadcast.

g. Click Save Settings. Click Continue.

Step 2: Setup Wireless Security.

a. Within the Wireless Router, click Wireless > Wireless Security.

b. Click the drop down menu and set the Security Mode to WEP.

c. Keep the encryption option set to 40/64-bits and enter the key 0123456789 as Key 1.

d. Click Save Settings. Click Continue.

WEP and the key 0123456789 are not secure. Why is WEP not recommended for use in securing wireless networks?
WEP doesn’t provide key management and uses weak encryption keys.

Step 3: Connect the Clients.

a. Within the Healthcare at Home site, click Dave’s

b. Click the Desktop tab and click PC Wireless.

c. Click the Connect tab and click Refresh.

d. Select the Wireless Network Name of Home and click Connect.

e. Enter the key 0123456789 as WEP Key 1 and click Connect.

f. Repeat steps a – e for Mary’s Laptop.

Part 2: Configure WPA2 PSK for Gotham Healthcare Branch

Step 1: Setup the Wireless SSID.

a. Click the Gotham Healthcare Branch site and click PC1.

b. Select Desktop Click Command Prompt. At the prompt, enter ipconfig.

Record the IP address for the default gateway: ______________  10.44.2.1

c. Navigate to the Web Browser and enter the IP address for the default gateway. Enter admin as the username and password when prompted. Click OK.

d. Click Wireless

e. Change the SSID from DefaultWIFI to BranchSite.

f. Change the Standard Channel to 6 – 2.437GHz.

g. Set the SSID to Broadcast.

h. Click Save Settings. Click Continue.

Step 2: Setup Wireless Security.

a. Within the wireless router, click on Wireless > Wireless Security.

b. Click the drop down menu and set the Security Mode to WPA2 Personal.

c. Keep the encryption option set to AES and enter the passphrase ciscosecure.

d. Click Save Settings. Click Continue.

Step 3: Connect the Clients.

a. Within the Gotham Healthcare Branch site, click Tim’s

b. Click the Desktop tab and click on PC Wireless.

c. Click the Connect tab and click Refresh.

d. Select the Wireless Network Name of BranchSite and click the Connect.

e. Enter the Pre-shared Key ciscosecure and click Connect.

f. Repeat steps a – e for Mike’s

Part 3: Configure WPA2 RADIUS for Metropolis Bank HQ

Step 1: Setup the Wireless SSID.

a. Click the Metropolis Bank HQ site and click Sally.

b. Navigate to the Web Browser and enter the IP address for the wireless router (44.1.251). Enter admin as the username and password when prompted. Click OK.

c. Click the Wireless Change the SSID from DefaultWIFI to HQ.

d. Change the Standard Channel to 11 – 2.462GHz.

e. Set the SSID to Broadcast.

f. Click Save Settings. Click Continue.

Step 2: Setup Wireless Security.

a. Within the Wireless Router, click on Wireless > Wireless Security.

b. Click the drop down menu and set the Security Mode to WPA2-Enterprise.

c. Keep the encryption option set to AES and enter the following RADIUS server credentials:

RADIUS SERVER IP: 10.44.1.252
Shared Secret: ciscosecure

d. Click Save Settings. Click Continue.

Step 3: Configure the RADIUS server.

a. Within the Metropolis Bank HQ site, click the NTP/AAA

b. Click the Services tab and click on AAA.

c. Enter the following information in Network Configuration:

Client Name:…. HQ
Client IP:………. 10.44.1.251
Secret:………… ciscosecure
ServerType:    Radius

d. Click Add.

e. Enter the following information in User Setup and click Add to add the new username:

Username:   bob           Password:   secretninjabob
Username:      phil      Password:       philwashere

Step 4: Connect the Clients.

a. Within the Metropolis Bank HQ site, click Bob’s

b. Click the Desktop tab and click on PC Wireless.

c. Click the Profiles tab and click New.

d. Name the Profile RADIUS and click OK.

e. Click Advanced Setup.

f. Enter the Wireless Network Name HQ and click Next.

g. Do not modify the Network Settings and click Next.

h. Change the Wireless Security drop down menu to WPA2-Enterprise and click Next.

i. Enter the login name of bob and the password of secretninjabob and click Next.

j. Click Save and then Connect to Network.

k. Bob’s computer will connect automatically.

l. Repeat steps a-j for Phil’s laptop using the authentication information from Step 3e.

When considering a large organization, why is WPA2 RADIUS more beneficial than WPA2 PSK?
WPA2 RADIUS allows each user to have their own unique credentials to access the wireless network. When a single user is no longer employed their specific account can be disabled/removed.

Suggested Scoring Rubric

Activity Section Question Location Possible Points Earned Points
Part 1: Configure WEP for Healthcare at Home Step 2 5
Part 3: Configure WPA2 RADIUS for Metropolis Bank HQ Step 4 5
Questions 10
Packet Tracer Score 90
Total Score 100

 


guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x