5.1.2.6 Packet Tracer – Configure Wireless Security Answers
Objectives
- •Create a home network with a secure wireless router
Introduction
In this activity, you will configure a wireless router to:
- Modify the default password.
- Modify the default SSID and do not broadcast
- Use WPA2 Personal as security method.
- Rely on MAC filtering to increase security.
- Disable remote management.
Step 1: Load the .pkt file
a. Load the 5.1.2.6 Packet Tracer – Configure Wireless Security.pkt file.
b. Press the power button on Laptop1 to turn it off.
c. Drag the Ethernet port to the Modules list to remove it.
d. Drag the WPC300N module to the empty slot on Laptop1 and press the power button to boot Laptop1.
Step 2: Modify the default password.
a. Click on the wireless router and select the GUI for configuration.
b. Click Administration > Management
c. Modify the router password to a stronger one. Change the password to aC0mpAny3. Note that the new password has 8 characters with upper and lower case digits and some of the vowels have been changed to numbers. Select Save Settings at the bottom of that screen.
Step 3: Modify the default SSID name and disable the broadcast feature.
a. Click Wireless and modify the SSID name to aCompany.
b. Select SSID Broadcast and click Disabled. Click Save Settings at the bottom of that screen.
Check the topology. Has Laptop0 lost connectivity with the wireless router? If so, why?
Yes – Because Laptop0 was not configured with the new SSID name.
Step 4: Configure WPA2 security on the wireless router.
a. Return to the wireless router GUI tab. Click Wireless > Wireless Security. Change Security Mode to WPA2 Personal. AES is currently the strongest encryption protocol available. Leave it selected.
b. Configure the passphrase as aCompWiFi. Scroll to the bottom of the window and click Save Settings.
Step 5: Configure Laptop0 as a wireless client.
a. Configure Laptop0 to connect to the wireless network using the security settings you configured on the wireless router.
1) Select Laptop0 > Desktop > PC Wireless.
2) Select Profiles > New and add any name for the profile.
3) Select Advanced Setup in the lower right hand corner.
4) Select Wireless Network Name and enter the new SSID name: aCompany
5) Accept the default network settings by selecting Next
6) Modify the Security using the dropdown box to WPA2-Personal and select Next
7) Enter the pre-shared key: aCompWiFi and select Next.
8) Save the profile.
9) Select Connect to Network.
10) If the Laptop does not connect successfully, return to the profile and edit. Check your typing of the SSID name and the pre-shared key.
b. Close the PC Wireless window and click Command Prompt.
c. Type ipconfig /all and take note of the IP address and MAC addresses.
Step 6: Configure WRS1 to support MAC filtering.
a. Return to the wireless router’s configuration page.
b. Navigate to Wireless > Wireless MAC Filter.
c. Select Enabled and Permit PCs listed below to access wireless network.
d. Type in the MAC address for Laptop0 in the MAC 01: field. Notice the MAC address must be in the XX:XX:XX:XX:XX:XX format.
e. Scroll to the bottom of the window and click Save Settings.
f. Reconnect Laptop0 to the WRS1 network.
Step 7: Test the MAC filtering of WRS1
a. Add a second laptop to the topology.
b. Press the power button on the new laptop to turn it off and replace the Ethernet card with a wireless one.
c. Configure the new laptop with the security settings required to connect to the wireless router.
Why are you unable to associate with the access point?
Because the MAC address of Laptop0 (Laptop 0) is a single specified address, Laptop0 (Laptop 0) is the only wireless device that can currently associate with the wireless router.
Step 8: Disable remote management on the wireless router.
a. Check the current status of remote management on the wireless router. Select Administration > Remote Access. If it is disabled, enable it.
b. Select the Hacker PC and select the Desktop > Web Browser. Enter the address 192.31.7.100 and tap Go. You should be presented with the request for a userID and a password. Enter the valid information and you should be able to access the wireless router GUI. Exit the Desktop.
username: admin | password: aC0mpAny3
c. Return to the wireless router’s configuration page.
d. Navigate back to Administration > Management and scroll down to Remote Management. Select Disabled and click Save Settings at the bottom of that screen.
e. Return to the Hacker PC and select the Desktop > Web Browser. Enter the address 192.31.7.100. You should no longer be able to connect via the Web browser.
