With more than 1,500,000 copies of our MCSE, MCSD, CompTIA, and Cisco
study guides in print, we continue to look for ways we can better serve the
information needs of our readers. One way we do that is by listening.
Readers like yourself have been telling us they want an Internet-based ser-
vice that would extend and enhance the value of our books. Based on
reader feedback and our own strategic plan, we have created a Web site
that we hope will exceed your expectations.
is an interactive treasure trove of useful infor-
mation focusing on our book topics and related technologies. The site
offers the following features:
■
One-year warranty against content obsolescence due to vendor
product upgrades. You can access online updates for any affected
chapters.
■
“Ask the Author” customer query forms that enable you to post
questions to our authors and editors.
■
Exclusive monthly mailings in which our experts provide answers to
reader queries and clear explanations of complex material.
■
Regularly updated links to sites specially selected by our editors for
readers desiring additional reliable information on key topics.
Best of all, the book you’re now holding is your key to this amazing site.
Just go to www.syngress.com/solutions, and keep this book handy when
you register to verify your purchase.
Thank you for giving us the opportunity to serve your needs. And be sure
to let us know if there’s anything else we can do to help you get the
maximum value from your investment. We’re listening.

www.syngress.com/solutions
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page i
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page ii
1 YEAR UPGRADE
BUYER PROTECTION PLAN
Cisco
Wireless LAN
Building a
Eric Ouellet
Robert Padjen
Arthur Pfund
Ron Fuller
Technical Editor
Tim Blankenship
Technical Editor
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page iii
Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or
production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results
to be obtained from the Work.
There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work
is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state
to state.
In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or
other incidental or consequential damages arising out from the Work or its contents. Because some
states do not allow the exclusion or limitation of liability for consequential or incidental damages, the
above limitation may not apply to you.
You should always use reasonable care, including backup and other appropriate precautions, when
working with computers, networks, data, and files.
Syngress Media®, Syngress®,“Career Advancement Through Skill Enhancement®,” and “Ask the
Author UPDATE®,” are registered trademarks of Syngress Publishing, Inc. “Mission Critical™,”“Hack

Proofing™,” and “The Only Way to Stop a Hacker is to Think Like One™” are trademarks of Syngress
Publishing, Inc. Brands and product names mentioned in this book are trademarks or service marks of
their respective companies.
KEY SERIAL NUMBER
001 5T54T94DGH
002 RT4MPE4AKT
003 63NER5VM4N
004 9UND34B3SG
005 7U88MNVU6H
006 4NFGRN4TEM
007 B46HTWBVRT
008 R5B962P5MR
009 8AS3N54BMR
010 2ZFGYH2CT6
PUBLISHED BY
Syngress Publishing, Inc.
800 Hingham Street
Rockland, MA 02370
Building A Cisco Wireless LAN
Copyright © 2002 by Syngress Publishing, Inc.All rights reserved. Printed in the United States of
America. Except as permitted under the Copyright Act of 1976, no part of this publication may be
reproduced or distributed in any form or by any means, or stored in a database or retrieval system,
without the prior written permission of the publisher, with the exception that the program listings
may be entered, stored, and executed in a computer system, but they may not be reproduced for
publication.
Printed in the United States of America
1 2 3 4 5 6 7 8 9 0
ISBN: 1-928994-58-X
Technical Editor: Ron Fuller,Tim Blankenship Cover Designer: Michael Kavish
Technical Reviewer: Ron Fuller Page Layout and Art by: Shannon Tozier

Acquisitions Editor: Catherine B. Nolan Copy Editor: Darren Meiss
Developmental Editor: Kate Glennon Indexer: Robert Saigh
Distributed by Publishers Group West in the United States and Jaguar Book Group in Canada.
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page iv
v
Acknowledgments
v
We would like to acknowledge the following people for their kindness and support
in making this book possible.
Ralph Troupe, Rhonda St. John, Emlyn Rhodes, and the team at Callisma for their
invaluable insight into the challenges of designing, deploying and supporting world-
class enterprise networks.
Karen Cross, Lance Tilford, Meaghan Cunningham, Kim Wylie, Harry Kirchner,
Kevin Votel, Kent Anderson, Frida Yara, Bill Getz, Jon Mayes, John Mesjak, Peg
O’Donnell, Sandra Patterson, Betty Redmond, Roy Remer, Ron Shapiro, Patricia
Kelly, Andrea Tetrick, Jennifer Pascal, Doug Reil, and David Dahl of Publishers
Group West for sharing their incredible marketing experience and expertise.
Jacquie Shanahan, AnnHelen Lindeholm, David Burton, Febea Marinetti, and Rosie
Moss of Elsevier Science for making certain that our vision remains worldwide in
scope.
Annabel Dent and Paul Barry of Elsevier Science/Harcourt Australia for all their help.
David Buckland,Wendi Wong, Marie Chieng, Lucy Chong, Leslie Lim,Audrey Gan,
and Joseph Chan of Transquest Publishers for the enthusiasm with which they receive
our books.
Kwon Sung June at Acorn Publishing for his support.
Ethan Atkin at Cranbury International for his help in expanding the Syngress
program.
Jackie Gross, Gayle Voycey, Alexia Penny, Anik Robitaille, Craig Siddall, Darlene
Morrow, Iolanda Miller, Jane Mackay, and Marie Skelly at Jackie Gross & Associates
for all their help and enthusiasm representing our product in Canada.

Lois Fraser, Connie McMenemy, Shannon Russell and the rest of the great folks at
Jaguar Book Group for their help with distribution of Syngress books in Canada.
Thank you to our hard-working colleagues at New England Fulfillment &
Distribution who manage to get all our books sent pretty much everywhere in the
world.Thank you to Debbie “DJ” Ricardo, Sally Greene, Janet Honaker, and Peter
Finch.
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page v
vi
Contributors
Eric Ouellet (CISSP) is a Senior Partner with Secure Systems Design
Group, a network design and security consultancy based in Ottawa, ON,
Canada. He specializes in the implementation of networks and security
infrastructures from both a design and a hands-on perspective. During his
career he has been responsible for designing, installing, and trou-
bleshooting WANs using Cisco, Nortel, and Alcatel equipment configured
to support voice, data, and video conferencing services over terrestrial,
satellite relay, wireless, and trusted communication links.
Eric has also been responsible for designing some of the leading
Public Key Infrastructure deployments currently in use and for devising
operational policy and procedures to meet the Electronic Signature Act
(E-Sign) and the Health Insurance Portability and Accountability Act
(HIPAA). He has provided his services to financial, commercial, govern-
ment, and military customers including the U.S. Federal Government,
Canadian Federal Government, and NATO. He regularly speaks at leading
security conferences and teaches networking and CISSP classes. Eric is a
co-author of Hack Proofing Your Wireless Network (Syngress Publishing,
ISBN: 1-928994-59-8) and is a contributor to the forthcoming Sniffer
Network Optimization and Troubleshooting Handbook (Syngress Publishing,
ISBN: 1-931836-57-4).
Eric would like to acknowledge the understanding and support of his

family and friends during the writing of this book, along with Walter
Allan and “The Boys” for being who they are.
Robert Padjen (CCNP-Security, CCNP-Switching, CCDP) is Director
of Technology Solutions for a large financial institution. He has written
eight texts on network administration, troubleshooting, and design and is
recognized as an expert witness in computer networking and intellectual
property litigation. Robert’s experience over the past ten years includes
design and implementation of wireless,ATM, Frame Relay, and security
solutions for a wide variety of clients. Robert served as subject matter
expert on 802.11b services for Callisma, a network consulting firm, and
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page vi
vii
has previously contributed to Cisco AVVID & IP Telephony Design and
Implementation (Syngress Publishing, ISBN: 1-928994-83-0). An avid flyer
and motorcyclist, Rob, and his wife, Kristie, live in Northern California
and have three children. Robert is on the Board of Directors for the
Chernobyl Children’s Project, a non-profit organization that provides
respites for children affected by the disaster, and he is also on the Cisco
Technical Advisory Board.
Arthur Pfund (CCIE#7249, CCNP, CCNA) is a Principal Engineer
with a Fortune 500 company. Currently, he is responsible for the strategic
and tactical evolution of a large multi-data center network environment.
Specializing in Cisco routers and switches, he has hands-on experience
working with a wide range of networking equipment. In addition to
network design and engineering, Arthur’s background includes extensive
experience with implementation, operational support, and trou-
bleshooting LAN and WAN systems in a large network environment.
Sean Thurston (CCDP, CCNP, MCSE, MCP+I) is a Senior Solution
Architect with Siemens Business Services. He provides network and data
center design solutions for large-scale deployment. His specialties include

implementation of multivendor routing and switching equipment and
XoIP (Everything over IP installations). Sean’s background includes posi-
tions as a Technical Analyst for Sprint-Paranet and the Director of a
brick-and-mortar advertising dot com. Sean is also a contributing author
to the following books from Syngress Publishing, Building a Cisco Network
for Windows 2000 (ISBN: 1-928994-00-8), Cisco AVVID and IP Telephony
Design and Implementation (ISBN: 1-928994-83-0), and the forthcoming
Managing Cisco Network Security, Second Edition (ISBN: 1-931836-56-6).
Sean lives in Renton,WA with his fiancée, Kerry. He is currently pur-
suing his CCIE.
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page vii
viii
Ron Fuller (CCIE #5851, CSS-Level 1, CCNP, CCDP, MCNE) is a
Senior Network Engineer with a large financial institution in Columbus,
OH. He currently provides design and engineering support for the net-
work infrastructure. His specialties include Cisco routers and LAN
switches, strategic network planning, network architecture and design,
and network troubleshooting and optimization. Ron’s background
includes senior systems engineering responsibilities for Cisco and Novell
resellers in Central Ohio. Ron has also acted as contributing author to the
book Administering Cisco QoS in IP Networks (Syngress Publishing, ISBN:
1-928994-21-0). He currently resides in Sunbury, OH with his family,
Julie and Max.
Tim Blankenship (CCNP, CCDA, CNE-5, CNE-4, CNE-3, MCP,
CSEC–Wireless Field Engineer) is a private consultant responsible for
leading the design and implementation efforts involving Local and Wide
Area Networks to clients in the mid-west region of the United States. His
specialties include Cisco wireless networking, routers and LAN switches,
Novell design and implementation, strategic network planning, network
architecture and design, and network troubleshooting and optimization.

Tim currently resides in Grove City, OH with his family, Connie,
Morgan, Ben, and Emily.
Technical Editors and Reviewers
169_cisco_wlan_FM.qxd 4/22/02 1:19 PM Page viii
Contents
ix
Foreword xxv
Chapter 1 Introduction to Wireless Local
Area Networks 1
Introduction 2
Reviewing Networking Basics 3
Defining Topologies 3
Bus Topology 4
Star Topology 4
Ring Topology 4
Mesh Topology 5
CSMA/CD versus Deterministic Access 6
Cabling 7
Understanding How Wireless Fits into the
OSI System Model 9
Tracking Data through the OSI System Model 13
OSI and Wireless: Layer 2 and Down 14
OSI and Wireless: Layer 3 and Up 20
Review of TCP/IP Basics 20
Understanding TCP/IP Addressing 21
TCP 25
UDP 26
Summary 27
Solutions Fast Track 28
Frequently Asked Questions 29

Common Practice for
Subnetting TCP/IP
Address Space
This practice serves many
purposes:
■
It does not use regis-
tered IP space for wire-
less devices; which
typically do not include
servers.
■
It enables the organiza-
tion to subnet the
address space without
any restrictions.
■
It allows for easy iden-
tification of WLAN
traffic on the network
because it is not
sharing address space
with the wired net-
work.
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page ix
x Contents
Chapter 2 Wireless LAN Overview 31
Introduction 32
Understanding the Fundamentals of Radio
Frequency 32

Wireless Radio Signal Transmission and
Reception 34
Frequency 37
Bandwidth 40
WLAN Frequency Bands 41
Modulation 42
Phase Modulation 44
Communicating with Wireless LAN Technologies 48
Microwave Technology 48
Infrared Technology 49
Spread Spectrum Technology 50
Synchronization 52
Frequency Hopping 52
Direct Sequence Spread Spectrum (DSSS) 53
DSSS Channel Setup 54
Spectrum Technology Comparisons:
Frequency Hopping versus Direct
Sequence 55
Implementing a Wireless LAN Architecture 55
The OSI Reference Model 56
Logical Wireless System Components 59
Distribution System 59
Medium Access Technique 59
Synchronization and Error Control 60
Routing Mechanisms 60
Application Interface 60
Physical Wireless System Components 60
Medium 60
Access Point (AP) 60
Antenna 61

Wireless Station 61
Server 61
Phase Modulation
The following modulation
techniques are used in
Cisco Aironet radios:
■
Binary Phase Shift
Keying (BPSK)
■
Quadrature Phase Shift
Keying (QPSK)
■
Complimentary Code
Keying (CCK)
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page x
Contents xi
Keeping Pace with Wireless Networking
Standards 61
Institute of Electrical and Electronic
Engineers (IEEE) 62
802.11 66
802.11b 77
802.11a 79
Other Related Working Groups 80
European Telecommunications
Standards Institute (ETSI) 81
Wireless Ethernet Compatibility
Alliance (WECA) 86
WLAN Interoperability Forum (WLIF) 87

Infrared Data Association 87
Summary 88
Solutions Fast Track 89
Frequently Asked Questions 91
Chapter 3 Cisco Wireless LAN
Product Line 93
Introduction 94
Overview of Cisco Wireless Systems 95
Cisco’s WLAN Product Line 95
Using WLANs for Individual User
Connectivity 96
Using WLANs to Connect Campuses 97
Cisco’s Aironet 3X0 Series APs and Bridges 99
The Cisco Aironet 350 Series 99
Features Common to All 350
Series Devices 99
Individual 350 Series Device Features 103
Features of the Cisco Aironet 340 Series 110
Individual 340 Series Device Features 110
Cisco’s Aironet Wireless NICs 115
Cisco Aironet Antennas 117
Ceiling Mount Omni-Directional Antenna 120
Mast Mount Omni-Directional Antenna 120
Answers to Your
Frequently Asked
Questions
Q: How far can a wireless
client communicate to
an Access Point (AP)?
A: Client adapters can

support 11 Mbps at a
range of 400 feet
(120m) in open envi-
ronments and 100 feet
(30m) in typical closed/
indoor environments.
Client adapter can sup-
port 1 Mbps at a range
of up to 1,500 feet
(460m) in open envi-
ronments and 300 feet
(90m) in closed/indoor
environments.
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xi
xii Contents
High-Gain Mast Mount Omni-Directional
Antenna 120
Pillar Mount Diversity Omni-Directional
Antenna 121
POS Diversity Dipole Omni-Directional
Antenna 121
Diversity Ceiling Mount Omni-Directional
Patch Antenna 121
Directional Wall Mount Patch Antenna 122
Diversity Directional Wall Mount Patch
Antenna 122
Yagi Antenna 123
Dish Antenna 123
Summary 125
Solutions Fast Track 127

Frequently Asked Questions 129
Chapter 4 Wireless Network Design 131
Introduction 132
Wireless Planning Considerations 132
Wireless Benefits and Limitations 134
What Type of Data Will Be
Traversing the Wireless Network? 134
How Much Data Will Be
Traversing the Wireless Network? 135
What Is the Return On Investment
for Your Wireless Implementation? 136
How Does Mobility Factor into
Determining if Wireless Is Right
for Your Business? 136
Does Your Business or Corporation
Have Any Restrictions That Would
Prohibit You from Implementing a
Wireless LAN Solution? 137
Mobility 138
Throughput versus Data Rate and Load 139
Cost and Return on Investment 141
Designing &
Planning…
Calculating the Fresnel
Zone
A bit of mathematics is
required to calculate the
size of the Fresnel zone
radius at its widest point
(midpoint radius). The

following formula will
allow you to calculate the
radius in feet of the
widest point in your
Fresnel zone:
Fresnel Zone Radius
Formula
R = 72.1
√
d
1
d
2
F
GHz
(d
1
+ d
2
)
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xii
Contents xiii
Wireless Design Considerations 143
Attenuation 143
Attenuation Due to Antenna Cabling 144
Attenuation Due to Exterior
Considerations 144
Accounting for the Fresnel Zone and
Earth Bulge 149
Radio Frequency Interference 150

Interference from Radio Transmitters 151
Harmonics 152
Application Considerations 152
Structural Considerations 153
Andromeda Manufacturing Rough Design 156
Wireless Design 1 157
Wireless Design 2 157
Performing a Wireless Site Survey 158
Preparation 159
Sample Pre-Site Survey Form 160
Other Preparations 162
Infrastructure Awareness 166
What Types of Network Media
Are Used? 166
What Operating Systems,
Protocols, and Drivers Are Used? 168
What Hubs Are Used? 168
What Switches Are Used? 168
What Routers Are Used? 169
What Bridges Are Used? 169
How Is Power Supplied? 170
Preparing a Site Survey Kit 170
Using Client Adapters in the Survey 171
Using APs and Bridges in the Survey 172
Choosing Antennas for the Survey 173
Providing Battery Packs and Inverters
for the Survey 174
Providing Tools for the Survey 175
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xiii
xiv Contents

Bringing Temporary Mounting
Equipment for the Survey 178
Performing an Interior Wireless Site Survey 180
Designing for Coverage 181
Designing Seamless Roaming 183
Considering Rate Shifting 184
Performing the Interior Survey 184
Using the Cisco Aironet Client
Utility for Interior Site Surveys 186
Watching Your Power Consumption 190
Setting Your Service Set IDs 191
Interior Survey Problems 191
Performing an Exterior Wireless Site Survey 193
Wireless Design Examples 195
Warehouse Design Example 1 196
Warehouse Design Example 2 197
Warehouse Design Example 3 198
Retail Design Example 198
Education Design Example 1 199
Education Design Example 2 200
Point-to-Point Design Example 1 201
Point-to-Point Design Example 2 201
Point-to-Point Design Example 3 203
Summary 204
Solutions Fast Track 205
Frequently Asked Questions 206
Chapter 5 Installation and Configuration
of Cisco 340 and Cisco 350 Series
Access Points 209
Introduction 210

Installation of the Cisco 340/350 Series AP 213
Specific Differences of the Cisco 350
Series AP 215
Power Requirements 216
Network Connectivity 217
Setting the WEP Key
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xiv
Contents xv
Initial Configuration of the Cisco 340 and
350 Series AP 219
IP Setup Utility 220
Terminal Emulator Setup 221
Web-Based Configuration of the Cisco 340
and 350 Series APs 223
Configuring the Cisco 340 and
350 Series APs 223
Configuring the Web Interface 224
Configuring a Name Server 224
The Radio Hardware Setting 224
The AP Radio Port Status Screen 227
Setting the Time 227
User Accounts 228
Setting the WEP Key 229
Accounting Setup 232
Hot Standby 233
Publicly Secure Packet Forwarding 233
Troubleshooting the Cisco 340 and
350 Series APs 234
Web-Based Configuration of the Cisco 340
BSE/BSM Series AP 241

Configuring the Cisco 340 BSE/BSM
Series AP 242
Troubleshooting the Cisco 340
BSE/BSM Series AP 246
Summary 247
Solutions Fast Track 248
Frequently Asked Questions 249
Chapter 6 Installation and Configuration
of Cisco Aironet Bridges 253
Introduction 254
Understanding the Role of
Traditional Network Bridges 254
Types of Network Bridges 256
Comparing Traditional
Bridges with Wireless
Bridges
Cisco Aironet 340 and 350
wireless bridges can be
used in one of three
modes:
■
Wireless bridge
between two wired
network segments
(point-to-point)
■
Wireless bridge
between three or more
wired network
segments (point-to-

multipoint)
■
Wireless bridge used as
a repeater (repeater)
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xv
xvi Contents
Comparing Traditional Bridges with
Wireless Bridges 259
Cisco Aironet Wireless Bridge—
Point to Point 260
Cisco Aironet Wireless Bridge—
Point-to-Multipoint 261
Cisco Wireless Bridge—Repeater 261
Installation of the Cisco Aironet Bridge Unit 262
Installing the Antenna 263
DSSS (Direct Sequence Spread Spectrum) 263
Configuring the Network Port 265
Configuring the Console Port 266
Applying Power 267
Working with Root and Non-Root
Modes on a Wireless Bridge 267
Overview of the Spanning Tree Protocol 269
Initial Setup of the Cisco Aironet Wireless Bridge 273
Configuring the Bridge Using
the Command-Line Interface 273
Configuring the Bridge Using the
Command Menus 273
General Configuration Recommendations
and Notes 275
Performing the Initial Configuration 275

Assigning the Radio Parameters 276
Assigning IP Information 277
Operational Configuration of the
Cisco Aironet Wireless Bridge 279
Console Access 279
Telnet Access 279
Web Browser Access 280
Using the Cisco Aironet Wireless Bridge
Radio Main Menu 281
Configuring the Basic Rates Option 282
Configuring the Frequency Option 282
Configuring the IEEE 802.11 Options 282
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xvi
Contents xvii
Configuring the LinkTests Options 288
Configuring the Extended Options 288
Configuring the Ethernet Port 292
Configuring the Network Identifiers 292
Console Management Access 294
Configuring Passwords 294
Configuring Privileges 295
SNMP Support 295
Configuring the Time Service 296
Setting Up Association Tables 297
Using Filters 300
Configuring the Multicast Option 300
Configuring the Node Option 301
Configuring the Protocols Option 302
Event Logging 303
Viewing Statistics 305

Throughput Option 306
Radio Option 306
Ethernet Option 307
Status Option 308
Map Option 308
Watch Option 308
History Option 308
Node Option 308
ARP Option 309
Display Time Option 309
Ipadr Option 309
Cisco Aironet Wireless Bridge Troubleshooting 309
Network Menu Option 310
Connect Option 310
Escape Option 310
Find Option 311
Ping Option 311
Linktest Menu Options 311
Restart Option 314
Default and Reset Options 314
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xvii
xviii Contents
Loading Firmware and Configurations 314
Xmodem and Crc-xmodem 315
FTP—File Transfer Protocol 315
Distribute 317
BOOTP and DHCP 318
Class 318
Backing Up Wireless Bridge Configurations 318
Summary 320

Solutions Fast Track 323
Frequently Asked Questions 327
Chapter 7 Installation and Configuration
of Cisco Wireless Network Cards 329
Introduction 330
Cisco Aironet Client Adapter Types 331
Comparing the Cisco Aironet 340 and
350 Series Wireless LAN Adapters 331
Cisco Aironet Client Utility (ACU) 333
Installing and Configuring the
Cisco Aironet LAN Adapter Card 334
Installing the Cisco ACU 335
Cisco Aironet Client Profile Manager 336
Creating a New Aironet Client Profile 337
Using an Existing Aironet Client Profile 337
Modifying an Existing Aironet Client
Profile 338
Reconfiguring Profiles with the
Default Aironet Client Profile Values 338
Renaming Profiles Stored within
the ACU 338
Deleting Profiles Stored within
the ACU 338
Importing Profiles to the ACU 338
Exporting Profiles from the ACU 339
Restricting Profile Access to
Administrative Users 339
Client Adapter Auto
Installer
A DOS-based

configuration file
encryption utility is
provided for the safeguard
of the INI or TXT
configuration file. The
utility encrypts the file by
using a scrambling
algorithm that can be
decrypted by the Auto
Installer. The utility is
called EncryptIni.exe:
1. Select Start | Run.
2. In the Open prompt,
type Command and
press Enter.
3. Using the DOS
commands, navigate to
the directory where the
EncryptIni.exe and the
configuration files are
located.
4. Type EncryptIni.exe
<configuration file
name>.
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xviii
Contents xix
Cisco Aironet Client Installation and
Configuration 340
Configuring the Cisco Aironet
Client System Parameter 341

Setting the Client Name 341
Setting the SSID 341
Setting Power Save Mode 342
Setting the Network Type 342
Cisco Aironet Client RF Network
Configuration 343
Configuring the Data Rate 344
Choosing Radio Headers 345
Setting World Mode 345
Selecting the Power Level 345
Setting the Data Retries Value 346
Selecting Maximum Packet Size 346
Configuring the Cisco Aironet
Client: Advanced (Infrastructure) 346
Antenna Mode (Receive)/Antenna
Mode (Transmit) 347
Specified AP 348
RTS Threshold 348
RTS Retry Limit 348
Cisco Aironet Client Advanced Ad Hoc
Configuration 348
Antenna Mode (Receive)/Antenna
Mode (Transmit) 349
RTS Threshold 350
RTS Retry Limit 350
Wake Duration (Kms) 350
Beacon Period (Kms) 351
Cisco Aironet Client Network Security
Configuration 351
Setting the Security Parameters 352

Allow Association to Mixed Cells 353
Client Adapter Auto Installer 353
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xix
xx Contents
Using the Auto Installer 354
Installation Configuration File Field
Definition 354
Client Adapter Diagnostics 357
Configuring ACU Diagnostics Preferences 357
Displaying the Current Status 358
Displaying the Operational Statistics 358
Displaying the Link Status Meter 361
Signal Strength Indicator 362
Signal Quality Indicator 362
Signal Status Line 362
Performing a Radio Frequency Link Test 362
Client Adapter Indicator LEDs 364
LED Display Patterns 364
Summary 367
Solutions Fast Track 369
Frequently Asked Questions 372
Chapter 8 Cisco Wireless Security 375
Introduction 376
Understanding Security Fundamentals
and Principles of Protection 377
Ensuring Confidentiality 377
Ensuring Integrity 379
Ensuring Availability 380
Ensuring Privacy 381
Ensuring Authentication 381

Extensible Authentication Protocol (EAP) 385
An Introduction to the 802.1x Standard 389
Per-Packet Authentication 392
Cisco Light Extensible
Authentication Protocol (LEAP) 393
Configuration and Deployment of LEAP 395
Ensuring Authorization 396
MAC Filtering 398
What Is a MAC Address? 398
Designing &
Planning…
Preventing Dictionary
Attacks Using EAP
EAP was designed to sup-
port extended authentica-
tion. When you implement
EAP, you can avoid dic-
tionary attacks by using
nonpassword-based
schemes such as biomet-
rics, certificates, OTP,
smart cards, and token
cards.
You should be sure
that if you are using pass-
word-based schemes that
they use some form of
mutual authentication so
that they are more pro-
tected against dictionary

attacks.
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xx
Contents xxi
Where in the Authentication/Association
Process Does MAC Filtering Occur? 399
Determining MAC Filtering Is Enabled 400
MAC Spoofing 400
Ensuring Non-Repudiation 401
Accounting and Audit Trails 404
Using Encryption 405
Encrypting Voice Data 406
Encrypting Data Systems 407
Reviewing the Role of Policy 407
Identifying Resources 409
Understanding Classification Criteria 411
Implementing Policy 412
Addressing the Issues with Policy 415
Implementing WEP 417
Defining WEP 417
Creating Privacy with WEP 418
The WEP Authentication Process 419
WEP Benefits and Advantages 419
WEP Disadvantages 420
The Security Implications of Using WEP 420
Implementing WEP on the Cisco
Aironet AP 340 420
Exploiting WEP 421
Security of 64-Bit versus 128-Bit Keys 422
Acquiring a WEP Key 422
Addressing Common Risks and Threats 423

Finding a Target 424
Finding Weaknesses in a Target 424
Exploiting Those Weaknesses 426
Sniffing, Interception, and Eavesdropping 427
Defining Sniffing 427
Sample Sniffing Tools 427
Sniffing Case Scenario 428
Protecting Against Sniffing and
Eavesdropping 430
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xxi
xxii Contents
Spoofing and Unauthorized Access 430
Defining Spoofing 430
Sample Spoofing Tools 431
Protecting Against Spoofing
and Unauthorized Attacks 432
Network Hijacking and Modification 432
Defining Hijacking 432
Sample Hijacking Tools 434
Hijacking Case Scenario 434
Protection against Network
Hijacking and Modification 434
Denial of Service and Flooding Attacks 435
Defining DoS and Flooding 435
Sample DoS Tools 436
DoS and Flooding Case Scenario 436
Protecting Against DoS and Flooding Attacks 437
Summary 438
Solutions Fast Track 439
Frequently Asked Questions 444

Chapter 9 Cisco Aironet Accessories 447
Introduction 448
Antenna Accessories 449
Yagi Articulating Mount 449
Magnetic Mount 450
Lightning Arrestor with Grounding Ring 450
Bridge and Access Point Accessories 452
Bridge Mounting Kit 452
Bridge Slide Mount Kit 454
Access Point / Bridge Spare Power Supplies 457
Access Point / Bridge Serial Cable 458
NEMA Enclosures 460
Cabling, Connectors, and Bulkhead Extenders 462
Cabling 463
RG-58 and RG-8 Cabling 464
9913 Cabling 464
Yagi Articulating
Mount
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xxii
Contents xxiii
Connectors 467
RP-TNC Connectors 467
Bulkhead Extenders 468
Radio Country Options 469
Summary 472
Solutions Fast Track 473
Frequently Asked Questions 475
Index 477
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xxiii
169_cisco_wlan_TOC.qxd 4/16/02 3:19 PM Page xxiv