Download Basic Configuration of WAP4410N

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Policies promoting wireless broadband in the United States wikipedia , lookup

Deep packet inspection wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Net bias wikipedia , lookup

Computer network wikipedia , lookup

Wireless security wikipedia , lookup

Distributed firewall wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Spanning Tree Protocol wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Virtual LAN wikipedia , lookup

Transcript 
Configuring the CISCO RVS4000 and
the CISCO WAP4410N to provide both
a secure network and a ‘Guest’ network
at the same time
This document explains the basic configuration steps needed to install and configure the RVS4000 Security
Appliance and the WAP4410N Wireless Access Point to provide both secure access to designated persons while
providing secure ‘Guest’ access at the same time.
The key to setting this up is a basic understanding of VLANs, Tagging and the related settings needed to force traffic
onto and off the appropriate networks created as a result.
A VLAN (Virtual Local Area Network) is a means of subdividing a given network segment via software at layer 2 to
segregate traffic. This segregation prevents the VLANs from seeing each other and interacting and thus creates a
security boundary
Tagging is the term used to describe a label attached to the network segments you create as part of the
VLAN process. Traffic can be moved across the RVS4000 device in different ways depending on how you
configure that device.
Basic Configuration of RVS4000:
Following are the steps involved in configuration of an RVS4000. For our discussion here we are assuming that a
DHCP server is already active on the network and that the RVS is located on that same subnet.
1.
Connect a PC with Cat-5 Ethernet cable to Port 2 of the Cisco RVS4000. Make sure there is network
connectivity between PC and the RVS.
2. Open a web browser and type https://192.168.1.1 (IP address of Management interface of the router) in the
address bar. When it prompts for user authentication enter admin for both username and password in lower
case.
3. Ensure that the WAN port is connected to your cable-modem or other device provided by your network
service provider. Port 1 should be connected to the rest of your local subnet and Port 4 should be connected
to the WAP4410N after it is configured.
4. Configure the System Name, Administrative username and password to access the RVS, various Interfaces
IP address, Subnet Mask, and the Default Gateway. Note: Management and AP manager interfaces
should be reachable. Usually their VLAN is left untagged - '1' to assume the Native VLAN of the switch.
5. Under Setup -> LAN, disable the DHCP server (assuming DHCP Is already running on this subnet)
6. Go to Setup -> Advanced Routing and ensure that Inter-VLAN routing is enabled. This is important as traffic
will not flow correctly if this is not configured correctly.
7. Under L2 Switch -> Create VLAN, create a new VLAN called Guest Network and give it an ID of 2
8. Under L2 Switch -> VLAN Port Settings, set Port 4 to Trunk. This will cause all traffic tagged with the default
VLAN tag of 1 to flow between the WAP and the local subnet after we finish configuring everything.
9. Go to L2 Switch -> VLAN Membership and in the drop down, select 2. Then under the Port 4 column, select
Tagged.
10. Finally, under the Firewall tab ensure that all appropriate ports are configured to allow 2-way traffic over the
device to the Internet and back.
For detailed information on other parameters that are configured during startup process refer to the document
RVS4000 Administration Guide.
Basic Configuration of WAP4410N:
Following are the steps involved in configuration of an RVS4000. For our discussion here we are assuming that a
DHCP server is already active on the network and that the RVS is located on that same subnet.
1.
2.
3.
4.
5.
6.
7.
8.
9.
Connect a PC with Cat-5 Ethernet cable to the Port of the Cisco WAP4410N. Make sure there is network
connectivity between PC and the RVS.
Open a web browser and type https://192.168.1.245 (IP address of Management interface of the router) in
the address bar. When it prompts for user authentication enter admin for both username and password in
lower case.
Configure the System Name, Administrative username and password to access the WAP
Under Basic Settings, configure a STATIC IP address that is part of the same subnet available on Port 1 of
the RVS; in other words, an address that is part of the secure network in use already.
Now go to Wireless -> Basic Settings. In the SSID1box, choose an SSID for your secure network and set the
SSID Broadcast to Disable. Then in the SSID 2 box select a name for your guest network and set its SSID to
Enable.
Now go to Wireless -> Security and setup an appropriately secure configuration for the secure network.
Once that is complete select the Guest Network and setup its security as well.
Under Wireless -> VLAN and QoS ensure that VLAN is enabled, that the default VLAN is 1 and that the
VLAN for your Guest Network is set to 2.
Ensure that the Network port is connected to Port 4 of the RVS4000
Finally go back to the RVS4000 administration page and under Setup -> LAN, click the dropdown beside
VLAN and select VLAN 2. Enable DHCP from the RVS for VLAN 2 and configure it to provide network
addresses on a completely different address class than is already in use. For example, if the network
already in use by your company is a 10.x.x.x network, then configure this one to be 192.x.x.x.
For detailed information on other parameters that are configured during startup process refer to the document
WAP4410N Administration Guide.
You once your settings have all been saved, users connecting to the Guest Network will now be able to
connect to the Internet without being able to see or connect to resources on the secure network.
Related documents
Release notes_1.3
Release notes_1.3
Ethernet Link SMS-800
Ethernet Link SMS-800
cisco systems
cisco systems
Securing Network
Securing Network
Review Questions of Switching Networks
Review Questions of Switching Networks
Nona*s Homemade * Marketing Project * C Block Marketing Class
Nona*s Homemade * Marketing Project * C Block Marketing Class
Data Sheet - D-Link
Data Sheet - D-Link
Slide 1
Slide 1
Layer 2 switch
Layer 2 switch
PPT-2 - Convergence Technology Center
PPT-2 - Convergence Technology Center
NTC 242 LEARNING TEAM ACME MANUFACTURING Problem
NTC 242 LEARNING TEAM ACME MANUFACTURING Problem
Packet Tracer Scenario
Packet Tracer Scenario
Westermo Group
Westermo Group
Secure Cloud Computing with a Virtualized Network Infrastructure Bell Labs
Secure Cloud Computing with a Virtualized Network Infrastructure Bell Labs
Controller
Controller
ZTE ZXR10 5900E Series MPLS Easy
ZTE ZXR10 5900E Series MPLS Easy
Slide 1 - ECE Users Pages
Slide 1 - ECE Users Pages
Network Devices
Network Devices
The Virtual Local Area Network (VLAN) Technology
The Virtual Local Area Network (VLAN) Technology
CCNA3:LAN
CCNA3:LAN
AR G3 Series Enterprise Routers
AR G3 Series Enterprise Routers
Технология на програмирането
Технология на програмирането