Cisco 802.11 Wireless Networking Quick Reference

Happily, to connect an AP or AP backbone to your existing network, you need some infrastructure that you might already have in place. You can tap this to help with your wireless endeavors.

This section explains how you can use existing equipment, such as Dynamic Host Configuration Protocol (DHCP) and Remote Authentication Dial-In User Service (RADIUS) servers, to augment your AP's functionality.

Address Management

IP address management for your integrated network should be straightforward, but can be a chore if you do not have a DHCP server.

If you have a DHCP server already connected to your wired network, simply connect your APs, and they automatically assign IP addresses, as does any stations that connect to the AP.

During initial configuration of your Cisco AP, there is a screen that allows you to choose whether to use your network's DHCP server, or assign IP addresses automatically. You don't need a DHCP server; however, it will make your life a whole lot easier, especially if you have a big network that's getting even bigger.

If you select to have a DHCP server manage IP addresses, the server automatically assigns an IP address to the AP. If you opt to manually manage your own IP addresses, you are asked to enter the following, as shown in Figure 7-6:

• IP address

• IP subnet mask

• Default gateway

Note

Many APs include a built-in DHCP server. As such, DHCP features are managed on the AP, itself.

A word of cautionIf you use multiple APs, all with DHCP servers, it's a bad idea to use the feature on all them. Unless you are meticulous about giving IP address ranges, it is likely that the APs will assign the same addresses to different stations on your WLAN, wreaking havoc. If you have multiple APs that are DHCP-capable, it's a better idea to shut off the APs' DHCP feature and use a centralized DHCP server.

Refer to Figure 7-7, which shows a sample WLAN integrated with a wired LAN. There are two places best to locate a DHCP server:

• On the AP backbone subnet. This server is responsible for wireless stations on the wireless subnet.

• Routers usually include DHCP relay. You can configure the router shown in Figure 7-7 with DHCP relay, and then IP address requests can forward through the network to the main DHCP server.

Access Control

To manage access to your WLAN, you need a strong way to authenticate users. As you remember from the discussion about 802.1X and EAP authentication in Chapter 4, "Wireless Security," if you connect your AP to a network with a RADIUS server, you provide excellent security for your wireless network.

You might already have a RADIUS server at the core of your network. If so, to configure your APs and the RADIUS server to work together is a straightforward task. The process of connecting to a RADIUS server is explained in more depth in Chapter 8, "Wireless Security: Next Steps." However, here's a brief overview of the process:

1. On the AP, identify the authentication server, and then establish a relationship with it.

2. The AP must be defined on the RADIUS as a AAA client.

3. Specify the type of authentication performed (Network EAP and OPEN with EAP or other versions of EAP).