Troubleshooting wireless networks.

In this section, we're going to discuss troubleshooting

of our wireless networks.

For the purposes of this section,

when I talk about wireless,

I'm specifically referring to wifi

or the 802.11 family standards, not Bluetooth, cellular,

satellite, near-field communication or RFID,

even though some of the topics

that we're going to cover like interference and antennas

and attenuation are also applicable

to those technologies as well.

Before we do, though,

it's important for us to do a quick review

of the different specifications and limitations

involved with wireless networks.

First, let's consider the different speeds and throughputs

of our various 802.11 wireless networks.

When we talk about the speed

we're normally referring to the bandwidth

of a given connection.

Bandwidth refers to the theoretical speed

of data going across a network.

Throughput, on the other hand, is the actual speed

of data on that network.

So, if you're using an 802.11a wireless network,

the maximum bandwidth or theoretical speed is 54 Mbps.

Now, while that's the theoretical maximum,

in reality, you're commonly going to see throughput

of only 20 to 30 Mbps.

If you're using 802.11b, this is going to have

a maximum bandwidth or theoretical speed of 11 Mbps.

Now again, while that's the theoretical maximum,

in reality, you're commonly going to see throughputs

of only 5 to 7 Mbps.

If you're using 802.11g wireless networks,

the maximum bandwidth is going to be 54 Mbps.

But in reality, it's going to be common

to see throughputs of 30 to 32 Mbps.

If you're using an 802.11n wireless network,

the maximum bandwidth is 600 Mbps,

but the common throughput you're going to see

is usually around 140 to 150 Mbps.

If you're using 802.11ac wireless networks,

the maximum bandwidth is 1300 Mbps or 1.3 Gbps.

Now, while that's the advertised speed,

and even sometimes you'll see it as high as 1900 Mbps,

when they start adding the 1300 Mbps

for the 5GHz radio and another 600 Mbps for the

backwards compatible wireless n, embedded 2.4GHz

radio on the access point,

that is just a theoretical number.

So, your theoretical number is somewhere between

1300 Mbps and 1900 Mbps,

depending on the model of wireless ac that you're using.

But the throughput is really going to be somewhere between

100 and 500 Mbps, in reality.

Now, if you're using an 802.11ax model,

this is going to have a maximum bandwidth

or theoretical speed of 10 Gbps.

Now, again, that's a theoretical maximum.

In the real world though, we're only seeing throughput

of around 600 to 900 Mbps.

All right, next, let's consider the distance

associated with each variant of wifi

that you may come across in the field.

Wireless a, b, and g networks can reach distances

of about 35 meters indoors and about 100 meters outdoors.

When you go to wireless n networks

you can reach a distance of up to 70 meters indoors

and about 250 meters outdoors.

With wireless ac and ax,

you can reach distances of around 50 meters indoors

and about 100 meters outdoors.

Now you may be wondering, do I need to memorize

all these different distances?

And the answer is, no, you don't.

But you should be aware that wireless n

doubled the distance over earlier wireless a,

b, and g networks.

You should also be aware that wireless ac and ax

cover a distance between wireless n

and the earlier technologies,

but at much higher speeds and throughputs.

Now, when it comes to distance,

really what we're worried about is how strong the signal is,

once it's received by a client.

This is measured in terms of the RSSI

or received signal strength indication.

Sometimes you'll hear people simply call this

the signal strength.

Now, RSSI is an estimate and measure of the power level

that a radio-frequency client device is receiving

from a wireless access point or wireless router.

As the distance increases, the signal will get

weaker and weaker at the client.

And the data rates in turn are going to go down

as you're going to get lower throughput

over this wireless network, as it gets slower and slower

when you get further and further from the signal strength.

Now, when you look at the received signal strength indicator

on the client, you should see it

in the negative 60 to negative 65 decibel range.

This would mean you have a strong signal.

It indicates a good strong signal that can support

heavy network based applications like voiceover IP,

video streaming, and other bandwidth intensive applications.

The RSSI value measures itself from zero to 100

in the negative range.

The closer the signal is to zero the stronger

the signal is going to be at the client.

For example, my computer is currently receiving

an RSSI value of negative 38 decibels,

which is extremely strong because my wireless access point

is actually located about five feet from my computer.

When you're looking at the RSSI,

anything that's over negative 90 decibels,

like 90 or 100 decibels, that is going to be considered

extremely weak.

If the signal is around negative 65 decibels,

this is considered fairly strong and a usable signal.

If you have an RSSI of negative 55 decibels,

this is a strong signal.

If you get a signal of negative 30 or above,

meaning somewhere between zero and negative 30,

this is extremely strong and you're probably sitting right

next to your wireless access point.

All right, finally, let's talk about

the Effective Isotropic Radiated Power or EIRP.

The effective equivalent isotropic radiated power

is the maximum amount of power that could be rated

from an ideal isotropic antenna,

given its antenna gain and the transmitter power

of the radio frequency system.

That is a lot of technical words,

but essentially this is going to be written down

as a dBi or decibels over isotropic when you measure it.

An omnidirectional antenna is considered

an isotropic antenna and it distributes power

equally out in all directions.

Now, why should you care about the EIRP levels?

Well, because these EIRP levels tell you

how strong the signal is being rated

out of your wireless access point towards your client.

This is the other half of the RSSI discussion

that we just had.

Remember, RSSI is used to measure the amount of signal

being received by the client from the access point.

We're measuring it on the client.

When we talk about EIRP,

we're measuring it at the access point.

So, if you're having signal issues

with your wireless network,

you can look at it from two different perspectives.

If you look at it at the RSSI level,

you're measuring it on the client and determining

if they're having an issue receiving the data.

On the other hand, you could look at the EIRP levels

from the access point and determine if the issue

is instead being caused by the access point,

its antennas or its power levels not being sufficient

to send out the signal.

All right, we just covered a lot of key terms

and information that you need to understand

as we move forward throughout this section

on wireless network troubleshooting.

In this section, we're going to focus on domain 5,

network troubleshooting and objective 5.4.

Objective 5.4 states, given a scenario,

you must troubleshoot common wireless connectivity issues.

So let's dive into this section

on troubleshooting wireless networks.

Wireless considerations.

In this video, we're going to discuss wireless considerations

that you need to think about

as you start to troubleshoot your wireless networks.

We're going to begin by discussing antennas,

their placement, their type, and their polarization.

Then, we're going to cover channel utilization,

site surveys and the types of information

that those things can help us with

as we troubleshoot our networks.

Finally, we're going to talk about wireless access points

or AP association times, and how association actually works.

First, let's talk all about antennas.

Antennas can come in multiple different types,

and each one has its own purpose.

By default, most wireless access points

are going to use omnidirectional antennas.

And normally they're going to be located

in a vertical form factor.

Now for a vertical antenna,

the radiation pattern for the radio frequency waves

is going to extend outward in all directions,

away from that antenna and away

from the wireless access point at an equal power level.

As the radio waves travel further and further

from that antenna,

the signal is going to get lost a little bit

and the power and strength is going to decrease.

Now, if you're monitoring this from your client,

you're going to see that you have more negative RSSIs

as you go further from the wireless access point

and it's antenna.

Now, for example,

let's say you're sitting right next to the antenna.

You might have an RSSI of negative 30 to negative 40

decibels, but if you move out a hundred feet away,

that signal strength may now be at an RSSI

of negative 65 or negative 70 decibels.

Another type of antenna you might come across

is known as a dipole antenna or a bi-directional antenna.

With a dipole antenna,

the antenna is going to produce a radio-frequency wave

that extends outward in two directions,

away from the antenna.

With a dipole antenna,

you're normally going to see a higher RSSI

in the client device,

even when it's located further from the access point,

because this antenna can now focus its power

in only two directions instead of the entire 360 degrees

around itself, like an omnidirectional antenna produces.

So if you need the radio frequency waves

to only go in two directions,

a dipole is going to be a good option for you,

but they're not heavily used in wireless networks

for the most part.

Next, we have this thing known as a Yagi antenna.

Now a Yagi antenna is the type of unidirectional antenna

that sends the radio frequency waves only in one direction.

Due to this focusing of the radio frequency

in a singular direction,

a Yagi antenna can send the radio frequency waves

further in a single direction using less power

than an omnidirectional antenna will.

Normally you're going to see a Yagi antenna used

when you're trying to connect to different sites

using a wireless link.

For example,

you may want to connect to office buildings

on a college campus using a wireless link

instead of running a buried fiber optic cable.

In this case,

you're going to use a Yagi antenna to do that.

Finally, we have a parabolic grid or disc antenna.

These antennas are unidirectional antennas,

just like a Yagi antenna is,

but they're built a little bit differently.

Now, parabolic grid antennas are most commonly used

for site-to-site applications

where you need to connect buildings

over a longer distance than you would with a Yagi antenna.

Like a Yagi antenna,

a parabolic antenna is going to allow the radio wave

to be transmitted in only one direction,

making it a unidirectional antenna.

Now, when it comes to placing your antennas,

this is going to be dependent

on where you're going to place them

inside or outside of your building

to create the coverage that you desire.

If you're setting up a site-to-site

or building-to-building connection,

you're going to want to use a unidirectional antenna

like a parabolic or Yagi antenna.

Now you're going to take that and mount it

on the outside of your building.

And usually you're going to attach it to the roof

and make sure there's a clear line of sight

between both antennas on each of those buildings.

Now, one of the common issues you're going to experience

with wireless antennas for a site-to-site or

building-to-building connection is that the connection

may deteriorate and slow down or completely stop over time.

If this occurs,

you need to ensure that both the antennas

still have a clear sight between them.

For example, maybe you have two office buildings

and they are only one or two stories high.

You've gone ahead and installed the antennas in the fall.

And there was no issues at all.

You had a perfectly clear line of sight,

but it's been about six months,

and now the seasons have changed and spring appears

and your wireless connection

may start to be affected by trees

because they've sprouted new leaves

and they are now blocking your line of sight clearly

between those two buildings.

Similarly, if in the winter time there's a lot of snow,

this can also block your signal,

or if it rains heavily in the summer,

you could also have a deteriorating signal

because the water droplets will block

the wireless communication between these two antennas.

So if you're working with antennas,

you need to think about these things

when you're working outside.

Now, on the other hand,

if you're working inside your building,

you're going to be more likely to use omni-directional

or unidirectional patch antennas to control the signal

being radiated by your wireless networks,

to each of your clients.

With omnidirectional antennas,

it's going to be common to place this on the ceiling

in the middle of the office or classroom.

For a unidirectional patch antenna,

you're usually going to place this

on the outer wall of the building facing inward,

thereby directing all those radiofrequency waves

back inward towards the office or the classrooms.

Now, the last thing we need to discuss with antennas

is the concept of polarization.

Polarization is the orientation of the electric field

or transmissions that are occurring from that antenna.

Basically, as the radio frequency waves leave the antenna,

how is it going to be oriented?

Every antenna has a polarization associated with it.

And for wifi networks,

our intent is usually you're going to have

a vertical or horizontal polarization associated with them.

Now, most wifi clients that have external antennas

are going to use vertical polarization,

but your wireless access point

could use vertical or horizontal polarization

depending on what type of antenna it has.

Now, if you see a problem with some clients

getting a poor RSSI,

even though they're pretty close to your access point,

this may indicate you have a polarization issue.

If this is the case,

I want you to try flipping

the wireless access point antenna

to allow the clients to better connect

to that device if they support bending the antenna upwards,

or if you're using wireless access points

that are sitting on the floor,

you want to make sure you're using vertical polarization

and radiating antennas to increase your coverage area.

If you're using horizontal,

it's going to keep sending those radio waves

out horizontally

right along the floor and up to the desk level

where everybody else is working.

Remember, most wifi networks use vertical polarization.

So your intentions should be sticking upward

if you're using an omnidirectional antenna

with your wifi networks.

All right, next, we have channel utilization.

Channel utilization is a statistic or measure of the amount

of airtime utilization that occurs

for a particular frequency or channel.

If there's a higher rate of channel utilization,

then that means there's more traffic being transmitted

over that particular frequency.

In order to have a fast wireless network,

you want to keep your channel utilization under around 30%.

Now, channel utilization is not something

you alone can control though,

because there's lots of these different channels

that overlap with other people in that area.

And so the same channels and frequencies

can be used by your network and other networks too.

For example, let's say you're running a wireless B

or wireless G or wireless N network,

and you're operating in the 2.4 gigahertz spectrum.

We are going to be using the same channels

that everybody else is, channels one, six, and 11.

Now, if you have a large office building,

this won't be a big problem for you

because nobody else is going to be

in the same general area as we are.

But if you're in a crowded office building

or a shopping mall or an apartment building,

this can easily start to have a lot of

different wireless networks operating

on the same channels as ours in the same location.

Now, when wireless access points and wireless clients

are operating on the same channel

and all of those things are in

the same range of each other,

they're going to begin to form a single broadcast domain,

similar to an ethernet hub.

All of the devices can hear each other's transmissions.

And if any two devices transmit at the same time,

their radio signals will collide and it becomes garbled,

which results in data corruption or a complete frame loss.

If there's an excessive amount of collisions,

data will never be retransmitted successfully,

and the wireless network could become unusable.

So to avoid collisions 802.11 wireless devices use a

listen before they speak approach

when they're accessing the wireless medium,

which is the radio frequency,

following the CSMA CA or collision avoidance techniques.

Now with this, devices are going to perform

a clear channel assessment or CCA

by first listening to see if another device

is actively transmitting on the channel

before they attempt to send their own frames

on that given frequency.

Now, when a device detects another transmission in progress,

it's going to perform a random back-off

for a short period of time after which

it's going to perform another CCA check

before it attempts to transmit.

If the channel is clear after the check,

that device will be able to access the channel

and send some data.

Now, as the number of devices needing to transmit frames

starts increasing on a channel,

this is going to cause congestion to occur

to the point where devices can spend

a lot more time waiting to be able to send something.

This results in slower speeds,

because devices have to wait longer

before they can send their data.

This is the negative effect

of having high channel utilization

and at least a slower throughput

for our network devices.

Now, how do we solve this problem

of over channel utilization?

Well, first we're going to start

by conducting a site survey.

Now a site survey also known as a wireless survey

is the process of planning and designing

a wireless network to provide a wireless solution

that will deliver the required wireless coverage,

the data rates, network capacity, roaming capability,

and quality of service that your organization desires.

As part of the wireless survey,

you need to determine where each access point is located,

what power level it's using to transmit

by using its effective isotropic radiated power,

or EIRP, the overlapping coverage areas

for your wireless access points,

and the other wireless access points in clients

that may be operating in the same or general area

or channels as you.

Now by using this site survey information,

you can determine if you need to change the channels

you're using to a less busy, less utilized channel,

or if you may need to upgrade your networks

to a new frequency band altogether.

After all, if you decide to upgrade

to a wireless N, wireless AC or wireless AX network,

and you start using the five gigahertz spectrum,

this gives you 24 non-overlapping channels

instead of the three in the 2.4 gigahertz spectrum.

So there's going to be a lot less overall utilization

on each of those 24 channels in the five gigahertz spectrum.

By conducting a site survey,

you can better understand the wireless environment

in and around your networks.

And this is going to allow you to configure your devices,

to use the less utilized channels,

ensure there's proper coverage for all of your work areas

and ensure your wireless network is not being blocked

or interfered with by physical obstacles

within the building.

Finally, we need to talk about

wireless access point association times.

Now when a wireless client attempts to connect

to a wireless network, it goes through a seven step process.

First, the wireless client is going to send

a probe request to discover any 802.11 wireless networks

in the general location that it's in.

Essentially, it's going to send a broadcast message

to the BSS ID of F F F F F F F F F F F F.

And all the access points in that area

that are using the same frequency,

either 2.4 gigahertz or five gigahertz

will respond to that client.

Second, any access points that receive this probe

will check to see if they can support the data rate

that the client is now requesting in that probe.

For example, if I'm a wireless AC access point

and you just requested to communicate using wireless B,

I'm going to ignore your request

because I'm operating at five gigahertz

and you're operating at 2.4 gigahertz.

But if we both support wireless N

then I can respond with a probe response

that provides my SS ID, my supported data rates,

my encryption type, if I'm using wireless security,

and other capabilities of my particular access point.

Third, our wireless client

will then send a low level 802.11 authentication frame

to the access point,

and this will begin the authentication handshake

between my client and the access point.

Fourth, the access point receives

this authentication frame and responds

with an acknowledgement to continue the handshake.

If the wireless access point receives anything other

than an authentication or a probe request

from this client, though,

it's going to send a de-authentication frame

and break the communication with this client

because this client is not yet part

of my authenticated network.

Fifth, the wireless client is going to choose

the access point it wants to associate with

and sends an association request

using the encryption and 802.11 capabilities

that are supported by that access point.

Sixth, the access point is going to process

the association request,

if the information sent matches its own capabilities,

and then an association ID is being created

for this wireless client and this access point,

and the access point is going to respond

with an association response of success.

This way, the client knows it is now fully connected

to this wireless access point.

Seventh, now that the client is fully connected

and associated, it can begin to connect any data transfer

it needs to, and utilize the wireless network

and its associated devices.

Now, that's how everything is supposed to operate,

but sometimes you're going to see a wireless network

that has a really long association time

for an end user's client.

This is because the client has to scan the airwaves,

find the access points it might want to connect to,

request the association,

authenticate to the access point,

and then contact the DHCP server to get an IP address,

prior to being able to actually use that wireless network

connection that we just established.

This process can take just a few seconds

in a not heavily loaded network,

but it can take up to 30 to 60 seconds

if you have a busier network.

To speed up the association process,

clients should be located in a high signal strength area.

Those with the highest RSSI during the association process

are going to give us a stronger strength

and that's going to drastically reduce the wait time

during this association.

Coverage and interference.

In this lesson, we're going to discuss

coverage and interference in wireless networks.

These are two of the most common issues

we're going to come across when we start troubleshooting

our wireless network connections in the field.

First, let's talk about coverage.

Coverage is a measure of how large of an area

around a wireless transmitter

there is sufficient signal strength

for a wireless device to utilize.

Basically, it comes down to how much physical area

you can use with your wireless devices

before you get outside the coverage area

and you lose signal.

To determine your coverage area,

you're going to conduct a wireless site survey.

This'll generate a heat map showing the areas

with the highest level signals in green,

then as they get weaker, it goes to yellow,

orange and red with the weakest signals.

Now, the signal is always getting measured from your client,

using the RSSI.

And this is measured in decibels.

If you're going to measure it from your access point,

you're going to measure it in EIRP

and you're going to do that in dBI.

Now, one of the most common issues experienced

by Wi-Fi users is insufficient wireless coverage.

For example, let's say you have a three-story townhouse

and you only have a single wireless access point

on the main floor of that home.

Well, it's going to be unlikely to provide you

with sufficient coverage all the way up

on the third story of your townhouse.

In this case, if you're using your laptop

on the first floor, everything's going to work just fine

because you have really high RSSI value.

But when you go up to the second floor,

that RSSI value is going to lower

because the signal got weaker as you got further away,

and the signal has to now go through the ceiling

of the first floor to get into

that second floor you're sitting at.

Now, if you go up another level to the third floor,

that signal may be too weak to even register

by your wireless client, or it can drop you completely.

Now, if this happens, you're going to need to find a way

to boost up that signal and make it stronger

so you can increase your coverage area.

To do this, you can use a signal booster to raise the power,

you can use an antenna with a stronger DB rating,

you can use a wireless repeater,

or you can add a second wireless access point

that can operate in an extended server set

or ESS configuration with your initial access point.

Remember, the coverage area for a single

wireless access point is affected by two main factors,

the amount of power that the transmitter is sending out,

and the size of your antenna.

If you replace a five decibel antenna

with a nine decibel antenna,

you're going to effectively double your range

under the right conditions.

As for the power being sent out

unfortunately, you're normally going to be limited

in your ability to control that

because there's a maximum amount of power

that the FCC and regulators allow us to use

inside of the wireless frequency range,

but you could use a wireless repeater.

Now, a wireless repeater is simply a layer one device

that has two radios built into it.

You plug this device into a power outlet

and you configure it to connect to your wireless network.

Now, one of the radios grabs the signal

from your wireless network.

Then it's going to boost up the signal

and send it out again off its other radio.

This way, when the signal comes in

on one side of the device, it's going to be repeated out

at full strength on the other radio too.

This will extend that wireless network

into an additional area of space

because you have this new signal going out

from this repeater.

For example, let's say if this repeater

receives a signal at -70 RSSI.

It can retransmit it to get it out on the other side

at -30 RSSI.

Effectively making it a brand new signal.

So, in the example of a three-story townhouse,

I might want to have my first wireless access point

on the first floor.

Then I can have a repeater on the second floor.

Now, at this point,

we'll probably have some signal on the third floor,

or we could put another repeater on the third floor

to boost that signal even more

when it reaches it from the second floor.

Finally, we could use an extended server set

to cover the entire building properly.

In one of my old houses,

I actually ran ethernet twisted pair cable

from the basement to the second floor of my house,

and then I connected a second wireless access point there.

These two wireless access points work together

to provide coverage over the entire home.

One from the top down from the second floor,

and one from the bottom up going from the basement.

And this gave me adequate coverage for the whole house.

Now, each wireless access point

operate on a different channel

and I could run from upstairs to downstairs

and my devices would automatically switch

from one access point to the other

as they needed to, to maintain coverage.

These days, we also have wireless mesh systems available.

And they rely on a combination of repeaters

and access points that are put into a single device

to provide full coverage for larger homes and offices.

Instead of having to run ethernet cables to each device,

they instead rely on internal wireless radios

to send the data from one device to the other

and create a whole house mesh network

for the wireless network with sufficient coverage.

Next, let's talk about interference.

If you remember, anytime you have multiple wireless networks

communicating on the same channel,

you can have interference

because they're all talking at the same frequency.

To avoid interference in the 2.4 gigahertz spectrum,

we always use the three channels of one, six, and 11.

If I'm using channel six

and you're using channel four though,

we're going to have an overlap

and we're going to interfere with each other's networks.

This interference can lead to retransmissions

and this will slow down both of our networks.

So when you're conducting your site survey,

you're always going to want to make sure you see

what channels and frequencies

are already being used in your area.

If you create an extended service at wireless network,

you need to plan the locations of your access points

and the channels they are going to use.

Remember, in a 2.4 gigahertz network,

you always want to make sure you're using

channels one, six, and 11,

and you never want to have the same channel number

sitting next to each other and overlapping.

This way, I can make sure that I have good coverage.

For example, let's say I was installing access points

down a long hallway.

I would install them as one, six, 11, one, six, and 11.

Notice that I skipped each one to a different number.

This ensures there's no overlapping zones,

they're touching one another of the same type of number.

Also, you want to ensure you have 10 to 15% overlap

between the two access points

to make sure you have sufficient coverage

and time for the devices to hand off.

Now, if you're using a newer five gigahertz network,

you're going to utilize a honeycomb pattern

for your access points as they're being installed.

And you should always ensure that each channel

is not repeated until you're at least two zones away.

This'll ensure adequate coverage and minimize interference.

Next, let's cover attenuation.

Attenuation is a reduction in signal strength

between the transmission and receipt of the wireless signal.

Attenuation can occur for lots of different reasons,

such as increase in the distance

between the transmitter and the receiver,

hitting a wall or other physical obstacle,

or signal interference that's reducing

the overall signal strength

because of more noise in the environment

causing interference.

Attenuation can occur within the antenna's cable itself

or in the radio frequency wave

as it's traveling away from the transmitter

and towards the receiver.

When the attenuation is occurring

inside the antenna's cable, it's normally going to be caused

by the materials and the construction of that antenna.

If low quality components were used to make that antenna

or the cables inside of it,

there are going to be more resistance inside that wire,

and that leads to more attenuation.

To increase the signal strength and reduce the attenuation,

you can replace the cable or the antenna

with a higher quality, lower resistant component.

With radio-frequency wave signal attenuation,

one of the causes of this is multipath reception.

Now, this occurs when the transmitted signal

starts bouncing off walls and other physical objects,

and then it eventually gets redirected back to the receiver.

Now, for example, let's say I was standing

on one side of the room

and you're standing on the other side of the room.

And there's a big support column standing right between us.

If I wanted to send a ball to you

that's going to signify my radio waves,

I couldn't throw it directly to you.

Because if I did that,

it's going to hit the column and bounce back towards me.

So instead, I would need as an omnidirectional antenna

to throw out a lot of different balls simultaneously.

Some of those will bounce off the sidewalls

and they'll eventually reach you.

Some will hit the pole in front of me and bounce back to me.

But, because of all this different bounce,

we're going to have slower and weaker signals

by the time they get to you,

because I had to bounce off the wall first, right?

Well, the same thing happens with our radio frequency waves.

They may bounce around the room

and they'll eventually get to you,

but they may be attenuated and weaker than before

and it's going to lead to a lower RSSI value for you

and lower throughput for the data

being sent over these networks.

Now, finally, we need to talk about disassociation issues

within our wireless networks.

There's a lot of reasons that a client

would be disassociated from a wireless access point.

This includes an idle timeout, a session timeout,

wireless network changes, manual deletion,

authentication timeouts, or access point radio resets.

Now, a client association due to an idle timeout

is going to occur whenever a wireless client

doesn't send or receive traffic within 300 seconds,

which is five minutes.

This is the default setting on most wireless access points,

and it's used to free up the network

for other clients to join.

To prevent this from occurring,

some wireless client implementations

will send out a keep alive packet every few minutes

so they can remain connected the entire time

to that wireless network.

Now, a client association can also occur

due to a session timeout,

and this will happen after 1800 seconds.

At this point, the wireless client

should reconduct an authentication again

and reestablish their connection automatically.

This again is something that's handled

by your wireless client automatically on your behalf

in coordination with the wireless access point.

Next, we have client disassociations

that occur due to wireless network changes.

And this occurs whenever the wireless local area network

is being changed and this change

causes the wireless network to be disabled

and then reenable itself.

For example, if you're going to change the shared pass phrase

that secures the network,

it's going to reboot the wireless network

and force every device to reconnect and reauthenticate.

This makes a lot of sense because we want to make sure

they all have the right password again, right?

Another client association we can have

is caused by manual deletion.

And this occurs whenever a wireless client

is removed by an administrator.

This makes sense because if I kicked your client

off my network, that means I want you to be dissociate

and removed, and then you'd have to reconnect again.

Now, another way that client associations occur

is due to authentication timeouts.

And this occurs whenever the authentication

or key exchange process fails to finish in a given time.

When this occurs, the wireless client

is disassociated from the access point

and needs to restart the authentication process

all over again to regain access.

Another time you'll find client disassociations occurring

is when your access point radio is reset.

And this is similar to the change

that we made with the wireless network.

All of our clients are going to be disassociated,

the radio is going to be turned off and turned on

to cause that reset, and then the clients

can begin their association process once more.

Now, why is it important to understand all these times

when disassociation happens?

Well, because sometimes your clients can be disassociated

as part of a deauthentication attack

and not for one of these real legitimate reasons.

This is a common wireless attack that is used by hackers

to disassociate your wireless clients

and make them attempt to reconnect to the access point.

Now, when this occurs,

the attacker is going to attempt to capture

the packet's use in the association

and authentication processes,

and then they'll try to crack that shared pass phrase

to gain access to the network indefinitely.

So if you see a client

that's continually being deauthenticated,

you need to check your wireless gateways

and your wireless controller logs

to determine the root cause.

It could be one of the ones I just mentioned above,

and all of those are normal and expected.

But if it's not one of those,

it could be caused by an attacker.

And that's something you need to investigate further.

Incorrect configurations.

In this lesson,

we're going to discuss a few incorrect configurations

that you may commonly find as issues

within your wireless networks.

This includes things like the wrong SSID being used,

the incorrect passphrase being used

and an encryption protocol mismatch.

First, let's talk about Service Set Identifiers or SSIDs.

Now, an SSID is simply a natural language name

that's used to identify a wireless network

in an 802.11 protocol.

For example,

if you're at a Starbucks drinking a latte right now,

you may be connected to their wireless network

and it's called Starbucks Wi-Fi.

Now the word Starbucks Wi-Fi, is the SSID.

In general, I don't see an incorrect SSID being an issue

for most people.

This is because most people connect to a wireless network

by clicking on the name from a dropdown menu

in their Windows or Mac operating systems.

But if you're configuring a device like a network printer,

and you're typing in the SSID manually,

you need to ensure that you don't mistype it,

or you're going to get an incorrect SSID error.

Additionally,

if you see another SSID that's similar to yours,

but it's not yours and it's in the same general area as you,

that means there may be an evil twin present.

If this occurs, do not connect to that SSID,

because the wrong SSID, if you connect to it

will lead to a malware infection

or an on path attack for your wireless clients.

Next, we have the incorrect passphrase being used.

Now, this one's pretty self-explanatory as well.

If you're trying to connect to a wireless network

using the correct SSID

and that network requires a pre-shared key

or passphrase for you to connect to that wireless network,

you need to enter the right passphrase or pre-shared key in

order to authenticate to the network.

If you put it in the wrong one,

it's not going to let you connect.

Now remember, a passphrase or a pre-shared a key

is used to encrypt and decrypt

the data being sent and received by this wireless network.

If you enter the wrong passphrase

or the wrong pre-shared key,

this wireless client you have is going to be disassociated

from the access point

and it's going to attempt to again, reconnect.

So if you have the safe password button check,

it's going to keep trying with the wrong password.

So you need to make sure you put the right one in.

Now, there have been a few cases reported

where users enter the proper passphrase,

but the wireless access points still

is reporting an incorrect passphrase.

In these cases,

the solution is usually to re-install

the wireless network adapters drivers inside of Windows,

because they may have become corrupted

and they're causing the passphrase that you entered

to be incorrectly encrypted before it's sent to the wireless

access point for that verification.

So if you get an error stating

that you have the incorrect passphrase,

first, double-check your password and try entering it again.

If that doesn't work, then you should attempt

to re-install the drivers for your wireless adapter

within Windows.

Next, let's talk a little bit about encryption protocols.

Remember most of our wireless networks

are going to use some form of encryption.

If we're using WEP,

we're going to be using RC4 as our encryption algorithm.

If we're using WPA,

we're going to be using TKIP as our encryption algorithm.

If we're using WPA2,

then we're going to be using AES for encryption by default.

All right,

if you're attempting to log on to a wireless network

and you get an error that says something like,

network security key mismatch,

this could either mean you enter the wrong Password

or a passphrase,

or you're using the wrong encryption protocol for this type

of network.

Now, if this occurs,

you can try one of three things.

First,

you can manually change the type of protocol

that's being used by manually connecting

to the wireless network,

using the network and sharing center inside of Windows.

Second, you can disable any third party,

antivirus tools tools you may be running

because they could often cause interference

and cause issues with the wireless encryption protocols

and some network adapters drivers.

Third,

you can attempt to re-install the wireless drivers

for your wireless network adapter,

as they may have been corrupted over time,

and they might need to be replaced.

Now in general, when you connect to a wireless network,

it's going to be pretty simple and straightforward.

As long as you're using the right SSID,

the right passphrase and the right encryption protocol,

you'll be able to make that connection.

If you believe you entered all of these things correctly,

and it's still not working,

it could be a deeper issue within your operating system

or network drivers that needs to be identified and fixed.

Captive portal.

In this lesson, we're going to discuss captive portals

and some issues you may experience when you're using them.

First, what is a captive portal?

Well, a captive portal is a webpage

that's access from your web browser,

and it's going to be displayed to newly connected users

of a wireless network before they're granted broader access

to network resources.

Captive portals are commonly going to be used

to present a landing page or a login page,

which is going to require authentication, payment

or acceptance of an end user license agreement

or something like acceptable use policies,

survey completion, or some other kind of information

we're trying to collect from you before we allow you

to get onto our network and our resources.

Now, these captive portals are commonly used at places

like hotels, restaurants, airports,

and other places that give you free

or paid wireless networks for you to connect to and use.

In general, captive portals are implemented

by using an HTTP redirect, an ICMP redirect,

or a DNS redirect.

We're going to talk about all three of those in this lesson.

Now, when a user attempts to log into a wireless network

and the captive portal doesn't redirect them properly,

it can be a really frustrating experience.

I personally had this happen to me a lot,

but luckily, I know how to troubleshoot and fix this issue.

And after this video, you will too.

Now, for example, I was flying home recently

on a Delta flight and they use a captive portal system.

When you connect to the Delta Wi-Fi network on the plane,

it's supposed to redirect you

to the captive portals login page

so you can enter your account information

so you can access the internet if you're a SkyMiles member.

Now this didn't work on my MacBook Pro though.

So I had to start begin troubleshooting this issue

and figure out what was causing the problem.

It could have been any of the three redirect methods,

cause I didn't know which one they were using.

So let's say first I went and tried to see

if they used an HTTP redirect.

With an HTTP redirect,

all traffic is redirected to a web server that they control.

And then this web server redirects the clients

to the captive portal using an HTTP status code of 302.

In the case of this in-flight Wi-Fi,

that is not what they were using

and so I moved on to my troubleshooting efforts.

Second, I looked to see if they were using ICMP packets

to redirect me to a captive portal.

Now, ICMP is a network protocol that's used

to send error messages and operational information

indicating the success or failure

of communicating with another IP address.

With an ICMP redirect, it's not a very common way

to do captive portals these days, at least in my experience.

And again, I found that they were not using that

inside of the in-flight Wi-FI,

and so I moved on to step three.

Step three is probably your most common type.

And this is what's known as a DNS redirection.

Now, when the client joins the inflight Wi-Fi

on board the aircraft, the client gets an IP address,

a subnet mask, a gateway,

and a DNS server IP from the network.

Now this is all handed out to you

from the onboard DHCP server

when you connect to the network.

Now, when the client opens up a web browser

to connect to a website like deontrain.com or google.com,

the client is going to be redirected

to the onboard DNS server

and then redirected to that captive portal page.

This is exactly what the in-flight Wi-Fi

is attempting to use,

but it wasn't working on my MacBook Pro.

Now, why is that?

Well, the issue was,

my client was already configured to use DNS

from a static server that I assigned

and not the onboard Wi-Fi's DNS server.

Instead, I always use my DNS server as 8.8.8.8,

which is Google's DNS server because I trust that one.

So I was configured to use Google's DNS server,

not the onboard DNS server,

and therefore it couldn't redirect me

to their captive portal.

So I quickly disconnected from Wi-Fi,

I cleared out my saved DNS setting of 8.8.8.8,

and I set it automatically be configured over DHCP.

Then I reconnected to the onboard Wi-Fi.

Immediately, I was forwarded to the captive portal

and I was able to get online and surf the web

at 36,000 feet over the Atlantic Ocean.

Isn't modern technology just wonderful?

So, what are some other common captive portal issues

that you might experience?

Well, if you're dealing with a smartphone

like an Apple or an Android device,

especially with Apple devices,

sometimes these things don't automatically load up

the captive page upon connecting to the wireless network.

If this occurs, you should first open up a web browser

and try to go to any site like google.com or facebook.com,

something you know should always be up and available.

This should cause the captive portals HTTP or DNS redirects

to take over and then present you

with a captive portal login page.

Now, if this doesn't work,

then you're going to need to check your IP configuration

of your smartphone and determine what the default gateway is

for that wireless network you're connected to.

Then you could type that IP address into your web browser.

This will force load the cactus portal

in most cases as well.

Now, the same thing can happen on your laptops as well.

And if it does, I tend to follow

the same three-step troubleshooting process.

First, I open up a web browser

and I try to go to any website

like google.com or facebook.com.

Second, if that doesn't work,

I determine what the default gateway

for the wireless network is, and I enter http://

and the IP address for that default gateway.

Then I hit enter.

Third, If that doesn't work,

I verify my DNS server IPs.

And I make sure that it's not set to something

like 8.8.8.8 manually and instead I turn on DHCP

for it to allow me to auto configure my DNS on my laptop

to connect to their wireless network.

Then I reattempt step number one

by opening up a web browser and going to any website again.

Usually, these three steps will solve

most of the issues you're going to come across

with captive portals.