Wireless LAN GUI Configuration - CSU359 - Shoolini University

Wireless LAN GUI Configuration

0. Wireless LAN GUI Configuration

The Wireless LAN (WLAN) GUI configuration is the process of setting up and managing wireless networks using a graphical user interface (GUI). This process involves configuring various parameters such as SSID, security settings, radio frequency management, quality of service (QoS), and advanced features to ensure efficient network operation and client connectivity. Below is a detailed breakdown of the main components of WLAN GUI configuration.

0.1 SSID (Service Set Identifier) Configuration

The SSID is the name of the wireless network that users will connect to. Configuring the SSID involves naming the network and setting up its basic properties.


SSID: "Office_Network"
VLAN: 10
Broadcast: Enabled

0.2 Security Settings

Security settings ensure that only authorized users can connect to the wireless network and that data is protected from unauthorized access. The most common settings involve authentication and encryption methods.


Security Type: WPA2-PSK
Encryption: AES
Password: "SecurePassword123"

0.3 Radio Frequency (RF) Settings

RF settings define the operating frequencies and channels that the WLAN will use. These settings are crucial for avoiding interference and optimizing performance.


Band: 5 GHz
Channel Width: 40 MHz
Channel: Auto

0.4 QoS (Quality of Service) Configuration

QoS settings ensure that critical traffic, such as voice or video, is prioritized over less time-sensitive data like file downloads or web browsing. This is essential for ensuring good performance for applications like VoIP and video streaming.


QoS Profile: Voice
Priority: High
Bandwidth Allocation: 20% for Video

0.5 Advanced Features

Advanced settings offer more control over network behavior, security, and performance optimization. These features are essential for fine-tuning the WLAN for specific requirements.


Band Steering: Enabled
Client Load Balancing: Enabled
DFS: Enabled
Fast Roaming: Enabled

0.6 Monitoring and Maintenance

Once the WLAN is configured, continuous monitoring and maintenance are required to ensure the network performs optimally. The GUI typically provides real-time data on connected clients, bandwidth usage, and signal strength, allowing administrators to make adjustments as needed.

1. Interpret the Wireless LAN GUI Configuration for Client Connectivity - WLAN Creation

Wireless LAN (WLAN) creation involves configuring the necessary settings on a wireless controller to allow clients to connect to a wireless network. This process typically takes place through a graphical user interface (GUI) provided by the controller or access point. Below is a conceptual breakdown of the steps involved in WLAN creation for client connectivity.

1.1 Basic Components of WLAN Configuration

To create a functional WLAN that clients can connect to, the following components must be configured:

1.1.1 SSID Creation

The SSID serves as the public-facing name of your wireless network. In the WLAN GUI, creating an SSID involves the following steps:

  • Navigate to the "WLAN" or "SSID" section of the GUI.
  • Select "Create New WLAN" or "Add SSID."
  • Input the desired network name (SSID) and select the interface (e.g., WLAN controller or access point).

SSID: "Company_Network"
VLAN: 10
1.1.2 Security Configuration

After defining the SSID, you must configure the security settings to ensure that only authorized users can access the WLAN. Typical settings include:

  • Choose the encryption type (e.g., WPA2, WPA3).
  • Select the authentication method (Pre-shared Key, 802.1X with RADIUS).
  • Define the pre-shared key or point the WLAN to the RADIUS server for authentication.

Security Type: WPA2-PSK
Passphrase: "SecurePassword123"
1.1.3 VLAN and IP Address Assignment

To properly manage network traffic, VLAN tagging can be applied to segregate network traffic. For instance:

  • Assign a VLAN to the WLAN for traffic management.
  • Configure DHCP or static IP settings to allow clients to receive IP addresses when connected.

VLAN: 20
DHCP: Enabled (Pool Range: 192.168.1.100 - 192.168.1.200)
1.1.4 Radio Frequency and Band Settings

Radio frequency settings define how the WLAN operates in terms of channels and signal strength. Key configurations include:

  • Specify the band (2.4 GHz or 5 GHz).
  • Define the channel width (e.g., 20 MHz, 40 MHz).
  • Adjust power settings to control signal range and strength.

Frequency: 5 GHz
Channel Width: 40 MHz
Transmit Power: High

2. Security Settings

Security settings in a WLAN configuration are critical to ensure that only authorized clients can access the network and that data exchanged over the network is protected from eavesdropping or tampering. This section explains the different components of wireless security settings, focusing on authentication and encryption methods commonly used in WLANs.

2.1 Authentication Methods

Authentication ensures that only valid users or devices can connect to the WLAN. The following are common authentication methods used in wireless networks:

2.1.1 Pre-Shared Key (PSK)

This is a common method used in home and small business networks. Users provide a shared password (the pre-shared key) to authenticate their devices to the WLAN.

  • Simplicity: Easy to configure and use.
  • Limitations: All users share the same password, which can become a security risk if shared widely.

Security Type: WPA2-PSK
Pre-Shared Key: "SecurePassword123"
2.1.2 802.1X with RADIUS

This method is used in enterprise environments where higher security is required. It involves a centralized authentication server (RADIUS) that validates individual users before granting access.

  • RADIUS Server: Manages and authenticates users through unique credentials (username and password or certificates).
  • Enhanced Security: Individual user credentials are required, making it more secure than PSK.

Authentication: 802.1X (RADIUS)
RADIUS Server: 192.168.1.50
RADIUS Secret: "RADIUSSecretKey"

2.2 Encryption Protocols

Encryption protocols protect data transmitted over the WLAN from unauthorized access or interception. The most common encryption protocols used in WLANs include:

2.2.1 WPA2 (Wi-Fi Protected Access 2)

WPA2 is the industry standard encryption protocol, offering strong security by using the AES (Advanced Encryption Standard) algorithm. It is widely supported and secure for most environments.

  • AES Encryption: Uses 128-bit AES encryption for robust security.
  • Mode: Works with both PSK (Pre-Shared Key) and 802.1X (RADIUS) authentication.

Encryption Type: WPA2
Encryption Algorithm: AES
2.2.2 WPA3 (Wi-Fi Protected Access 3)

WPA3 is the latest version of Wi-Fi security, providing enhanced protection, especially against brute-force attacks. It includes stronger encryption and more secure key exchange mechanisms.

  • SAE (Simultaneous Authentication of Equals): Protects against dictionary attacks by providing a more secure key exchange.
  • Forward Secrecy: Ensures that session keys cannot be compromised even if long-term keys are.

Encryption Type: WPA3
Authentication Mode: SAE

2.3 Additional Security Features

These additional features can be configured in a WLAN setup to further enhance security:


MAC Filtering: Enabled
Client Isolation: On
SSID Broadcast: Disabled

3. QoS Profiles

Quality of Service (QoS) profiles are used in WLAN configuration to prioritize certain types of network traffic, ensuring that critical applications such as voice, video, or gaming receive the necessary bandwidth and lower latency for optimal performance. Without QoS, all data packets are treated equally, which can lead to performance issues for high-priority applications.

3.1 Key Concepts of QoS

3.2 Types of QoS Profiles

Different types of QoS profiles can be configured based on the specific needs of the network traffic. These include profiles for voice, video, and best-effort data traffic.

3.2.1 Voice QoS Profile

This profile prioritizes voice traffic to ensure smooth VoIP communication, reducing latency and jitter. Key parameters include:

  • Low Latency: Ensures minimal delay for real-time communication.
  • High Priority: Assigns a higher priority to voice packets over other types of traffic.

Profile: Voice
Priority: High
Maximum Latency: 150 ms
3.2.2 Video QoS Profile

Video traffic typically requires both high bandwidth and low latency. This profile ensures that video conferencing or streaming services get enough bandwidth without being interrupted by lower-priority traffic.

  • High Bandwidth: Allocates sufficient bandwidth to prevent buffering or quality reduction during video streaming.
  • Priority: Assigns video traffic a lower priority than voice but higher than data traffic.

Profile: Video
Priority: Medium
Bandwidth Allocation: 20% of total
3.2.3 Best-Effort QoS Profile

This profile is assigned to standard data traffic, such as web browsing or file downloads. It receives the lowest priority to ensure more critical applications like voice and video are not interrupted.

  • Low Priority: Traffic is processed on a best-effort basis, without guarantees of bandwidth or latency.
  • Fair Sharing: Ensures that low-priority traffic does not impact higher-priority applications.

Profile: Best-Effort
Priority: Low

3.3 QoS Parameters

When configuring QoS, certain parameters control how traffic is prioritized and managed:


Traffic Class: Voice
DSCP Value: 46 (Expedited Forwarding)
Queue Management: Strict Priority

3.4 Practical Application of QoS Profiles

When creating or modifying a WLAN configuration with QoS profiles, follow these steps:


SSID: "Company_VoIP"
QoS Profile: Voice

4. Advanced Settings

Advanced settings in WLAN configuration provide greater control over network behavior, performance, and security. These settings are typically customized based on the specific needs of the network environment and can significantly impact how wireless clients interact with the network.

4.1 Band Steering

Band steering is a feature that pushes dual-band clients (those capable of connecting to both 2.4 GHz and 5 GHz) to use the less congested 5 GHz band, improving performance and reducing interference on the 2.4 GHz band.


Band Steering: Enabled
Preferred Band: 5 GHz
4.1.1 Client Load Balancing

Client load balancing helps distribute clients evenly across access points (APs) to prevent overloading a single AP, improving overall network efficiency.

  • Purpose: Ensures that no single AP is overwhelmed with too many clients, resulting in better performance for all clients.
  • Mechanism: Clients are directed to connect to the least crowded APs within range.

Client Load Balancing: Enabled
Threshold: 30 Clients per AP

4.2 Dynamic Frequency Selection (DFS)

DFS allows WLANs to operate in channels typically reserved for radar systems (in the 5 GHz band), increasing available bandwidth. However, when a radar signal is detected, the network will automatically switch channels to avoid interference.


DFS: Enabled
Radar Detection: Active

4.3 Transmit Power Control (TPC)

Transmit power control allows network administrators to adjust the power levels of APs to optimize signal strength and coverage. This can help minimize interference between APs and optimize client connectivity.


Transmit Power: Medium

4.4 Fast Roaming (802.11r/k/v)

Fast roaming is designed for networks with multiple access points where clients frequently move around, such as in large offices or campuses. It ensures seamless handoff between APs without noticeable interruptions.


Fast Roaming: Enabled
802.11r: Enabled
802.11k: Enabled
802.11v: Enabled

4.5 Airtime Fairness

Airtime fairness ensures that each client gets a fair amount of access to the network, regardless of the client’s speed or signal strength. This prevents slower clients from consuming excessive airtime and degrading performance for other users.


Airtime Fairness: Enabled

4.6 Wireless Multimedia (WMM)

WMM is a subset of QoS that enhances the quality of service for multimedia applications, such as voice, video, and gaming. It prioritizes traffic according to categories like voice, video, best effort, and background, ensuring smooth performance for time-sensitive applications.


WMM: Enabled
Voice Priority: Highest
Video Priority: High