Virtual Interfaces

From csn
Jump to navigation Jump to search

The purpose of this lab is to introduce a new concept called virtual interfaces or multiple SSIDs. By using virtual interfaces you can use the same physical wireless radio under a range of conditions. In this lab, we investigate how this can offer more diverse security profiles.

In many scenarios, the type of security used by the network may not necessarily be the most secure because APs must be backwards compatible with older wireless equipment. Currently, some installations still use WEP, a relatively insecure wireless protocol, because some equipment does not support WPA. The future may hold similar problems. The upgrading from WPA to WPA2 requires AES encryption, however, may older devices may not support AES. This lab will show how you can use virtual interfaces to support multiple SSIDs and multiple security protocols simultaneously using one physical interface.

Configuration

To begin your lab, do the usual; restore factory defaults, change the SSID, change the channel and lower power to 5 mW. Click the wireless tab. Down the bottom add a virtual interface. Give your virtual interfaces two different SSIDs, use your own original name, but append _wep to one and _wpa to the other. Save and apply.

Now click the wireless security tab. Configure WEP up on one virtual interface and WPA on the other. Using two wireless clients, connect to the WEP SSID with WEP and the WPA SSID with WPA. Make sure that these two clients can connect and ping one another.

Questions

  • Why do you think you cannot change the channel of a virtual interface?
  • Do you think there are any negative effects of using multiple SSIDs or multiple security protocols on one radio in this manner?