3. Configuring Wireless NIC Devices
Wireless technology has matured
to the point of becoming cost-effective and secure. The use of wireless
network adapters is increasingly popular, scaling well out of the home
and into the workplace. Windows 7 supports wireless autoconfiguration,
which makes wireless network connections easy to use. Windows 7 will
automatically discover the wireless networks available and connect your
machine to the preferred network. Although conveniently connected, there
are still considerations to take into account—namely, security.
3.1. Configuring Wireless Network Settings
If you have a wireless
network adapter compatible with Windows 7, it will be automatically
recognized by the operating system. This can be a built-in adapter such
as most modern laptops come with, a wireless card you install in the
machine, or even a wireless USB adapter. After it is installed, it is
recognized and shown in Device Manager as well as the Network and
Sharing Center within the View Your Active Networks section.
We used Device Manager in the
previous section for the network adapter configuration, so let's use the
Network and Sharing Center for the wireless network configuration. Figure 6
shows the Network and Sharing Center with two active networks, the
Wireless Network Connection and the wired Local Area Connection.
You can view the Network
and Sharing Center a few different ways. You can perform any of the
following steps to access the Network and Sharing Center:
Choose Start and type Network and Sharing Center in the integrated search box of Windows 7.
Choose Start => Control Panel => Network and Internet => Network And Sharing Center.
Choose Start, and then right-click Network and select Properties from the context menu.
3.2. Viewing the Wireless Network Connection Status
From the Network and
Sharing center, you have easy access to the Wireless Network Connection
Status. The Wireless Network Connection Status window gives you an
initial look at the status by providing the layer 3 connectivity status
(IPv4 and IPv6), media state, service set identifier (SSID) being used,
how long the connection has been active (Duration), the negotiated speed
of the connection, and the signal quality. The Wireless Network
Connection menu choice of the Network and Sharing Center and the
Wireless Network Connection Status window are shown in Figure 7.
The Details button of the
Wireless Network Connection Status window provides, as you probably
guessed, detailed information including the actual physical address
(layer 2), logical address (layer 3), dynamic addressing parameters
(DHCP), name resolution items, and more. After verifying physical layer
parameters, this area of properties and status is a great place to
verify or troubleshoot logical (driver/software) issues.
3.3. Viewing Wireless Network Connection Details
If you have a wireless adapter in your machine, perform Exercise 1 to view the Network Connection Details for your Wireless Network Connection.
Choose Start and type Network and Sharing Center in the Windows 7 integrated search window; press Enter. Select the Wireless Network Connection menu item from the View Your Active Networks section. Click the Details button. Review the Network Connection Details for this connection.
|
The Wireless Network
Connection Status window has an Activity section showing real-time
traffic (in bytes) being sent from and received by the wireless network.
From the Wireless Network Connection Status window, you also have
access to the Wireless Network Connection Properties, which includes
access to the wireless adapter configuration pages.
You access the properties
page by clicking the Properties button in the Activity section (not the
Wireless Properties button in the Connection section; you can identify
these buttons as shown previously in Figure 7). The Wireless Network Connection Properties window is shown in Figure 8.
The Wireless Network
Connection Properties page has a Networking tab that shows which network
adapter is being used for this connection (which you can change if you
have more than one available). There is also a tab for configuring
Internet Connection Sharing (ICS), which allows other users on your
network to access resources through this machine's connection. The This
Connection Uses The Following Items section displays the various
clients, services, and protocols that are currently available for this
connection.
You can install or uninstall
network clients, network services, and network protocols by choosing the
appropriate button. You can also view the client, service, or protocol
properties if they are available by choosing the Properties button for
the selected item (if the Properties button is gray, a properties page
is not available for the item). From the Wireless Network Connection
Properties window, you even have access to the network adapters'
hardware configuration property pages. These are the same pages you have
access to from Device Manager.
Perform Exercise 2 to access the network adapter properties from the Wireless Network Connection Properties page.
Choose Start and type Network and Sharing Center in the Windows 7 integrated search window; press Enter. Select the Wireless Network Connection menu item from the View Your Active Networks section. Click the Properties button from the Activity section. Click the Configure button. View the various tabs regarding the network adapter properties. Choose Cancel to return to the Wireless Network Connection Status window.
|
3.4. Configuring Wireless Network Security
Wireless network security
is a very large piece of setting up our wireless networks. The focal
point for this is the wireless access point or wireless router to which
we connect.
|
We should point out here that
you might not always be connecting to an access point or router; these
connections are considered infrastructure mode connections. An
infrastructure mode connection is similar to our wired connection of a PC
to an outlet. Instead, you might connect in an ad hoc fashion, which
could be a computer-to-computer connection to share information with
other wireless network devices without another wireless device acting as
an intermediary.
Ad hoc connections exist in our
wired environment as well, as we would connect two PCs' NICs together by
using an Ethernet crossover cable. Securing data transfer in an ad hoc
setup is equally important as it is in infrastructure mode, as the data
is still traversing between devices using radio frequency (RF), and
network sniffers today running the wireless adapter promiscuously (in
monitor mode) have no problem viewing the data stream. If the data
stream is not encrypted, the sniffers will have access to it.
|
Whether you are using a small
wireless network or a large wireless infrastructure, you should have a
plan for secure communication and should configure wireless network
security. There are several basic parameters you can configure on your
network access devices to increase the security of a wireless network:
Disable broadcast of
the SSID, which is the name of the wireless network. When SSID broadcast
is disabled, the wireless network cannot be detected automatically
until you manually configure your wireless network card to connect to
that SSID.
Create a
Media Access Control (MAC) address filter list so only specifically
allowed wireless devices can connect to the wireless network, or require
users attempting to connect to supply connection credentials.
Enable encryption such as Wi-Fi Protected Access (WPA) or WPA2.
For large
implementations, there are several vendors supplying wireless access
points under the control of a wireless director, soft ware-based
controllers that are responsible for allowing access points on the
network, providing user access control, and enforcing encryption
policies. For smaller implementations, this control functionality is
done manually as the wireless routers or access points are set up.
The security policies
put in place are configured on the wireless access device and the
wireless client. The Windows 7 client components in our case must be set
up to match the security settings of the wireless network access
devices.
During the setup of most
wireless access devices provided by the hardware vendor, the
administrator will configure the security parameters. Configuring can be
done during the setup program and/or through a web browser that can
access the wireless access device configuration pages.
Most of our current
devices have a built-in web server to allow the HTTP connection from a
web browser, Windows 7 also has the ability to configure the wireless
access device if the hardware vendor makes it available. If there is no
specific component written, you can launch the web-browser-based
configuration from a convenient location—the Network and Sharing Center.
In Exercise 3, you will perform the following steps to see how to initiate a Windows 7 wireless access point configuration.
Choose Start and type Network and Sharing Center in the Windows 7 integrated search window; press Enter Choose the Set Up A New Connection Or Network option. Choose Set Up A New Network to configure a new router or access point and then click Next.
Select the wireless access device you want to configure from the Set Up A Network window and click Next.
Depending
on your device, you might be asked to enter a PIN or other identifying
parameter to access the device. Enter the PIN and click Next. On
the next screen, you will be able to configure the security settings
dictated by the wireless security policy to be implemented. The settings
defined here need to be configured for each client machine connecting
to the wireless network. After making the setting choices, click Next.
The
configuration of the wireless network device completes, and you are
given a confirmation window. Click Finish to close the window.
|
Whether you have Windows 7
configure the wireless network connection or you have performed the
setup through the manufacturer's process, you still need to configure
your Windows 7 client access.
If you have performed the
simplest configuration, and there are no security parameters configured
(bad idea, by the way), Windows 7 will connect automatically with a
quick window showing the wireless network it's connecting to and
providing access without much user intervention. Even cancelling the
screens will produce a successful (nonsecure) connection. This simple
configuration process makes connecting a home or small network easy and
straightforward for nontechnical users. However, this is not a good
solution.
If you have configured wireless
network security (a good idea, by the way), then you need to configure
the Windows 7 client with the correct settings. Once again, the
configuration screens are available from a convenient location known as
the Network and Sharing Center.
In Exercise 4, you will perform the following steps to access the Windows 7 client wireless network properties.
Choose Start and type Network and Sharing Center in the Windows 7 integrated search window; press Enter. Choose the Wireless Network Connection item within the View Your Active Networks section of the Network and Sharing Center. Click the Wireless Properties button within the Connection area of the Wireless Network Connection Status window.
The Wireless Network Properties tabbed dialog box opens, displaying the current setup for the wireless network.
|
Figure 9
shows the Connection tab of the Wireless Network Properties tabbed
dialog box. From this dialog box, you have the ability to set or change
the Windows 7 client configuration.
The first tab of the
Wireless Network Properties tabbed dialog box is the Connection tab,
which displays the following information:
Name The name assigned to the wireless network.
SSID
The service set identifier (SSID) of the wireless connection. This
defines a friendly name for the wireless network. This is normally an
ASCII string and is usually broadcast by default, allowing a machine or
users to select a wireless network with which to connect. Some wireless
access devices will allow more than one SSID to be available (broadcast)
at the same time, creating more than one wireless network within the
same device.
Network Type
Displays the mode the wireless network is operating in. If the wireless
network is in infrastructure mode, this parameter will be Access Point.
If the wireless network is ad hoc, this will display
Computer-To-Computer.
Network Availability Displays to whom the wireless network is available—All Users or Me Only, for example.
The Connection tab of the Wireless Network Properties tabbed dialog box provides the following types of configuration:
Connect Automatically When
This Network Is In Range This option, when selected, allows automatic
connection for this wireless network. Deselecting (clearing the check
mark) requires the user to select this wireless network for connection.
Connect To A More Preferred Network If Available
Windows 7 will attempt to connect to a preferred network (if the
Connect Automatically choice is selected). If there is more than one
preferred network, Windows 7 might switch back and forth if they are
both available at the same time. Clearing this check mark allows the
currently connected network to stay connected until it is no longer
available, possibly preventing the dropping of data or even dropped
connections.
Connect Even If The Network Is Not Broadcasting Its Name (SSID)
If the wireless network you are attempting to connect to is not
broadcasting its SSID, you must select this option to allow Windows 7 to
automatically connect.
There is one more option on
the Connection tab of the Wireless Network Properties tab; it is the
link to Copy This Network Profile To A USB Flash Drive. Selecting this
link launches the Copy Network Settings Wizard, as shown in Figure 10.
After inserting a USB flash
drive, the currently configured wireless network configuration is saved
in the form of a setupSNK.exe program and a folder named SMRTNTKY with
the configuration parameters. Caution should be exercised to protect
this information because all the configuration parameters (including
security keys) are stored in clear text.
After the files and folder
are created and saved, you are presented with a confirmation screen with
simple instructions and a link for the detailed information about
wireless network configuration. The confirmation page is shown in Figure 11.
The second tab on the
Wireless Network Properties tabbed dialog box is the Security tab. This
tab allows the configuration of the security parameters as defined in
your security policy and configured on your wireless network access
devices.
Figure 12
shows the Security tab, the Security Type drop-down box selecting the
WPA2-Personal Security choice, and the Encryption Type selecting AES
(Advanced Encryption Scheme). You can also see the Network security key
as clear text because the Show Characters check box is selected.
NOTE
When it comes to WPA,
there are two versions: WPA2-Personal and WPA2-Enterprise. WPA2-Personal
allows you to set up WPA2 by using a shared password key.
WPA2-Enterprise allows you to set up WPA2 by using a server for
verification.
3.5. Troubleshooting Wireless Connectivity
There are a few
common issues with wireless networking you can look at if you're having
problems connecting to your wireless network. Following are a few
problems and solutions:
Ensure that your wireless card and the access devices are compatible.
Cards that are compatible with the 802.11b standard can connect to only
802.11b or 802.llb/g access devices configured to accept b. Cards using
802.1 la can connect to only 802.Ua or 802.1 la/b/g access devices
configured to accept a. An 802.1 In card needs to connect to an 802.1 In
access device for efficiency (although most will auto-negotiate to the
best spec available). The specification you're using on the card has to
be available and turned on in the wireless access device.
Ensure that your wireless network card is enabled.
Here's a good one I see regularly; Many newer laptops and tablets have
either a switch or a hot-key setting that enables and disables the
wireless device. Often a laptop switch will somehow be turned off, or
some user will somehow arbitrarily press the key sequence to shut off
the PC's wireless radio. The physical layer always seems to be a good
place to start looking.
Ensure that the access point signal is available.
I find radio frequency (RF) to be a funny thing. You can't see it and
you assume that it is everywhere. Not a good assumption. The output
power of the signal might be fine, but the RF power is absorbed (okay,
we say attenuated)
as it goes through walls, insulation, or water (which is the main
component of leaves). You need to make sure there is nothing that might
be causing interference of the wireless signal.
Ensure that the security parameters are configured alike.
The SSID, encryption type, encryption algorithm, and
passphrase/security key have to be set the same on both the wireless
access device and the wireless client. Here's another one I see quite
often: In the desire to make the initial setup and the secure setup
easier for end users, some hardware vendors have a nice little button
that allows the network access device to negotiate a secure set of
parameters with the client. In one instance, after the wireless network
had been working correctly for a while, a failure showed the parameters
to now be incompatible, thanks in large part to someone pressing the
easy button just before the failure.
Ensure automatic connections if the SSID is not being broadcast.
If you are having trouble connecting to a network that does not
broadcast its SSID, select the Connect Even If The Network Is Not
Broadcasting check box in the Wireless Network Properties dialog box. I
have solved several wireless network connection issues with this fix.
One final thought on
troubleshooting in the wireless world: Many times when I go into a
small or midsized network, I find that the company (or home user) is
connected to a multifunction type of device. These little pieces of
plastic we purchase (and call wireless routers)
are really quite technologically sophisticated. Think of one of these
wireless routers; they have switch ports for connecting hard-wired
devices on the private network as well as an Internet port to connect to
the outside world. The wireless portion of the device is more like
another switch port on the private side than anything else, allowing the
wireless devices to interact with the hard-wires.
When I troubleshoot
and eliminate issues, I start with the hard-wired devices, and see
whether they can communicate to each other and the outside (the other
side of your wireless router). Try to communicate between the hard-wired
and wireless as well, to eliminate the router components. Oh yeah, it's
also not the best idea to use the wireless network to configure the
wireless devices. Configuring through the wireless interface will
ultimately cause you to lose connectivity in the middle of a
configuration and may force you to connect with the cable, leaving the
access point unusable until you complete the task you started
wirelessly.
Another item that we need to
configure before we can connect a Windows 7 machine to the domain is the
protocol that will allow the Windows 7 machine to communicate with
other machines.
