7.3 Troubleshoot Wireless Issue Flashcards
Causes of Wireless Issues
If the wireless client is unable to connect to the AP, it may be because of wireless connectivity problems. Wireless communications rely on radio frequency (RF) signals to carry data. Many factors can affect our ability to connect hosts using RF:
Not all wireless standards are compatible.
Each wireless conversation must occur on a separate, non-overlapping channel. Some AP devices can be configured to select the least congested or highest throughput channel. Although automatic settings work, manual setting of the AP channel provides greater control and may be necessary in some environments.
The strength of an RF signal decreases with distance. If the signal strength is too low, devices will be unable to reliably associate and move data. The signal may be dropped. The NIC client utility can be used to display the signal strength and connection quality.
RF signals are susceptible to interference from outside sources, including other devices functioning on the same frequency. A site survey should be used to detect for this.
APs share the available bandwidth between devices. As more devices associate with the AP, the bandwidth for each individual device will decrease causing network performance problems. The solution is to reduce the number of wireless clients using each channel.
Authentication and Association Errors
The SSID is a case-sensitive, alphanumeric string that is up to 32-characters. It must match on both the AP and client. If the SSID is broadcast and detected, this is not an issue. If the SSID is not broadcast, it must be manually entered onto the client. If the client is configured with the wrong SSID, it will not associate with the AP. Additionally, if another AP is present that has broadcasted the SSID, the client may automatically associate to it.
On most APs, open authentication is configured by default, allowing all devices to connect. If a more secure form of authentication is configured, a key is necessary. Both the client and the AP must be configured with the same key. If the keys do not match, authentication will fail, and the devices will not associate.
Encryption is the process of altering the data so that it is not usable by anyone without the proper encryption key. If encryption is enabled, the same encryption key must be configured on both the AP and the client. If the client associates with the AP but cannot send or receive data, the encryption key may be the issue.
DHCP Server Configuration Errors
If the physical connection to the wired or wireless host appears to be connecting as expected but the host cannot communicate on remote networks or the internet, then check the IP configuration of the client.
The IP configuration can have a major impact on the ability for a host to connect to the network. A wireless router acts as a DHCP server for local wired and wireless clients and provides IP configuration, including the IP address, subnet mask, default gateway, and commonly the IP addresses of DNS servers. The DHCP server binds the IP address to a client MAC address and stores that information in a client table. It is usually possible to view this table using the configuration GUI included with the router.
The client table information should match the local host information, which you can see using the ipconfig /all command. Additionally, the IP address on the client must be on the same network as the LAN interface of the wireless router. The LAN interface of the wireless router should be set as the default gateway. If the client configuration information does not agree with information in the client table, the address should be released (ipconfig /release) and renewed (ipconfig /renew) to form a new binding.
In most cases, the wireless router receives its own IP address through DHCP from the ISP. Check to make sure that the router has an IP address, and attempt to release and renew the address using the GUI utility.
Check Internet Configuration
If hosts on the wired and wireless local network can connect to the wireless router and with other hosts on the local network, but not to the internet, the problem may be in the connection between the router and the ISP.
There are many ways to verify connectivity between the router and the ISP. Using the GUI, one way to check connectivity is to examine the router status page.
If this page shows no connection, the wireless router may not be connected. Check all physical connections and LED indicators. If the DSL or cable modem is a separate device, check those connections and indicators as well. If the ISP requires a login name or password, check that they are configured to match those given by the ISP. Using the GUI, password configurations can normally be located on the Setup configuration page. Next, try to re-establish connectivity by clicking the Connect, or IP address renew, button on the status page. If the wireless router will still not connect, contact the ISP to see if the issue is occurring from their end.
Check Firewall Settings
If Layers 1 through 3 all appear to be operating normally and you can successfully ping the IP address of the remote server, it is time to check the higher layers.
If all clients are obtaining the correct IP configuration, and can connect to the wireless router but are unable to ping each other or cannot access a remote server or application, the problem may be with rules on the router. Check all settings on the router to ensure no security restrictions could be causing the issue. Verify that the local firewalls on the client devices are not preventing network functionality.
The figure is a topology. A secure host is next to a host-based firewall which is connected to a secure switch. The secure switch is connected to a secure server which also has a host-based firewall. The secure switch is also connected to a secure router.
Divide and Conquer with ping
Connectivity problems occur on wireless networks, wired networks, and networks that use both. When troubleshooting a network with both wired and wireless connections, it is often best to troubleshoot using a divide-and-conquer technique to isolate the problem to either the wired or the wireless network. The easiest way to determine if the problem is with the wired or the wireless network is to do the following:
Ping from a wireless client to the default gateway. This verifies if the wireless client is connecting as expected.
Ping from a wired client to the default gateway. This verifies if the wired client is connecting as expected.
Ping from the wireless client to a wired client. This verifies if the wireless router is functioning as expected.
After the problem is isolated, it can be corrected.
The tracert Command
The ping command can verify end-to-end connectivity. However, if a problem exists and the device cannot ping the destination, the ping command does not indicate where the connection was really dropped. To accomplish this, another command known as traceroute or tracert must be used. Microsoft Windows uses the tracert command, while other operating systems commonly use the command traceroute.
The tracert utility provides connectivity information about the path a packet takes to reach the destination and about every router (hop) along the way. It also indicates how long a packet takes to get from the source to each hop and back (round trip time). The tracert utility can help identify where a packet may have been lost or delayed due to bottlenecks or slowdowns in the network.
The basic tracert command will only allow up to 30 hops between a source and destination device before it assumes that the destination is unreachable. This number is adjustable by using the -h parameter.
The netstat Command
Sometimes it is necessary to know which active TCP connections are open and running on a networked host. The netstat command is an important network utility that can be used to verify those connections.
The netstat command lists the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection.
Unexplained TCP connections can pose a major security threat. This is because they can indicate that something or someone is connected to the local host. Additionally, unnecessary TCP connections can consume valuable system resources thus slowing down the performance of the host. Netstat should be used to examine the open connections on a host when performance appears to be compromised.
Many useful options are available for the netstat command.
The nslookup Command
When a network device is being configured, one or more DNS server addresses are provided that the DNS client can use for name resolution. Usually the ISP provides the addresses to use for the DNS servers. When a user application requests to connect to a remote device by name, the requesting DNS client queries the name server to resolve the name to a numeric address.
Computer operating systems also have a utility called nslookup that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.
