Troubleshooting Wireless Flashcards

1
Q

WiFi Tools

A

1) Spectrum Analysis (L1)
2) Wi-Fi Scanning (L2)
3) Packet Analysis (L3)
4) Cisco AireOS CLI and GUI Monitoring & Configuration Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Spectrum Analysis Tools

A
  • cable testers of WiFi
  • analyze all RF energy and allow you to detect, locate, and mitigate sources of WiFi interference
  • MetaGeek Chanalyzer, Ekahau Site Survey, Cisco CleanAir, Cisco Spectrum Expert, and Cisco Meraki RF Spectrum
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

WiFi Scanning Tools

A
  • reports WiFi traffic you can see, like beacons, mgmt traffic, and WiFi network names
  • Tool examples include MetaGeek inSSIDer, Wi-Fi Analyzer, and Apple AirPort Utility.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Packet Analysis Tools

A
  • Packet analysis tool capture wireless traffic at the packet level (all frame types) between APs and clients
  • Tool examples include MetaGeek EyeP.A., Wireshark, OmniPeek, and AirMagnet.
  • These tools typically require specialized wireless adapters that will work in promiscuous mode (analyzes all traffic, not just traffic sent to it).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MetaGeek Chanalyzer

A
  • can be used with its own RF spectrum adaptor (Wi-Spy) or by connecting it to a Cisco AP in spectrum expert mode (additional license from MetaGeek)
  • Chanalyzer measures RF signals in the 2.4- and 5-GHz spectrum. It can detect cochannel and overlapping channels in the RF spectrum. It can also show and identify the interferers (non-WiFi) in the RF space. Chanalyzer is Windows-based.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Ekahau Site Survey (ESS)

A
  • designed to function as a network planning tool, to perform pre- and post-site surveys, perform analysis and report on existing Wi-Fi networks, and support troubleshooting of Wi-Fi networks. Regarding troubleshooting, ESS can perform passive and active Wi-Fi tests; identify coverage issues, interference problems, Wi-Fi equipment failures, misconfigured devices, and roaming problems.
  • ESS can also provide capacity and application troubleshooting. For example, you may receive a trouble ticket that says the Wi-Fi network is dropping VoIP calls in a particular area. The Ekahau Site Survey tool can help analyze the signal strength and SNR, noise and interference, roaming, RTT and packet loss, and spectrum power and channel utilization in the area where the problems are reported to assist you in resolving the problem.
  • Coverage holes
  • Excessive interference (CCI/ACI/other)
  • Insufficient Wi-Fi capacity
  • Excessive VoIP traffic or AP overload
  • Misconfiguration with 802.11ac and 802.11n
  • Suboptimal channel assignments
  • Missing security settings
  • Excessive number of stations per AP
  • Excessive load on a given channel
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cisco CleanAir

A
  • Clean Air can be enabled from the Cisco Wireless LAN Controller (WLC) so that the AP can scan the RF. CleanAir cannot only identify RF interference, it can also indicate which APs have reported the interference to better locate it. CleanAir also has reports to indicate the severity to each channel, based on the interference device.
  • The configurable CleanAir settings on the Cisco WLC consist of globally enabling (or disabling) the CleanAir functionality, determining whether interferers will be reported, determining whether persistent devices will be tracked and reported, and choosing which types of classified interferers will generate an SNMP trap upon detection.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cisco Spectrum Expert GUI

A
  • Cisco Spectrum Expert can help you identify potential interferers. You can use a laptop with a sensor card installed with either an internal or external antenna, or you can connect to a remote sensor. The remote sensor is an AP that has been configured to operate in SE-Connect mode.
  • Spectrum Views: These views provide plots and charts that offer a direct view into the RF spectrum, including measurements of RF power and network device activity.
Active Devices: This view shows all currently active devices in the network neighborhood, including network devices and interferers.

Devices: This view provides detailed information on current and historical device activity.

Channel Summary: This view provides a statistical overview of RF activity (such as power levels and number of interferers present) on a per-channel basis. This view gives you an instant picture of the channels that are subject to excess interference, and the channels that have the best potential for trouble-free network activity.

Device Finder: In Device Finder mode, Cisco Spectrum Expert Software is an RF "sniffer" that is optimized for displaying RF power data in a way that quickly enables the network engineer to track down interfering devices.

Tools: These tools support the configuration of Cisco Spectrum Expert Software.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cisco Meraki RF Spectrum

A
  • The Cisco Meraki MR Series Cloud Managed Access Points have a dedicated radio for analyzing the RF spectrum. From the Cisco Meraki dashboard, the 2.4- and 5-GHz spectrum can be analyzed. Continuous monitoring also occurs in the background. This information is used to automatically optimize the radio network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MetaGeek inSSIDer (Windows, macOS)

A

The MetaGeek inSSIDer is a third-party Wi-Fi network optimization and troubleshooting tool. It is typically used in smaller networks but provides robust capabilities to allow the administrator to quickly identify, locate, and troubleshoot network issues.

The application helps you identify what is being used in the WLAN by displaying Service Set Identifiers (SSIDs), MAC addresses, channels, data rates, and security. It helps to avoid interference, avoid channel conflicts, manage multiple APs, and select the best channel for a given area in the network.

inSSIDer can provide the level of interference for a specific channel. It can show a physical view of each AP or a logical view that shows what APs support a specific SSID. To help resolve issues, inSSIDer can show you which channels will provide the best performance in a specific area to get away from congestion and cochannel interference.

It works in both the 2.4- and 5-GHz spectrums. Information that is captured by inSSIDer can be uploaded to MetaGeek Chanalyzer for further analysis.

inSSIDer is available free in restricted form or can be purchased for more comprehensive features. It is available across Windows and macOS platforms.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Wi-Fi Analyzer (Android)

A

Wi-Fi Analyzer is a third-party smart phone or tablet WLAN scanning tool. It is one of the original free Wi-Fi analyzer apps for Android and it offers some basic information about the area that the 802.11 radios of your phone can see.

It can view SSIDs (name and MAC), channel overlap, security, and signal strength. Information can be in a grid view or graph view.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Apple AirPort Utility scanner (iOS)

A

The built-in scanning feature in the Apple AirPort Utility is another example of a smart phone or tablet scanning tool. This tool is part of the WLAN management utility with the operating system.

When activated, the Apple AirPort Utility scanner will display SSID (name and MAC), Received Signal Strength Indicator (RSSI), channel, and the last time the SSID was seen. Results can be exported in CSV format.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

MetaGeek Eye P.A.

A

MetaGeek Eye P.A. is a Windows-based tool that captures wireless packets using a specialized wireless adapter, AirPcap Nx. It is able to capture packets in both bands (2.4 and 5 GHz). MetaGeek Eye P.A. reports on which devices are transmitting the most, and it displays frames (control, management, and data) by type and usage. Eye P.A. also supports packet captures from other vendors, like Wireshark and OmniPeek.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Wireshark

A

This packet analyzer is open-source software. It can capture wired packets from a network adapter in promiscuous mode. The AirPcap Nx wireless adapter is required for wireless captures. Wireshark lets you filter and analyze traffic by protocol. It runs on Windows, Linux, macOS, Solaris, FreeBSD, and NetBSD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ways to Obtain Packet Captures

A

1) spanning a port on a switch with SPAN, RSPAN, or ERSPAN
2) using the wireless sniffer mode of an AP to obtain a wireless trace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cisco Wireless Config Analyzer Express

A
  • As a cloud-based tool, users access the URL, https://cway.cisco.com/tools/WirelessAnalyzer/, and enter the output of commands such as “show run-config,” “show tech,” “show log” for AireOS, and “show tech wireless” for 9800 IOS XE
  • The tool also provides other information that includes:AP Data Summarization: A list of AP HW types and operational modes in use.RF Stats: Quick data summarization for main RF stats to determine what is happening at Wireless LAN Controller, or AP group/Flex group levels.RF Health: Simplified RF analysis tool that translates RF statistics into a simple health report.Log File Summarization: A short list all log messages, providing counts and initial/end times.
17
Q

Common Wireless Connectivity Issues

A
  • Client to AP connectivity:
    • Antennas and RF Interference:
    • AP Power (PoE)
    • Client Association with AP
  • WLAN Configuration
    • Network-Side Issues
    • Client-Side Issues
  • Infrastructure Configuration:
    • VLAN/Trunk Configuration
    • AP Association with Wireless LAN Controller
    • Time Synchronization
    • RF Groups and Mobility Groups
    • Wireless LAN Controller Security Settings
18
Q

Antenna Guidelines

A
  • Use the maximum number that is supported.
  • Use the same type of antennas on an AP.
  • Position all of them in the same orientation.
  • APs with internal antennas are mounted horizontally.
  • Antenna spacing is always a compromise on effects.
  • Target for positioning antennas about 1/2 to one wavelength apart. For 2.4-GHz half-wavelength, use ~ 6.35 cm; for 5.2-GHz half-wavelength, use ~ 2.8 cm.
19
Q

Reasons for Interference

A

1) Cochannel interference: When AP coverage areas overlap and are configured in the same channel or channels with overlapping frequencies, connectivity issues can occur for clients in the overlapping coverage area. To avoid this issue, you can change the channel number to a nonoverlapping channel or move the access point farther away so coverage areas do not overlap. For example, in 802.11b/g/n, network channels 1, 6, and 11 are nonoverlapping channels.
2) Adjacent channel interference: Interference occurs when access points are placed too close to each other or use high-output power levels, even when the access points are configured on the nonoverlapping channels. Decrease the power of the access point to fix this issue.

20
Q

AP Power Specifications

A
  • 802.3af:
    • Delivers power up to 15.4 W, but may be 12.95 W after cable loss (long cable run)
    • Verify that AP power requirements can be met (based on antennas and optional external modules)
  • 802.3at:
    • Delivers power up to 30 W
    • Required if AP needs more than 12.95 W of power
21
Q

Client Reason Codes

A

no reason code (0): indicates normal operation

unspecified reason (1): indicates that the client associated but is no longer authorized

previousAuthNotValid (2): indicates that the client associated but was not authorized

deauthenticationLeaving (3): indicates that the AP went offline, deauthenticating the client

disassociationDueToInactivity (4): indicates that the client session was timeout exceeded

disassociationAPBusy (5): indicates that the AP is busy, for example, performing load balancing

class2FrameFromNonAuthStation (6): indicates that the client attempted to transfer data before it was authenticated

class2FrameFromNonAssStation (7): indicates that the client attempted to transfer data before it was associated

disassociationStaHasLeft (8): indicates that the operating system moved the client to another AP using nonaggressive load balancing

staReqAssociationWithoutAuth (9): indicates that the client is not authorized yet and is still attempting to associate with the AP

missingReasonCode (99): indicates that the client is momentarily in an unknown state
22
Q

Client Status Codes

A

idle (0): indicates normal operation; no rejections of client association requests

aaaPending (1): indicates that a AAA transaction completed

authenticated (2): indicates that 802.11 authentication completed

associated (3): indicates that 802.11 association completed

powersave (4): indicates that the client is in power-save mode

disassociated (5): indicates that the 802.11 disassociation completed

tobedeleted (6): indicates that the client should be deleted after disassociation

probing (7): indicates that the client is not associated or authorized yet

disabled (8): indicates that the operating system automatically disabled the client for an operator-defined time