Cisco Linksys Adapter Driver
Original title: Cisco-Linksys Wireless-N PCI Adapter with Dual-Band (WMP600N) I recently purchased a new computer with Windows 8 installed. I also purchased a Lynksis PCI Wireless card (WMP600N) and was told that it was wholly compatible with Windows 8. Not the case though; Windows will not recognize it and I can find no drivers for the update. Mar 31, 2015. Go to the Linksys support website (over a wired Internet connection, or from another computer), if the adapter does not appear as an available option, to download the driver for your adapter. Install the driver and restart your Macintosh, then return to Step 2.
You should receive a ZIP file from TAC – such as “ORADistDefault7.0.zip” (the filename may change with different release versions). Unzip this file to some folder - to run ORA, simply launch OmniPeekRemoteAssistant.exe from that folder. Supported Wireless Adapters and Drivers Capturing Wireless Packets with ORA requires the use of supported Wireless Network Adapters along with the appropriate driver version. To view a complete list of supported adapters and drivers, please see:- In most cases, the Ralink USB adapters will be the easiest to install - and, because you can install multiple USB adapters on a single laptop - they are the best way to get a multichannel capture. The following Ralink adapters have been tested by Cisco TAC: Linksys WUSB600N (V1 and V2), Linksys AE1000, ALFA AWUS051NH Driver Installation for Linksys USB600N with Windows XP.
Insert the Linksys USB600N adapter. If this is the first time using the adapter on the workstation, Windows will start the New Hardware Wizard. Do not search for a driver automatically and click Next. Skip to step 3. If you have previously installed the Linksys USB600N on your workstation, you will need to change the driver to the Omnipeek version.
Go to Start Control Panel Network Connections and Right Click on the Linksys adapter and click Properties. In this example, the interface is “Wireless Network Connection 3”. Under the General Tab, Click the “Configure” button, and then click on the Driver Tab Update Driver. This will prompt the Hardware Update Wizard.
The colorized bullet on the left shows the highest expert info level found in the currently loaded capture file. Hovering the mouse over this icon will show a textual description of the expert info level, and clicking the icon will bring up the Expert Infos dialog box. The left side shows information about the capture file, its name, its size and the elapsed time while it was being captured. The middle part shows the current number of packets in the capture file. The following values are displayed:. Packets: the number of captured packets.
Displayed: the number of packets currently being displayed. Marked: the number of marked packets. Dropped: the number of dropped packets (only displayed if Wireshark was unable to capture all packets). Ignored: the number of ignored packets (only displayed if packets are ignored). The right side shows the selected configuration profile. Clicking in this part of the statusbar will bring up a menu with all available configuration profiles, and selecting from this list will change the configuration profile.
Using Capture filters Click on “CAPTURE”, “INTERFACES” options and choose the Network adapter from drop down menu which will be used to capture running packets in the network on the PC. Click on the “CAPTURE FILTERS” and enter the filter name and Filter string or directly input the filter string you know in the box. Then hit button. Now the wire shark sniffer program captures packets which are of interest to you only among the huge flow of real time packets of all types of protocols. Display Filter Once you have the captured file loaded you now set up filters to display packets you are interested in looking or avoid seeing packets not interested.
This can be done by using simple filter expression or a combination of expression using logical operators to form a complex filer string. Click on “ANALYZE” Select “DISPLAY FILTER”. In the example below we are creating a filer to filter out the only the BEACON packets from a 802.11 wireless packet capture trace as seen below In the yellow highlighter. Similar to the display filter we can find a particular packet by applying filter after clicking “Find packet” Find FILTER button and entering the filter value in the filter box, if you don't know the string then you can dig further by clicking filter and hit NEW button and naming the filter strings and applying or typing the filter string with in the box. If you don't know the specific filter spring you can form it by choosing the EXPRESSION button which has various protocol option. Select the one you are looking, expand and you will get more options to select from.
You will also have a Logical operator box to choose from to use to match to input the value you want to put and apply completing the filter. You can build display filters that compare values using a number of different comparison operators. Using Coloring filter rule A very useful mechanism available in Wireshark is packet colorization.
You can set-up Wireshark so that it will colorize packets according to a filter. This allows you to emphasize the packets you are (usually) interested in You can set-up Wireshark so that it will colorize packets according to a filter you choose to create. This allows you to emphasize the packets you are (usually) interested in. In the example below the packets are colorized for Beacons, Acknowledgement, probe Response, Deauthentication based on the filters mentioned below. Click on 'View' Select 'Coloring rules' or use 'Edit coloring rules' from the main tool bar. This opens the coloring rules and we can add a new coloring filter using 'New' or the 'Edit'. Select the packet or edit the filter string and assign or adjust the color desired.
In the Edit Color dialog box, simply enter a name for the color filter, and enter a filter string in the Filter text field., “The 'Edit Color Filter' dialog box” shows the values beacon and wlan.fc.typesubtype 8 which means that the name of the color filter is Beacon and the filter will select protocols of type wlan.fc.typesubtype 8 which is the beacon filter string. Once you have entered these values, you can choose a foreground and background color for packets that match the filter expression. Click on Foreground color.
Or Background color. To achieve this. A very useful feature is to export or form the coloring filter and save it by exporting the filter to a file “ tac80211color” as seen below this can be imported, you can create multiple coloring rule files in your troubleshooting folder and use it as a template to your convenience every time you troubleshoot. You can think innovatively and tailor make coloring filter template files such as routing, wlan, switching etc. Color filters files and just import them depending on the problem you are troubleshooting very easily. There is a good coloring rules download which you may download and use at This is how the final look of the wireshark packets window looks like after color filter file “ tac80211color” is imported and applied.
802.11 Sniffer Capture Analysis - Management Frames and Open Auth Introduction 802.11 Sniffer Capture Analysis - Management Frames and Open Auth 802.11 – Frames and open authentication Trying to analyze or troubleshoot a wireless LAN, network using 802.11 packet analyzer will require us to have a thorough understanding of different 802.11 frame types as a basis for finding pointers to localize the causes of the problem area in a wlan network. Taking wlan sniffer traces using tools like omnipeek and or wireshark one can monitor the communications between radio network interface cards (NICs) and access points. We will need to comprehend each frame type occurring in the operation of a wireless LAN and solving network problems.
In a wlan RF environment the radio transmission conditions can change so dynamically, coordination becomes a large issue in WLANs. Management and control packets are dedicated to these coordination functions. To find cause of the wlan problems occurring in the wlan network relating to RF environment it would be best to test the wlan network using open authentication without any security. By taking this approach the RF connectivity issues surface and can be corrected before we can move to stronger encryption and higher layers of the OSI layer. Authentication in the 802.11 specification is based on authenticating a wireless station or device instead of authenticating a user. As per the 802.11 specification client authentication process consists of the following transactions as mentioned below.
The Access points continuously sends out Beacon Frames which are picked up by the nearby wlan clients. Association request frame: 802.11 associations enable the access point to allocate resources for and synchronize with a radio NIC. A NIC begins the association process by sending an association request to an access point.
This frame carries information about the NIC (e.g., supported data rates) and the SSID of the network it wishes to associate with. After receiving the association request, the access point considers associating with the NIC, and (if accepted) reserves memory space and establishes an association ID for the NIC. Packets can show the current association of the sender. Association and Reassociation are handled by request/response management packets. Wlan.fc.typesubtype 0x0.
Association response frame: An access point sends an association response frame containing an acceptance or rejection notice to the radio NIC requesting association and will include the Association ID of the requester. If the access point accepts the radio NIC, the frame includes information regarding the association, such as association ID and supported data rates. If the outcome of the association is positive, the radio NIC can utilize the access point to communicate with other NICs on the network and systems on the distribution (i.e., Ethernet) side of the access point. Wlan.fc.typesubtype 0x01. Reassociation request frame: This frame is similar to a association request but has a different purpose and is mainly useful in client roaming where in If a radio NIC roams away from the currently associated access point and finds another access point having a stronger beacon signal, the radio NIC will send a reassociation frame to the new access point.
The new access point then coordinates the forwarding of data frames that may still be in the buffer of the previous access point waiting for transmission to the radio NIC. The sender must already be authenticated in order to gain a successful association. Wlan.fc.typesubtype 0x02. Disassociation frame: A station sends a disassociation frame to another station if it wishes to terminate the association. For example, a radio NIC that is shut down gracefully can send a disassociation frame to alert the access point that the NIC is powering off.
The access point can then relinquish memory allocations and remove the radio NIC from the association table. Disassociation is a simple declaration from either an access point or a device. The filter used to apply and find only the Disassociation packets is “wlan.fc.typesubtype 0x0a”. Beacon frame: The access point periodically sends a beacon frame to announce its presence and relay information, such as timestamp to help synchronize member stations with the BSS, SSID, and other parameters regarding the access point to radio NICs that are within range.
This purpose of this frame is to announce the beginning of a Contention Free period (CF), during which the right to transmit is conferred by the access point by polling. Radio NICs continually scan all 802.11 radio channels and listen to beacons as the basis for choosing which access point is having the best signal and availability to get associate with. The filter used to apply and find only the Beacon packets is “wlan.fc.typesubtype 0x08”. Probe request frame: A station or client becomes active or on a PC when the wlan card it enabled it becomes active sends a probe request frame when it needs to obtain information from another station or access point. For After a radio NIC sends out a probe request to determine which access points are within range.
The probe request frame is sent on every channel the client supports in an attempt to find all access points in range that match the SSID and client-requested data rates.Its upto the client to determine which access point to associate to by weighing various factors like supported data rates and access point load to select optimal access point thus moves to the authentication phase of 802.11 network after getting responses from Aps as probe response. This mechanism support also helps in roaming station the ability to move between cells while remaining connected in the search for new access point. The filter used to apply and find only the Probe request packets is “wlan.fc.typesubtype 0x04”.
Probe response frame: In response to the probe request, APS with matching criteria will respond with a probe response frame containing synchronization information and access point load and would contain capability information, supported data rates, etc. The filter used to apply and find only the Probe request packets is “wlan.fc.typesubtype 0x05” Control Frames 802.11 control frames assist in the delivery of data frames between stations. The following are common 802.11 control frame subtypes:. Request to Send (RTS) frame: The RTS/CTS function is optional and reduces frame collisions present when hidden stations have associations with the same access point. A station sends a RTS frame to another station as the first phase of a two-way handshake necessary before sending a data frame.
Wlan.fc.typesubtype 0x1B. Acknowledgement (ACK) frame: After receiving a data frame, the receiving station will utilize an error checking processes to detect the presence of errors. The receiving station will send an ACK frame to the sending station if no errors are found.
If the sending station doesn't receive an ACK after a period of time, the sending station will retransmit the frame. Wlan.fc.typesubtype 0x1D Data Frames These at the frames which come later in the game after the basic wlan communication is already established between the Mobile station and the Access point.
We will always reach to this 802.11 data frame for analysis typically to verify and analyze over the air if the protocols and data from higher layers within the frame body is getting through to the wire. These frames transport data packets from higher layers, such as web pages, printer control data, etc., within the body of the frame. Wlan.fc.typesubtype 0x20 On a packet analyzer we observe the contents of the frame body within 802.11 data frames for interesting traffic in question.
References. 802.11 Sniffer Capture Analysis - WPA/WPA2 with PSK or EAP WPA-PSK(TKIP) 1. Beacon frames are transmitted periodically to anonunce presence of wireless network and contain all information about it(data rates, channels, security ciphers, key management etc): 2. Probe request, is sent by STA to obtain information from AP: 3.
Probe response, AP responds with with a probe response frame, containing capability information, supported data rates, etc., when after it receives a probe request frame from STA: 4. 802.11 authentication is a process whereby the access point either accepts or rejects the identity of a radio NIC. The NIC begins the process by sending an authentication frame containing its identity to the access point. With open system authentication (the default), the radio NIC sends only one authentication frame, and the access point responds with an authentication frame as a response indicating acceptance (or rejection).: a. Dot11 authentication request: b. Dot11 authentication response: 5. 802.11 association enables the access point to allocate resources for and synchronize with a radio NIC.
A NIC begins the association process by sending an association request to an access point. This frame carries information about the NIC (e.g., supported data rates) and the SSID of the network it wishes to associate with. Dot11 association request: After receiving the association request, the access point considers associating with the NIC, and (if accepted) reserves memory space and establishes an association ID for the NIC.
Dott11 association response: 6. 4-way handshake, during this phase PTK is created, PSK is used as PMK to construct those values: a. AP sends 802.1x authentication frame with ANonce, STA now has all information to construct PTK: b. STA responds with 802.1x authentication frame with SNonce and MIC: c. AP constructs 802.1x frame with new MIC and GTK with sequence number, This sequence number will be used in the next multicast or broadcast frame, so that the receiving STA can perform basic replay detection: d. STA sends ACK: From that point all data is sent encrypted. WPA2-PSK(AES/TKIP) The process if fairly the same as in previous section, I’ll highlight only information that is different.
WPA2 AP management frame include RSN element that included unicast cipher suite, AKM information and GTK cipher suite (if both AES and TKIP are selected, then less stronger encryption method will be used for GTK). During 4-way handshake frames contain version information for WPA2 in “Type” fields. Note: you can decrypt WEP/WPA-PSK/WPA2-PSK encrypted wireless traffic if 4-way handshake key exchange frames are included in trace and PSK is known. In order to encrypt wireless traffic in wireshark open Preferences- Protocols-IEEE 802.11 and provide PSK information and select “Enable decryption option”.
To decrypt WPA/WPA2 encrypted traffic specify Key in format: “ wpa-psk:PSK:SSID ” Note: In order to filter out WLAN traffic from specific STA in wireshark you could use “WLAN Statistic” option. In order to filter traffic from specific STA go to “Statistics - WLAN Traffic”, from the list of SSIDs select corresponding SSID STA is associated with, and apply filter based on the STA. How to decrypt WPA2 AES data on Over the Air Packet Captures with Wireshark Requirements:. Capture to be on.pcap format.
Frames are to be presented in 802.11 format. Know the SSID name and PSK for the WLAN from which Over the Air Capture has been collected. Key: Capture the 4 EAPOL 4 way handshake. The most accurate process to do this is to start the capture and then de-authenticate the client in order to catch the process from zero, meaning that the 4 way EAPOL handshake will be included.
If frames are within another format, like PEEKREMOTE it will be required to decode them, please section above on how to Decode PEEKREMOTE frames. Process Once capture has been opened in Wireshark go to “Edit” – “Preferences” Menu.
Go to “Protocols” menu and look for “IEEE 802.11” From IEEE 802.11 section check the “Enable Decryption” check box and click on “Edit” button next to “Decryption Keys” label. Once in the “Edit” menu click on New button on the left side of the window. From the key type choose “wpa-psk”. In order to obtain the key it is important to know the exact name of SSID and PSK for which decrypt process is being conducted. Have these two values and go to the next website to generate the key based on these two elements. Type in the SSID name and the PSK on the specified fields, string being typed into the fields must be exact as define for SSID and for PSK. Once values have been defined, click on “Generate PSK”, this will generate the key, copy it and go back to Wireshark.
Paste the key that was generated into the “Key” field, click “OK”. Then click “Apply” at the “Preferences” screen”. Capture will begin to be decoded. Once decoded it will be possible to see contents of 802.11 packets that were previously ciphered. WPA/WPA2 Enterprise 1) WPA(TKIP)/WPA2(AES) with dot1x (PEAP) This process follows the same steps like previous except for the AKM method and deriving PTK/GTK and AP advertised attributes in 802.11 management frames. In this example AP advertises WPA(TKIP)/WPA2(AES) with dot1x authentication, both RSN and WPA tag attributes for AKM contain WPA value, whether in case of PSK authentication this field contains “PSK”. Also in this example TKIP is used for WPA and AES is used for WPA2 b.
STA selects one of authentication methods and cipher suites advertised by AP. In this case WPA2 with AES was selected, that can be seen in RSN IE parameters. After successful dot11 association dot1x authentication takes place, during this process we can see what EAP method is used by STA for authentication and certificate(s) exchange information between supplicant and AAA server.
After successful dot1x authentication PMK is trasmited to AP in “Access-Accept” message from AAA server and the same PMK is derived on the client, next 4-way handshake takes place and PTK and GTK establishment. Radius exchange between WLC and AAA server: General flow diagram: WPA(TKIP)/WPA2(AES) with dot1x (EAP-TLS) Difference for this type of authentication compared to the previous one is that client provides its certificate in “Client Hello” message and mutual authentication is performed between client and AAA server based on certificates. EAP exchange between STA and WLC: Radius exchange between WLC and AAA server: General flow diagram: 2) WPA(TKIP)/WPA2(AES) with dot1x (FAST) Only dot1x authentication stage is a bit different comparing to the previous example. After successful dot11 association dot1x authentication takes place, AP sends dot1x identity request to the STA and STA provides identity response, the response depends on what PAC provisioning is been in use (in-band PAC provisioning (phase 0) or out-of-band PAC provisioning).
In case of in-band provisioning PAC is sent to the client from AAA server, once client has PAC it goes to EAP-FAST phase1 from this point TLS tunnel establishment starts (phase 1) After TLS tunnel is established inner authentication method (phase 2) starts inside encrypted tunnel. On successful authentication PMK is send in “Access-Accept” message to AP from AAA server, the same key is derived based on dot1x exchange on STA. This key (PMK) is used to calculate PTK during 4-way handshake that will be used to secure communication between STA and AP. English tagalog dictionary pro apk free download. General flow diagram: 802.11 Sniffer Capture Analysis – Multicast.
Introduction Multicast Sniffing Solution The controller performs multicasting in two modes:. Unicast mode—In this mode, the controller unicasts every multicast packet to every AP associated to the controller. This mode is inefficient but might be required on networks that do not support multicasting. Multicast mode—In this mode, the controller sends multicast packets to an LWAPP multicast group. This method reduces overhead on the controller processor and shifts the work of packet replication to your network, which is much more efficient than the unicast method.
You can enable multicast mode using the controller GUI or CLI. IGMP Snooping on WLC In controller software release 4.2, IGMP snooping is introduced to better direct multicast packets. When this feature is enabled, the controller gathers IGMP reports from the clients, processes the reports, creates unique multicast group IDs (MGIDs) from the IGMP reports after checking the Layer 3 multicast address and the VLAN number, and sends the IGMP reports to the infrastructure switch.
The controller sends these reports with the source address as the interface address on which it received the reports from the clients. The controller then updates the access point MGID table on the AP with the client MAC address. When the controller receives multicast traffic for a particular multicast group, it forwards it to all the APs. However, only those APs that have active clients listening or subscribed to that multicast group send multicast traffic on that particular WLAN.
IP packets are forwarded with an MGID that is unique for an ingress VLAN and the destination multicast group. Layer 2 multicast packets are forwarded with an MGID that is unique for the ingress interface. Note: IGMP snooping is not supported on the 2000 series controllers, the 2100 series controllers, or the Cisco Wireless LAN Controller Network Module for Cisco Integrated Services Routers.
Guidelines for Using Multicast Mode Use these guidelines when you enable multicast mode on your network: The Cisco Unified Wireless Network solution uses some IP address ranges for specific purposes. Keep these ranges in mind when you configure a multicast group: Although not recommended, any multicast address can be assigned to the LWAPP multicast group; this includes the reserved link local multicast addresses used by OSPF, EIGRP, PIM, HSRP, and other multicast protocols. Cisco recommends that multicast addresses be assigned from the administratively scoped block 239/8. IANA has reserved the range of 239.0.0.0-239.255.255.255 as administratively scoped addresses for use in private multicast domains. See the note for additional restrictions.
These addresses are similar in nature to the reserved private IP unicast ranges, such as 10.0.0.0/8, defined in RFC 1918. Network administrators are free to use the multicast addresses in this range inside of their domain without fear of conflict with others elsewhere in the Internet. This administrative or private address space must be used within the enterprise and its leave or entry blocked from the autonomous domain (AS). Note: Do not use the 239.0.0.X address range or the 239.128.0.X address range. Addresses in these ranges overlap with the link local MAC addresses and flood out all switch ports, even with IGMP snooping turned on. Cisco recommends that enterprise network administrators further subdivide this address range into smaller geographical administrative scopes within the enterprise network to limit the 'scope' of particular multicast applications.
This prevents high-rate multicast traffic from leaving a campus (where bandwidth is plentiful) and congesting the WAN links. It also allows for efficient filtering of the high bandwidth multicast from reaching the controller and the wireless network. When you enable multicast mode on the controller, you must configure an LWAPP multicast group address on the controller. APs subscribe to the LWAPP multicast group using Internet Group Management Protocol (IGMP).
Cisco 1100, 1130, 1200, 1230, and 1240 APs use IGMP versions 1, 2, and 3. However, Cisco 1000 Series APs use only IGMP v1 to join the multicast group. Multicast mode works only in Layer 3 LWAPP mode. APs in monitor mode, sniffer mode, or rogue detector mode do not join the LWAPP multicast group address. When you use controllers that run version 4.1 or earlier, you can use the same multicast address on all the controllers. If you use controllers that run version 4.2 or later, the LWAPP multicast group configured on the controllers must be different for each controller used on the network.
If you use controllers with version 4.1 or earlier, the multicast mode does not work across intersubnet mobility events, such as guest tunneling, site-specific VLANs, or interface override that uses RADIUS. The multicast mode does work in these subnet mobility events when you disable the Layer 2 IGMP snooping/CGMP features on the wired LAN.
In later versions, that is, 4.2 or later, the multicast mode does not operate across intersubnet mobility events, such as guest tunneling. It does, however, operate with interface overrides that use RADIUS (but only when IGMP snooping is enabled) and with site-specific VLANs (access point group VLANs). The controller drops any multicast packets sent to the UDP port numbers 12222, 12223, and 12224. Make sure the multicast applications on your network do not use those port numbers. Multicast traffic is transmitted at 6 Mbps in an 802.11a network.
Therefore, if several WLANs attempt to transmit at 1.5 Mbps, packet loss occurs. This breaks the multicast session. Configuring Multicast (Using Multicast-Multicast Mode) Select Mutlicast - Multicast and configure your group, each WLC in your mobility group should use a unique address. Enable multicast routing on the L3 device and enable PIM on the following VLANs. Management, AP-Manger, VLAN on which the AP are in and as well as the VLAN where the cleints that will receive the multicast stream.
Example: VLAN 40 is the WLC management, VLAN 40 is for AP, and VLAN 50 is where my clients are. So under all of these SVI I need to issue the multicst commands. Issue all Multicast show command to verify, example: show ip mroute, show ip igmp groups to validate that the group for the AP is built properly. We can also enable IGMP Snoping on the WLC. The WLC will hold it's own snooping table for the IGMP messages that it receives, so that it knows who is requesting the stream. On Wireless LAN Controller Enable Global Multicast on the WLC and Enable Multicast – Multicast mode on the WLC Once the client sends the multicast join, we will see the below on the WLC MGID Multicast configuration on Wired network Configure Multicast routing Globally and then enable PIM on each interface. 6504-WLCBUG#sh run i multicast ip multicast-routing 6504-WLCBUG#sh run int vla 50 Building configuration.
Current configuration: 119 bytes! Interface Vlan50 description // WLAN DHCP pool VLAN // ip address 172.16.1.1 255.255.255.0 ip pim dense-mode end 6504-WLCBUG#sh run int vla 40 Building configuration. Current configuration: 121 bytes!
802.11 Sniffer Capture Analysis – Web Authentication Introduction WEB AUTHENTICATION Sniffer on Cisco WLC Troubleshooting Web Authentication Process Web authentication is a Layer 3 security feature that causes the controller to not allow IP traffic, except DHCP-related packets/ DNS-related packets, from a particular client until that client has correctly supplied a valid username and password with an exception of traffic allowed through Pre-Auth ACL. Web authentication is the only security policy that allows the client to get an IP address before Authentication. It is a simple Authentication method without the need for a supplicant or client utility.Web authentication can be done either locally on a WLC or over a RADIUS server. Web authentication is typically used by customers who want to deploy a guest-access network. Web authentication starts when the controller intercepts the first TCP HTTP (port 80) GET packet from the client.
In order for the client's web browser to get this far, the client must first obtain an IP address, and do a translation of the URL to IP address (DNS resolution) for the web browser. This lets the web browser know which IP address to send the HTTP GET. When web authentication is configured on the WLAN, the controller blocks all traffic (until the authentication process is completed) from the client, except for DHCP and DNS traffic. When the client sends the first HTTP GET to TCP port 80, the controller redirects the client to https:1.1.1.1/login.html for processing. This process eventually brings up the login web page. You open the web browser and type in a URL, for example,.
The client sends out a DNS request for this URL to get the IP for the destination. WLC bypasses the DNS request to the DNS server and DNS server responds back with a DNS reply, which contains the IP address of the destination in turn is forwarded to the wireless clients.
The client then tries to open a TCP connection with the destination IP address. It sends out a TCP SYN packet destined to the IP address of. The WLC has rules configured for the client and hence can act as a proxy for It sends back a TCP SYN-ACK packet to the client with source as the IP address of The client sends back a TCP ACK packet in order to complete the three way TCP handshake and the TCP connection is fully established.
The client sends an HTTP GET packet destined to The WLC intercepts this packet, sends it for redirection handling. The HTTP application gateway prepares a HTML body and sends it back as the reply to the HTTP GET requested by the client. This HTML makes the client to go to the default webpage URL of the WLC, for example, /login.html.
Client closes the TCP connection with the IP address, for example. Now the client wants to go to and so it tries to open a TCP connection with the virtual IP address of the WLC. It sends a TCP SYN packet for 1.1.1.1 to the WLC. The WLC responds back with a TCP SYN-ACK and the client sends back a TCP ACK to the WLC in order to complete the handshake.
Client sends a HTTP GET for /login.html destined to 1.1.1.1 in order to request for the login page. This request is allowed up to the Web Server of the WLC, and the server responds back with the default login page. The client receives the login page on the browser window where the user can go ahead and log in. Configuration Webauth Lets Go ahead and configure.
TOPOLOGY A Wireless Client is connected to the AP which is registered to the WLC which is connected to the switch, which is connected to the Router where the DNS, Routing, L3 connectivity is configured. Router to Act as a DNS 3825#sh run i host hostname 3825 ip host www.google.com 200.200.200.1 ip host www.yahoo.com 200.200.200.2 ip host www.facebook.com 200.200.200.3 3825#sh run i dns dns-server 16.16.16.1 ip dns server 3825#sh run b dhcp ip dhcp excluded-address 16.16.16.1 16.16.16.5! Ip dhcp pool webauth-sniffer network 16.16.16.0 255.255.255.0 default-router 16.16.16.1 dns-server 16.16.16.1 Configuration on the WLC.
Go to WLAN and then NEW and enter the details. Configure the WLAN for NO L2 Auth. Configure the WLAN for L3 auth with WEBAUTH.
After config, yoo should see like this. Go to Security TAB and create Local net users. Enter the Clients credentials. Go to Security Webauth TAB and the chose the Web auth type Internal / External Redirect / Custom. Connect the client. After getting the IP address, open the browser and type in the web address. The Clients gets redirected to the Web auth page where in we enter the username and password.
After successful log in. Client getting Redirected to the Redirect page Here is the Packet Capture When the client tries to connect Client does:. DHCP.
DNS. HTTP GET The client's IP address is 16.16.16.7. The client resolved the URL to the web server it was accessing 200.200.200.1. As you can see, the client did the three way handshake to start up the TCP connection and then sent an HTTP GET packet starting with packet 576. The controller is intercepting the packets and replying with code 200. The code 200 packet has a redirect URL in it: Client gets the HTTPS Login page Client Accepts the Certificate The client then starts the HTTPS connection to the redirect URL which sends it to the 1.1.1.1, which is the virtual IP address of the controller. The client has to validate the server certificate or ignore it in order to bring up the SSL tunnel.
Here the Client tries to access Facebook.com after successful auth and his TCP session starts without any problem. Here is the client Debug when the the client tried connecting Cisco Controller) (Cisco Controller) show debug MAC address. 00:21:5c:8c:c7:61 Debug Flags Enabled: dhcp packet enabled. Dot11 mobile enabled. Dot11 state enabled dot1x events enabled. Dot1x states enabled.
Pem events enabled. Pem state enabled. CCKM client debug enabled. Webauth redirect enabled.
I recently downloaded Ubuntu from the main website with the hopes of dual booting it with Windows. While the operating system works, it says that I need to install a driver for my graphics card. When I type in my password the installation fails. I figure it is because I need Internet access. I tried to install my WiFi USB adapter with the installation disc but Ubuntu doesn't seem to run the setup when I click the exe. What are my available solutions as I would really like to use Ubuntu from my programming and Windows for my gaming needs?
The name as read on the box is: Linksys AE1200 Wireless- N USB Adapter The description reads as such: ID 13b1:0039 Linksys (a comma messed up format) ID 046d:0a0b Logitech, Inc. ClearChat Pro USB (headset). It doesn't look like Cisco cares about supporting Linux on that specific device: One user on that forum suggests the 'RT3572USB' will function for your device, but suggests it will be an annoyance. I cannot confirm either statement.
(a tool that provides enough Windows APIs to let Windows drivers run under Linux) doesn't mention your device on their supported devices list. In general, it is best to buy devices after finding out their level of support. Some companies (Intel) put extra effort into making sure their hardware works under Linux (sometimes before Windows drivers are released; the members of their development teams I've talked with have been excited to support Linux). Some companies just don't care. Finding out for sure which specific devices are supported can be difficult; one simple approach is to look in /lib/modules/$(uname -r)/kernel/drivers/net/ for drivers. All the USB drivers are in the usb/ subdirectory. I just bought the Linksys AE1200 USB Wireless adapter and it works fine 19-Oct-2012.
My lsusb results: Bus 001 Device 005: ID 13b1:0039 Linksys AE1200 802.11bgn Wireless Adapter Broadcom BCM43235 For some reason, the Win XP driver on the installation CD would not work. None of the other broadcom chipset drivers that I attempted worked for me either.
The solution So, a search of here and Ubuntuforums yielded this link: and provided this repaired version of the xp driver:. Download the bcmwl4323x.zip and extract (for my example to follow, my downloads directory).
I opened a Terminal window:. cd /Downloads/bcmwl4323x/xp/.:/Downloads/bcmwl4323x/xp$ sudo ndiswrapper -i bcmwlhigh5.inf. sudo modprobe ndiswrapper.
ndiswrapper -l yielded: bcmwlhigh5: driver installed device (13B1:0039) present. Exit Terminal window, unplug LAN cable, System Restart.
(Optional) If the USB Wireless card does not work after reboot, you may need to add ndiswrapper to your /etc/modules so that it loads ndiswrapper at startup. You should be able to test if this is needed if upon boot, the LED on your wireless card is not lit.
You run in terminal sudo modprobe -r ndiswrapper sudo modprobe ndiswrapper and then the LED turns on. I'm running Ubuntu 12.04 and after searching these forums unsuccessfully, I have installed the driver for my AE1200 and it is working correctly. Here is how I did it: First, install ndiswrapper and be sure to install ndiswrapper-common and ndiswrapper-dkms as well.
Cisco Linksys Adapter Driver
Then, download the XP driver for the device: Extract the zip and cd to the folder (probably xp). If you attempt to install the driver with ndiswrapper at this point, you will receive the 'couldn't find section 'LinksysAE1200.files.NTamd64' error. To resolve this, edit the bcmwlhigh5.inf file. Find the section that looks like this: LinksysAE2500.files.NT AE2500xp.sys,6 Underneath it, add this: LinksysAE1200.files.NTamd64 AE1200xp64.sys,6 LinksysAE2500.files.NTamd64 AE2500xp64.sys,6 Save and close. Then, if you've already attempted to install the driver with ndiswrapper you'll need to remove it, run: sudo ndiswrapper -e bcmwlhigh5 Then do the install again: sudo ndiswrapper -i bcmwlhigh5.inf Verify with: sudo ndiswrapper -l Now plug in the USB device and the blue light should come on. I could be wrong, but I think this means whoever wrote these.inf files forgot to include those lines, which I find funny.Update for 12.10- If you install ndiswrapper-dkms it will fail and you will start getting system errors. Follow the solution here to resolve: As a side note the source code he refers to is everything in the 'driver' directory of the extracted tar.gz In addition, you will also want to run: sudo dkms remove ndiswrapper/1.57 -all and sudo dkms uninstall ndiswrapper/1.57.
Cisco Linksys Usb Adapter Driver
I followed the instructions from plus the recommendations here: (in Spanish) and it works in Ubuntu 14.10: They say that: 1. Install ndiswrapper: sudo aptitude install ndiswrapper-common ndiswrapper-modules-1.9 ndiswrapper-utils-1.9 2. Install drivers: Go to the linksys page and download the drivers for xp, then follow the instructions from specially if you are using Ubuntu 64bits Then in the downloaded folder we use: sudo ndiswrapper -i bcmwlhigh5.inf Then we make sure that is installed: sudo ndiswrapper -l If there are errors, then we need to uninstall ( sudo ndiswrapper -e bcmwlhigh5) and then fix the error (ex. Download other file) and install again. Load ndiswrapper module: To the system: sudo depmod -a sudo modprobe ndiswrapper When the WIFI USB interface is active: sudo ndiswrapper -m When Ubuntu start (add ndiswrapper as a new line): sudo gedit /etc/modules Then check your connections, it should list your device. Just to let the community know that Linksys AE1200 is working flawlessly as in Windows. But, I have to inform, that the modified XP driver, posted above on other comment, did not work on WPA2 routers, I got a workaround, and found the untouched WinXP driver, and got it up and running.
Did it the following way: Downloaded XP driver UNMODIFIED from: Installed ndisgtk and ndiswrapper-dkms packages via terminal sudo apt-get install ndisgtk && sudo apt-get install ndiswrapper-dkms Extracted the zipped WinXP driver downloaded from the link above. Opened Windows Wireless Drivers from the menu, chose the bcmwlhigh5.inf file and installed the driver. Rebooted just to be sure and finally got it working. I'm running Lubuntu at the moment, but, I assume in that in Ubuntu and also in Ubuntu derivatives, there is no need to add ndiswrapper to /etc/modules as in Lubuntu ndiswrapper is loaded by default by the kernel.
Well hope this helps anyone, the easy and hassle-free way to set Cisco Linksys AE1200 USB wireless dongle to work, without too much terminal commands, for less experienced users! EDIT: If you're in a situation that you cannot by any means reboot, right after the driver install, the blue LED should be immediatelly on, and you can start using the wi-fi dongle right away.