WLAN @ UT Gert Meijerink Service Departement for Information Technology, Library and Education (ITBE) Gert.Meijerink@utwente.nl 18-9-2018 DFN 2004
Agenda University of Twente Program Wireless Campus Project WLAN @ UT Infrastructure Testbed Education 18-9-2018 DFN 2004
Campus Research and education Sport, culture, shops Housing of 2000 students 9000 students and employees Related companies 18-9-2018 DFN 2004
Program Wireless Campus Broad range of research and applications of wireless and mobile telecommunication In the past WAP, now WLAN and UMTS ‘testbed’ for wireless applications 18-9-2018 DFN 2004
Project WLAN @ UT European tender procedure Installed a Wireless LAN 650 wireless accesspoints - type Cisco 1200 Covers whole of the 140 hectares (346 acres) of the university campus Part of the ‘Wireless Campus’ project of the university Possible with financial support of the Dutch Ministry of Economic Affairs Built in cooperation with IBM Netherlands and Cisco Systems 18-9-2018 DFN 2004
Cisco Aironet 1200 Series 18-9-2018 DFN 2004
WLAN infrastructure(1) Enables students and scientists of the university access to the Internet everywhere on the university campus in the university buildings the dormitories by the poolside the campus park 18-9-2018 DFN 2004
WLAN infrastructure(2) Improves the flexibility and independence of time and location Facilitates new ways of teaching New teaching concepts also enable a more flexible use of teaching rooms 18-9-2018 DFN 2004
WLAN infrastructure(3) Standards IEEE802.11b 11 megabit standard IEEE802.11a 54 megabit standard IEEE802.11g 54 megabit standard IEEE802.1X access control 18-9-2018 DFN 2004
Installation Site survey Radio plan AP’s Antenna’s Experiences described in cookbook (Dutch) 18-9-2018 DFN 2004
Coverage 4 categories defined With different quality requirements Lecture rooms Conference rooms Dormitories Public areas With different quality requirements 18-9-2018 DFN 2004
Management AP’s One station for managing all the AP’s CISCO WLSE – Wireless LAN Security Engine Template based configuration of AP’s Secure HTML-based UI Role based access control 18-9-2018 DFN 2004
Security Physical Network access IEEE 802.1X EAP-TTLS Dynamic WEP-keys 18-9-2018 DFN 2004
802.1X Overview A method for performing authentication to obtain access to IEEE 802 LANs. Ideally occurs at the first point of attachment (i.e. the edge) Specifies a protocol (EAPOL) between devices desiring access to the bridged LAN and devices providing access to the bridged LAN Specifies the requirements for a protocol between the Authenticator and an Authentication server (e.g. RADIUS) Specifies different levels of access control and the behavior of the port providing access to the bridged LAN Specifies management operations via SNMP 18-9-2018 DFN 2004
Local authentication 18-9-2018 DFN 2004
Authentication Server Local authentication switch of Wireless Access Point bijv. LDAP RADIUS server EAP over RADIUS EAPOL Supplicant Authenticator Authentication Server User DB AS voorziet Authenticator en Supplicant van tijdelijke WEP-keys. Internet Een wireless client zoekt toegang tot AP Het AP blokkeert alle pogingen van de client om toegang tot netwerkbronnen te verkrijgen tot dat de client is ingelogd op het netwerk De gebruiker op de client levert login credentials (user ID en password, user ID en one-time-password, of user ID en digitaal cetificaat) via een EAP spupplicant *02.1X en EAP, de wireless client en een RADIUS-server op het het vaste netwerk voeren een authenticatieproces uit in 2 fasen. In de eerste fase van de authenticatie verifieert de RADIUS-server de client credentials. In de tweede fase verifieert de client de RADIUS-credentials. Kan ook in omgekeerde volgorde. Wanneer de dubbele authenticatie succesvol is verlopen wordt een WEP-key vastgesteld. De client laadt en gebruikt de key voor de login-sessie. De RADIUS-server de WEP-key, sessie-key genoemd, over het vaste net naar het AP. Het AP encrypt zijn broadcast-key met de sesie-key en stuurt de encrypted key naar de client, die decrypt met de sessie-key. De client en AP activeren WEP en gebruiken de sessie en broadcast WEP-keys voor alle communicatie gedurende de rest van de sessie of totdat een time-out is bereikt en nieuwe WEP-keys worden gegenereerd. Zowel de sessie-key als de broadcast-key worden op regelmatige tijdstippen gewijzigd. De RADIUS-server aan het eind van de EAP authenticatie specificeert de sessie-key time-out voor het AP en het AP kan worden geconfigureerd voor het de duur van de braodcast key rotation time. signalling data 18-9-2018 DFN 2004
Authentication Server Local authentication Supplicant Authenticator Authentication Server User DB Nu is veilige communicatie mogelijk Internet signalling data 18-9-2018 DFN 2004
Authentication of guests 18-9-2018 DFN 2004
Authentication of guests Supplicant Authenticator RADIUS server Instelling A RADIUS server Instelling B User DB User DB Internet Centrale RADIUS Proxy server signalling data 18-9-2018 DFN 2004
Authentication of guests Supplicant Authenticator RADIUS server Instelling A RADIUS server Instelling B User DB User DB Internet Centrale RADIUS Proxy server signalling data 18-9-2018 DFN 2004
User support HELPdesk IT-shop Installation service Installation guides Installatiehandleiding WLAN@UT voor Windows XP Installatiehandleiding WLAN@UT voor Windows 2000 SecureW2 Client v1.0 Installation Guide SecureW2 Client v1.0 Software SecureW2 Client v1.0 User Guide Installatiehandleiding WLAN@UT -GUEST- netwerk Installatiehandleiding WLAN@UT voor MAC Installatiehandleiding WLAN@UT –GUEST- MAC Test draadloze netwerkkaarten 18-9-2018 DFN 2004
TESTBED Test products Finding business applications for information technology and telecommunications research 18-9-2018 DFN 2004
Education Examples Industrial Design Technical Medicine 18-9-2018 DFN 2004
E-Learning and Wireless Where are we going with e-learning? Will wireless get us there faster/better? Prof. dr. Betty Collis Shell Professor of Networked Learning University of Twente, The Netherlands 18-9-2018 DFN 2004
Higher Education: Trend Network technologies are widely used in teaching and learning: but as part of a blend Not replacing the instructor Not replacing the lecture or the book, but extending them 18-9-2018 DFN 2004
Two types of flexibility… Logistics of learning: To make processes more efficient, easier, more professional, better organized, just-in-time, archivable Pedagogic of learning: To extend and enrich how you learn; via better social learning, new models of learning; new ways of creating, designing, and building learning 18-9-2018 DFN 2004
With flexibility of time and place Logistics of learning Organizing Archiving Finding Saving Maintaining agenda Synchronizing Communicating Submitting Contacting Transferring, sharing With flexibility of time and place 18-9-2018 DFN 2004
Pedagogical flexibility From being given to finding or creating From fixed to options From listening to doing From one-size-fits-all to tailoring From copying notes to presenting Teaching and learning flexibility 18-9-2018 DFN 2004
From lab to collaboratory 18-9-2018 DFN 2004
From isolation (even in a crowd) to collaboration where you want 18-9-2018 DFN 2004
E-Learning and Wireless Where are we going with e-learning? Will wireless get us there faster/better? Yes! Prof. dr. Betty Collis Shell Professor of Networked Learning collis@edte.utwente.nl 18-9-2018 DFN 2004
Links and more information University of Twente www.utwente.nl WLAN cookbook Installation guides http://www.snt.utwente.nl/handleidingen/manuals.html 802.1X http://www.surfnet.nl/innovatie/wlan/ Education Lisa Gommer e-mail: e.m.gommer@utwente.nl Prof. Dr. Betty Collis e-mail collis@edte.utwente.nl 18-9-2018 DFN 2004
??? 18-9-2018 DFN 2004