WLAN @ UT Gert Meijerink Service Departement for Information Technology, Library and Education (ITBE) Gert.Meijerink@utwente.nl 18-9-2018 DFN 2004.

Presentatie over: "WLAN @ UT Gert Meijerink Service Departement for Information Technology, Library and Education (ITBE) Gert.Meijerink@utwente.nl 18-9-2018 DFN 2004."— Transcript van de presentatie:

1 UT Gert Meijerink Service Departement for Information Technology, Library and Education (ITBE) DFN 2004

2 Agenda University of Twente Program Wireless Campus Project WLAN @ UT
Infrastructure Testbed Education DFN 2004

3 Campus Research and education Sport, culture, shops
Housing of 2000 students 9000 students and employees Related companies DFN 2004

4 Program Wireless Campus
Broad range of research and applications of wireless and mobile telecommunication In the past WAP, now WLAN and UMTS ‘testbed’ for wireless applications DFN 2004

5 Project WLAN @ UT European tender procedure Installed a Wireless LAN
650 wireless accesspoints - type Cisco 1200 Covers whole of the 140 hectares (346 acres) of the university campus Part of the ‘Wireless Campus’ project of the university Possible with financial support of the Dutch Ministry of Economic Affairs Built in cooperation with IBM Netherlands and Cisco Systems DFN 2004

6 Cisco Aironet 1200 Series DFN 2004

7 WLAN infrastructure(1)
Enables students and scientists of the university access to the Internet everywhere on the university campus in the university buildings the dormitories by the poolside the campus park DFN 2004

8 WLAN infrastructure(2)
Improves the flexibility and independence of time and location Facilitates new ways of teaching New teaching concepts also enable a more flexible use of teaching rooms DFN 2004

9 WLAN infrastructure(3)
Standards IEEE802.11b 11 megabit standard IEEE802.11a 54 megabit standard IEEE802.11g 54 megabit standard IEEE802.1X access control DFN 2004

10 Installation Site survey Radio plan AP’s Antenna’s
Experiences described in cookbook (Dutch) DFN 2004

11 Coverage 4 categories defined With different quality requirements
Lecture rooms Conference rooms Dormitories Public areas With different quality requirements DFN 2004

12 Management AP’s One station for managing all the AP’s
CISCO WLSE – Wireless LAN Security Engine Template based configuration of AP’s Secure HTML-based UI Role based access control DFN 2004

13 Security Physical Network access IEEE 802.1X EAP-TTLS Dynamic WEP-keys
DFN 2004

14 802.1X Overview A method for performing authentication to obtain access to IEEE 802 LANs. Ideally occurs at the first point of attachment (i.e. the edge) Specifies a protocol (EAPOL) between devices desiring access to the bridged LAN and devices providing access to the bridged LAN Specifies the requirements for a protocol between the Authenticator and an Authentication server (e.g. RADIUS) Specifies different levels of access control and the behavior of the port providing access to the bridged LAN Specifies management operations via SNMP DFN 2004

15 Local authentication DFN 2004

16 Authentication Server
Local authentication switch of Wireless Access Point bijv. LDAP RADIUS server EAP over RADIUS EAPOL Supplicant Authenticator Authentication Server User DB AS voorziet Authenticator en Supplicant van tijdelijke WEP-keys. Internet Een wireless client zoekt toegang tot AP Het AP blokkeert alle pogingen van de client om toegang tot netwerkbronnen te verkrijgen tot dat de client is ingelogd op het netwerk De gebruiker op de client levert login credentials (user ID en password, user ID en one-time-password, of user ID en digitaal cetificaat) via een EAP spupplicant *02.1X en EAP, de wireless client en een RADIUS-server op het het vaste netwerk voeren een authenticatieproces uit in 2 fasen. In de eerste fase van de authenticatie verifieert de RADIUS-server de client credentials. In de tweede fase verifieert de client de RADIUS-credentials. Kan ook in omgekeerde volgorde. Wanneer de dubbele authenticatie succesvol is verlopen wordt een WEP-key vastgesteld. De client laadt en gebruikt de key voor de login-sessie. De RADIUS-server de WEP-key, sessie-key genoemd, over het vaste net naar het AP. Het AP encrypt zijn broadcast-key met de sesie-key en stuurt de encrypted key naar de client, die decrypt met de sessie-key. De client en AP activeren WEP en gebruiken de sessie en broadcast WEP-keys voor alle communicatie gedurende de rest van de sessie of totdat een time-out is bereikt en nieuwe WEP-keys worden gegenereerd. Zowel de sessie-key als de broadcast-key worden op regelmatige tijdstippen gewijzigd. De RADIUS-server aan het eind van de EAP authenticatie specificeert de sessie-key time-out voor het AP en het AP kan worden geconfigureerd voor het de duur van de braodcast key rotation time. signalling data DFN 2004

17 Authentication Server
Local authentication Supplicant Authenticator Authentication Server User DB Nu is veilige communicatie mogelijk Internet signalling data DFN 2004

18 Authentication of guests
DFN 2004

19 Authentication of guests
Supplicant Authenticator RADIUS server Instelling A RADIUS server Instelling B User DB User DB Internet Centrale RADIUS Proxy server signalling data DFN 2004

20 Authentication of guests
Supplicant Authenticator RADIUS server Instelling A RADIUS server Instelling B User DB User DB Internet Centrale RADIUS Proxy server signalling data DFN 2004

21 User support HELPdesk IT-shop Installation service Installation guides
  Installatiehandleiding voor Windows XP   Installatiehandleiding voor Windows 2000   SecureW2 Client v1.0 Installation Guide   SecureW2 Client v1.0 Software   SecureW2 Client v1.0 User Guide   Installatiehandleiding -GUEST- netwerk   Installatiehandleiding voor MAC   Installatiehandleiding –GUEST- MAC   Test draadloze netwerkkaarten DFN 2004

22 TESTBED Test products Finding business applications for information technology and telecommunications research DFN 2004

23 Education Examples Industrial Design Technical Medicine 18-9-2018
DFN 2004

24 E-Learning and Wireless
Where are we going with e-learning? Will wireless get us there faster/better? Prof. dr. Betty Collis Shell Professor of Networked Learning University of Twente, The Netherlands DFN 2004

25 Higher Education: Trend
Network technologies are widely used in teaching and learning: but as part of a blend Not replacing the instructor Not replacing the lecture or the book, but extending them DFN 2004

26 Two types of flexibility…
Logistics of learning: To make processes more efficient, easier, more professional, better organized, just-in-time, archivable Pedagogic of learning: To extend and enrich how you learn; via better social learning, new models of learning; new ways of creating, designing, and building learning DFN 2004

27 With flexibility of time and place
Logistics of learning Organizing Archiving Finding Saving Maintaining agenda Synchronizing Communicating Submitting Contacting Transferring, sharing With flexibility of time and place DFN 2004

28 Pedagogical flexibility
From being given to finding or creating From fixed to options From listening to doing From one-size-fits-all to tailoring From copying notes to presenting Teaching and learning flexibility DFN 2004

29 From lab to collaboratory
DFN 2004

30 From isolation (even in a crowd) to collaboration where you want
DFN 2004

31 E-Learning and Wireless
Where are we going with e-learning? Will wireless get us there faster/better? Yes! Prof. dr. Betty Collis Shell Professor of Networked Learning DFN 2004

32 Links and more information
University of Twente WLAN cookbook Installation guides 802.1X Education Lisa Gommer Prof. Dr. Betty Collis DFN 2004

33 ??? DFN 2004