Sparks Flying

Hardware

As I prefer to buy things locally, I ventured forth and bought a LinkSys WAP-11 v2.2 for the access point, and a LinkSys WPC-11 PCMCIA card for the laptop (called client from here on).

Both of these support WEP - the Wired Equivalent Privacy - encryption scheme, with either 64 or 128 bit keys. The access point also supports 256 bit keys. The WAP-11 also supports access controls.

However, after some use, both of these were causing problems and I replaced the access point with a NetGear ME-102, and the PC card with an Orinoco Gold card. The following steps split up the configuration for both types of equipment.

The plan of action is to make an initial wireless connection with as few changes as possible, meaning the system would be pretty open. However, as long as the access point is not connected to much, this is safe enough to start the journey.

Configuring the Access Point

Both access points come with a Windows program for configuration. The LinkSys uses the network port, whereas the NetGear operates via a USB port. However, both of them also provide an alternative which is amenable to non-Windows networks. The LinkSys is configured via a web browser, and the NetGear via SNMP, with a specific program available from http://ap-utils.polesye.net/

Common to either access point is initial configuration. Since this is normally a wide open mode, I connected the access point to a standalone PC (or a PC with a second net card with forwarding disabled).

Specific instructions are:-

At this stage, you should have an access point connected to your PC, with a new administrative password and ESSID string.

Laptop End

The linux PCMCIA code is mostly controlled from files in the /etc/pcmcia directory. I am using RedHat 7.3, with kernel version 2.4.18-10, that is with all RedHat updates applied.

When I plugged the WPC-11 into the client, nothing happened - none of the usual beeping associated with plugging in a PCMCIA card. If this happens, the card is not recognised, and so you need to amend the overall PCMCIA configuration file.

The Orinoco card is pre-configured, so there was a beep when inserted the first time.

The network connection was not established, however, because we have not configured the wireless network information to match what was set in the access point above. The wireless specific configuration is the file /etc/pcmcia/wireless.opts Again, the Orinoco card had a basic configuration; however it did not match our specific settings, so it needs to be changed.

There is a considerable comment block at the beginning of this file to explain the format, which is a large shell case statement, one case per card type. Matching is typically done on the card's MAC address, or at least a part of it. Usually the MAC address is printed on the card.

In the case of the LinkSys card, a new entry is required. Insert the following near the beginning of the file:-

# LinkSys WPC11
*,*,*,00:06:25:*)
    INFO="LinkSys WPC11"
    ESSID="Foo waS hEre"
    MODE="Managed"
    CHANNEL="6"
    ;;

The string 00:06:25 are the first three bytes of the card's MAC address. Thus, this is a generic entry, matching any LinkSys card (for some definition of 'any').

The above says that when a card with the given MAC address is inserted, set the ESSID and MODE parameters to the values given. The Managed mode sets the card to connect only to the access point. Channel 6 appears to be the default value for access points, so make sure that the receiver is using the same value.

The Orinoco card already had an entry, so it was only necessary to change the MODE, ESSID and CHANNEL settings, and disable the KEY parameter, as that is used to set the WEP key, which turns on WEP - something not yet on the agenda.

Laptop Network Configuration

Next step is to configure the network for this card. There are several ways to do this, but I just use a text editor and create the file. I've done it enough to just about remember it all. Note that this is for RedHat systems - I don't know how common this is with other distributions.

Assuming this is the second interface in the client, it will be called the eth1 interface. To configure the interface the manual way, place

DEVICE=eth1
BOOTPROTO=none
ONBOOT=no
BROADCAST=192.168.x.255
NETWORK=192.168.x.0
NETMASK=255.255.255.0
IPADDR=192.168.x.100
USERCTL=no

into the file /etc/sysconfig/network-scripts/ifcfg-eth1 Set the value x to 1 for the LinkSys access point, or 0 for the NetGear. This is related to their default network addresses, which are in effect at this time. The "BOOTPROTO=none" disables DHCP.

Remove the card and re-insert it. (I have to do this twice - for some reason, even numbered card inserts are ignored!) The wireless configuration information is read as the card is detected.

Now you should hear two beeps. The LinkSys card will illuminate the two (dim) green LEDs on the card when the connection to the access point is established. The Orinoco card shows one solid green light, and a blinking one when data is transmitted. To verify the link status, use the iwconfig command, and you should see something like the following:

eth1      IEEE 802.11-DS  ESSID:"Foo waS hEre"  Nickname:"client.node.name"
          Mode:Managed  Frequency:2.437GHz  Access Point: xx:xx:xx:xx:xx:xx
          Bit Rate:11Mb/s   Tx-Power=15 dBm   Sensitivity:1/3
          Retry limit:4   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality:40/92  Signal level:-53 dBm  Noise level:-93 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:1
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

The frequency may be different, as will the signal levels and related fields, and the Nickname field contents will be the hostname. The "Access Point" will have the MAC address of your access point. If the link has not established, that address will likely be something like "44:44:44:44:44:44" - at least, that is what I see.

Assuming all is well, you should be able to ping the access point and the PC at the other end of the access point. And from the PC, you should be able to ping the client, using the address set in the IPADDR line in the configuration file above.


Introduction
Tightening Up


Version: $Revision: 1.8 $; Updated at 15:47 EST on Tue Apr 11, 2006
Copyright (C) 2002 - 2006, Lindsay Harris