For example, if you created an ad hoc network called MyOtherNet and want to connect to it, you enter the following command: netsh wlan connect name=default ssid=myothernet If you issue a
Trang 1To connect to the wireless network displayed in Figure 6-36, you enter the following
command:
netsh wlan connect name=default
If there is more than one wireless network on the same profile, you also need to specify
the service set identifier (SSID) of the network to which you want to connect For example, if
you created an ad hoc network called MyOtherNet and want to connect to it, you enter the
following command:
netsh wlan connect name=default ssid=myothernet
If you issue a command to connect to a wireless network and your computer is already
connected to another wireless network, it disconnects from its current network and connects
to the network that you specify If you want to disconnect from a network without connecting
to another one and you have only one network adapter on your computer, you enter the
following command:
netsh wlan disconnect
If you have more than one wireless interface on your system, you can specify the interface
that you want to disconnect by entering a command similar to the following:
netsh wlan disconnect interface=”Wireless Network Connection”
To disconnect from all interfaces, you enter the following command:
netsh wlan disconnect interface=*
The Netsh wlan utility is both versatile and powerful As with all command-line utilities,
the best way of becoming familiar with it is to use it and experiment with it This is one of the
suggested practices at the end of this chapter Figure 6-37 shows the commands available for
the Netsh wlan utility
FIgUre 6-37 Netsh wlan utility commands
Trang 2You can configure wireless connection behavior by clicking Change Adapter Settings in Network And Sharing Center, right-clicking your wireless adapter, and clicking Status Clicking Details on the Status dialog box displays the adapter configuration, as shown in Figure 6-38
FIgUre 6-38 Wireless adapter configuration
Clicking Wireless Properties in the adapter’s Status dialog box opens the Wireless Network Properties dialog box for the wireless network to which you are currently connected, as shown in Figure 6-39 You can configure your computer to always connect to the currently connected network if it is in range, or to connect to a more preferred network when available You can configure a WAP so that it does not broadcast its name or SSID This enhances security because the network does not appear on the list of wireless networks in range and you need to connect to it manually You can configure your computer (and hence, other computers on your network) to connect to a network that is in range but is not broadcasting its SSID You can copy this and other settings to a USB flash drive that you then use to
configure other computers to connect to your wireless network
If you select the Connect To A More Preferred Network If Available, automatic switching
is enabled, which can be a useful feature in a large organization that requires more than one wireless network to cover its floor space Suppose, for example, a doctor is moving from ward to ward in a hospital and is using a laptop computer She does not want to manually connect to another wireless network whenever she gets out of the range of the one to which she is currently connected Automatic switching accomplishes this seamlessly, without user intervention
However, automatic switching can cause problems if two networks overlap This is
discussed in the section entitled “Troubleshooting Wireless Networks,” later in this lesson
Trang 3FIgUre 6-39 Configuring connection properties
You can add additional wireless-enabled computers to your network by inserting the USB
flash drive and clicking Wireless Network Setup Wizard in the AutoPlay dialog box Alternatively,
you can manually add a wireless computer running Windows 7 to your network by clicking
Connect To A Network on Network And Sharing Center and using the same procedure that you
followed when connecting the first computer
note NetWOrK SeCUrItY KeY
By default, a WAP is set to permit open access by any wireless-enabled computer within its
range You can configure both authentication and encryption type on the Security tab of
the Wireless Network Properties dialog box Configuring security settings on a third-party
WAP is discussed later in this lesson.
quick Check
n You are adding a new computer to a wired network that connects to the Internet
through a cable modem attached to one of your computers by a USB cable
The new computer is configured to obtain its IP configuration automatically
When you switch the new computer on, it is configured with an IP address,
a subnet mask, and IP addresses for its default gateway and DNS server Where does it get this information?
quick Check answer
Trang 4To connect to a wireless network that does not broadcast its SSID, you need to know details such as the network name and security type In Network And Sharing Center, you click Set Up A Connection Or Network, click Manually Connect To A Wireless Network, and click Next You are prompted for the network name and security type and (if appropriate) encryption type and security key Alternatively, you can open an elevated command prompt and enter a command with the following syntax:
netsh wlan connect name=<profile_name> ssid-<network_ssid> [interface=<interface_name>]
To add a wireless device other than a computer to a network, you need to follow the manufacturer’s instructions in the information that came with the device You might be able to add the device using a USB flash drive If the device is a printer, you might need to enable printer sharing so that other computers on the network can use it If you want to add
a Bluetooth enabled device to your network, you need a Bluetooth network adapter
More Info BLUetOOth
For more information about Bluetooth, access http://bluetooth.com/Bluetooth/Technology/
and follow the links.
note VIrtUaL prIVate NetWOrKS
You can also connect to a virtual private network (VPN) by clicking Connect To A Network
in Network And Sharing Center Chapter 10, “DirectAccess and VPN Connections,”
discusses VPNs in detail.
Managing Preferred Wireless Networks
If you have a wireless-enabled mobile computer such as a laptop, you can take it to various locations and connect to whatever wireless networks are available at any location You can see the available networks by opening Network And Sharing Center and clicking Connect To
A Network You can also click the Wireless icon on the Toolbar at the bottom right section
of your screen You can then right-click a network and click Connect Available networks are listed in the Manage Wireless Networks dialog box
If you do not see the network to which you want to connect, you can click Set Up A New Connection Or Network in Network And Sharing Center You can select from a list of available options (for example, Connect To The Internet) and manually search for and connect to
a network You can also create a new network connection
Some networks require a network security key or passphrase To connect to a secure network that you do not administer, you need to ask the network administrator or the service provider for the key or passphrase
Trang 5WarnIng ChOOSe a SeCUrItY-eNaBLeD WIreLeSS NetWOrK
When you are connecting to a wireless network that is not your own, you should always
choose a security-enabled wireless network if available If you connect to a network that
is not secure, someone with the right tools can see everything that you do, including the
Web sites you visit, the documents you work on, and the user names and passwords that
you use—decidedly not recommended.
If you have previously connected to various wireless networks, the list of these networks
is referred to as your preferred list The wireless networks on your preferred list are your
preferred wireless networks You can click Manage Wireless Networks in the Network And
Sharing Center and view saved wireless networks You can change the order in which your
computer attempts to connect to preferred networks by dragging the networks up or down
in the list You can also change preferences for the network by right-clicking the network and
selecting Properties
Suppose, for example, that a doctor works in a large hospital On the first floor, she can
connect to the wireless networks Wards_10_to_14 and Wards_15_to_19 On the second
floor, she can connect to the wireless networks Wards_20_to_24 and Wards_25_to_29 There
is shielding between the floors, and she cannot connect to a network if she is not on the
appropriate floor She knows that the networks Wards_10_to_14 and Wards_20_to_24 have
high bandwidth, and she wants to connect to them by preference of whatever ward she is in If
she cannot connect to her first choice of network, she wants to connect to her second choice
The doctor has previously been connected to all four networks (not at the same time), and
they are on her preferred list Note that a network can be on a preferred list even if it is not
currently in range The doctor needs to make sure that the network Wards_10_to_14 is above
the network Wards_15_to_19 and that the network Wards_20_to_24 is above the network
Wards_25_to_29 in her preferred network list It makes no difference whether the first-floor
wards are above the second-floor wards in the list or the other way round
On the first floor, the second-floor networks cannot be reached The doctor’s computer
connects to the network Wards_10_to_14 if it is available If not, it connects to the network
Wards_15_to_19 On the second floor, the first-floor networks cannot be reached The doctor’s
computer connects to the network Wards_20_to_24 if it is available If not, it connects to the
network Wards_25_to_29
Setting Internal Wireless Adapter Security
Later in this lesson, you will learn how to configure security settings on a third-party WAP You
should also configure compatible security in a wireless network adapter By default, a WAP
is set to permit open access by any wireless-enabled computer within its range However,
it can be configured to restrict access to authenticated connections and to use a specified
encryption standard You can configure both authentication and encryption for a wireless
Trang 6network adapter on the Security tab of the Wireless Network Properties dialog box, shown in Figure 6-40 The figure shows the choice of security type The Encryption Type is either None
or Wired Equivalent Privacy (WEP)
FIgUre 6-40 The Security tab of the Wireless Network Properties dialog box
The following authentication types are available:
n No authentication (open)
n Shared (a shared secret passkey)
n Wi-Fi Protected Access (WPA)-Personal
n WPA2-Personal
n WPA-Enterprise
n WPA2-Enterprise
n 802 1X
WPA and WPA2 indicate compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer networks WPA2 enhances WPA, which in turn addresses weaknesses in the previous system, WEP WPA was intended as an intermediate measure
to take the place of WEP while an IEEE 802 11i standard was prepared 802 1X provides port-based authentication, which involves communications between a supplicant (a client computer), an authenticator (a wired Ethernet switch or WAP), and an authentication server (typically a Remote Authentication Dial In User Service, or RADIUS, server)
The WPA2 certification mark indicates compliance with an advanced protocol that
implements the full 802 11 standard, and it is mandatory for all new wireless routers that bear the Wi-Fi trademark This advanced protocol does not work with some older network cards,
Trang 7and WPA is still supported in Microsoft operating systems, including Windows 7 The main
difference between WPA and WPA2 is that WPA2 uses Advanced Encryption Standard (AES)
AES has its own mechanism for dynamic key generation and is resistant to statistical analysis
of the cipher text
Pre-shared key (PSK) mode is also known as Personal mode and is designed for SOHO
networks that do not require the complexity of an 802 1X authentication server and do not
contain a certificate authority (CA) server Each wireless network device encrypts the network
traffic using a 256-bit key This key may be entered either as a string of 64 hexadecimal digits,
or as a passphrase of 8 to 63 printable ASCII characters Both WPA-Personal and WPA-2
Personal modes are supported in Windows 7
WPA-Enterprise and WPA2-Enterprise authenticate through the Extensible Authentication
Protocol (EAP) and require computer security certificates rather than PSKs The following EAP
types are included in the certification program:
n EAP-TLS
n EAP-TTLS/MSCHAPv2
n PEAPv0/EAP-MSCHAPv2
n PEAPv1/EAP-GTC
n EAP-SIM
More Info eap
For more information about EAP, see http://technet.microsoft.com/en-us/network/
bb643147.aspx.
The authentication type you choose to configure on your network adapter needs to be
supported by the networks to which you want to connect and by your network hardware
For example:
n If you have a RADIUS server on your network to act as an authentication server and
you want the highest possible level of security, you would choose 802 1X
n If you want to use AES and to use computer certificates rather than a PSK, you would
choose WPA2-Enterprise
n If your network router does not support the AES standard but you want to use
computer certificates, you would choose WPA-Enterprise
n If you have a small network that is not in a domain and cannot access a CA server,
but you install a modern WAP that supports AES, you would use WPA2-Personal (with
a PSK)
n If you have a small network that is not in a domain and cannot access a CA server and
your WAP does not support AES, you would use WPA-Personal
n Shared uses a shared passkey but offers no other protection You would choose this if
no other method was available
Trang 8If no authentication is configured, anyone can connect a computer to your network If no encryption exists, someone with a protocol sniffer can intercept and read confidential data
More Info Wep aND Wpa
For more information about WEP and WPA, see http://www.ezlan.net/wpa_wep.html This is
not a TechNet site, but it is maintained by a Microsoft Most Valued Professional (MVP).
Using an Ad Hoc Network
You can set up a temporary wireless network, or ad hoc network, between two or more computers running Windows 7 (or between computers running Windows 7 and Windows Vista) provided they are all within 30 feet (9 meters) of each other A WAP is not required to set up an ad hoc network This enables users to share folders and other resources without needing to connect to an organizational network
Suppose, for example, that you were holding a meeting with representatives from another company and you wanted to share information (such as product specifications) with them but did not want to grant them access to your company network Or suppose that you were holding a meeting in a hotel room and did not want to share confidential information through the hotel’s network In these and similar cases, you can easily and quickly set up an
ad hoc network by doing the following procedure
On the first computer on the network, you open Network And Sharing Center and click Set Up A New Connection Or Network You then choose the option Set Up A Wireless Ad Hoc (Computer To Computer) Network You give the network a name and (if you want) set
up a security key so that users joining the network need to supply a password For WEP, this can be 5 sensitive characters, 13 sensitive characters, 10 hexadecimal case-insensitive characters, or 26 hexadecimal case-case-insensitive characters, depending on security considerations (If you choose WPA-2 Personal, you can insist on a 64-character password, but
by the time everyone has typed it in correctly, the meeting would probably be over )
Other users join the ad hoc network as they would any other wireless network You can choose to save the network settings if you want to set up an ad hoc network with the same configuration sometime in the future, but typically an ad hoc network is transient and is torn down when the last member leaves Ad hoc networks use IPv6 and do not require IPv4 connectivity You set up and join an ad hoc network in a practice exercise later in this lesson One use for an ad hoc network is if you connect to the Internet through, for example, an internal cellular modem or a high-speed dial-up modem that uses a mobile phone network This type of connection (unlike Internet access through a WAP and cable modem) cannot be accessed simultaneously by several computers In this case you can set up an ad hoc network and share your Internet connection through ICS so that friends with wireless laptops can access the Internet when they visit you
Trang 9Wireless Network Technologies
Advantages of wireless networks include mobility and easy physical installation (you do not
need to run cables under the floor) Disadvantages include a slower connection (typically)
than a wired network and interference from other wireless devices, such as cordless phones
Currently there are (arguably) four types of wireless network technologies in common use:
n 802.11b Up to 11 megabits per second (Mbps); good signal range; low cost This
technology allows fewer simultaneous users than the other options and uses the
2 4-gigahertz (GHz) frequency This frequency is prone to interference from microwave
ovens, cordless phones, and other appliances
n 802.11a Up to 54 Mbps; more simultaneous users than 802 11b, but a smaller signal
range; expensive This option provides a fast transmission speed and uses the 5-GHz
frequency, which limits interference from other devices However, its signal is more
easily obstructed by walls and other obstacles and it is not compatible with 802 11b
network adapters, routers, and access points
n 802.11g Up to 54 Mbps (under optimal conditions); more simultaneous users than
802 11b; very good signal range; not easily obstructed This option is compatible with
802 11b network adapters, routers, and access points, but it uses the 2 4-GHz frequency
and has the same interference problems as 802 11b It is also more expensive than
802 11b
n 802.11n Still in draft format, although this situation may have changed by the time
you read this book However, a number of vendors are manufacturing equipment
using the current draft 802 11n standard Most 802 11n devices are compatible with
802 11b and 802 11g 802 11n builds on previous 802 11 standards by adding
multiple-input, multiple-output (MIMO), which uses multiple transmitter and receiver antennas
to improve the system performance
802 11b is adequate for most home and many small-office applications If, however, your
network carries a high volume of streaming media (video or music) traffic, or if interference
is a major problem, you might consider 802 11a If you already have 802 11b devices on your
network but require high-speed transmission between specified network points, you might
consider 802 11g Most modern WAPs available from computer equipment retailers now are
802 11g
If you have more than one wireless network adapter in your computer, or if your adapter
uses more than one standard, you can specify which adapter or standard to use for each
network connection
eXaM tIP
Several 802.11 standards exist in addition to 802.11a, 802.11b, and 802.11c However, the
standards described in this lesson are those in common use If you see any other standard
(for example, 802.11d) given as a possible answer in the examination, that answer is almost
Trang 10Managing Network Connections
You can view a list of all the connection interfaces (wired and wireless) on a computer
by opening Network And Sharing Center and clicking Change Adapter Settings You can right-click any network connection and select Status If you click Details on the Local Area Connection Status dialog box, you access the Network Connection Details information box This was shown in Figure 6-38 earlier in this lesson
On a small wired network with ICS enabled, a workstation typically has an address on the 192 168 0 0/24 network with its default gateway 192 168 0 1 A WAP is typically not configured with the 192 168 0 1 address but might instead have, for example, the IP address
192 168 123 254 Whatever the settings on your network are, you should take note of them when everything is working correctly This information is invaluable if something goes wrong
note ChaNgINg NetWOrK SettINgS
Rather than accept the default ICS settings, many administrators prefer to change them, for example by using the 10.0.10.0/24 network for wired computers and the 192.168.123.0/24 subnet for wireless ones However, changing default ICS settings is not in the objectives for the 70-680 examination.
When you right-click an adapter and click Properties, this accesses the Local Area
Connections Properties dialog box From this dialog box, you can enable or disable the items shown, or install more items (client services, server services, or protocols) by clicking Install Typically, the Local Area Connection Status dialog box for both wired and wireless
connections) might contain the following items:
n Client for Microsoft Networks Enables the computer to access resources on
a Microsoft network
n quality of Service (qoS) packet Scheduler Provides traffic control This can be
significant if you have high-bandwidth traffic, such as video streaming, on your network
n File and printer Sharing for Microsoft Networks Enables other computers to access
resources on your computer in a Microsoft network (and other networks)
n Internet protocol Version 6 (tCp/Ipv6) Permits IPv6 configuration
n Internet protocol Version 4 (tCp/Ipv4) Permits IPv4 configuration
n Link-layer topology Discovery Mapper I/O Driver Discovers and locates other
computers, devices, and network infrastructure features on the network, and determines network bandwidth
n Link-layer topology Discovery responder Allows a computer to be discovered and
located on the network
If an item is configurable, selecting the item activates the Properties button, which you can click to configure the item’s properties You can also configure the adapter itself (for example, updating the driver) by clicking Configure in the Local Area Connections Properties dialog box