Introduction
WLAN configuration can be performed on home wireless routers, standalone APs, or centralized wireless LAN controllers. The exact interface varies by vendor, but the core ideas remain the same: configure network addressing, SSID, security, VLAN mapping, and verification.
Learning Goals
By the end of this module, you should be able to:
- Identify common home wireless router settings.
- Explain basic wireless setup options.
- Describe NAT, QoS, and port forwarding in small networks.
- Outline WLAN creation on a wireless LAN controller.
- Explain how WPA2-Enterprise uses RADIUS.
- Troubleshoot common wireless connection and performance problems.
Logging in to a Wireless Router
A home or small-office router is usually configured through a web interface. Basic access steps are:
- Connect to the router by Ethernet or default Wi-Fi.
- Open the router's management IP address in a browser.
- Log in with administrative credentials.
- Change default passwords immediately.
- Save and test changes after configuration.
Do not leave default administrator credentials in place.
Basic Network Setup
Common basic settings include:
- router LAN IP address,
- DHCP server range,
- subnet mask,
- DNS settings,
- time zone and device name,
- firmware update settings.
The router LAN IP often becomes the default gateway for local clients.
Basic Wireless Setup
Important wireless settings include:
- SSID or network name,
- wireless band selection,
- channel or automatic channel selection,
- security mode,
- Wi-Fi password or enterprise authentication settings,
- guest network settings,
- transmit power when supported.
Use strong encryption, preferably WPA2 or WPA3. Avoid WEP and weak passwords.
Activity: Home Router Configuration Checklist
Wireless Mesh Networks
A mesh network uses multiple wireless nodes to extend coverage. Mesh can simplify coverage expansion, but performance depends on placement, backhaul quality, and interference. Wired backhaul is usually more reliable than wireless backhaul when available.
NAT for IPv4
Network Address Translation allows many private IPv4 devices to share one public IPv4 address. In home routers, NAT is commonly enabled by default on the internet-facing connection.
Quality of Service
Quality of Service prioritizes important traffic such as voice, video, or conferencing. QoS does not create extra bandwidth, but it can reduce delay and jitter for selected traffic during congestion.
Port Forwarding
Port forwarding allows inbound traffic from the internet to reach a specific internal device and port. It should be used carefully because it exposes internal services. Only forward ports that are necessary and secure.
Activity: Port Forwarding Planning
Wireless LAN Controller Overview
A wireless LAN controller (WLC) centrally manages lightweight APs and WLAN settings. Instead of configuring every AP separately, administrators configure SSIDs, security, interfaces, VLAN mappings, and policies on the controller.
Viewing AP Information
A WLC can show joined APs, their operational status, assigned channels, clients, and software version. This helps verify that APs are connected and ready before creating or modifying WLANs.
Configure a Basic WLAN on a WLC
The general WLC workflow is:
- Create a WLAN profile and SSID.
- Assign a WLAN ID or profile name.
- Map the WLAN to an interface or VLAN.
- Choose security settings.
- Enable the WLAN.
- Test with a wireless client.
Activity: WLC WLAN Configuration Outline
WPA2-Enterprise WLANs
WPA2-Enterprise uses 802.1X authentication, typically with a RADIUS server. Instead of one shared Wi-Fi password, users or devices authenticate with individual credentials or certificates.
Common components:
- WLC or AP acting as authenticator,
- RADIUS server,
- user/device identity store,
- client supplicant.
SNMP and RADIUS Settings
SNMP can be used for monitoring. RADIUS is used for centralized authentication, authorization, and accounting.
When configuring RADIUS, confirm:
- server IP address,
- shared secret,
- authentication and accounting ports,
- reachability between WLC and server,
- correct time settings if certificates are involved.
Activity: WPA2-Enterprise Planning
DHCP Scope for WLAN Clients
Wireless clients need valid IP settings. Depending on the design, DHCP may be provided by a router, server, firewall, or the WLC itself. The WLAN VLAN/interface must match the DHCP scope intended for those clients.
Troubleshooting Wireless Client Connection Problems
If a client cannot connect:
- Confirm the SSID is enabled and visible if it should be broadcast.
- Confirm the client supports the selected security mode.
- Check password, certificate, or 802.1X credentials.
- Verify RADIUS reachability for enterprise WLANs.
- Confirm the client is in range and not blocked by policy.
- Check whether MAC filtering or client limits are applied.
- Verify DHCP is working after association.
Troubleshooting Slow WLAN Performance
If the wireless network is slow:
- Check signal strength and distance from AP.
- Look for interference from nearby networks or devices.
- Verify channel plan and channel width.
- Check AP/client capabilities.
- Identify overloaded APs.
- Test wired network performance to separate wireless issues from upstream issues.
- Update firmware when appropriate.
Activity: Wireless Troubleshooting Flow
Updating Firmware
Firmware updates can fix bugs, improve security, and add device support. Before updating, read release notes, back up the current configuration, schedule downtime if needed, and verify the device after the update.
Summary
WLAN configuration includes SSID creation, security selection, VLAN/interface mapping, DHCP planning, and client testing. Home routers combine many functions in one device, while WLCs centralize AP and WLAN management for larger networks.