Skip navigation.

Main / GroupTwoTer

WLAN Setup

Setting up the Linksys WRT 54 GL access points to route a subnet to the internet and the other groups' subnets

The WRT 54 GL will be set up as a router in order to route to the other groups' subnets.

We were asked to set up 172.17.0.0/16. The WRT 54 GL only offers /24 networks and smaller. Our AP's internal IP is 172.17.0.254.

The groups decided together that our group is on channel 11 (2.462 Gigahertz). Group One is on channel 6 and Group Three on channel 1. Hopefully Group One on channel 6 does not get too much interference from ictp-secure.

Our SSID is RADIO. To this we could connect both wired and wireless desktops and laptops.

The internet port cannot get DHCP from the ICTP network (10.0.0.X) since the routes will expire when the DHCP leases expire. Our router's internet interface was chosen to be 10.0.0.203 static. The router is called PEPITA.

We just asked Group One what their IP is. As an exercise, we sniffed Group Three's internet interface on the network ;-)

  1. Bring dowen the ethernet interface
  2. Run kismet and guess which one is their IP. This was Group31 and the IP was 172.18.0.1

  1. Kill Kismet and bring up a USB wifi to take DHCP from their AP
  2. ssh through the AP to our other PC, which was then still on the 10.0.0.X LAN
  3. Use the w command to see where you logged in from
  4. Bring down the USB wifi and connect to our own AP with ethernet cable again
  5. Set up a route to their subnet via their internet interface's IP (10.0.0.202)

To set up a route go to Setup in the web interface and set the mode to Router. Enter the destination 172.16.0.0. netmask 255.255.255.0 and gateway 10.0.0.201, and for destination 172.18.0.0 use gateway 10.0.0.202 (for Group Three).

Disable the firewall to allow traffic through, and test by pinging your external interface.

Ask the group at the destination to disable their firewall as well. Then test the routes by pinging from the PC on our wireless lan, 172.17.0.100 ,to the internal interface of another AP, 172.18.0.1.

The routed network is picture below. All desktops or laptops in the three wireless subnets can see one another and the internet. (ICTP's computers are not set up to recognize the three new subnets.)

Communication is collaboration

The exercise was to find a "secret string" on the network. Since it was not encrypted this turned out to be easy.

Scanning the network with kismet we just dumped strings on all channels. The phrase came up in a few seconds.

Opening the dump file in /var/log/kismet/ with ethereal one can obtain more info. Click Edit, Find, and search for the string "Communication is" to jump straight to the packet. Ethereal was up to date enough to see the Linksys MAC address as a Cisco product, and from the IP address one can go back to kismet to see the exact channels and wireless network which this packet was transmitted on.