Fortress Technologies BreadCrumb Wireless Network Conﬁguration Examples, Encrypted Point-to-Point

Page 49

Chapter 6. Conﬁguration Examples

Connecting Remote Wired LANs

Unencrypted Point-to-Multipoint

To connect two or more wired LANs that are physically remote from one another, the simplest conﬁguration is as follows:

1.Attach a BreadCrumb device to each LAN using the BreadCrumb devices’ ethernet interfaces.

2.Conﬁgure the LAN-connected BreadCrumb devices to use Bridge Mode reachback over ethernet.

3.Add intermediate BreadCrumb devices as necessary to cover the distance between/among LANs.

4.If you do not want support for wireless clients using the BCWN, disable the Access Points on each BreadCrumb radio.

Note: This will prevent wireless clients from using the BCWN to transmit data, but will not prevent wireless monitoring of trafﬁc. For encrypted point-point links, see the Section called Encrypted Point-to-Point.

5. For further security, enable ACLs and/or WEP to prevent other devices from accessing the BCWN.

Note: This will only protect your trafﬁc from inadvertent or casual monitoring. For encrypted point-to-point links, see the Section called Encrypted Point-to-Point.

Encrypted Point-to-Point

Two wired LANs that are physically remote from one another can be connected with all wireless trafﬁc encrypted using AirFortress, provided that the following conditions are met:

1.The two wired networks use different address ranges.

2.Neither of the two wired networks uses the 10.0.0.0/8 address range.

For example, Network A could use 192.168.1.0/24, while Network B uses 192.168.2.0/24.

The simplest conﬁguration for this scenario is possible when one of the networks (Network B) is a consumer of services provided by the other network (Network A). That is, Network B initiates connections to Network A, but Network A does not initiate connections to Network B.

43

Image 49

Contents Rajant Corporation For the BreadCrumb Wireless Network ReleasePage Table of Contents Troubleshooting Using BCAdminConﬁguration Examples List of Figures List of TablesPurpose and Scope PrefaceUser Information Introduction What is a BreadCrumb?Mesh a Deﬁnition Mobility through MeshingBreadCrumb Devices Mesh by Channel and Essid ExampleMeshing Example 1 Full Connectivity Issues Resolved New Features Performance / Process ImprovementsKnown Issues Upgrading to VersionUpgrading BreadCrumb Firmware Installing / Upgrading BCAdminUpgrading to Version Version 3 Power Input Flash Update Procedure for Version 2 and Version 3 SystemsUpgrading to Version XLV XLE ModelsModels BreadCrumb MEAvailable BreadCrumb Models BreadCrumb WE External ConnectorsBreadCrumb SE BreadCrumb WE External ConnectorsBreadCrumb XL BreadCrumb SE External ConnectorsBreadCrumb XLV BreadCrumb XL External ConnectorBreadCrumb XLE BreadCrumb XLV External ConnectorsBreadCrumb XLE External Connectors front Addressing Deployment ConsiderationsChannel Assignments BreadCrumb Device AddressesLine Of Sight Physical Placement and Other ConsiderationsDeployment Considerations Best-Case Distances by Radio Power Device power To Device power DistanceDistance Interference WeatherAltitude Screen Layout Using BCAdminTopology Area Using BCAdminBreadCrumb Device Name Anatomy of the BreadCrumb BoxAnatomy of the Client Box Time Since Last UpdateNumber of Peers Number of Clients802.11b Channel Line Color Anatomy of a Connection LineBCAdmin Line Styles Legend Redundant Connection Example Info AreaLink Detail Tabs Conﬁguring Individual BreadCrumbsName General SettingsType LocationBattery Warning minutes Using BCAdmin ColorManual GPS Settings Latitude and Longitude AirFortress Encryption AES-256 and Set Access IDAccess Point Radio SettingsChannel MeshReachback Interface Reachback SettingsNone EthernetRadio 2 ad hoc Using BCAdmin RadioMode AutomaticDisabled Using BCAdmin Gateway IngressAlternate Gateway WEP Key11. BreadCrumb Properties Forwarding Tab Forwarding SettingsExample Port Forwarding Conﬁguration for a Web Server SecurityWEP Access Control Lists ACLsKey Allow by default deny only forbidden devices Deny by default allow only permitted devicesRegistering AirFortress AES-256 Encryption with AirFortress14. Set Access ID Window Setting the Access IDZeroizing the Access ID Encrypting Wired TrafﬁcHarris SecNET11 Enabling/Disabling AirFortress EncryptionSecNet11 Key Filling BCAdmin PreferencesBreadCrumb inactivity threshold seconds Mapping with Fugawi Tracker Conﬁguration Examples Connecting Remote Wired LANsUnencrypted Point-to-Multipoint Encrypted Point-to-PointConﬁguration Examples Convoy with UAV-Based Camera for Forward ObservationEncrypting a Video Feed Conﬁguration Examples BreadCrumb Wireless Network TroubleshootingIndividual BreadCrumbs Sporadic Network ConnectivityBreadCrumb Device Cannot Connect to Bcwn Sporadic Network Connectivity IssuesRestoring Default Settings Factory Reset BCAdminTroubleshooting BreadCrumb-BCWN Connectivity IssuesFactory Reset Button Joint Exercise Network Case Study Military Exercise in ThailandCase Study Military Exercise in Thailand BCAdmin screen during exercise showing BreadCrumb networkBalloon with Camera and BreadCrumb Glossary BCAdmin802.11b BreadCrumb / BreadCrumb DevicePeer MAC AddressPending peer Reachback Color Blinking/Solid Status Appendix A. Status Indicator LEDTable A-1. LED Status Indications 802.11b Channel Frequency GHz Appendix B. Radio FrequenciesTable B-1 .11b Channel Frequency Table Appendix C. Customer Service