Figure 1 Dialog to authorize a share
Revised: August 26, 2005
By Richard G. Baldwin
File: FwlProj100.htm
This laboratory project was prepared specifically for the benefit of my students who are enrolled in ITNW 1351, Fundamentals of Wireless LANs.
The project was designed under the assumption that students enrolled in the course have successfully completed the prerequisite course, ITNW 1325, Fundamentals of Networking Technologies.
The project design also assumes that the students are actively studying the material in the prescribed textbook for this course, which explains such complex topics as the IEEE 802.11g wireless specification.
Another browser window
I recommend that you open another copy of this document in a separate browser window so that you can easily view the discussion and the figures at the same time.
The purpose of this project is to show you how to implement Access Point Isolation, and to demonstrate the impact of taking such action.
The following equipment is required to complete this laboratory project:
What is Access Point Isolation?
The Advanced Wireless Settings page of the Linksys router contains ten different features with parameters that you can set to customize the behavior of the router. (See Figure 9.)
The AP Isolation feature
One of those features is identified as AP Isolation.
The AP Isolation feature has two possible values: On and Off. The default value is Off.
Behavior and purpose of the feature
Here is what the Linksys help screen has to say about this feature:
"Creates a separate virtual network for your wireless network. When this feature is enabled, each of your wireless client will be in its own virtual network and will not be able to communicate with each other. You may want to utilize this feature if you have many guests that frequent your wireless network."
In this project, you will demonstrate the behavior of the AP Isolation feature using network file sharing between two computers.
Network file sharing
The early part of this project is very similar to the earlier project entitled Communication within a Wireless LAN using File Sharing. You will use what you learned in that project to setup your network up for file sharing.
AP Isolation prevents file sharing
Then you will show that when you change the value of AP Isolation from its default value of Off to a new value of On, files cannot be shared across the network. In fact, you will show with AP Isolation turned On, one computer on the network cannot even find other computers on the network.
Computer A and Computer B
The text in this document will need to refer to two different computers. I will refer to the two computers as Computer A and Computer B for clarity.
Briefly, Computer A is a computer that shares its files across the network. Computer B is a computer that accesses the files that are shared across the network by Computer A.
Setup Computer A for file sharing
You will cause one of the computers in your network (Computer A) to create, populate, and share a folder named junk containing a text file named readme.txt.
Identify and save the computer name for Computer A
In the process of doing this, you will identify and save the network name for Computer A.
The network name for Computer A will be used later by Computer B as the mechanism by which Computer B finds Computer A on the network.
Make wireless connections to the router
Then you will cause both computers (Computer A and Computer B) to make a wireless connection to the router.
Find the computer that is sharing files
You will cause Computer B to search the network for Computer A. That search will be based on the network name for Computer A that was identified and saved earlier.
Access and display a shared file
Once Computer B finds Computer A on the network, you will cause Computer B to access and display the contents of a text file that is shared across the network by Computer A.
Turn AP Isolation ON
Finally, you will access the router's administrative panel and change the value of the AP Isolation feature from Off to On.
Having done that you will show that you can no longer cause Computer B to access Computer A in order to read the files that have been shared by Computer A.
Router setup
Begin by resetting the router to its default factory settings by pressing the Reset button on the router and holding it down for at least five seconds.
Then, using what you learned in the project entitled Automatic Switching Among Access Points, set up the wireless network router with the following configuration:
Get the computer name for Computer A
Open the Start menu on Computer A. Right-click on My Computer, and select Properties. This will display the System Properties dialog.
Open the tab entitled Computer Name. About half way down, you will see a line that reads something like the following:
Full computer name: ABCDEFG
Record the computer name
You will need it later to search the network for Computer A.
(There are a variety of other ways to get the computer name as well. Use whichever one you want to use so long as you get and save the network name of Computer A.)
Create and share a folder named junk
Create a new folder named junk on the C-Drive on Computer A.
Create a file named readme.txt containing the text "I will share this file" and store it in the new folder named junk.
Share the folder named junk
Right-click on the folder named junk and select Sharing and Security ...
Dialog to authorize file sharing
This will produce the dialog shown in Figure 1. As you can see, the dialog is opened to the tab that concerns sharing and security.
|
Authorize file sharing without the wizard
Click the link near the bottom of the dialog that reads:
"If you understand the security risks but want to share files without running the wizard, click here."
This will produce the dialog shown in Figure 2 asking you to confirm your choice.
|
Confirm your choice
Select "Just enable file sharing" and click the OK button.
You have now authorized the sharing of the folder (without using the wizard) but you haven't actually shared the folder yet.
Share the folder
Clicking the OK button in Figure 2 will produce the dialog shown in Figure 3.
|
The dialog in Figure 3 is used to actually share a folder and to later rescind that sharing.
Execute the share
Check the box entitled "Share this folder on the network" in Figure 3 and click the OK button to actually execute the share.
Options are available
Note that you also have the option to allow, or disallow users at other computers on the network to change the files contained in the shared folder.
Folder junk is now shared
The folder named junk is now available to other computers on the network.
The appearance of the file folder icon for the folder named junk, when viewed in Windows Explorer, changes to that shown in Figure 4.
|
What is the shared folder icon?
Although it isn't obvious in Figure 4, the icon for a shared folder consists of a file folder being held in a human hand that appears to be handing the folder to someone else.
Search the network for Computer A
Now that the folder has been shared by Computer A, it is accessible to the other computers on the network. Before those other computers can access that folder, however, they must locate Computer A and determine that the folder has been shared.
Open a Search window on Computer B
Open a Search window in Windows Explorer on Computer B by clicking the Search button at the top of a Windows Explorer window. This will produce a new window that looks something like that shown in Figure 5.
|
The search window is divided into two panes.
Search for Computers or people
Select the link to "Computers or people" in the left pane in Figure 5.
Then select "A computer on the network" when asked what you are looking for.
This will produce the dialog shown in Figure 6.
|
Specify the computer that you are searching for
Type the network name of Computer A into the text field labeled Computer name: and click the Search button.
Success!
After searching for awhile, the window should change to look something like Figure 7 with Computer A identified in the right pane.
|
The results of the search
The item in the right pane in Figure 7 is the Computer description for the computer that matches the name of the computer that was searched for.
Stated differently, this is the Computer description for Computer A, which was located on the network by searching for that computer on the basis of its Computer name.
Open Computer A in Windows Explorer
Double-click on the Computer description in the right pane of Figure 7.
The window will change to look something like Figure 8.
|
The junk folder on Computer A
The folder named junk that is showing in Figure 8 is a folder on Computer A. It is not a folder on Computer B where the Windows Explorer display actually appears.
Files in folder junk are accessible
At this point, the user of Computer B has access to all of the files in the folder named junk on Computer A just as though the folder resides on Computer B.
(However, accessing the files on Computer A may be slower than would be the case if the folder were actually located on Computer B.)
Access may be restricted
Further, as mentioned earlier in conjunction with Figure 3, the person sharing the folder from Computer A onto the network has several options, including the option to either allow or disallow other network users to change the files in the folder.
Therefore, it may not be possible for the user on Computer B to change the content of the files in the junk folder on Computer A, depending on the option selected by the user of Computer A when the folder was shared.
Open the junk folder and display readme.txt
When you open the folder named junk, you should see that it contains a file named readme.txt.
View the contents of that file in Notepad.
The contents of the file should read:
I will share this file.
Keep this window open
Keep the Windows Explorer window shown in Figure 8 open for use later.
Network computers can communicate with each other
The ability for one computer to read files contained in a shared folder on another computer demonstrates that the router is making it possible for the two computers to communicate with one another using their wireless NICs.
(There is another way to accomplish this by creating an ad hoc network that doesn't use a router or access point. That will be the topic of a future project.)
Such sharing is allowed when AP Isolation is set to the default value of Off.
The situation will change when we change the value of AP Isolation from Off to On.
Set AP Isolation to On
Open the Linksys router's administrator panel in your browser.
Navigate to the Wireless/Advanced Wireless Settings page shown in Figure 9.
|
Change the selection to On
Change the selection of the AP Isolation feature from Off to On.
Click the Save Settings button and click the Continue button when the confirmation page appears.
Open the folder named junk
Now go back to the window shown in Figure 8 and try to open the folder named junk.
After a little while, you should get an error box similar to the one shown in Figure 10.
|
Click the OK button to dismiss the error box.
Search for Computer A
Go back to the search window shown in Figure 8 and click the Search button in an attempt to find and open that computer for file sharing.
After a rather long period, you should get a message that reads something like the following:
"Search is complete. There are no results to display"
Disable AP Isolation
Now go back to the Linksys administrator panel shown in Figure 9 and change the value of the AP Isolation feature from On to Off.
Click the Save button and click Continue when the confirmation screen appears.
Search for Computer A
Go back to the window in Figure 8 and perform the search once more for Computer A.
Computer B should find Computer A, and the shared folder named junk should be accessible to Computer B.
The file named readme.txt contained in that folder should also be accessible. You should be able to open it in Notepad and read its contents.
Copyright 2005, Richard G. Baldwin. Reproduction in whole or in part in any form or medium without express written permission from Richard Baldwin is prohibited.
Richard has participated in numerous consulting projects and he frequently provides onsite training at the high-tech companies located in and around Austin, Texas. He is the author of Baldwin's Programming Tutorials, which have gained a worldwide following among experienced and aspiring programmers. He has also published articles in JavaPro magazine.
In addition to his programming expertise, Richard has many years of practical experience in Digital Signal Processing (DSP). His first job after he earned his Bachelor's degree was doing DSP in the Seismic Research Department of Texas Instruments. (TI is still a world leader in DSP.) In the following years, he applied his programming and DSP expertise to other interesting areas including sonar and underwater acoustics.
Richard holds an MSEE degree from Southern Methodist University and has many years of experience in the application of computer technology to real-world problems.
-end-
Figure 2 Sharing confirmation screen
Figure 3 Dialog to execute the share
Figure 4 Icon for a
shared folder
Figure 5 A WinXP search window
Figure 6 Computer search dialog
Figure 7 The search results
Figure 8 The folder named junk on Computer A
Figure 9
Figure 10