Thursday, October 29, 2009

Track (locate) wireless clients

What do you need to configure if you are asked to track wireless clients locations on your controller? Nothing would you say, it does it automatically... well.. depends on your wireless clients.
The basic point is that wireless clients are not located based on the data frames they send... the reason behind this fact is probably that data frames are usually sent to the closest access point, at high speed and maybe low power... To locate a client, you want a frame sent at low speed and high power, so that the frame can be heard by as many access points as possible, to increase the location accuracy.
So how are wireless clients located? Solely based on the probe requests they send. These probe requests are sent at the lowest mandatory speed supported by the client, and max possible power. Perfect would you say... well, yes, but that's IF your client send these probes...
Some clients do send active probes requests very often, even when they are associated to one AP, just to know how the environment is like on this channel and others. Some other clients do not send probes once connected. Some others never send any active probes, they just passively listen... those guys are harder to detect and locate.

How do you solve this problem? 2 possibilities:
- your clients are NOT CCX. Then you must look on the client if there is a setting you can use to force the client to send active probes. This can be as simple as changing from "flight safe mode" to "normal mode" on a PDA, or completely impossible... look around and good luck...
- your clients ARE CCX. They have to be CCX v2.0 or later. This is very easy to see if your client is associated: on a controller, go to Monitor > Clients.

In that case, you can ask your controller to force all these CCX clients to send active probes at regular interval. This request is sent through a CCX message "S36". So you can configure your controller to send this request by checking the CCX Location Measurement box in the Network page of each band (802.11a or 802.11b/g). This feature is global for all APs and all WLANs on this controller having a radio in the spectrum for which you enable CCX Location Measurement.

As a side note, rogues (APs, or ad-hoc rogue laptops) are located based on their beacons (always sent a lowest mandatory rate and max power)... wireless clients of these rogues are located... because of the probes they send, as you probably guessed.
Last item to be localized, RFID tags, are located because the frame they send has a specific destination MAC address, recognized by the wireless infrastructure as RFID type of address. RFID tags usually send their frames at regular interval, at 1 or 2 Mbps, at configurable power and on configurable channel.

1 comment:

  1. Thankfulness to my dad who informed me relating to this blog, this website is really amazing.
    Zero Up 2.0

    ReplyDelete