How would you like to be able to look up the answers to some of the tasks in the wireless lab, and not get in trouble over it? Well, read on, and I’ll give you a fun tip that you may be able to use in the lab to solve parts of certain lab tasks. It’s not actually cheating, but it almost feels like it.
One of the realities of the lab is that there will be some pre-configurations on many of the devices. You won’t be configuring every last device from scratch. There’s not enough time, and they’d prefer to test you on more complex things than configuring every VLAN, interface, host name, etc from scratch. Just about anything has the potential to have some level of pre-configuration, and that includes the AnyConnect client. If you find that the AnyConnect client already has some WLAN profiles configured on it, say a silent “thank you” to Cisco because they just gave you a ton of great information.
Another reality of the lab is that they often don’t ask you to do things in the most straightforward and clear way possible. Often they use code words or phrases that need to be interpreted. For instance, instead of saying that the WLAN should use WPA2/AES with a PSK for the layer 2 security, they may say something like “Use a security method that supports RSN with a non-RC4 cipher and a shared key of “wireless”. If you weren’t sure what RSN was or that it was directing you to choose WPA2 and that AES is your only WPA2 option that doesn’t use an RC4 cipher, you’d be in trouble. Fortunately, if AnyConnect has the WLAN profile pre-configured, it can tell you what the answer is.
Go to your Windows client with AnyConnect installed on it and open up the AnyConnect advanced window. Assuming some profiles are pre-configured, you’ll see something similar to the image below.
Here we see the following information about each WLAN profile.
- The SSID
- The layer 2 security method
So if there is ever a question as to what either of these settings should be, AnyConnect just gave you the answer. Or at least a big clue towards the answer. For instance, look at the Video-Pod1 profile towards the bottom of the list. We can see that the client is configured to connect to the WLAN using WPA2/AES with a PSK (Personal = PSK, Enterprise = 802.1x). So at a minimum, the WLAN must be configured to use those security settings or the client will never be able to connect.
Now this isn’t necessarily the end of the security configuration of the WLAN. There is the potential that they want you to enable multiple security methods (for instance, WPA2/AES and WPA/TKIP), or maybe even MAC filtering. But at a minimum, it’s a good start to the security configuration of your WLANs.
While this seems like such a simple thing, it can be what you need to help get your points for the WLAN configs. You’d be surprised at how many times I see students choosing the wrong security settings and even the wrong SSID names during my graded mock labs. Then they wonder why the client isn’t connecting to their WLANs while the answer was right there the whole time. So feel free to “cheat” using this method if it is available to you. I won’t tell. 
