Chris Avants

CCNAW / CCNPW / CCIEW Lab for Cheap

If your working toward a Cisco Wireless certification such as CCNAW/CCNPW or CCIEW, you will want to practice. A LOT. When it comes to building and buying lab equipment, if you know me you know I am not shy about investing in the right education or lab gear at all. That said there’s no need for senseless spending, and you also know I am big on saving and investing wisely. Why buy a 9K series controller and AP’s for $5K when a $500 investment (maybe) will do?

When it comes to practicing for certification or even building skills for the real world, nothing beats first-hand real-world experience, right? Well, having a lab at home or work where you can build, test, break, and fix dozens of deployments a day or over a weekend may actually top the charts. I always joke in my classes, what really makes us an expert is we have broken thousands of things and learned from it. Ultimately it makes us much better prepared for when shit hits the fan since we have likely seen it before.

My recommendation for building a home lab for any of the Cisco Wireless courses includes the following.

Access Points

Your going to need a few of these to work on things, ideally 3 or more. Sure you could spend up to $1K an AP here getting the new 9K series AX ap’s, or you can get my personal favorite for labs the Cisco 3500 or 3600 series for a whopping $9 bucks each on eBay. Sure the 3500 series doesn’t have 802.11ax or even 802.11ac, but it does have everything else. Want autonomous? Done! Want centralized? Done! Want SE-Connect? Want Bridge Mode? Done and well you get the picture… The same goes with Monitor mode, Rouge Detector, and the eloquently named Sniffer mode. Bottom line it does 99% of everything you want to practice learning Cisco Wireless for CHEAP. In fact here’s a box of 10 for $50

Switch

You will need at least one of these, but here again, I would recommend 2. To save you time and energy dealing with powering your AP’s, I would highly recommend you get a PoE version and to maximize this investment I would recommend a 3750X (PoE) although you can find 3750G variants a little cheaper. The 3750X is a more modern switch, just be sure to get one with IPBase or IPServices so you can terminate VLAN’s and do basic routing without needing another device.

Cisco 3750X

Server

Here’s the thing. Do you absolutely require a server to do small wireless labs? NO. However, you will need one hell of a beefy laptop to run ISE, Prime, CMX, and AD at the same time to mimic a typical network. Investing in a used server can help you light up many different scenarios quickly, and is an EASY ROI. I recommend getting a used Dell 610 or HP DL 380 G6, you can find a 1U or 2U with dual hexacore CPU, 64GB RAM, and redundant HD’s for $350 or so:) You don’t need a ton of HD space, but you do want pretty fast drives 10-15K RPM, however you don’t NEED a ton of space. 300GB or so should be fine for our purposes. Found one today 8/2019 and it was under $350:)

Be prepared….

  • They can/will be noisy.
  • They can/will generate heat.

Wireless LAN Controller (WLC)

I recommend purchasing a current controller if your budget allows. Generations ago 2106, then 2504, and now the 3504 and 9K_L give us almost the same features as their larger brothers for much less. However, this post is about building a lab on a budget and for that spending $1200 bucks on one item just won’t do. Technology evolves, and when it does many new features come out…. Or do they? Someone name for me 3 features you get with the latest 9800_L can offer you, that you couldn’t get with a 3504 or 2504 other than support for the latest APs? My guess that most of you can’t name them. It’s not that they are not there, it’s that although technology evolves, there are core technologies that take much longer to change than vendors would like. I AM NOT SAYING DONT LEARN WHAT’s NEW EITHER just don’t let some new feature be an excuse for not diving in to learn about a technology that is required for your job or a tech your passionate about. So for the WLC on a budget recommendation, I would wholeheartedly recommend a Cisco 2504 as it appears you can get them now for less than $300 US. However if that’s too steep go with a Virtual Wireless LAN Controller, you can get a 90-day eval free. If you do buy 2504 as your primary the vWLC means you can practice your Mobility Group / Domain tasks on the cheap without buying multiple controllers.

Server Applications

To round out your Cisco topology on a budget you will need Cisco ISE, Prime, and optionally CMX. Fortunately, these are all free downloads from Cisco.com with a valid service agreement. If you don’t have permissions maybe ask a colleague who does since these will be used for learning only:) You will need to deploy a VMWARE hypervisor on the server you purchased before you can deploy VM’s. Luckily VMWARE has our back with a free version you can use https://www.vmware.com/products/vsphere-hypervisor.html

Once the hypervisor is installed you will need to deploy

  • Windows 2K8 (or whichever version you like)
    • Active Directory Role
    • Certificate Authority Role
    • Create several OUs, Groups and Users
    • DHCP (Optional)
    • DNS (Installed with AD)
  • Cisco Identity Services Engine 2.4 or better
  • Cisco Prime Infrastructure 3.3 or better
  • Depending on your needs you may also want CMX, and DNA

Conclusion

Building a home lab doesn’t have to be super costly, although my personal experience is regardless of what you spend there is a SOLID ROI there. I always tell everyone “THE BEST INVESTMENT YOU CAN MAKE is IN YOURSELF”. I have built my personal career by investing in specialized/accelerated education & training and building labs. ANYTIME I WANT TO LEARN SOMETHING NEW along with specialized & accelerated training I build a lab and lab it out. It’s what I know and have been successful with. I am thankful I took out that first $7K loan out at 18yrs old those few “short” years ago to buy a couple of Cisco Routers, and Switches, and a new PC. It was my secret weapon that allowed me to earn a spot on the Network Engineering team at such a young age and was a catalyst for my career. Thanks to virtualization and the evolution of technology today you can build great labs to learn and set yourself apart without taking out the loans.

Learn to subnet in 20 Minutes

This was a promo video I did for an upcoming digital course I am working on called Rockstar Network Foundations. The course will be released at WiFi Training / Rockstar Training and covers network fundamentals.


For fun, I wanted to see if I could teach people VLSM or IPv4 subnetting in just 20 minutes. The real lesson is more than an hour of video but tired to do a quick talking accelerated version:)

Learn more at https://wifitraining.com | https://rockstartraining.com

Captive Portal Bypass / Hacking


A quick 3-minute video illustrating why it’s important to secure captive portals.

In this example, it’s bypassing simple terms of use or user acceptance policy, but the same hack works on more than a few popular captive portals out there. If we go to the effort to create a security policy, ensure your properly enforcing restrictions so the security policy cannot easily be bypassed or hacked. This video is for educational purposes only, and not endorsing hacking or bypassing restrictions for unethical purposes. -I am doing a series of quick 5 -10 minute videos like this, let me know if you have a request for a short video, whether you prefer quick videos to be narrated like this or just have music in the background.

Learn more at WiFiTraining.com | RockstarTraining.com