Wireless Deployment and Troubleshooting Lab
Key Takeaways
- Wireless PBQs combine coverage, channel planning, security mode, SSID-to-VLAN mapping, and interference symptoms.
- 2.4 GHz offers longer range but only three non-overlapping channels; 5 GHz and 6 GHz offer more clean spectrum at shorter range.
- WPA3-Personal, WPA3-Enterprise, captive portals, and open networks each solve different deployment needs.
- Poor roaming, low signal-to-noise ratio, channel overlap, and wrong transmit power can masquerade as application problems.
- Validate wireless from a client in the affected area, not just from controller dashboards.
Wireless PBQ Scope
Wireless questions test more than knowing Wi-Fi uses radio. You may place access points (APs), select channels, map SSIDs to VLANs, choose an authentication method, and interpret symptoms such as low throughput or intermittent roaming. N10-009 added emphasis on Wi-Fi 6/6E (802.11ax) and the 6 GHz band, so expect channel-width and band-selection items.
Scenario
A two-floor office needs wireless for employees, guests, and warehouse scanners.
| SSID | Users | Security | VLAN | Notes |
|---|---|---|---|---|
| Corp | Managed laptops | WPA3-Enterprise (WPA2-Enterprise for legacy) | 10 | RADIUS-backed 802.1X |
| Guest | Visitors | Captive portal, isolated | 40 | Internet-only policy |
| Scanner | Handhelds | Strongest mode the device supports | 50 | Often 2.4 GHz for range/compatibility |
WPA3-Enterprise uses 802.1X with a RADIUS server and per-user credentials or certificates - the right choice for managed laptops. WPA3-Personal uses Simultaneous Authentication of Equals (SAE), a passphrase upgrade over WPA2-PSK. A captive portal intercepts the first web request for guest sign-in and works well with open or PSK guest SSIDs.
Band and Channel Planning
| Band | Strength | Constraint | Use case |
|---|---|---|---|
| 2.4 GHz | Best range and wall penetration | Only channels 1, 6, 11 non-overlap (20 MHz) | Legacy clients, IoT, scanners |
| 5 GHz | More channels, less congestion | Shorter range than 2.4 GHz | Corporate laptops, dense offices |
| 6 GHz | Most clean spectrum (Wi-Fi 6E/7) | Shortest range, newest clients only | High-density modern client areas |
In a PBQ, never place neighboring 2.4 GHz APs on overlapping channels. Use a 1, 6, 11 reuse pattern rather than 3, 4, 5. The 2.4 GHz band has roughly 80 MHz of usable spectrum, and 20 MHz channels spaced 25 MHz apart yield exactly three non-overlapping options. On 5 GHz, wider channels (40/80 MHz) increase throughput but reduce the number of non-overlapping channels and raise co-channel interference in dense areas.
AP Placement Checks
| Design item | Good answer | Risky answer |
|---|---|---|
| Coverage | APs near user areas with roaming overlap | APs hidden in closets behind metal racks |
| Power | Enough to cover the cell without flooding | Maximum power on every AP |
| Warehouse | Directional/planned APs where shelving blocks signal | One office AP for all aisles |
| Guest access | Separate SSID mapped to guest VLAN + policy | Guests bridged into the user VLAN |
| Management | AP management on the management VLAN | AP management exposed to guests |
Maximum transmit power is rarely best. Too loud, and clients cling to a distant AP instead of roaming closer (sticky clients). Too low, and coverage gaps raise retries and lower throughput.
Troubleshooting Matrix
| Symptom | Likely cause | First checks |
|---|---|---|
| Associate but no IP address | VLAN mapping, DHCP, trunk allowed list | SSID-to-VLAN map, DHCP scope, AP uplink trunk |
| Strong signal, poor throughput | Co-channel interference, congestion | Channel utilization, retries, client count |
| Good at AP, bad in warehouse aisles | Obstruction, multipath | Survey results, AP placement, antenna type |
| Corp SSID auth failures | RADIUS, certificate, clock, wrong mode | AAA logs, supplicant config, cert validity |
| Guests reach internal systems | Firewall policy or wrong VLAN | Guest VLAN, ACL, firewall logs |
Signal-to-noise ratio (SNR) is the gap between received signal and noise floor; below roughly 20 dB, data rates fall and retries climb even when the raw signal bar looks fine. A high retransmission rate points to interference, not weak signal. Roaming behavior also matters: clients typically begin scanning for a better AP once RSSI drops past roughly -70 dBm, so adjacent cells should overlap at about that level so a client always has a stronger neighbor to roam toward before the connection degrades.
Mini Lab Walkthrough
Complaint: warehouse scanners disconnect at the far end of aisle 7; office laptops work fine.
Evidence:
- Scanner received signal strength indicator (RSSI) is weak at the far end of aisle 7.
- Retries are high in that aisle.
- The nearest AP is mounted outside the warehouse office.
- Metal shelving blocks line of sight.
- The scanners support only 2.4 GHz and WPA2-Personal.
Reasonable fix:
- Add or reposition an AP for direct aisle coverage.
- Use a 2.4 GHz 1, 6, 11 channel plan to avoid overlap with neighboring APs.
- Set transmit power from survey data, not maximum everywhere.
- Keep the scanner SSID mapped to the scanner VLAN (50).
- Permit only required application, DNS, DHCP, and NTP traffic in the firewall.
Note you cannot force WPA3 here - the scanners support only WPA2-Personal, so the Scanner SSID must offer a compatible mode.
Common PBQ Traps
- Solving every wireless problem by increasing power (creates sticky clients and co-channel interference).
- Mapping a secure SSID to the wrong VLAN.
- Choosing WPA3-only for legacy devices that cannot support SAE.
- Ignoring DHCP and trunk issues when clients associate but get no address.
- Using overlapping 2.4 GHz channels in adjacent cells.
- Forgetting that building materials, antenna direction, and mounting height shape coverage.
Clients associate to a guest SSID but receive no DHCP lease. Which area should be checked first?
Which 2.4 GHz channel set is commonly used to avoid co-channel overlap with 20 MHz channels?
Warehouse scanners support only WPA2-Personal and 2.4 GHz. A technician wants to standardize all SSIDs on WPA3-Enterprise. What is the correct conclusion?
Which evidence helps troubleshoot poor wireless performance? Select three.
Select all that apply