Spectrum Analysis using Cisco Spectrum Expert, Autonomous AP with CleanAir
23 Jun, 2015
Some time ago I was asked to use Cisco Spectrum Expert to perform spectrum analysis at a customer site. The initial problem I faced was how to interface the hardware, the PCMCIA cardbus sensor would not talk to my MacBook Pro, I experimented with USB -> Express Card and then Express Card -> PCMCIA, but even though the sensor reported power, I found no way to present that peripheral device to Windows running within VMware Fusion.
Recently I read this post SC-WiFi: You can have cognio card when you pry it from my cold dead hands in which a Thunderbolt to Express Card adaptor will allow you to use the Spectrum Expert sensor but only when running Windows natively on the Mac, not through VMware.
I will describe the solution I currently operate, allowing me to use a Cisco CleanAir AP as a spectrum analysis sensor whilst visiting a customer premises.
First you need to get hold of a Cisco AP with CleanAir, in this example I will use a 3500I
The AP will need to function without a controller, it must be operating in autonomous mode. I have configured this AP with a static IP address of 192.168.0.2 255.255.255.0
Once powered up (I shall explore the mobile power solution at the end of this post). The AP should be configured to dedicated SE-Connect, I will do this from the web GUI.
I browse to the IP address of the AP, login with credentials, then from the home screen, select:
Network > Radio Interface
Network > Radio Interface > Settings
From here, I place the selected radio interface into Spectrum mode.
I wish to view data from both frequency bands simultaneously, both radio interfaces must be placed into "Spectrum" mode, for this you should navigate to the other radio interface and place it into spectrum mode.
We can ensure that the Spectrum Analysis AP is configured correctly using the CLI,
(If your AP is not configured for SSH, you can get this same output from a telnet session to the AP. To configure SSH access on an autonomous AP Cisco: SSH Enablement on an AP)
Status: up - tells us that the interface is ready to go. There are two slots, one for each radio.
Note: The NSI Key is the same for both radios, we will need this key later.
I choose to use the Cisco Spectrum Expert software, this solution will also work well with metageek Chanalyzer Pro with Cisco CleanAir. (SC-WiFi: The Unstoppable MetaGeek – now with CleanAir!)
If it is not already installed, please now install Cisco Spectrum Expert 4.1.11 within Windows.
Once installed, launch Cisco Spectrum Expert.
From here, select: Remote Sensor
Select a single radio interface, enter the NSI Key from our SSH session
This NSI Key will be different every time the AP is rebooted
Click ok, we are now able to view the spectrum data from the selected frequency band.
In order to view / capture the data from both bands simultaneously it is necessary to run a second instance of Cisco Spectrum Expert, to do this within Windows 8, holding shift + clicking the pinned application icon will launch a second instance of Cisco Spectrum Expert.
The method of running multiple instances of an application may differ between versions of Windows, if you are not running Windows 8, I suggest a google around to see how it can be done on the version you are running. In the past, I have also used a tweaked shortcut to run the application as "another local user" under windows, this way I can have two pinned application shortcuts that each open separate instances.
I set both instances of Spectrum Expert to record and then wander around the area to be surveyed, alt+tabbing between the two instances of Spectrum Expert, if I notice anything of interest, I make a note of the time, and area that I am in, that way when reviewing the captured data I am able to quickly navigate to that RF activity, however, if the activity seen is major, it may warrant further investigation there and then.
---
Now we should briefly explore the shortcomings of performing spectrum analysis this way, firstly you have to carry a battery, AP and laptop/tablet around with you. The technical shortcoming is that that when Cisco Spectrum Expert is operating in Remote Sensor mode, the software ignores the local WLAN card of your laptop. The surrounding SSID data is not available to capture, nor are you able to hover your cursor over the RF activity and identify which WLAN is generating the activity.
As I am operating within a virtual environment, I would not be able to access the WLAN card of my Mac anyway, but this is not why we see the "Wireless LAN Card Not Detected" at the bottom of the screen.
Personally I collect data about the surrounding WLANs from within OSX using WiFi Explorer created by Adrian Granados.
Now I shall address the practical elements of this solution
How do I carry this equipment around with me?
I use a modestly sized, camera carry bag, with a shoulder strap (Caden Bag)
The PoE injector allows me to connect my laptop into the data port and talk to the AP. More information about the battery and LigoWave PoE injector can be found here
This package works, but...
Carrying this around with an ethernet cable trailing between the bag and my laptop is not ideal, I fear that I could easily snag the cable and drop or damage my laptop. I wanted was to convert this ethernet connection into a USB connection.
I prefer this USB hanging out of my laptop to the Thunderbolt Ethernet adaptor, however I still run the risk of snagging the cable and dropping my laptop or damaging the USB port, I felt sure that a MagSafe style connection must exist for a USB cable.
It does...
It is called Magnetic USB, manufactured by a company in Germany company called Rosenberger, magnetic-usb.com
If the cable is pulled, the connector breaks apart rather than my laptop USB port
The Magnetic USB cable I have used is USB-A to USB-B
A cheap and cheerful USB-A female to USB-B female adaptor allows me to place the the ethernet adaptor in series and connect the AP to my laptop with a USB cable.
With all of the cables tucked away neatly into the bag
If you have any questions, comments or would like to contact me, I can be found on Twitter @nickjvturner