Page 10
Preface
Organization
This publication contains the following chapters:
•Chapter 1, “Product Overview and Installation,” describes the Cisco Aironet CB21AG and PI21AG client adapters and their role in a wireless network. This chapter also provides information that you need to know before installing a client adapter and instructions for installing the client adapter hardware and software.
•Chapter 2, “Configuring Wireless Profiles,” explains how to use the Microsoft Vista Network and Sharing Center to create and manage profiles for your client adapter.
•Chapter 3, “Configuring EAP Types,” explains the Cisco EAP types that are used for authenication to wireless networks.
•Chapter 4, “Performing Administrative Tasks,” explains how to obtain Microsoft administrative tools to distribute wireless profiles to users and computers in an Active Directory environment. This chapter also provides the XML schemas for EAP-FAST, LEAP, and PEAP-GTC.
•Chapter 5, “Routine Procedures,”provides procedures for common tasks related to the client adapter.
•Chapter 6, “Troubleshooting and Diagnostics,” provides information about diagnosing problems that might occur when you try to operate the client adapter.
•Appendix A, “EAP Messages,” describes EAP-FAST, PEAP-GTC and LEAP error messages and prompts. This appendix also provides guidelines for creating strong passwords.
•Appendix B, “Technical Specifications,” provides technical specifications for the Cisco Aironet CB21AG and PI21AG Wireless LAN Client Adapters.
•Appendix C, “Translated Safety Warnings,” provides translations of the safety warnings that appear in this publication. The second warning pertains to the PI21AG client adapter, and the third warning pertains to the CB21AG client adapter.
•Appendix D, “Declarations of Conformity and Regulatory Information,”provides declarations of conformity and regulatory information for the Cisco Aironet CB21AG and PI21AG Wireless LAN client adapters.
•Appendix E, “Channels, Power Levels, and Antenna Gains,” lists the IEEE 802.11a, b, and g channels supported by the world's regulatory domains as well as the maximum power levels and antenna gains allowed per data rate.
•Appendix F, “Acknowledgments and Licensing,” provides information about open-source software that is used in the Cisco EAP modules.
•Appendix G, “Abbreviations,” includes commonly used abbreviations.
Conventions
This publication uses the following conventions to convey instructions and information:
•Commands are in boldface.
•Variables are in italics.
•Configuration parameters are capitalized.
•Notes, cautions, and warnings use the following conventions and symbols:
Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista
Contents
Cisco Systems, Inc 170 West Tasman Drive San Jose, CA
Software Release
Americas Headquarters
800 553-NETS Fax 408
Turn the television or radio antenna until the interference stops
FCC Safety Compliance Statement
Network Configurations Using Client Adapters
Ad Hoc Wireless LAN
Preface
Obtaining Client Adapter Software
Advanced Roaming Setting
Two-Phase Tunneled Authentication
Inserting the Card
Configuring and Starting Logging
Accessing LEAP Properties for Configuration
Configuring LEAP
Finding the Version of the LEAP Module
EAP Messages A-1
Creating Strong Passwords A-9
Antenna Installation Warning
English Translation D-7
Chinese Translation
Channels
Acknowledgments and Licensing F-1
English Translation
viii
OL-16534-01
Purpose
Preface
Audience
Audience, page Purpose, page Organization, page Conventions, page
Organization
Conventions
Varoitus Tämä varoitusmerkki merkitsee vaaraa. Olet tilanteessa, joka voi johtaa ruumiinvammaan. Ennen kuin työskentelet minkään laitteiston parissa, ota selvää sähkökytkentöihin liittyvistä vaaroista ja tavanomaisista onnettomuuksien ehkäisykeinoista. Tässä julkaisussa esiintyvien varoitusten käännökset löydät liitteestä Translated Safety Warnings käännetyt turvallisuutta koskevat varoitukset
Related Publications
Obtaining Documentation, Obtaining Support, and Security Guidelines
Safety information, page Unpacking the Client Adapter, page
Product Overview and Installation
Network Configurations Using Client Adapters, page
Installing the Client Adapter Driver and Software, page
PC-Cardbus
Introduction to the Client Adapters
Terminology
card
Radio Antenna
Hardware Components
Radio
LEDs
Ad Hoc Wireless LAN
Network Configurations Using Client Adapters
Software Components
Wireless Infrastructure with Workstations Accessing a Wired LAN
Figure 1-1 Ad Hoc Wireless LAN
FCC Safety Compliance Statement
Safety information
Safety Guidelines
Unpacking the Client Adapter
Warnings
http//support.microsoft.com/kb/932063
Package Contents
System Requirements
http//support.microsoft.com/kb/935222
For Infrastructure Devices
Site Requirements
For Client Devices
Inserting a PC-Cardbus Card
Inserting the Client Adapter
1-10
Insert the card see the “Inserting the Card” section on page
Inserting a PCI Card
Changing the Bracket
Assemble the antenna see the “Assembling the Antenna” section on page
Inserting the Card
1-12
Assembling the Antenna
1-13
Mounting the Antenna
1-14
1-15
Step 1 Perform one of the following
1-16
Step 8 If the Found New Hardware Wizard window appears, click Cancel
Obtaining Client Adapter Software
Step 5 Click Wireless Software
Step 7 Click Cisco Aironet Wireless LAN Client Adapters
Step 6 Click Client Adapters and Client Software
Installing the Client Adapter Driver and Software
1-18
Figure 1-11 Cisco Aironet Installation Program Window
1-19
Hardware Insertion
1-20
Figure 1-13 Cisco Aironet Installation Program-Setup Status Window
1-21
Step 8 Click Finish
1-22
Accessing Microsoft Vista Network and Sharing Center, page
Configuring Wireless Profiles
Overview of Wireless Profiles, page
Creating a New Profile and Configuring Basic Settings, page
Overview of Wireless Profiles
Accessing Microsoft Vista Network and Sharing Center
Creating a New Profile and Configuring Basic Settings
Cisco Aironet 802.11a/b/g Wireless Adapter see Figure
Creating a New Profile and Configuring Basic Settings
Step 7 In this dialog box, enter information for the wireless network that you want to add.Table 2-1 lists and describes general settings for the profile. Follow the instructions in the table to configure these settings
Setting
Encryption Types” section on page
What to Enter
and Encryption Types” section on page
Chapter 3, “Configuring EAP Types.” The enterprise network EAP
Profile Management General Settings continued
Setting
WPA and WPA2
Security and Encryption Types
WEP Shared Security with Static WEP Keys
2-10
802.1X with Dynamic WEP Keys
2-11
CCKM Fast Secure Roaming
Accessing a Profile That Was Created Previously
2-12
2-13
Viewing and Changing the Settings of a Profile
Figure 2-7 Network and Sharing Center Window
2-14
Figure 2-8 Wireless Network properties Dialog Box-Connection Tab
page 2-18 and the “Advanced Roaming Setting” section on page
is available, Choose Control Panel Manage Wireless Networks
Settings dialog box. See the “Radio Measurement” section on
in Table 2-1 on page
2-16
Figure 2-9 Wireless Network properties Dialog Box-Security Tab
2-17
Radio Measurement
2-18
Advanced Roaming Setting
2-19
2-20
How LEAP Works, page Configuring LEAP, page
Configuring EAP Types
Configuring EAP-FAST, page Overview of LEAP, page
Configuring PEAP-GTC, page
Protected Access Credentials, page
Two-Phase Tunneled Authentication
Two-Phase Tunneled Authentication, page
How EAP-FAST Works
Protected Access Credentials
Server Certificate Validation
Accessing EAP-FAST Properties for Configuration, page
Configuring EAP-FAST
Accessing EAP-FAST Properties for Configuration
Configuring EAP-FAST Settings in the Connection Tab, page
Configuring EAP-FAST Settings in the Connection Tab
Default On
Default anonymous
Default Enabled
Default On
Default None
Use Protected Access
Default Off
PAC box and the Validate Server Certificate box at the same time
Overview of the User Credentials Tab
Usernames and Passwords
Client Certificates
3-10
Configuring EAP-FAST Settings in the User Credentials Tab
Figure 3-3 User Credentials Tab in EAP-FAST Properties Window
Mode with OTP” section on page
information about OTP, see the “Understanding PIN Mode and Token
3-11
Figure 3-4 New PIN Prompt Window
Understanding PIN Mode and Token Mode with OTP
3-12
Figure 3-5 Next Token Prompt Window
Configuring EAP-FAST Settings in the Authentication Tab
3-13
Table 3-3 lists and describes options for authentication
3-14
Figure 3-6 Authentication Tab in EAP-FAST Properties Window
3-15
Default Disabled
a certificate on this computer radio button in the User
Select an authentication
3-16
Finding the Version of the EAP-FAST Module
Figure 3-7 About Tab in EAP-FAST Properties Window
How LEAP Works
Overview of LEAP
3-17
Accessing LEAP Properties for Configuration, page
Configuring LEAP
Accessing LEAP Properties for Configuration
Configuring LEAP Settings in the Network Credentials Tab, page
3-19
Configuring LEAP Settings in the Network Credentials Tab
Figure 3-8 Wireless Network Properties Window
Table 3-4 LEAP Network Credentials Settings
3-20
Settings
LEAP Network Credentials
Finding the Version of the LEAP Module
Overview of PEAP-GTC
3-21
How PEAP-GTC Works
3-22
Accessing PEAP-GTC Properties for Configuration, page
Configuring PEAP-GTC
Accessing PEAP-GTC Properties for Configuration
Configuring PEAP-GTC Settings in the Connection Tab, page
3-24
Figure 3-10 Wireless Network Properties Window
3-25
Configuring PEAP-GTC Settings in the Connection Tab
Figure 3-11 Connection Tab in PEAP-GTC Properties Window
prompt user to authorize new servers or trusted certificate
Default anonymous
If the Validate server certificate box is checked and the Do not
If the Validate server certificate box is checked but the Do not
Configuring PEAP-GTC Settings in the User Credentials Tab
3-27
and Token Mode with OTP” section on page
Default Off
password option
which is the case for the Prompt automatically for username and
PEAP-GTC User Credentials Options continued
3-29
Figure 3-13 New PIN Prompt Window
3-30
Understanding PEAP-GTC Authentication
Finding the Version of the PEAP-GTC Module
Figure 3-14 Next Token Prompt Window
The EAP-FAST XML Schema, page The PEAP-GTC XML Schema, page
Performing Administrative Tasks
Using Microsoft Tools to Perform Administrative Tasks, page
The LEAP XML Schema, page Logging for EAP Modules, page
Adding a Group Policy Object Editor
Using Microsoft Tools to Perform Administrative Tasks
Overview of Group Policy Objects
Overview of Group Policy Objects, page
a. Go to File Add/Remove Snap-in
Creating a EAP Group Policy Object in Windows Vista
g. From the Select Group Policy Object dialog box, click Finish
Configuring Machine Authentication for EAP-FAST
Configuring Machine Authentication for PEAP-GTC
Configuring Single Sign-On for EAP-FAST
Configuring Single Sign-On for PEAP-GTC and LEAP
The EAP-FAST XML Schema
xsdocumentation
xselement xschoice
xselement name=authenticateWithToken xscomplexType xssequence
4-10
xselement xselement name=sendViaInnerMethod xscomplexType xsall
4-11
xscomplexType name=PasswordFromProfile xssimpleContent
4-12
4-13
xsannotation xselement xschoice xselement name=enableFastReconnect
4-14
4-15
xssimpleType xsrestriction base=xsstring xsenumeration value=exactly
4-16
xselement name=anyServerName type=Empty xsannotation
The PEAP-GTC XML Schema
4-17
4-18
4-19
xscomplexContent xscomplexType xscomplexType name=IdentityPattern
4-20
xscomplexType name=TokenSource xschoice
4-21
xschoice xssequence xscomplexType
4-22
The LEAP XML Schema
4-23
4-24
attributeFormDefault=unqualified xselement name=eapLeap type=EapLeap
4-25
Step 1 Choose Start All Programs Accessories
Configuring and Starting Logging
Configuring and Starting Logging, page
Step 2 Right-click Command Prompt and select Run as administrator
wevtutil sl Cisco-EAP-PEAP/Debug /efalse
Disabling Logging and Flushing Internal Buffers
wevtutil sl Cisco-EAP-FAST/Debug /efalse
wevtutil sl Cisco-EAP-LEAP/Debug /efalse
wevtutil sl Cisco-EAP-PEAP/Debug /lfn“pathtoetllogfile”
Locating Log Files
wevtutil sl Cisco-EAP-FAST/Debug /lfn“pathtoetllogfile”
wevtutil sl Cisco-EAP-LEAP/Debug /lfn“pathtoetllogfile”
Removing a Client Adapter, page
Routine Procedures
Upgrading the Client Adapter Software, page
Removing a PC-Cardbus Card
Removing a Client Adapter
Removing a PCI Card
Upgrading the Client Adapter Software
Step 5 Click Update the previous installation
Figure 5-3 Cisco Aironet Installation Program-Setup Status Window
Step 8 Click Finish
Troubleshooting with Cisco Aironet Client Diagnostics, page
Troubleshooting and Diagnostics
Enabling Client Reporting, page
Troubleshooting with Cisco Aironet Client Diagnostics
Figure 6-1 Network and Sharing Center Window
Figure 6-2 Cisco Aironet Client Diagnostics Dialog Box
Figure 6-3 Cisco Aironet Client Diagnostics Dialog Box-Choose Adapter
Figure 6-5 Cisco Aironet Client Diagnostics Dialog Box-Testing Delay
Figure 6-6 Cisco Aironet Client Diagnostics Dialog Box-Test Window
Figure 6-7 Aironet Desktop Utility-Stop Running Diagnostics
Enabling Client Reporting
PEAP-GTC and LEAP Error Messages and Prompts, page A-6
EAP-FAST Error Messages and Prompts
EAP-FAST Error Messages and Prompts, page A-1
Creating Strong Passwords, page A-9
Appendix A EAP Messages EAP-FAST Error Messages and Prompts
Page
Recommended Action Enter a username
Recommended Action Press OK to continue
PEAP-GTC and LEAP Error Messages and Prompts
Page
Page
Characteristics of Strong Passwords
Creating Strong Passwords
Characteristics of Weak Passwords
Password Security Basics
A-10
Radio Specifications, page B-3
Technical Specifications
A P P E N D I X B
Physical Specifications
Radio Specifications
5470 to 5725 MHz
5150 to 5250 MHz
5250 to 5350 MHz
5725 to 5805 MHz
Indoor typical
Outdoor typical
Power Specifications
Safety and Regulatory Compliance Specifications
A P P E N D I X C
Translated Safety Warnings
Antenna Installation Warning, page C-3
Explosive Device Proximity Warning, page C-2
Explosive Device Proximity Warning
Antenna Installation Warning
Warning for Laptop Users
Page
Page
Department of Communications - Canada, page D-3
Declarations of Conformity and Regulatory Information
A P P E N D I X D
Declaration of Conformity for RF Exposure, page D-7
FCC Certification Number LDK102050 CB21AG
European Community, Switzerland, Norway, Iceland, and Liechtenstein
Department of Communications - Canada
Canadian Compliance Statement
Page
Cisco Aironet CB21AG Wireless LAN Client Adapter
Declaration of Conformity Statement
Cisco Aironet PI21AG Wireless LAN Client Adapter
English Translation
Declaration of Conformity for RF Exposure
Japanese Translation
03-6434-6500
Chinese Translation
2.4- and 5-GHz Client Adapters
English Translation
Brazil/Anatel Approval
5-GHz Client Adapters
AIR-CB21AG-W-K9
D-10
AIR-PI21AG-W-K9
D-11
D-12
A P P E N D I X E
Channels, page E-2 Maximum Power Levels and Antenna Gains, page E-4
Channels, Power Levels, and Antenna Gains
Channels
IEEE 802.11a
IEEE 802.11b/g
Regulatory Domains
Maximum Power Levels and Antenna Gains
IEEE 802.11b
IEEE 802.11g
Maximum Power Levels and Antenna Gains
Acknowledgments and Licensing
A P P E N D I X F
Appendix F Acknowledgments and Licensing
Appendix F Acknowledgments and Licensing
OL-16534-01
Appendix F Acknowledgments and Licensing
Abbreviations
A P P E N D I X G
Table G-1
List of Acronyms continued