10WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES

authenticates. You must contact Microsoft technical support for this hotfix. It is not available from their website. For more information on computer authentication, see “Computer Authentication”.

If you experience a delay in receiving your DHCP IP address wirelessly while using 802.1X authentication, you might need to install Microsoft hotfix KB829116. You must contact Microsoft technical support for this hotfix. It is not available from their website.

Funk Odyssey The Funk Odyssey client is required when you require WPA support on Windows 2000, or when you need to authenticate to an LDAP backend database that does not support MS-CHAP-V2 over LDAP. If you choose to use this client, please note the following:

Download the latest version from Funk’s website at: www.funk.com

Be sure to turn off Wireless Zero Config in Win- dows 2000 by disabling the service.

If your wireless NIC’s driver includes the AEGIS pro- tocol manager for WPA support, 3Com recom- mends against installing it. Some drivers install this automatically if you run the setup.exe utility to install the driver. 3Com recommends that you update the driver manually using the driver proper- ties in the Network control panel instead of install- ing the client manager.

Macintosh OS/X OS/X Version 10.3, also known as Panther, includes an 802.1X client that supports Dynamic WEP and WPA/TKIP. If you choose to use this client, please note the following:

The Panther client will only connect successfully to an SSID which is only dynamic WEP, or only WPA/TKIP. Any other configuration involving WEP with WPA enabled or AES is not supported by the current Panther client. If you need to run both WPA/TKIP and Dynamic WEP at the same time you must configured separate service profiles for each encryption type in order to maintain compatibility with Macintosh clients.

The Panther client requires you to specify the inner and outer PEAP-MS-CHAP-V2 usernames in sepa- rate areas. Depending on your AAA backend, both usernames might require a domain prefix in the form of DOMAIN\username.

Computer Authentication

Windows clients support 802.1X authentication of the computer itself. This is called computer authentication (also known as machine authentication). Computer authentication is useful when you want your computer to be active on the domain even when no users are logged in to the computer.

Some features of Windows XP Professional and Windows 2000 Professional work correctly only with an active network connection to the domain controller enabled before a user is logged on to the PC. Using computer authentication ensures that this network connection is established during the boot sequence, providing a wire-like infrastructure that allows you to use the following features on a wireless network.

The following table lists Microsoft networking features that require computer authentication.