Cisco Systems CB21AG - page 116

5-50

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide

OL-4211-03

Chapter5 Configuring the Client Adapter

Setting Security Parameters

Step5 Click Start > Settings > Control Panel > Network and Dial-up Connections or Network Connections.

Step6 Right-click your wireless connection.

Step7 Click Properties. The Connection Properties window appears.

Step8 Perform one of the following:

•On Windows 2000, click the Authentication tab.

•On Windows XP, choose the Wireless Networks tab, make sure that the Use Windows to configure

my wireless network settings check box is checked, click the SSID of the access point to whi ch

you want the client adapter to associate from the list of available net works, cl ick Configure, and

choose the Authentication tab.

Step9 For EAP type, choose Protected EAP (PEAP).

Step10 Configure any applicable settings on the Protected EAP Properties window and subwindows.

Note Refer to the “Enabling PEAP (EAP-MSCHAP V2)” section on page E-14 if you need help

configuring the PEAP (EAP-MSCHAP V2) settings.

Step11 After you have finished the configuration, PEAP authentication should begin. Depen din g on t he

configuration settings you selected, you may be prompted for your PEA P u se rname , pa ssword, a nd

domain name. Note that you may need to minimize ADU in order to access the pop-up window that

prompts you for your credentials.

Note You can have multiple host-based EAP profiles in ADU, but the Microsoft Wireless Configuration

Manager maintains only one configuration. If you want to use different PEAP proper ty se ttings for

different host-based EAP profiles, you need to repeat the previous steps beginning with Step 4 every time

you switch to a different host-based EAP profile.

Note When you activate a host-based EAP profile, the Microsoft Wireless Configuration Manager takes

control of the client adapter’s authentication attempt. However, when you activate a non-host-based EAP

profile, ADU assumes this control.

Note If you experience problems while using a host-based EAP profile, make sure that 802. 1X authentication

is disabled for any other network connection.

Contents

Main Page CONTENTS Page Page Page Page Page Page Page Preface Audience Purpose Organization Conventions xiv Related Publications Obtaining Documentation Cisco.com Documentation DVD Ordering Documentation Cisco Product Security Overview Reporting Security Problems in Cisco Products Obtaining Technical Assistance Cisco Technical Support Website Submitting a Service Request Definitions of Service Request Severity Obtaining Additional Publications and Information Page Product Overview Introduction to the Client Adapters Terminology Hardware Components Radio Radio Antenna LEDs Software Components Driver Client Utilities Network Configurations Using Client Adapters Ad Hoc Wireless LAN Wireless Infrastructure with Workstations Accessing a Wired LAN Preparing for Installation Safety information FCC Safety Compliance Statement Safety Guidelines Warnings Unpacking the Client Adapter Package Contents System Requirements Site Requirements For Infrastructure Devices For Client Devices Page Installing the Client Adapter Inserting a Client Adapter Inserting a PC-Cardbus Card Inserting a PCI Card Changing the Bracket Inserting the Card Assembling the Antenna Mounting the Antenna Page Page Installing the Client Adapter Software Page Page Page Page Page Page Page Page Page Page Installing a Microsoft Hot Fix for Group Policy Delay Page Page Using the Profile Manager Overview of Profile Manager Opening Profile Manager Page Creating a New Profile Page Page Including a Profile in Auto Profile Selection Page Selecting the Active Profile Modifying a Profile Editing a Profile Deleting a Profile Importing and Exporting Profiles Importing a Profile Exporting a Profile Configuring the Client Adapter Page Setting General Parameters Page Page Setting Advanced Parameters Page Page Page Page Page Page Setting Security Parameters Overview of Security Features Static WEP Keys EAP (with Dynamic WEP Keys) Page Page WPA and WPA2 CCKM Fast Secure Roaming Reporting Access Points that Fail LEAP Authentication Additional WEP Key Security Features Message Integrity Check (MIC) Temporal Key Integrity Protocol (TKIP) Broadcast Key Rotation Synchronizing Security Features Page Page Page Enabling Static WEP Page Enabling WPA/WPA2 Passphrase Enabling LEAP Page Page Page Enabling EAP-FAST Page Page Page Page Page Page Deleting a Manually Provisioned PAC File Enabling EAP-TLS or PEAP Enabling EAP-TLS Page Enabling PEAP (EAP-GTC) Page Page Page Enabling PEAP (EAP-MSCHAP V2) Page Page Enabling PEAP (EAP-MSCHAP V2) Machine Authentication with Machine Credentials Page Disabling Static WEP, WPA/WPA2 Passphrase, or EAP Enabling Wi-Fi Multimedia Enabling the QoS Packet Scheduler on Windows 2000 Page Page Enabling the QoS Packet Scheduler on Windows XP Setting Roaming Parameters in the Windows Control Panel Page Using EAP Authentication Using LEAP or EAP-FAST Using LEAP or EAP-FAST with the Windows Username and Password Page Using LEAP or EAP-FAST with an Automatically Prompted Login Page Page Using LEAP or EAP-FAST with a Manually Prompted Login After Profile Activation After a Reboot, Logon, or Card Insertion Page Page Using LEAP or EAP-FAST with a Saved Username and Password Using EAP-TLS Using PEAP (EAP-GTC) Windows NT or 2000 Domain Databases or LDAP Databases Only OTP Databases Only Using PEAP (EAP-MSCHAP V2) Restarting the Authentication Process Page Viewing Status and Statistics Overview of ADU Status and Statistics Tools Setting Parameters that Affect ADU Status and Statistics Tools Page Viewing the Current Status of Your Client Adapter Page Page Page Page Page Page Page Viewing Statistics for Your Client Adapter Page Page Page Page Using the Aironet System Tray Utility (ASTU) Overview of ASTU The ASTU Icon Tool Tip Window Page Pop-Up Menu Help Page Enable/Disable Radio Manual Login Reauthenticate Select Profile Show Connection Status Page Page Page Routine Procedures Removing a Client Adapter Removing a PC-Cardbus Card Removing a PCI Card Client Adapter Software Procedures Upgrading the Client Adapter Software Page Page Uninstalling the Client Adapter Software ADU Procedures Opening ADU Exiting ADU Finding the Version of ADU Viewing Client Adapter Information Accessing Online Help ASTU Procedures Enabling or Disabling Your Client Adapters Radio Page Troubleshooting Accessing the Latest Troubleshooting Information Interpreting the Indicator LEDs Troubleshooting the Client Adapter Using the Troubleshooting Utility Diagnosing Your Client Adapters Operation Page Page Page Saving the Detailed Report to a Text File Disabling the Microsoft Wireless Configuration Manager (Windows XP Only) Disabling the Microsoft 802.1X Supplicant (Windows 2000 Only) Client Adapter Recognition Problems Resolving Resource Conflicts Resolving Resource Conflicts in Windows 2000 Resolving Resource Conflicts in Windows XP Problems Associating to an Access Point Problems Connecting to the Network Prioritizing Network Connections Parameters Missing from Profile Management Windows Windows Wireless Network Connection Icon Shows Unavailable Connection (Windows XP Only) Error Messages Page Page Page Page Page Page Page Page Page Page Page Page A Technical Specifications Page Page Page Page Page B Translated Safety Warnings B-2 Explosive Device Proximity Warning B-3 Antenna Installation Warning B-4 Warning for Laptop Users B-5 B-6 C Declarations of Conformity and Regulatory Information Manufacturers Federal Communication Commission Declaration of Conformity Statement Models: FCC Certification Number: Manufacturer: Department of Communications Canada Canadian Compliance Statement European Community, Switzerland, Norway, Iceland, and Liechtenstein Declaration of Conformity with Regard to the R&TTE Directive 1999/5/EC Page C-5 Declaration of Conformity Statement Cisco Aironet CB21AG Wireless LAN Client Adapter C-6 Cisco Aironet PI21AG Wireless LAN Client Adapter Declaration of Conformity for RF Exposure Guidelines for Operating Cisco Aironet Wireless LAN Client Adapters in Japan Japanese Translation English Translation 03-5549-6500 Administrative Rules for Cisco Aironet Wireless LAN Client Adapters in Taiwan 2.4- and 5-GHz Client Adapters Chinese Translation English Translation 5-GHz Client Adapters Page D Channels, Power Levels, and Antenna Gains Channels IEEE 802.11a IEEE 802.11b/g Maximum Power Levels and Antenna Gains IEEE 802.11a IEEE 802.11b IEEE 802.11g Page E Configuring the Client Adapter through the Windows XP Operating System Overview of Security Features Static WEP Keys EAP (with Dynamic WEP Keys) WPA Configuring the Client Adapter Page Page Page Page Enabling EAP-TLS Authentication Page Page Enabling PEAP Authentication Enabling PEAP (EAP-MSCHAP V2) Page Enabling PEAP (EAP-GTC) Page Associating to an Access Point Using Windows XP Viewing the Current Status of Your Client Adapter F Performing a Site Survey Guidelines Additional Information Opening the Site Survey Utility Selecting the Client Adapter Using the Associated AP Status Tab Specifying Display Units Viewing the Access Points Status Page Page Using the AP Scan List Tab Viewing the AP Scan List Page Pausing the AP Scan List Viewing AP Details Page Generating an AP Scan Log File Page Page GLOSSARY A B C D E F G H I L M O P Q R S T U V W Page INDEX Numerics A Page B C D E F G H I J K M N O P Page Q R S Page T U V W