Overview of LEAP, How LEAP Works, 3-17 | Cisco Systems CB21AG

Image 71

Cisco Systems CB21AG, PI21AG manual Overview of LEAP, How LEAP Works, 3-17

Contents

800 553-NETS Fax 408 Software ReleaseAmericas Headquarters Cisco Systems, Inc 170 West Tasman Drive San Jose, CA Turn the television or radio antenna until the interference stops Preface Network Configurations Using Client AdaptersAd Hoc Wireless LAN FCC Safety Compliance Statement Inserting the Card Advanced Roaming SettingTwo-Phase Tunneled Authentication Obtaining Client Adapter Software Finding the Version of the LEAP Module Accessing LEAP Properties for ConfigurationConfiguring LEAP Configuring and Starting Logging English Translation D-7 Creating Strong Passwords A-9Antenna Installation Warning EAP Messages A-1 English Translation ChannelsAcknowledgments and Licensing F-1 Chinese Translation OL-16534-01 viii Audience, page Purpose, page Organization, page Conventions, page PrefaceAudience Purpose Conventions Organization Varoitus Tämä varoitusmerkki merkitsee vaaraa. Olet tilanteessa, joka voi johtaa ruumiinvammaan. Ennen kuin työskentelet minkään laitteiston parissa, ota selvää sähkökytkentöihin liittyvistä vaaroista ja tavanomaisista onnettomuuksien ehkäisykeinoista. Tässä julkaisussa esiintyvien varoitusten käännökset löydät liitteestä Translated Safety Warnings käännetyt turvallisuutta koskevat varoitukset Obtaining Documentation, Obtaining Support, and Security Guidelines Related Publications Installing the Client Adapter Driver and Software, page Product Overview and InstallationNetwork Configurations Using Client Adapters, page Safety information, page Unpacking the Client Adapter, page card Introduction to the Client AdaptersTerminology PC-Cardbus LEDs Hardware ComponentsRadio Radio Antenna Software Components Network Configurations Using Client AdaptersAd Hoc Wireless LAN Figure 1-1 Ad Hoc Wireless LAN Wireless Infrastructure with Workstations Accessing a Wired LAN Safety Guidelines Safety informationFCC Safety Compliance Statement Warnings Unpacking the Client Adapter http//support.microsoft.com/kb/935222 Package ContentsSystem Requirements http//support.microsoft.com/kb/932063 For Client Devices Site RequirementsFor Infrastructure Devices 1-10 Inserting the Client AdapterInserting a PC-Cardbus Card Assemble the antenna see the “Assembling the Antenna” section on page Inserting a PCI CardChanging the Bracket Insert the card see the “Inserting the Card” section on page 1-12 Inserting the Card 1-13 Assembling the Antenna 1-14 Mounting the Antenna Step 1 Perform one of the following 1-15 Step 8 If the Found New Hardware Wizard window appears, click Cancel 1-16 Step 6 Click Client Adapters and Client Software Step 5 Click Wireless SoftwareStep 7 Click Cisco Aironet Wireless LAN Client Adapters Obtaining Client Adapter Software 1-18 Installing the Client Adapter Driver and Software Hardware Insertion 1-19Figure 1-11 Cisco Aironet Installation Program Window Figure 1-13 Cisco Aironet Installation Program-Setup Status Window 1-20 Step 8 Click Finish 1-21 1-22 Creating a New Profile and Configuring Basic Settings, page Configuring Wireless ProfilesOverview of Wireless Profiles, page Accessing Microsoft Vista Network and Sharing Center, page Accessing Microsoft Vista Network and Sharing Center Overview of Wireless Profiles Creating a New Profile and Configuring Basic Settings Cisco Aironet 802.11a/b/g Wireless Adapter see Figure OL-16534-01 Step 7 In this dialog box, enter information for the wireless network that you want to add.Table 2-1 lists and describes general settings for the profile. Follow the instructions in the table to configure these settings What to Enter Encryption Types” section on pageSetting Profile Management General Settings continued Chapter 3, “Configuring EAP Types.” The enterprise network EAPand Encryption Types” section on page What to Enter 2-10 Security and Encryption TypesWEP Shared Security with Static WEP Keys WPA and WPA2 2-11 802.1X with Dynamic WEP Keys 2-12 Accessing a Profile That Was Created PreviouslyCCKM Fast Secure Roaming Figure 2-7 Network and Sharing Center Window Viewing and Changing the Settings of a Profile2-13 Figure 2-8 Wireless Network properties Dialog Box-Connection Tab 2-14 in Table 2-1 on page is available, Choose Control Panel Manage Wireless NetworksSettings dialog box. See the “Radio Measurement” section on page 2-18 and the “Advanced Roaming Setting” section on page Figure 2-9 Wireless Network properties Dialog Box-Security Tab 2-16 2-17 2-18 Radio Measurement 2-19 Advanced Roaming Setting 2-20 Configuring PEAP-GTC, page Configuring EAP TypesConfiguring EAP-FAST, page Overview of LEAP, page How LEAP Works, page Configuring LEAP, page How EAP-FAST Works Two-Phase Tunneled AuthenticationTwo-Phase Tunneled Authentication, page Protected Access Credentials, page Server Certificate Validation Protected Access Credentials Configuring EAP-FAST Settings in the Connection Tab, page Configuring EAP-FASTAccessing EAP-FAST Properties for Configuration Accessing EAP-FAST Properties for Configuration, page Configuring EAP-FAST Settings in the Connection Tab Default anonymous Default On Use Protected Access Default OnDefault None Default Enabled PAC box and the Validate Server Certificate box at the same time Default Off Client Certificates Usernames and PasswordsOverview of the User Credentials Tab Figure 3-3 User Credentials Tab in EAP-FAST Properties Window Configuring EAP-FAST Settings in the User Credentials Tab3-10 3-11 information about OTP, see the “Understanding PIN Mode and TokenMode with OTP” section on page Figure 3-5 Next Token Prompt Window Understanding PIN Mode and Token Mode with OTP3-12 Figure 3-4 New PIN Prompt Window 3-13 Configuring EAP-FAST Settings in the Authentication Tab Figure 3-6 Authentication Tab in EAP-FAST Properties Window 3-14Table 3-3 lists and describes options for authentication Select an authentication Default Disableda certificate on this computer radio button in the User 3-15 Figure 3-7 About Tab in EAP-FAST Properties Window Finding the Version of the EAP-FAST Module3-16 3-17 Overview of LEAPHow LEAP Works Configuring LEAP Settings in the Network Credentials Tab, page Configuring LEAPAccessing LEAP Properties for Configuration Accessing LEAP Properties for Configuration, page Figure 3-8 Wireless Network Properties Window Configuring LEAP Settings in the Network Credentials Tab3-19 LEAP Network Credentials 3-20Settings Table 3-4 LEAP Network Credentials Settings 3-21 Overview of PEAP-GTCFinding the Version of the LEAP Module 3-22 How PEAP-GTC Works Configuring PEAP-GTC Settings in the Connection Tab, page Configuring PEAP-GTCAccessing PEAP-GTC Properties for Configuration Accessing PEAP-GTC Properties for Configuration, page Figure 3-10 Wireless Network Properties Window 3-24 Figure 3-11 Connection Tab in PEAP-GTC Properties Window Configuring PEAP-GTC Settings in the Connection Tab3-25 If the Validate server certificate box is checked but the Do not Default anonymousIf the Validate server certificate box is checked and the Do not prompt user to authorize new servers or trusted certificate 3-27 Configuring PEAP-GTC Settings in the User Credentials Tab which is the case for the Prompt automatically for username and Default Offpassword option and Token Mode with OTP” section on page Figure 3-13 New PIN Prompt Window 3-29PEAP-GTC User Credentials Options continued Figure 3-14 Next Token Prompt Window Understanding PEAP-GTC AuthenticationFinding the Version of the PEAP-GTC Module 3-30 The LEAP XML Schema, page Logging for EAP Modules, page Performing Administrative TasksUsing Microsoft Tools to Perform Administrative Tasks, page The EAP-FAST XML Schema, page The PEAP-GTC XML Schema, page Overview of Group Policy Objects, page Using Microsoft Tools to Perform Administrative TasksOverview of Group Policy Objects Adding a Group Policy Object Editor g. From the Select Group Policy Object dialog box, click Finish Creating a EAP Group Policy Object in Windows Vistaa. Go to File Add/Remove Snap-in Configuring Machine Authentication for EAP-FAST Configuring Single Sign-On for PEAP-GTC and LEAP Configuring Single Sign-On for EAP-FASTConfiguring Machine Authentication for PEAP-GTC The EAP-FAST XML Schema xsdocumentation xselement xschoice xselement name=authenticateWithToken xscomplexType xssequence xselement xselement name=sendViaInnerMethod xscomplexType xsall 4-10 xscomplexType name=PasswordFromProfile xssimpleContent 4-11 4-12 xsannotation xselement xschoice xselement name=enableFastReconnect 4-13 4-14 xssimpleType xsrestriction base=xsstring xsenumeration value=exactly 4-15 xselement name=anyServerName type=Empty xsannotation 4-16 4-17 The PEAP-GTC XML Schema 4-18 xscomplexContent xscomplexType xscomplexType name=IdentityPattern 4-19 xscomplexType name=TokenSource xschoice 4-20 xschoice xssequence xscomplexType 4-21 4-22 4-23 The LEAP XML Schema attributeFormDefault=unqualified xselement name=eapLeap type=EapLeap 4-24 4-25 Step 2 Right-click Command Prompt and select Run as administrator Configuring and Starting LoggingConfiguring and Starting Logging, page Step 1 Choose Start All Programs Accessories wevtutil sl Cisco-EAP-LEAP/Debug /efalse Disabling Logging and Flushing Internal Bufferswevtutil sl Cisco-EAP-FAST/Debug /efalse wevtutil sl Cisco-EAP-PEAP/Debug /efalse wevtutil sl Cisco-EAP-LEAP/Debug /lfn“pathtoetllogfile” Locating Log Fileswevtutil sl Cisco-EAP-FAST/Debug /lfn“pathtoetllogfile” wevtutil sl Cisco-EAP-PEAP/Debug /lfn“pathtoetllogfile” Upgrading the Client Adapter Software, page Routine ProceduresRemoving a Client Adapter, page Removing a PCI Card Removing a Client AdapterRemoving a PC-Cardbus Card Upgrading the Client Adapter Software Step 5 Click Update the previous installation Figure 5-3 Cisco Aironet Installation Program-Setup Status Window OL-16534-01 Enabling Client Reporting, page Troubleshooting and DiagnosticsTroubleshooting with Cisco Aironet Client Diagnostics, page Figure 6-1 Network and Sharing Center Window Troubleshooting with Cisco Aironet Client Diagnostics Figure 6-3 Cisco Aironet Client Diagnostics Dialog Box-Choose Adapter Figure 6-2 Cisco Aironet Client Diagnostics Dialog Box Figure 6-5 Cisco Aironet Client Diagnostics Dialog Box-Testing Delay Figure 6-7 Aironet Desktop Utility-Stop Running Diagnostics Figure 6-6 Cisco Aironet Client Diagnostics Dialog Box-Test Window Enabling Client Reporting Creating Strong Passwords, page A-9 EAP-FAST Error Messages and PromptsEAP-FAST Error Messages and Prompts, page A-1 PEAP-GTC and LEAP Error Messages and Prompts, page A-6 Appendix A EAP Messages EAP-FAST Error Messages and Prompts Page Recommended Action Enter a username Recommended Action Press OK to continue PEAP-GTC and LEAP Error Messages and Prompts Page Page Characteristics of Weak Passwords Creating Strong PasswordsCharacteristics of Strong Passwords A-10 Password Security Basics A P P E N D I X B Technical SpecificationsRadio Specifications, page B-3 Physical Specifications Radio Specifications 5725 to 5805 MHz 5150 to 5250 MHz5250 to 5350 MHz 5470 to 5725 MHz Outdoor typical Indoor typical Safety and Regulatory Compliance Specifications Power Specifications Explosive Device Proximity Warning, page C-2 Translated Safety WarningsAntenna Installation Warning, page C-3 A P P E N D I X C Explosive Device Proximity Warning Antenna Installation Warning Warning for Laptop Users Page Page Declaration of Conformity for RF Exposure, page D-7 Declarations of Conformity and Regulatory InformationA P P E N D I X D Department of Communications - Canada, page D-3 FCC Certification Number LDK102050 CB21AG Canadian Compliance Statement Department of Communications - CanadaEuropean Community, Switzerland, Norway, Iceland, and Liechtenstein Page Declaration of Conformity Statement Cisco Aironet CB21AG Wireless LAN Client Adapter Cisco Aironet PI21AG Wireless LAN Client Adapter 03-6434-6500 Declaration of Conformity for RF ExposureJapanese Translation English Translation English Translation 2.4- and 5-GHz Client AdaptersChinese Translation 5-GHz Client Adapters Brazil/Anatel Approval D-10 AIR-CB21AG-W-K9 D-11 AIR-PI21AG-W-K9 D-12 Channels, Power Levels, and Antenna Gains Channels, page E-2 Maximum Power Levels and Antenna Gains, page E-4A P P E N D I X E IEEE 802.11a Channels Regulatory Domains IEEE 802.11b/g IEEE 802.11b Maximum Power Levels and Antenna Gains IEEE 802.11g OL-16534-01 A P P E N D I X F Acknowledgments and Licensing Appendix F Acknowledgments and Licensing OL-16534-01 Appendix F Acknowledgments and Licensing OL-16534-01 A P P E N D I X G Abbreviations List of Acronyms continued Table G-1