Table of Contents
Advertisement
Setting Network Security Parameters
Refer to the
"Enabling Host-Based EAP" section on page 5-39
EAP-SIM.
Note
Refer to the IEEE 802.11 Standard for more information on 802.1X authentication and to the following
URL for additional information on RADIUS servers:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt2/scrad.htm
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access (WPA) is a standards-based, interoperable security enhancement that greatly
increases the level of data protection and access control for existing and future wireless LAN systems.
It is derived from and will be compatible with the upcoming IEEE 802.11i standard. WPA leverages
Temporal Key Integrity Protocol (TKIP) and Michael message integrity check (MIC) for data protection
and 802.1X for authenticated key management.
WPA supports two mutually exclusive key management types: WPA and WPA-Pre-shared key
(WPA-PSK). Using WPA key management, clients and the authentication server authenticate to each
other using an EAP authentication method, and the client and server generate a pairwise master key
(PMK). The server generates the PMK dynamically and passes it to the access point. Using WPA-PSK
key management, however, you configure a pre-shared key on both the client and the access point, and
that pre-shared key is used as the PMK.
Only 350 series and CB20A cards that are installed on computers running Windows 2000 or XP and
running LEAP or host-based EAP authentication can be used with WPA. Support for WPA is available
in the software components included in Install Wizard version 1.2 or greater. However, if you want to
use host-based EAP authentication with WPA, you must install additional software with WPA support.
The following WPA software is recommended for use with Cisco Aironet client adapters:
•
•
Note
Refer to the
the
EAP-SIM with WPA.
Note
WPA must also be enabled on the access point. Access points must use Cisco IOS Release 12.2(11)JA
or greater to enable WPA. Refer to the documentation for your access point for instructions on enabling
this feature.
Fast Roaming (CCKM)
Some applications that run on a client device may require fast roaming between access points. Voice
applications, for example, require seamless roaming to prevent delays and gaps in conversation. Support
for fast roaming is available for LEAP-enabled clients in Install Wizard version 1.1 or greater.
Cisco Aironet 340, 350, and CB20A Wireless LAN Client Adapters Installation and Configuration Guide for Windows
5-26
"Enabling LEAP" section on page 5-35
Funk Odyssey Client supplicant version 2.2 (for Windows 2000)
Windows XP Service Pack 1 and Microsoft support patch 815485 (for Windows XP)
Meetinghouse AEGIS Client supplicant version 2.1 is also supported for use with Windows 2000
and XP; however, it was not tested with this client adapter software release.
"Enabling LEAP" section on page 5-35
"Enabling Host-Based EAP" section on page 5-39
Chapter 5
for instructions on enabling LEAP or to the
for instructions on enabling EAP-TLS, PEAP, or
for instructions on enabling LEAP with WPA or to
for instructions on enabling EAP-TLS, PEAP, or
Configuring the Client Adapter
OL-1394-07
Advertisement
Table of Contents
Troubleshooting
