Once the AP has been configured, the next step is to configure your clients. There are two ways you can do this-either through the computer's operating system (Windows XP Service Pack 2, for example, has strong support for wireless capabilities) or through utilities that Cisco ships with its wireless adapters. This section explains how to configure your adapter using the Cisco utilities.
Cisco offers different client utilities. The Aironet Desktop Utility (ADU) is used for 802.11a/b/g CardBus and PCI cards, while the Aironet Client Utility (ACU) is used for all other adapters.
Installing a PC card into a laptop is reasonably straightforward-plug it in and you're set. However if you're installing a wireless card into a desktop PC, the steps are a little more involved. Follow these steps to install a PCI card-based wireless adapter:
Turn off the computer, open the case, and find an available PCI slot.
Slip the antenna through the open PCI card case opening.
Plug in the PCI card, ensuring it is firmly seated.
Secure the card with the mounting screw and replace the case cover.
Slide the antenna through the antenna mounting base, and secure.
Place the antenna somewhere away from metal shelves, microwave ovens, or any other source of interference. The antenna base can be mounted to a wall if you prefer.
Once the hardware has been installed, the software must be installed. When the client is booted, if you see Windows' Found New Hardware Wizard, click Cancel, as you'll be installing software from Cisco.
The CD that comes with the client adapter will have an Install Wizard on it; however, it's best to get the wizard at Cisco's Web site to ensure you have the latest version. As of this writing, you can go to http://tools.cisco.com/support/downloads/pub/MDFTree.x?butype=wireless. This page contains up-to-date software for all of Cisco's wireless products. Be aware, however, you will need a valid Cisco Connection Online (CCO) account.
To find the correct software for your adapter, go to the aforementioned Web page, and then navigate to it following these steps:
Expand Wireless LAN Access.
Click Cisco Wireless LAN Client Adapters.
Click the wireless adapter you're using. You'll be prompted for a CCO account at this step.
Select which platform you're using (Windows 2000 or Windows XP).
Click the Install Wizard file with the greatest release number.
You'll have to complete an online form and accept software terms, but then the download will begin and you can start the wizard.
Once you've downloaded the software, install it following the on-screen prompts.
There is an important step during the installation for Windows XP users using ADU. While the drivers are being installed, you'll be asked if you want to install ADU or a third-party tool. You can choose whichever you like, but if you choose to manage your adapter using a third-party tool, ADU will not be installed and you'll have to follow the configuration instructions from the other manufacturer. If you do install ADU, Microsoft Wireless Configuration Manager will be disabled.
Once the hardware and software have been installed, the next step is to configure your adapter. Open the ADU or ACU application (depending on which tool you've installed), and click the Profile Management tab.
The steps shown here may differ slightly from whatever software version you are using. Given the many different variations of the software, it would be impossible to include them all, but these steps should help you understand the settings for your specific version.
The Profile Manager is used to administer different profiles for your client. For instance, if the client computer is being used on two or more wireless networks, the Profile Manager can make a discrete set of configurations of each network, and connecting to a different network is as easy as selecting a new profile.
To create a new profile, follow these steps:
Enter a name for your new profile, and press ENTER.
When the Properties screen appears, you can use the default properties, or make whatever changes you desire to the system parameters.
System parameters, shown in Figure 8-17, allow you to establish and manage specific settings for your profile. Table 8-5 explains these settings.
Figure 8-17: Wireless system parameters are easily managed on the client
Provides a name for your client and allows your client to be identified on the network and the AP.
The Service Set Identifier (SSID) indicates which wireless network you wish to access.
The SSID is a unique, case-sensitive identifier that is attached to selected packets sent out over the wireless network. Nodes associating to the device must use the same SSID, or their association requests will be ignored.
If this parameter is left blank, the client can associate to any AP that is configured to allow broadcast SSIDs.
An optional SSID, allowing the client to roam to another network without necessitating client reconfiguration.
Power Save Mode
Power saving settings:
Specifies which type of network your adapter will connect to:
Once settings have been made, click OK to return to the Profile Manager screen.
To include this profile in the auto profile selection, select the Include Profile in Auto Profile Selection check box on the Profile Manager screen.
After your profiles have been created, you must select which profile to use. This is accomplished by following these steps:
Open the ACU or ADU, and then select Select Profile from the command drop-down menu. Figure 8-18 shows the Select Profile screen.
Figure 8-18: You need to select which profile to use on your WLAN
Choose one of the following options:
Use Selected Profile Uses the specific profile you choose. If the adapter is unable to associate to an AP or loses its association, it will not automatically select another profile to attempt a connection.
Use Auto Profile Selection The adapter driver will automatically select a profile from the list. If it is unable to associate or loses association, after 10 seconds, it will switch to another profile (assuming more than one has been configured) and try to reassociate.
Use Another Application To Configure My Wireless Settings This allows other applications-like ones in Windows XP-to configure the client adapter.
Client security is managed using the Network Security tab. This screen is shown in Figure 8-19.
Figure 8-19: Client security is managed using the Network Security tab
This screen allows you to manage WEP keys as well as 802.1x settings. In this section, we will cover the basics of establishing and managing WEP keys.
802.1x is far more complex and not covered here. For more information on managing 802.1x settings, visit http://www.cisco.com.
Before making any changes to the adapter's security settings, you have to decide how to set the Allow Associated To Mix Cells parameter, located at the bottom of the screen. This establishes whether the client can associate to cells using both WEP and non-WEP association.
Select this check box if your AP has WEP set to Optional and WEP is enabled on the client. Clear this check box if the AP does not have the WEP set to Optional.
WEP keys can be set for a client by following these steps:
Select None from the Network Security Type drop-down box in the Network Security screen.
Select Use Static WEP Keys.
Select one of the following WEP key formats:
Hexadecimal (0-9, A-F) WEP keys will be entered in the hexadecimal format: numbers 0-9 and letters A-F (upper or lowercase).
ASCII Text WEP keys will be entered in ASCII text, including characters, numbers, and punctuation marks.
Select an AP authentication option. This establishes how your client will authenticate with the AP:
Open Authentication The client adapter is permitted to communicate with the AP, regardless of WEP settings.
Shared Key Authentication The client adapter can only communicate with an AP sharing the same WEP key.
Select a key size, either 40 or 128 bits. Clients with 128-bit adapters can use either size key, but clients with 40-bit adapters can only use 40-bit keys.
Type the WEP key in the relevant field. One of the top ways-if not the top way-that clients are misconfigured is through a mistyped WEP key. 40and 128-bit WEP keys have different sizes:
40-bit keys contain ten hexadecimal characters (4A2b8DaA10, for example) or five ASCII text characters (for example, k@1D3).
128-bit keys contain 26 hexadecimal characters (123abc456dEF123Abc321Cba 78, for instance) or 13 ASCII text characters (for example, c@nN0nd@le4o0).
Be mindful of capitalization and whether "0" or "o" is being used.
Click the Transmit Key option to the left of the key you wish to use to transmit packets.
Click OK to return to the Profile Manager screen.
Click OK to save your settings.
While configuring WEP on a wireless client is reasonably straightforward, the process is more involved when configuring 802.1x.
There are two types of 802.1x that can be set up on your Cisco wireless adapter: LEAP and Host-based EAP.
In addition to setting up 802.1x on your wireless adapter, you will also be required to enable it on your operating system. Those steps are out of the scope of what we're doing here, so you should check with your operating system manufacturer for the best practices for enabling whatever flavor of 802.1x you'll be using.
LEAP To configure LEAP authentication on the client device, follow these steps:
Select LEAP from the Network Security Type drop-down box.
Click Configure. A new screen will appear with various settings.
You are to select a LEAP user name and password settings option:
Use Temporary User Name and Password The adapter will require a user name and password each time the computer reboots to authenticate to the network.
Use Saved User Name and Password The adapter will not require a user name and password each time the computer is rebooted. Authentication will occur using a saved user name and password.
If you chose Use Temporary User Name and Password in step 3, select one of these options (otherwise, skip ahead to step 5):
Use Windows User Name and Password The client's Windows user name and password are also the LEAP user name and password. This is the default setting.
Automatically Prompt for LEAP User Name and Password A user name and password different from the client's Windows user name and password must be used. This is requested during the Windows login process.
Manually Prompt for LEAP User Name and Password The client must ask for LEAP authentication.
If you chose Use Saved User Name and Password in step 3, follow these steps:
Enter a user name and password.
Re-enter the password in the Confirm Password field.
If necessary, enter a domain name that will be passed to the RADIUS server, along with the client's user name, in the Domain field.
If you are working in an environment with multiple domains and you want your Windows login domain to be sent to the RADIUS server along with your user name, select the Include Windows Login Domain With User Name check box.
To disassociate when the client logs off, select the No Network Connection Unless User is Logged In check box.
In the LEAP Authentication Timeout Value field, enter the number of seconds the client will wait before authentication is considered failed. This value is between 30 and 300 seconds.
Host-based EAP To enable Host-based EAP, follow these steps:
Select Host Based EAP from the Network Security Type drop-down menu on the Network Security screen.
Depending on what type of EAP you plan to use, do one of the following:
If authenticating with EAP-TLS, PEAP, or EAP-SIM, select Use Dynamic WEP Keys under WEP.
If authenticating using EAP-MD5 with static WEP, select Use Static WEP Keys, and then enter a static WEP key.
If using EAP-MD5 without WEP, select No WEP under WEP.
Wireless networking is still at a young age in its development. Though impressive feats are possible, expect more from Cisco, as well as the wireless community, in the coming years.