Configuring Leap; Accessing Leap Properties For Configuration - Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual

802.11a/b/g wireless lan client adapters windows vista

Hide thumbs Also See for AIR-CB21AG-W-K9:

Datasheet (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

Configuring LEAP

During authentication, the access point acts as a transparent relay for the conversation between the client

and the RADIUS server. The EAPOL header is removed from EAPOL packets that come from the client.

The contents of the EAPOL packet are added as an EAP attribute to a RADIUS request packet and sent

to the RADIUS server. RADIUS packets from the server have the EAP attribute contents added to an

EAPOL packet and sent to the client. The access point never examines the contents of the EAP data.

When the client associates to an access point, the access point sends an EAP identity request to the client.

The client responds with a username. The RADIUS server then formats a LEAP challenge EAP attribute.

The client sends a LEAP challenge response back to the RADIUS server.

If the user is invalid, the RADIUS server sends a RADIUS access-deny message that contains an EAP

failure attribute. If the user is valid, the server sends a RADIUS access-challenge packet with an EAP

success attribute. The client responds with a LEAP challenge. The server responds with a RADIUS

access-accept packet that contains an EAP attribute with the LEAP challenge response. This packet also

contains a Cisco vendor-specific attribute that informs the access point of the value of the encryption

key. The client verifies the challenge response. If the response is invalid, client disassociates and

attempts to find another access point.

802.11 supports the use of up to four encryption keys for the traffic between a client and its access point.

The access point uses one of the key indices for the session key. This key has a different value for each

connection between the client and the access point.

The session key is derived from the user password and the contents of the LEAP challenges and

responses that go to and from the client. 802.11 encryption might be based on a 40-bit key or a 128-bit

key. The key derivation routines provide a key that is longer than needed.

Configuring LEAP

This section explains how to configure LEAP module settings. The following topics are covered in this

section:

•

Accessing LEAP Properties for Configuration

To access the LEAP Properties window, perform the following steps:

Click the Start button on the lower-left corner of the desktop.

Step 1

From the right pane, right-click Network.

Step 2

Select Properties.

Step 3

From the left pane, select Manage Wireless Networks.

Step 4

Double-click the wireless network.

Step 5

From the Wireless Network properties window, select the Security tab (see

Step 6

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista

3-18

Accessing LEAP Properties for Configuration, page 3-18

Configuring LEAP Settings in the Network Credentials Tab, page 3-19

Finding the Version of the LEAP Module, page 3-21

Chapter 3

Configuring EAP Types

Figure

3-1).

OL-16534-01

Table of Contents

Troubleshooting

This manual is also suitable for:

Aironet cb21ag Aironet pi21ag

Configuring Leap; Accessing Leap Properties For Configuration - Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual

Configuring LEAP

Configuring LEAP

Accessing LEAP Properties for Configuration

Troubleshooting

Related Manuals for Cisco AIR-CB21AG-W-K9

Related Content for Cisco AIR-CB21AG-W-K9

This manual is also suitable for:

Table of Contents