Chapter 9
Diagnostics and Troubleshooting
Note
EAP Authentication Requires Matching 802.1x Protocol Drafts
Note
OL-2159-03
If you use Network-EAP as the authentication type, you must select key 1 as the
access point's transmit key. The access point uses the WEP key you enter in key
slot 1 to encrypt multicast data signals it sends to EAP-enabled client devices.
Because the access point transmits the WEP key used for multicast messages to
the EAP-enabled client device during the EAP authentication process, that key
does not have to appear in the EAP-enabled device's WEP key list. The access
point uses a dynamic WEP key to encrypt unicast messages to EAP-enabled
clients.
Refer to the
"Setting Up WEP" section on page 4-9
access point's WEP keys.
This section applies to wireless networks set up to use LEAP. If you do not use
LEAP on your wireless network, you can skip this section.
Wireless client devices use Extensible Authentication Protocol (EAP) to log onto
a network and generate a dynamic, client-specific WEP key for the current logon
session. If your wireless network uses WEP without EAP, client devices use the
static WEP keys entered in the Aironet Client Utilities.
If you use Network-EAP authentication on your wireless network, your client
devices and access points must use the same 802.1x protocol draft. For example,
if the radio firmware on the client devices that will associate with an access point
or bridge is 4.16, then the access point or bridge should be configured to use Draft
8 of the 802.1x protocol.
products and the draft with which they comply.
Table 9-4
802.1x Protocol Drafts and Compliant Client Firmware
Firmware Version
PC/PCI cards 4.13
PC/PCI cards 4.16
Cisco Aironet 1200 Series Access Point Software Configuration Guide
Table 9-4
lists firmware versions for Cisco Aironet
Draft 7
Draft 8
—
—
Checking Basic Settings
for instructions on setting the
Draft
1
10
x
—
x
—
9-41