Reporting Access Points That Fail Leap Authentication - Cisco CB21AG Installation And Configuration Manual

Cisco aironet 802.11a/b/g wireless lan client adapters (cb21ag and pi21ag)
Hide thumbs Also See for CB21AG:
Table of Contents

Advertisement

Chapter 5
Configuring the Client Adapter
Note
If you want to enable CCKM fast secure roaming on the client adapter, you must choose the
WPA/WPA2/CCKM security option on the Profile Management (Security) window, regardless of
whether you want the adapter to use WPA or WPA2. The configuration of the access point to which your
client adapter associates determines whether CCKM will be used with 802.1x, WPA, or WPA2.
Note
Access points must use Cisco IOS Release 12.2(11)JA or later to enable CCKM fast secure roaming.
Refer to the documentation for your access point for instructions on enabling this feature.
Note
The Microsoft Wireless Configuration Manager and the Microsoft 802.1X supplicant, if installed, must
be disabled in order for CCKM fast secure roaming to operate correctly. If your computer is running
Windows XP and you chose to configure your client adapter using ADU during installation, these
features should already be disabled. Similarly, if your computer is running Windows 2000, the Microsoft
802.1X supplicant, if installed, should already be disabled. Refer to
information.

Reporting Access Points that Fail LEAP Authentication

The CB21AG and PI21AG client adapters and the following access point firmware versions support a
feature that is designed to detect access points that fail LEAP authentication:
An access point running one of these firmware versions records a message in the system log when the
client discovers and reports another access point in the wireless network that has failed LEAP
authentication.
The process takes place as follows:
1.
2.
3.
4.
5.
6.
Note
This feature does not need to be enabled on the client adapter or access point; it is supported
automatically by both devices. However, the access points must use the specified firmware versions
or later.
Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide
OL-4211-03
12.00T or later (access points running VxWorks)
Cisco IOS Release 12.2(4)JA or later (1100 series access points)
Cisco IOS Release 12.2(8)JA or later (1200 series access points)
Cisco IOS Release 12.2(13)JA or later (350 series access points)
A client with a LEAP profile attempts to associate to access point A.
Access point A does not handle LEAP authentication successfully, perhaps because the access point
does not understand LEAP or cannot communicate to a trusted LEAP authentication server.
The client records the MAC address for access point A and the reason why the association failed.
The client associates successfully to access point B.
The client sends the MAC address of access point A and the reason code for the failure to access
point B.
Access point B logs the failure in the system log.
Setting Security Parameters
Chapter 10
if you need additional
5-19

Advertisement

Table of Contents
loading

This manual is also suitable for:

Pi21ag

Table of Contents