Manufacturer's Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor. No warranty or representation, either expressed or implied, is made with respect to the quality, accuracy or fitness for any particular purpose of this document.
1. Introduction 1.1 Product Feature ● Compliance with IEEE 802.11g and 802.11b standards ● Highly efficient design mechanism to provide unbeatable performance ● Achieving data rate up to 54Mbps for 802.11g and 11Mps for 802.11b with wide range coverage; high performance to deliver up to 108Mbps raw data rate for 802.11g ●...
Utility Installation Before insert PCI Adapter into the PCI slot of your computer, please install the Utility Program first. Make sure that the LevelOne 11g wireless Network PCI Adapter is NOT inserted into the PCI slot. NOTE: all the snapped images of installation mentioned in this manual are based on Windows XP.
Page 6
InstallShield Wizard will automatically start. Please click “Next” to continue.
Page 8
Please click “Finish” NOW. 1. Turn off your computer, and remove the power cord from your PC. 2. Open up the cover of your PC. 3. Remove the PCI slot cover from PC case. 4. Insert the 11g Wireless Network PCI Adapter into the empty PCI slot.
5. Once the installation is successful, a utility program icon will show on your desktop. To lunch the utility, just double click the icon. 3. Configuration 3.1 Link Information The default page is as below after you launch the Utility program. Status: Shows the BSSID associated, which can be used to identify the wireless network.
Frequency: Shows the current frequency used for wireless network. Wireless Mode: Shows the current wireless mode used for wireless communication. Encryption: Shows the current encryption mode used for wireless network. TxRate: Shows the current data rate used for transmitting. Channel: Shows the current channel for communication. Link Quality: Shows the link quality of the 108Mbps wireless LAN PCI Adapter with the Access Point when operating under Infrastructure mode.
Page 13
Wireless Mode: There are two types available for selection ●Infrastructure – to establish wireless communication with LAN and other wireless clients through the use the Access Points. ●Ad-Hoc – to establish point-to-point wireless communication directly with other wireless client devices such as wireless network PCI Adapter. AdHoc Band: There are two bands available for selection- 11B and 11G Channel: The value of channel that AP will operate in.
3.3 Advanced This is the page where you configure Security settings of your 108Mbps wireless LAN PCI Adapter Encryption: 4 options are available: Disable, Enable, WPA and WPA-PSK. Select Enable or Disable for WEP data encryption feature. If one of the two options is selected, it is required to select the Authentication mode from the next dropping list.
Page 15
If WPA is selected, configuration is enabled. Please click the configuration. The below window is pop up. Then, please select the certificate that you like to use and enter the server name and login name If WPA-PSK is selected, click the configuration button. The popping window is as the below.
The following will only be activated to allow for configuration when Encryption is enabled. Default Key: select one of the 4 keys to use. Network Key: enter values to these fields, either in HEX or ASCII formats. You only have to enter the key that you will use Key Length: select 64 or 128 bits as the length of the keys Key Format: ASCII or HEX 3.4 Site Survey...
Page 17
Profile – You can create and manage the created profiles for Home, offices or public areas. By double-clicking on one of the created profile, the setting will adapt to the configuration such as SSID, channel, and WEP settings saved by that particular profile.
Page 18
●Maximum Power Save – the device consumes the least power and only operates when there is wireless network activity. ●Power Save – the device consumes the moderate level of power ●Data Encryption –for WEP data encryption feature. If one of the two options is selected, it is required to select the Authentication mode from the next dropping list.
3.5 About US This page displays some information about the 108Mpbs wireless LAN PCI Adapter utility, which includes the version numbers for Driver, Firmware and Utility. When there is new version of software available for upgrade, you will be able to identify by version numbers.
Page 20
two formats that you can use for entering the values for WEP key. It represents English letters as numbers from 0 to 127. Authentication Type: Indication of an authentication algorithm which can be supported by the Access Point: 1. Open System: Open System authentication is the simplest of the available authentication algorithms.
Page 21
amount of time before retrying. If the network is quiet and two devices access the line at exactly the same time, their signals collide. When the collision is detected, they both back off and wait a random amount of time before retrying. DHCP: Dynamic Host Configuration Protocol, which is a protocol that lets network administrators manage and allocate Internet Protocol (IP) addresses in a network.
Page 22
heavy interference caused by the big size of transmission frame. But if the frame size is too small, it will create the overhead during the transmission. Gateway: a device that interconnects networks with different, incompatible communication protocols. HEX: Hexadecimal, HEX, consists of numbers from 0 – 9 and letters from A – F. IEEE: The Institute of Electrical and Electronics Engineers, which is the largest technical professional society that promotes the development and application of electrotechnology and allied sciences for the benefit of humanity, the advancement of...
Page 23
PSDU: PLCP service data unit Roaming: A LAN mobile user moves around an ESS and enjoys a continuous connection to an Infrastructure network. RTS: Request To Send. An RS-232 signal sent from the transmitting station to the receiving station requesting permission to transmit. RTS Threshold: Transmitters contending for the medium may not be aware of each other.
Page 24
WNC-0300 Appendix Appendix A Networking Basis ...25 Appendix B 802.1X Authentication Setup...38...
APPENDIX A: NETWORKING BASIS This chapter will help you learn the basics of home networking. Using the Windows XP Network Setup Wizard Go to Start menu > Control Panel > Network Connections In the menu on the left side of the window, select “Set up a home or small office network”...
Page 27
Select the option that best describes how you connect your computer to the Internet. In the case of using router in the network, choose the second option. Click “Next” to continue. 1. Enter a short description for your computer. 2. Enter a name for your computer to be recognized among the network.
Page 28
Enter “Workgroup name” for your home network. Click “Next” to continue” Click “Next” and wait for the wizard to apply the settings.
Page 29
You may create a network setup disk which saves you the trouble of having to configure every PCs in your network. Select the first choice, and insert a floppy disk into your disk drive Click “Next” to continue.
Page 30
Click “Format Disk” if you wish to format the disk. Click “Next” to copy the necessary files to the disk. Click “Next” to continue with the Network Setup Wizard...
Page 31
NOTE: Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup. Simply insert the Network Setup Disk into the disk drive of a PC, and open to browse the content of the disk with “My Computer” or “Windows File Manager”.
Checking IP Address of Your Computer in Windows Sometimes you will need to know the IP address of the computer that you are using. For example, when you want to make sure that your computer is in the same network domain as that of your Access Point for you can configure and access the Go to Start menu >...
Page 33
If the IP address is assigned by DHCP server on the network, there are chances you might have to release the IP and acquire it from DHCP server again. Here is how you do it. Go to Start menu > Run >...
Dynamic IP Address V.S. Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network. These dynamically assigned IP addresses will expire and may be changed over time. Static IP addresses are the IP addresses that users manually enter for each of the network adapters.
Dynamically Assigned IP Address The TCP/IP Properties window appears. Select “Obtain an IP address automatically” if you are on a DHCP enabled network. Click “OK” to close the window with the changes made Static IP Address Select “Use the following IP address”...
NOTE: The IP address must be within the same range as the wireless route or Access Point. Wireless Network in Windows 2000 Go to Start menu > Settings > Network and Dial-up Connections > Double-click on the Local Area Connection Select “Internet Protocol (TCP/IP)”...
Select “Use the following IP address” Enter the IP address and subnet mask fields. Enter the IP address of the Router in the Default gateway field. Enter the IP address of the Router in the DNS server field Wireless Network In Windows 98SE and Windows ME Go to Start menu >...
Page 38
The TCP/IP Properties window appears. Select “Obtain an IP address automatically” if you are on a DHCP enabled network. Click “OK” to close the window with the changes made Select “Specify an IP address” Enter the IP address and subnet mask fields. In the DNS Configuration Tab Page, (1) enter the IP address of the Router in the Default...
APPENDIX B: 802.1x Authentication Setup There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authenticator and (3) Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP). complement to the current WEP encryption used in wireless network. The current security weakness of WEP encryption is that there is no key management and no limitation for the duration of key lifetime.
Page 40
infrastructure, each of these wireless clients would have to be authenticated by the Radius server, which would grant the authorized client and notified the Access Point to open up a communication port to be used for the granted client. There are 2 Extensive Authentication Protocol (EAP) methods supported: (1) MD5 and (2) TLS.
Supplicant: Wireless Network PC Card Here is the setup for the Wireless Network PC Card under Windows XP, which is the only Operating System that our driver supports for 802.1x. Microsoft is planning on supporting 802.1x security in all common Windows Operating System including Win98SE/ME/2000 by releasing Service Pack in 2003.
Page 42
Click on the “Wireless Network” tab. 108Mbps High Speed Network Adapter...
Page 43
Click “Properties” of the available wireless network, which you wish to connect or configure. Please note that if you are going to change to a different 802.1x authentication EAP method, i.e. switch from using MD5 to TLS, , you must remove the current existing wireless network from your Preferred networks first, and add it in again.
TLS Authentication Select “The key is provided for me automatically” option Click “OK” to close the Wireless Network Properties window.
Page 45
Click “Authentication” tab 10. Select “Enable network access control using IEEE 802.1x” option to enable 802.1x authentication. 11. Select “Smart Card or other Certificate” from the drop-down list box for EAP type. 12. Click “OK” to close the Wireless Network Connection Properties window, thus make the changes effective.
TLS Authentication – Download Digital Certificate from Server In most corporations, it requires internal IT or MIS staff’s help to have the certificated downloaded to your local computer. One of the main reasons is that each corporation uses its own server systems, and you will need the assistance from your IT or MIS for account/password, CA server location and etc.
Page 47
16. Now we are connected to the Certificate Service. Select “Request a certificate”, and click “Next” to continue. 17. Select “User Certificate request”, and click “Next” to continue.
Page 48
18. Click “Submit >” to continue. 19. The Certificate Service is now processing the certificate request.
Page 49
20. The certificate is issued by the server, click “Install this certificate” to download and store the certificate to your local computer. 21. Click “Yes” to store the certificate to your local computer.
Page 50
22. Certificate is now installed. All the configuration and certificate download are now complete. Let’s try to connect to the Access Point using 802.1x TLS Authentication. 23. Windows XP will prompt you to select a certificate for wireless network connection. Click on the network connection icon in the system tray to continue.
Page 51
24. Select the certificate that was issued by the server (WirelessCA), and click “OK” to continue. 25. Check the server to make sure that it’s the server that issues certificate, and click “OK” to complete the authentication process.
MD5 Authentication 26. Select “Data encryption (WEP enabled)” option, but leave other option unselected. 27. Select the key format that you want to use to key in your Network key. ASCII characters: 0~9, a~z and A~Z HEX characters: 0~9, a~f 28.
Page 53
30. Click “OK” to close the Wireless Network Properties window, thus make the changes effective. 31. Select “Authentication” tab. 32. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. 33. Select “MD-5 Challenge” from the drop-down list box for EAP type. 34.
Page 54
Unlike TLS, which uses digital certificate for validation, the MD-5 Authentication is based on the user account/password. Therefore, you must have a valid account used by the server for validation. 35. WindowsXP will prompt you to enter your user name and password. Click on the network connection icon in the system tray to continue.
Authenticator: Wireless Network Access Point This is the web page configuration in the Access Point that we use. 1. Enable 802.1x security by selecting “Enable”. 2. If MD5 EAP methods is used then you can skip step 3 and go to step 4. 3.
Radius Server: Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802.1x authentication, which includes setting up Certificate Service for TLS Authentication, and enable EAP-methods. 1. Login into your Windows 2000 Server as Administrator, or account that has Administrator authority.
Page 57
5. Select “Enterprise root CA”, and click “Next” to continue. 6. Enter the information that you want for your Certificate Service, and click “Next” to continue.
Page 58
7. Go to Start > Program > Administrative Tools > Certificate Authority 8. Right-click on the “Policy Setting”, select “new” 9. Select “Certificate to Issue” 10. Select “Authenticated Session” and “Smartcard Logon” by holding down to the Ctrl key, and click “OK” to continue.
Page 59
11. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 12. Right-click on domain, and select ”Properties” to continue. 13. Select “Group Policy” tab and click “Properties” to continue.
Page 60
14. Go to “Computer Configuration” > “Security Settings” > “Public Key Policies” 15. Right-click “Automatic Certificate Request Setting”, and select “New” 16. Click “Automatic Certificate Request ...”...
Page 61
17. The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup, simply click “Next” through to the last step. 18. Click “Finish” to complete the Automatic Certificate Request Setup 19. Go to Start > Run, and type “command” and click “Enter” to open Command Prompt.
Adding Internet Authentication Service 21. Go to Start > Control Panel > Add or Remove Programs 22. Select “Add/Remove Windows Components” from the panel on the left. 23. Select “Internet Authentication Service”, and click “OK” to install.
Setting Internet Authentication Service 24. Go to Start > Program > Administrative Tools > Internet Authentication Service 25. Right-click “Client”, and select “New Client” 26. Enter the IP address of the Access Point in the Client address text field, a memorable name for the Access Point in the Client-Vendor text field, the access password used by the Access Point in the Shared secret text field.
Page 64
27. Click “Finish” to complete adding of the Access Point. 28. In the Internet Authentication Service, right-click “Remote Access Policies” 29. Select “New Remote Access Policy”.
Page 65
30. Select “Day-And-Time-Restriction”, and click “Add” to continue. 31. Unless you want to specify the active duration for 802.1x authentication, click “OK” to accept to have 802.1x authentication enabled at all times.
Page 66
32. Select “Grant remote access permission”, and click “Next” to continue. 33. Click “Edit Profile” to open up...
For TLS Authentication Setup (Steps 34 ~ 38) 34. Select “Authentication” Tab 35. Enable “Extensible Authentication Protocol”, and select “Smart Card or other Certificate” for TLS authentication...
Page 68
36. Go to Start > Program > Administrative Tools > Active Directory Users and Computers 37. Select “Users”, and double-click on the user that can be newly created or currently existing, who will be configured to have the rights to obtain digital certificate remotely.
Page 69
38. Go to the “Dial-in” tab, and check “Allow access” option for Remote Access Permission and “No Callback” for Callback Options.
For MD5 Authentication (Steps 39 ~ 54) 39. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 40. Right-click on the domain, and select “Properties” 41. Select “Group Policy” tab, and click “Edit” to edit the Group Policy.
Page 71
42. Go to “Computer Configuration” > “Windows Settings” > “Security Settings” > “Account Policies” > “Password Policies” 43. Click “Define this policy setting”, select “Enabled”, and click “OK” to continue.
Page 72
44. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 45. Go to Users. Right-click on the user that you are granting access, and select “Properties” 46. Go to “Account” tab, and enable “Store password using reversible encryption”...
Page 73
48. Go to Start > Program > Administrative Tools > Internet Authentication Service. 49. Go to Remote Access Policies 50. Make sure that MD5 is moved up to Order 1 51. Right-click “MD5”, and select “Properties”...
Page 74
52. Go to “Authentication” tab 53. Enable “Extensible Authentication Protocol” 54. Select “MD5-Challenge” for EAP type list.