LevelOne WNC-0300 Network Card User Manual
Contents
1. Action view EN E A EN TE i a m E E Sr f Active Directory Users and Computers Type Description i 2 FAE LOCAL Administrator User Built in account For admini Builtin fii cert Publishers Security Group Enterprise certification an EDHCR Adminis Security Group Members who have admini DHCP Users Security Group Members who have view E Dns dmins Security Group DNS Administrators Group EE DnsUpdateFr Security Group DNS clients who are permi Pii Domain Admins Security Group Designated administrators EE Domain Comp Security Group All workstations and serve EE Domain Contr Security Group All domain controllers in th ff Domain Guests Security Group All domain quests EE Domain Users Security Group All domain users i Enterprise 4d Security Group Designated administrators croup Policy Security Group Members in this group can fF Guest User Built in account For guest f IUSR_FAEO1 User Built in account For anony E IwWAM_FAEO1 User Built in account For Intern Eh krbtgt User Key Distribution Center Se PHRAS and 145 Security Group Servers in this group can fi Schema Admins Security Group Designated administrators E Smecos et eT eT E Please note that in this case we have a user called test whose account password are used to obtain the digital certificate from server2. Note Even though you may have specitted that users should be denied access the profile can still be used if this policy s conditions are overridden on a per uzer basis Edit Profile lt Back Cancel 65 For TLS Authentication Setup Steps 34 38 34 Select Authentication Tab 35 Enable Extensible Authentication Protocol and select Smart Card or other Certificate for TLS authentication Edit Dial in Profile 21x Dialin Constraints IF l Multilink Authentication Encryption Advanced Check the authentication methods which are allowed for this connection Extensible Authentication Protocol Select the EAF type which i acceptable for this policy Smart Lard or other Certificate Configure Microsoft Encrypted Authentication version 2 MS CHAP w2 Microsoft Encrypted Authentication MS CHAP Encrypted Authentication CHAF F Unencippted Authentication RAP SPAP Unauthenticated Access C Allow remote PPP clients to connect without negotiating any authentication method cancel Amo 66 36 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 37 Select Users and double click on the user that can be newly created or currently existing who will be configured to have the rights to obtain digital certificate remotely Active Directory Users and Computers O x lea Console Window Help ja
3. mt _ Wireless Network Connection Properties General wireless Networks Authentication Advanced Connect using ES 108Mbps High Speed Network Adapter This connection uses the following items El Client For Microsoft Networks a File and Printer Sharing tor Microsoft Networks los Packet Scheduler Internet Protocal TCPYIP NN Properties Install Description Transmission Control Protocol ntermnet Protocol The default wide area network protocol that provides communication across diverse interconnected networks Show icon in notification area when connected Dynamically Assigned IP Address Internet Protocol TCP IP Properties The TCP IP Properties window appears General Alternate Configuration ou can get IF settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Select Obtain an IP address automatically if you are ona DHCP enabled network Obtain an IF address automatically Click OK to close the window with the changes made 2 Obtain DNS server address automatically O Use the following DNS server addresses MO IO Static IP Address Internet Protocol TCP IP Properties Select Use the following IP address General Enter the IP address and fou can get IF settings assigned au
4. 67 38 Go to the Dial in tab and check Allow access option for Remote Access Permission and No Callback for Callback Options Control access through Remote Access Policy Hen aller Wr gt Assion a Static IP Address ADP Staic outes Static Aoutes 68 For MD5 Authentication Steps 39 54 39 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 40 Right click on the domain and select Properties 4 Active Directory Users and Computers _ O x l Console Window Help 18 x Action view l ERE Bit vy ae Tree FAE LOCAL 5 objects Ey Active Directory Users Aral uiltinDormain H E Delegate Control ontainer Default container For upar H E Find Prganizational Default container For new Hig Connect to Domain ontainer Default container For secu HG Connect to Domain Controller ontainer Default container For upar f Operations Masters Mew F All Tasks View Mew Window From Here Refresh Export List 4 Properties Opens pro Help 41 Select Group Policy tab and click Edit to edit the Group Policy FAE LOCAL Properties x General Managed By Group Policy ES Current Group Policy Object Links for FSE Group Policy Object Links No Overnide Disabled Default Domain Policy Group Policy Objects higher in the list have the highest priority This l
5. Network Setup Wizard Please wat y Pleaze wait while the wizard configures this computer for home or small office networking This process may take a few minutes 2 Network Setup Wizard You re almost done A e gt You need to run the Network Setup Wizard once on each of the computers on pour J network Torun the wizard on computers that are not running Windows lt P you can use the Windows lt P CO or a Network Setup Disk What do you want to do O Use the Network Setup Disk already have O Use my Windows lt P CD O Just finish the wizard don t need to run the wizard on other computers 28 Click Format Network Setup Wizard Disk if you wish to Insert the disk you want to use format the disk Insert a disk the into the following disk drive and then click Next Click Next to copy 3 Floppy A the necessary files to the disk o format the disk click Format Disk Copying Please wait while the wizard copies Files 5 Click Next to Network Setup Wizard continue with the To run the wizard with the Network Setup Disk 3 Network Setup Wizard e gt Complete the wizard and restart this computer Then use the Network Setup Disk to run J the Network Setup Wizard once on each of the other computers on your network Here s how 1 Insert the Network Setup Disk into the nest computer you want to network Open My Computer and then open the Network
6. This is the page where you can change the basic settings of the Access Point with the minimum amount of effort to implement a secure wireless network environment ts Link Info 108Mbps Wireless LAN Adapter Configuration Utility x ii Configuration SSID Wireless Mode Infrastructure ii Advanced Support Band AdHoc Band E i Site Survey mel E ia Tx Rate 115 5 Auto 116 ip About Power Mode Continuous Access Mode Y A 11G TURBO Preamble Short amp Long Preamble Cancel SSID Service Set Identifier which is a unique name shared among all clients and nodes in a wireless network The SSID must be identical for each clients and nodes in the wireless network Wireless Mode There are two types available for selection e Infrastructure to establish wireless communication with LAN and other wireless clients through the use the Access Points e Ad Hoc to establish point to point wireless communication directly with other wireless client devices such as wireless network PCI Adapter AdHoc Band There are two bands available for selection 11B and 11G Channel The value of channel that AP will operate in You can select the channel range of 1 to 11 for North America FCC domain and 1 to 13 for European ETSI domain and to 14 for Japanese domain Tx Rate Select the data rate for data transmission Power Mode There are 3 modes to choose eContinuous Access Mode default the PCls c
7. O 10 A a io AAA deck ecco oh taeda iad deh vl todo denaanh aia 10 2 COMU ye dodo 11 NY Md tios 13 FASE OUVE a e a e asad mousora auiyaatieatauseieuacuaeaus 15 DD PRO O We Seaan E verte at enews own 18 AE CROSS ALY SE tate series T E EEE E ei tert essai E E E 18 APPENDIX A NETWORKING BASIS ccccccsnsccesnnsceesennseeeeeneseeseeneeenseenaees 25 USING THE WINDOWS XP NETWORK SETUP WIZARD cccceeeseeeeeeeeeeeeeeeseeeeeeeeeenaaes 25 CHECKING IP ADDRESS OF YOUR COMPUTER IN WINDOWS XP cccceeeeeeeeeeeeeeeeeeaeees 31 DYNAMIC TP ADDRESS V S STATIC IP ADDRESS sesion das 33 Dynamically Assigned IP ACCCSS csscscccuscnccccccuncncennecssaeeeenneenseneesnegnags 34 Slavic IP ACGKCSS ns NA EAS 34 WIRELESS NETWORK IN WINDOWS 2000 ccccccceee cece esses eee eeeeee ee eeeneneeneesaaeennngs 35 WIRELESS NETWORK IN WINDOWS 98SE AND WINDOWS ME ce cceceeeee eens eeeeeeeeeees 36 APPENDIX B 802 1X AUTHENTICATION SETUP ccccseeccessnnseeesennseessnnees 38 S022 AUTHENTICATION INFRASTRUCTURE Sii ietatvbeatetuudwnneantamede cantina 38 SUPPLICANT WIRELESS NETWORK PC CARD iaa a 40 TES AUT CAUCQUOR trad ii abi 43 TLS Authentication Download Digital Certificate from Server sisscccseeeeees 45 MOS AUTACNUCAUION do de 51 AUTHENTICATOR WIRELESS NETWORK ACCESS POINT ccccseeceeseeeeeeeeeeeeeeeeeenaeeeenaes 54 RADIUS SERVER WINDOWZ000 SERVER viral dis 55 Adding Internet Authentication Service 1 cccscccccccuneceessennnenesenns 61 S
8. either in HEX or ASCII formats You only have to enter the key that you will use Key Length select 64 or 128 bits as the length of the keys Key Format ASCII or HEX 3 5 About US This page displays some information about the 108Mpbs wireless LAN PCI Adapter utility which includes the version numbers for Driver Firmware and Utility When there is new version of software available for upgrade you will be able to identify by version numbers ji Link Info 108Mbps Wireless LAN Adapter Configuration Utility X i Configuration gt Advanced Site Survey Adapter Information MAC Address Utility Version Oriver Version 108Mbps Wireless LAN Adapter Configuration Utility 4 Glossary Access Point An internetworking device that seamlessly connects wired and wireless networks Ad Hoc An independent wireless LAN network formed by a group of computers each with a network adapter AP Client One of the additional AP operating modes offered by 108Mbps Access Point which allows the Access Point to act as an Ethernet to Wireless Bridge thus a LAN or a single computer station can join a wireless ESS network through it ASCII American Standard Code for Information Interchange ASCII is one of the two formats that you can use for entering the values for WEP key It represents English letters as numbers from 0 to 127 Authentication Type Indication of an authentication algorithm which can be supported by the Access Point 1 Op
9. 04b b ME w 61 Setting Internet Authentication Service 24 Go to Start gt Program gt Administrative Tools gt Internet Authentication Service 25 Right click Client and select New Client 2 Internet Authentication Service l 7 o x Friendly Name Protocol Export List Help 26 Enter the IP address of the Access Point in the Client address text field a memorable name for the Access Point in the Client Vendor text field the access password used by the Access Point in the Shared secret text field Re type the password in the Confirmed shared secret text field 62 27 Click Finish to complete adding of the Access Point Add RADIUS Client 152 168 1 1 RADIUS Standard na E SNNN 28 In the Internet Authentication Service right click Remote Access Policies 29 Select New Remote Access Policy To Internet Authentication Service A New Remote Access Policy 63 30 Select Day And Time Restriction and click Add to continue Select the type of attribute to add and then click the Add button Attribute types Description Called Station Id Phone number dialed by user Calling Statiorn td Phone number from which call originated Chent Frendly H ame Friendly name forthe RADIUS client 45 only Chent IP Address IP address of RADIUS client 145 only Clhent Yerndor Manufacturer of RADIUS proxy or HAS 1
10. Program gt Administrative Tools gt Certificate Authority 8 Right click on the Policy Setting select new 9 Select Certificate to Issue 4 Certification Authority Action View Tree Mame Intended Purpose Certification Authority iLocal Wel EFS Recovery Agent File Recovery Ef Wireless Ef Basic EFS Encrypting File System 1 Revoked Certificates GA Domain Controller Client Authentication Server Authentic Issued Certificates Gel web Server Server Authentication El Computer Client Authentication Server Authentic Encrypting File System Secure Email 2 vee Pending Requests Failed Requests Pew Code Signing Microsoft Trust List Signi VIEW Refresh Export List Help Add a Certificate Template to the list of Certificate Templates issued by this Certifica 10 Select Authenticated Session and Smartcard Logon by holding down to the Ctrl key and click OK to continue Select Certificate Template x Select a certificate template to issue certificates Secure Email Cher dde Secure Email Cher Authenticated Session Client Authenticatic Client Authenticatic ET Code Signing Trust List Signing Microsoft Trust List H Ernrallment oer Certificate Penes E F Cancel 57 11 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 12 Right click on domain and select Properties to
11. computer 2 Enter a name for your computer to be Computer description AREA 51 STATION No 6 Examples Family Room Computer or Monica s Computer recognized among Computer name ALIENT the network Examples FAMILY or MONICA 3 Click Next to continue The current computer name is MM Learn more about computer names and descriptions ST IT ee 26 Enter Workgroup Network Setup Wizard name for your Hame your network 3 home network Click Next to pe Mame pour network by specifying a workgroup name below All computers on pour network continue should have the same workgroup name Workgroup name AREA Examples HOME or OFFICE OTS nel T Click Next and Network Setup Wizard wait for the wizard Ready to apply network settings 3 to apply the settings The wizard will apply the following settings This process may take a few minutes to complete and cannot be interrupted Settings Internet connection settings Connecting through another device or computer Network settings Computer description AREA 51 STATION Ho 6 Computer name ALIENT Workgroup name AREAN To apply these settings click Next ST METI ee 27 You may create a network setup disk which saves you the trouble of having to configure every PCs in your network Select the first choice and insert a floppy disk into your disk drive Click Next to continue
12. continue 4 Active Directory Users and Computers y al x 1 Console Window Help 18 x Action View EM fal EN TE i if ra E E Tree FAE LOCAL 5 bjects O O OOOO E Active Directory Users ae rana lal Balkin uilkinDomain Ae paegatg Control ontainer Default container For upar H E Find Prganizational Default container For new Hi Connect to Pemain 3 ontainer Default container For secu H E Connect to Domain Controller ontainer Default container For upgr E Operations Masters New All Tasks P View Mew Window From Here Refresh Export List Openspre A AS 13 Select Group Policy tab and click Properties to continue FAE LOCAL Properties ajx General Managed By Group Policy ES Current Group Policy Object Links for FAE Group Policy Object Links Ho Override Disabled Default Domain Policy Group Policy Objects higher in the list have the highest priority This list obtained from fae0 F4E LOCAL Do Mew Add Options Delete T Block Policy inheritance 58 14 Go to Computer Configuration gt Security Settings gt Public Key Policies 15 Right click Automatic Certificate Request Setting and select New 16 Click Automatic Certificate Request lolx Tree Automatic Certificate Request L Software Settings o Bat down bE ae Settings i n
13. from computers and terminals Ethernet operates on a 10 100 Mbps base transmission rate using a shielded coaxial cable or over shielded twisted pair telephone wire Fragmentation When transmitting a packet over a network medium sometimes the packet is broken into several segments if the size of packet exceeds that allowed by the network medium Fragmentation Threshold The Fragmentation Threshold defines the number of bytes used for the fragmentation boundary for directed messages The purpose of Fragmentation Threshold is to increase the transfer reliability thru cutting a MAC Service Data Unit MSDU into several MAC Protocol Data Units MPDU in smaller size The RF transmission can not allow to transmit too big frame size due to the 20 heavy interference caused by the big size of transmission frame But if the frame size is too small it will create the overhead during the transmission Gateway a device that interconnects networks with different incompatible communication protocols HEX Hexadecimal HEX consists of numbers from 0 9 and letters from A F IEEE The Institute of Electrical and Electronics Engineers which is the largest technical professional society that promotes the development and application of electrotechnology and allied sciences for the benefit of humanity the advancement of the profession The IEEE fosters the development of standards that often become national and international standards Infrastr
14. make the changes effective The wireless client configuration in the zero configuration utility provided in Windows XP is now completed for TLS configuration Before you can enable IEEE 802 1x authentication and have wireless client authenticated by the Radius server you have to download the certificate to your local computer first 44 TLS Authentication Download Digital Certificate from Server In most corporations it requires internal IT or MIS staff s help to have the certificated downloaded to your local computer One of the main reasons is that each corporation uses its own server systems and you will need the assistance from your IT or MIS for account password CA server location and etc The following illustration is based on obtaining a certificate from Windows 2000 Server which can act as a CA server assuming you have a valid account password to access the server 13 Connect to the server and ask for access and the server will prompt you to enter your user name and password 14 Enter your user name and password then click OK to continue Connect to 197 168 1 10 Connecting to 192 166 1 10 Remember my password Please note that we use IP addresses for connection with the server for our illustration and the IP of the server is 192 168 1 10 15 After successful login open up your Internet Browser and type the following in the address field http 192 168 1 10 certsrv This is how we connect
15. 11 Wireless Clients Support 802 1X The Infrastructure diagram showing above illustrates that a group of 802 11 wireless clients is trying to form a 802 11 wireless network with the Access Point in order to have access to the Internet Intranet In 802 1x authentication 38 infrastructure each of these wireless clients would have to be authenticated by the Radius server which would grant the authorized client and notified the Access Point to open up a communication port to be used for the granted client There are 2 Extensive Authentication Protocol EAP methods supported 1 MD5 and 2 TLS MD5 authentication is simply a validation of existing user account and password that is stored in the server with what are keyed in by the user Therefore wireless client user will be prompted for account password validation every time when he she is trying to get connected TLS authentication is a more complicated authentication which involves using certificate that is issued by the Radius server for authentication TLS authentication is a more secure authentication since not only the Radius server authenticates the wireless client but also the client can validate the Radius server by the certificate that it issues The authentication request from wireless clients and reply by the Radius Server and Access Point process can be briefed as follows 1 The client sends an EAP start message to the Access Point The Access Point replies with an EAP Requ
16. 40 bits 5 characters kep index advanced The key iz provided for me automatically Please note that that value of Network key entered and key format length used must be the same as that used in the Access Point Although there are 4 set of keys can be set in the Access Point WEP configuration it s the first set of key that must be the same as that we used by the supplicant wireless client 51 30 31 32 33 Click OK to close the Wireless Network Properties window thus make the changes effective Select Authentication tab Select Enable network access control using IEEE 802 1X to enable 802 1x authentication Select MD 5 Challenge from the drop down list box for EAP type Wireless Network Connection Properties Ed General Wireless Networks Authentication Advanced Select this option to provide authenticated network access hor wired and wireless Ethernet networks Enable network access control using IEEE 802 1 EAP type MD 5 Challenge MD5 Challenge Smart Card or other Certificate Authenticate as computer when computer information i available Authenticate as guest when user or computer information is unavailable 34 Click OK to close Wireless Network Connection Properties window thus make all the changes effective 52 Unlike TLS which uses digital certificate for validation the MD 5 Authentication is based on the use
17. 8 5 onl DE ae Time periods and days of week during which use Framed Protocal The protocol to be used 45 dentifier String identifying the WAS onginating the request HAS IP Address IF address of the NAS originating the request 16 NAS Fort T ype Type of physical port used by the MAS orginatir Service 7 ye Type of service user has requested Tunnel Type Tunneling protocols to be used Windows G roups Windows groupe that user belongs to El Add Cancel 31 Unless you want to specify the active duration for 802 1x authentication click OK to accept to have 802 1x authentication enabled at all times x 3 Te q2 2 4 6 8 10 12 2 4 6 6 10 12 Cancel Sunday Sunday through Saturday from 12 AM to 12 4M 64 32 Select Grant remote access permission and click Next to continue Add Remote Access Policy x Permissions Determine whether to grant or deny remote access permission You can use a Remote Access Policy ether to grant certain access privileges to a group of users orto act as a filter and deny access privileges to a group of users If a user matches the specified conditions f Grant remote access permission Deny remote access permission Back Cancel 33 Click Edit Profile to open up Add Remote Access Policy gy x User Profile Specify the user profile OU can now specify the profile for users who matched the conditions you have specitied
18. Access Point for you can configure and access the AP Go to Start menu gt Run gt type Type the name of a program folder document or Internet resource and Windows will open it for vou command command Click OK Go Crome When the command prompt window appears type command ipconfig all and press Enter This command will display the IP addresses of all the network adapters in your computer GY Scroll C WWINDOWS iS ystem32icmd exe E ja El Ethernet adapter Wireless Metwork Connection 3 Connection specific DNS Suffix Description dapter Dhcp Enabled Autoconfiguration Enabled z IP Address a a 2 m E Subnet Mask Default Gateway DHCP Server z E SL DNS Servers z 168 1 Lease Obtained April 64 2003 11 45 28 PH Lease Expires gt Saturday April 65 2663 11 45 28 PM C Documents and Settings t ypark gt In this case the IP address of your network adapter is 192 168 1 2 which means your Access Point must have an IP address of 192 168 1 xxx in order for you to be able to access it 31 If the IP address is assigned by DHCP server on the network there are chances you might have to release the IP and acquire it from DHCP server again Here is how you do it Go to Start menu gt Run gt type A o Type the name of a program folder document or command s f Internet resource and Windows will open it For you Open v o Ca Type command ip
19. IP address DHCP enables the network administrators to assign the IP from a central location and each computer receives an IP address upon plugged with the Ethernet cable everywhere on the network DSSS Direct Sequence Spread Spectrum DSSS generates a redundant bit pattern for each bit to be transmitted This bit pattern is called a chip or chipping code The longer the chip the greater the probability that the original data can be recovered Even if one or more bits in the chip are damaged during transmission statistical techniques embedded in the radio can recover the original data without the need for retransmission To an unintended receiver DSSS appears as low power wideband noise and is rejected ignored by most narrowband receivers Dynamic IP Address An IP address that is assigned automatically to a client station in a TCP IP network by a DHCP server Encryption A security method that uses a specific algorithm to alter the data transmitted thus prevent others from knowing the information transmitted ESS ESS stands for Extended Service Set More than one BSS is configured to become Extended Service Set LAN mobile users can roam between different BSSs in an ESS ESSID The unique identifier that identifies the ESS In infrastructure association the stations use the same ESSID as AP s to get connected Ethernet A popular local area data communications network originally developed by Xerox Corp that accepts transmission
20. Ll level LevelOne WNC 0300 l1g Wireless PCI Adapter User s Manual Version 2 0 Manufacturer s Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor No warranty or representation either expressed or implied is made with respect to the quality accuracy or fitness for any particular purpose of this document The manufacturer reserves the right to make changes to the content of this document and or the products associated with it at any time without obligation to notify any person or organization of such changes In no event will the manufacturer be liable for direct indirect special incidental or consequential damages arising out of the use or inability to use this product or documentation even if advised of the possibility of such damages This document contains materials protected by copyright All rights are reserved No part of this manual may be reproduced or transmitted in any form by any means or for any purpose without expressed written consent of its authors Product names appearing in this document are mentioned for identification purchases only All trademarks product names or brand names appearing in this document are registered property of their respective owners FCC STATEMENT This product has been tested and complies with the specifications for a Class B digital device pursuant to Part 15 of the FCC Rules Th
21. Setup Disk 2 Double click netsetup al da a 3 Bok Qf 29 NOTE Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup Simply insert the Network Setup Disk into the disk drive of a PC and open to browse the content of the disk with My Computer or Windows File Manager Double click and run the file netsetup for the program to handle the rest Click Finish to Network Setup Wizard complete the Completing the Network Setup Network Setup Wizard Wizard You have successtully set up this computer for home or mall office networking For help with home or small office networking see the following topics in Help and Support Center Using the Shared Documents folder Sharing files and folders To see other computers on your network click Start and then click My Network Places To close this wizard click Finish System will now System Settings Change o have to restart in You must restart your computer before the new settings will take effect order for the new Do ou want Eo restart your computer now settings to be effective Click Yes to restart the computer 30 Checking IP Address of Your Computer in Windows XP Sometimes you will need to know the IP address of the computer that you are using For example when you want to make sure that your computer is in the same network domain as that of your
22. atically assigned to this computer lEponr network does Hot automatically assign IP addresses ask your network administrator for an address and then type it in the space below C Obtain anlP address automatically i Specify an IP address IF Address Subnet Mask _ 8 Carcel 37 APPENDIX B 802 1x Authentication Setup There are three essential components to the 802 1x infrastructure 1 Supplicant 2 Authenticator and 3 Server The 802 1x security supports both MD5 and TLS Extensive Authentication Protocol EAP The 802 1x Authentication is a complement to the current WEP encryption used in wireless network The current security weakness of WEP encryption is that there is no key management and no limitation for the duration of key lifetime 802 1x Authentication offers key management which includes key per user and key per session and limits the lifetime of the keys to certain duration Thus key decryption by unauthorized attacker becomes extremely difficult and the wireless network is safely secured We will introduce the 802 1x Authentication infrastructure as a whole and going into details of the setup for each essential component in 802 1x authentication 802 1x Authentication Infrastructure 802 11 Wireless Access Points Support 802 1X Authentication Request 802 11 RADIUS Server Authentication Success a Wireless Networks Y Internet Intranet 802
23. atory supported long preamble and header which interoperates with the current and 2 Mbit s DSSS specification as described in IEEE Std 802 11 1999 and an optional short preamble and header At the receiver the PLCP preamble and header are processed to aid in demodulation and delivery of the PSDU The optional short preamble and header is intended for application where maximum throughput is desired and interoperability with legacy and non short preamble capable equipment is not consideration That is it is expected to be used only in networks of like equipment that can all handle the optional mode IEEE 802 11b standard ZA PSDU PLCP service data unit Roaming A LAN mobile user moves around an ESS and enjoys a continuous connection to an Infrastructure network RTS Request To Send An RS 232 signal sent from the transmitting station to the receiving station requesting permission to transmit RTS Threshold Transmitters contending for the medium may not be aware of each other RTS CTS mechanism can solve this Hidden Node Problem If the packet size is smaller than the preset RTS Threshold size the RTS CTS mechanism will NOT be enabled SSID Service Set Identifier which is a unique name shared among all clients and nodes in a wireless network The SSID must be identical for each clients and nodes in the wireless network Subnet Mask The method used for splitting IP networks into a series of sub groups or subnets The mask is a bi
24. cians 32 Dynamic IP Address V S Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network These dynamically assigned IP addresses will expire and may be changed over time Static IP addresses are the IP addresses that users manually enter for each of the network adapters Go to Start menu gt Control Panel gt Network Connections gt Right click on the active Local Area connection gt Select Properties NOTE gt Network Connections Seles File Edit view Favorites Tools Advarced telp Pal Bal i k h a y y Pil y Search i5 Folders Address e Mezmork Connections 50 2 LANor High Speed Internet A Network Tasks A Wireless Network Connection ig Create ane l Enabled connection y 54M WLAN Adapter 2 Set up a home cr sral View Available wireless Networks alfie Lor aN Disable this network rus device E Repair Y Repair this connection Disable Bridge Connections wij Rename his connection gt View status of this connection 2 Change settings ef this connection Other Places A Create Shortcut Properes There might be two or more Local Area Connection to choose from You must select the one that you will use to connect to the network The Local Area Connection Properties would appear Select Internet Protocol TCP IP and Click Properties to continue
25. config renew in the command prompt window and press Enter Click OK This command releases the current IP address and acquire it from the network i e DHCP server once more ES Scroll C WINDOWSystem3 cmd exe a El Ethernet adapter Wireless Network Connection 3 Connection specific DNS Suffix Description dapter Dhcp Enabled Autoconfiguration Enabled IP Address a son we ew ew ew 1 n 1 3 Subnet Mask z 3 255 6 Default Gateway E 1 1 DHCP Server E 1 1 DNS Servers Lease Obtained Lease Expires C Documents and Settings t ypark gt In this case the IP address that we acquired is 192 168 1 3 However it s often that the acquired IP address of the network adapter might would not be the same NOTE To renew IP under Windows 98SE and Windows ME you will have to go to the Start menu gt Run gt type winipcfg and click OK The Windows IP Configuration Menu window would appear where you first click release button to release the current IP address followed by clicking of Renew to acquire a new IP address from network If the above methods for IP renew fail you will have to try and restart the computer which will reinitializes the network adapter settings during startup including renewing IP address If you still have problems getting an IP address after computer restarts you will have to consult with your MIS in your office or call computer and network techni
26. default page is as below after you launch the Utility program fie Link Info 108Mbps Wireless LAN Adapter Configuration Utility X i Configuration Status No Connection to Network SSID FE lts Advanced Frequency 2427 MHz Wireless Mode E ti ce Site Survey a Tx Rate 11 Mbps i 4 i About Channel Link Quality Signal Strength Link Quality Signal Strength Data Rate Transmit 2 Kbps Pr Receive Kbps 108Mbps Wireless LAN Adapter Configuration Utility Status Shows the BSSID associated which can be used to identify the wireless network SSID Shows current SSID which must be the same for the wireless client and AP in order for communication to be established Frequency Shows the current frequency used for wireless network Wireless Mode Shows the current wireless mode used for wireless communication Encryption Shows the current encryption mode used for wireless network TxRate Shows the current data rate used for transmitting Channel Shows the current channel for communication Link Quality Shows the link quality of the 108Mbps wireless LAN PCI Adapter with the Access Point when operating under Infrastructure mode Signal Strength Shows the wireless signal strength of the connection between the 11g wireless PCI Adapter with the Access Point Data Rate Shows the statistics of data transfer and the calculation is based on the number of packets transmitted and received 3 2 Configuration
27. e in You can select the channel range of to 11 for North America FCC domain and 1 to 13 for European ETSI domain and 1 to 14 for Japanese domain Tx Rate Select the data rate for data transmission Power Mode There are 3 modes to choose eContinuous Access Mode default the device is constantly operating with full power and it consumes the most power e Maximum Power Save the device consumes the least power and only operates when there is wireless network activity Power Save the device consumes the moderate level of power eData Encryption for WEP data encryption feature If one of the two options is selected it is required to select the Authentication mode from the next dropping list Auth Mode There are three modes available to choose e Open Authentication the sender and receiver do not share secret Key for communication Instead each party generates its own key pairs and asks the other party to accept it The key is regenerated when the connection is established every time e Shared Authentication the sender and receiver shares the common key for data communication and the key is used for extended length of time e Auto depend on the communication to establish and automatically use the proper authentication mode The following will only be activated to allow for configuration when Encryption is enabled Default Key select one of the 4 keys to use Network Key enter values to these fields
28. e snapped images of installation mentioned in this manual are based on Windows XP For other windows operating system all the procedures are the same but the screens are not the exactly same 2 Turn on the computer Insert the CD into the CD ROM Drive Please select WNC 0300 and then click the Install O LevelOne 11g Wireless Adapter 3 InstallShield Wizard will automatically start Please click Next to continue 108Mbps Wireless LAN Adapter Setup Welcome to the InstallShield Wizard for 108Mbps Wireless LAN Adapter The Installs hieldA Wizard will install 108M bp Wireless LAN Adapter on your computer To continue click Next Cancel 108Mbps Wireless LAN Adapter Setup Choose Destination Location Select folder where Setup will install files Setup will install 106Mbps Wireless LAN Adapter in the following folder To install to this folder click Hest To install to a different folder click Browse and select another folder Destination Folder C Program Files 0Mbps Wireless LAN Adapter oe lf fe El eer gll Pa i Til tf EA 108Mbps Wireless LAN Adapter Setup Select Program Folder Please select a program folder Setup will add program icons to the Program Folder listed below fou may type a new folder name or select one from the existing folders list Click Nest to continue Existing Folders Accessories Admin
29. e to the Network Setup Network Wizard Connections This wizard will help you set up this computer to min on pour network With a network you carr Share an Internet connection In the menu on the left Set up Internet Connection Firewall Share files and folders side of the window Share a printer select Set up a home or small office network Click Next to To continue click Next procced le Cancel Click Next to Network Setup Wizard continue Before you continue Then complete the following steps Install the network cards modems and cables Tum on all computers printers and external modems Connect to the Internet When you click Hest the wizard will search for a shared Internet connection on your network Cancel 25 Select the option Network Setup Wizard that best describes Select a connection method how you connect your computer to Select the statement that best describes this computer the Internet O This computer connects directly to the Internet The other computers on my network connect to the Internet through this computer View an example In the case of using router in the View an example Other network choose the second option Click Next to Learn more about home or small office network configurations continue A Cancel 1 Enter a short Network Setup Wizard description for your Give this computer a description and name Sy
30. e where you configure Security settings of your 108Mbps wireless LAN PCI Adapter Link Info 108Mbps Wireless LAN Adapter Configuration Utility x i Configuration Encryption Enable Auth Mode Open Authentication L Default hey Network Key Rep Length tie Site Survey l 64 bits i About 64 bits y 64 bits y Bd bits Default Kep Kep Format 108Mbps Wireless LAN Adapter Configuration Utility Encryption 4 options are available Disable Enable WPA and WPA PSK Select Enable or Disable for WEP data encryption feature If one of the two options is selected it 1s required to select the Authentication mode from the next dropping list If WPA is selected configuration is enabled Please click the configuration The below window is pop up Then please select the certificate that you like to use and enter the server name and login name Define Certificate Select a Certificate In ServerDoman Mame e o Login Hame n Chose a Certificate If WPA PSK is selected click the configuration button The popping window 1s as the below Please enter the key the character length is 8 Define WPA PSK Enter your WPA Passphrase The minimum length is 8 characters kaat PEY J i Cancel j Auth Mode There are three modes available to choose e Open Authentication the sender and receiver do not share secret Key for comm
31. en System Open System authentication is the simplest of the available authentication algorithms Essentially it is a null authentication algorithm Any station that requests authentication with this algorithm may become authenticated if 802 11 Authentication Type at the recipient station 1s set to Open System authentication 2 Shared Key Shared Key authentication supports authentication of stations as either a member of those who knows a shared secret key or a member of those who does not Backbone The core infrastructure of a network which transports information from one central location to another where the information is unloaded into a local system Bandwidth The transmission capacity of a device which is calculated by how much data the device can transmit in a fixed amount of time expressed in bits per second bps Beacon A beacon is a packet broadcast by the Access Point to keep the network synchronized Included in a beacon are information such as wireless LAN service area the AP address the Broadcast destination addresses time stamp Delivery Traffic Indicator Maps and the Traffic Indicator Message TIM Bit A binary digit which is either 0 or 1 for value is the smallest unit for data Bridge An internetworking function that incorporates the lowest 2 layers of the OSI network protocol model Browser An application program that enables one to read the content and interact in the World Wide Web or Intranet BSS BSS stand
32. ese limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used according to the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which is found by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures e Reorient or relocate the receiving antenna Increase the separation between the equipment or devices e Connect the equipment to an outlet other than the receiver s Consult a dealer or an experienced radio TV technician for assistance FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator and your body Contents Ti RO GUC TION sesso sein tussles en saute A 3 1 1 POON T A A 3 1 2 o Mito ARMA E or O CO ee ote enna ee eee 3 De O SUA aes erase toa eat OO 3 2 1 LEDIdicatoris ais 3 2 2 Install the 108Mbps Wireless Network PCI Adapter oooooooonncccnncnnnnns 4 2 2 1 Utility Sta A Otay cal iicias 4 22 2 Driver Installation edo 7
33. est ID message The client sends its Network Access Identifier NAI its user name to the Access Point in an EAP Respond message 4 The Access Point forwards the NAI to the RADIUS server with a RADIUS Access Request message The RADIUS server responds to the client with its digital certificate The client validates the digital certificate and replies its own digital certificate to the RADIUS server The RADIUS server validates client s digital certificate The client and RADIUS server derive encryption keys The RADIUS server sends the access point a RADIUS ACCEPT message including the client s WEP key 10 The Access Point sends the client an EAP Success message along with the broadcast key and key length all encrypted with the client s WEP key 39 Supplicant Wireless Network PC Card Here is the setup for the Wireless Network PC Card under Windows XP which is the only Operating System that our driver supports for 802 1x Microsoft is planning on supporting 802 1x security in all common Windows Operating System including Win98SE ME 2000 by releasing Service Pack in 2003 Please note that the setup illustration is based on our 108Mbps wireless PC Card Go to Start gt Control Panel Double click on Network Connections Right click on the Wireless Network Connection that you use with our 108Mbps wireless PC Card 4 Click Properties to open up the Properties setting window Y Wireless Network Connection 3 S
34. etting Internet Authentication SCPrviCe cccccccccccenenesennensennensenees 62 For TLS Authentication Setup Steps 34 38 00ooccccccnccnnnononnncnnnnnanannnnns 66 For MD5 Authentication Steps 39 54 oocccccnnnaconnnnoncnnn cnn nnn nn 69 2 L Introduction 1 1 Product Feature Compliance with IEEE 802 11g and 802 11b standards Highly efficient design mechanism to provide unbeatable performance Achieving data rate up to 54Mbps for 802 11g and 11Mps for 802 1 1b with wide range coverage high performance to deliver up to 108Mbps raw data rate for 802 118 Strong network security with WEP and WPA support Auto switch between the two standards IEEE 802 11b and 802 11g Driver Utility support most commonly used operating systems including Windows 98SE ME 2000 XP 1 2 System Requirement 2 Windows 98SE Millennium Edition ME 2000 and XP operating systems PC with Pentium III 600MHz system or above is recommended Equipped with at least one PCI slot One CD ROM drive Getting Start 2 1 LED Indicators The Power LED will be ON when the unit is powered up The Link LED will be Blinking indicates a WLAN connection 2 2 Install the WNC 0300 11g Wireless Network PCI Adapter 2 2 1 Utility Installation l Before insert PCI Adapter into the PCI slot of your computer please install the Utility Program first Make sure that the LevelOne 11g wireless Network PCI Adapter is NOT inserted into the PCI slot NOTE all th
35. g Restricted Groups E System Services ee Registry His EZ A E Public Key Policies ml Frocrunted Data P erme LTEC 3 Automatic Certificate Request Setting o z E L Enterprise Trust H 8 IP Security Policies on Active Directory Administrative Templates Refresh E E User Configuration Export Lise E Software Settings E Windows Settings H E Administrative Templates Automatic Certificate Request View po Help Create anew Automatic Certificate Request object and add it to the Security Configuration Editor 59 17 The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup simply click Next through to the last step Automatic Certificate Request Setup Wizard Certificate Template The next tine a computer logs on a certificate based on the template you select is provided 4 certificate template is a set of predefined properties for certificates issued to computers Select a template from the following list Certificate templates Name _ Intended Purposes o Computer Client Authentication Server 4uthenticatior Domain Controller Client Authentication Server 4uthenticatior Enrollment Agent Computer Certificate Request Agent IPSEC 136155822 La el Back Cancel 18 Click Finish
36. in the order listed below APFFFCO4 Learn about setting up wireless network configuration To configure for using TLS authentication method please follow steps 7 25 Please follow steps 26 for using MD5 authentication method 42 TLS Authentication 7 Select The key is provided for me automatically option Wireless Network Properties Ed Wireless network key WEP This network requires a key for the following Data encryption WEP enabled Network Authentication Shared mode The key is provided for me automatically 8 Click OK to close the Wireless Network Properties window 43 9 Click Authentication tab 10 Select Enable network access control using IEEE 802 1x option to enable 802 1x authentication 11 Select Smart Card or other Certificate from the drop down list box for EAP type Wireless Network Connection Properties El ES General Wireless Networks Authentication Advanced Select this option to provide authenticated network access for wired and wireless Ethernet networks Enable network access control using IEEE 302 1 EAP type Y MOD5 Challenge Smart Card or other Certificate Authenticate as computer when computer information is available Authenticate as guest when user or computer information is Unavailable 12 Click OK to close the Wireless Network Connection Properties window thus
37. ion Cancel Apply Built in account For admini Enterprise certification an Members who have admini Members who have views DNS Administrators Group DNS clients who are permi besignated administrators All workstations and serve bll domain controllers in th Al domain quests All domain users besignated administrators embers in this group can built in account For quest built in account For anon Built in account For Intern i ey Distribution Center Se i ervers in this group can Aesignated administrators This user account is used Opens property sheet For khe current selection 21x 48 Go to Start gt Program gt Administrative Tools gt Internet Authentication Service 49 Go to Remote Access Policies 50 Make sure that MD5 is moved up to Order 1 51 Right click MD5 and select Properties Internet Authentication Service Move Up Move Down Delete Rename Properties Opens property sheet For the current selection 72 52 Go to Authentication tab 53 Enable Extensible Authentication Protocol 54 Select MD5 Challenge for EAP type list Edit Dial in Profile l x Dialin Constraints IF Multilink Authentication Encryption Advanced Check the authentication methods which are allowed for this connection Extensible 4uthentication Prot
38. ist obtained from fae0 FSE LOCAL Hew Add Up Down Options Delete T Block Policy inheritance Properties Cancel Apply 69 42 Go to Computer Configuration gt Windows Settings gt Security Settings gt Account Policies gt Password Policies 15 x Action view E Tres Policy Computer Setting at Default Domain Policy Fae 11 FA lA Enforce password history 1 passwords remembered El Computer Configuration Bg Maximum password age 42 days H E Software Settings 22 Minimum password age O days Af Windows Settings RY Minimum password length O characters Flute ores ae ee E os lo E Security Settings a Ey Account Policies BS Password Pc H sel Account Locl m a kerberos Pol 3 Local Policies tore password using reversible encryption F e I Scripts Startup Shu Ee Event Log el Restricted Group 1 08 System Services i Registry G3 File System H E Public Key Policie a IP Security Polici Administrative Template git User Configuration Software Settings 4 4 gt 43 Click Define this policy setting select Enabled and click OK to continue Security Policy Setting x Store password using reversible encryption for all users in the A domain M Define this policy setting Enabled Disabled 70 44 Go to Start gt Program gt Administrative To
39. istrative Tools ATI Aydravision Lisco Systems Citris ICA Client Games Hy pers nap D Intervideo Win ED z Back Cancel 4 Please click Finish 108Mbps Wireless LAN Adapter Setup InstallShield Wizard Complete The InstallShield Wizard haz successtully installed 108M bps Wireless LAN Adapter Click Finish to exit the wizard NOW 1 Turn off your computer and remove the power cord from your PC 2 Open up the cover of your PC Remove the PCI slot cover from PC case 4 Insert the 11g Wireless Network PCI Adapter into the empty PCI slot 5 Place the computer case back on and plug the power cord Turn on your computer Continue with Driver Installation 2 2 2 Driver Installation 1 Please select the first option and click Next Found Mew Hardware Wizard Welcome to the Found New Hardware Wizard This wizard helps you install software for Ethernet Controller If your hardware came with an installation CD lt or floppy disk insert it now What do you want the wizard to do Install from a list or specific location Advanced Click Next to continue 2 Please click Continue Anyway Hardware Installation A The software you are installing for this hardware 108Mbps High Speed Wireless Network Adapter has not passed Windows Logo testing to very its compatibility with Windows AR Tellme why this testing is important Continuing your installation of
40. k Submit gt to continue Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ae sak k x la A PO search Y Favorites A media e A Address 2 http 1192 168 1 10 certsrv certrabi asp type 0 Microsoft Certificate Services VvirelessCA Home User Certificate Identifying Information All the necessary identifying information has already been collected You may now submit your request Done i Internet 19 The Certificate Service is now processing the certificate request 3 Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help gt Q ex x 2 P Search 5 Favorites GA media A Address El http 1192 168 1 10 certsrvcertrqbi asprtype 0 Microsoft Certificate Services WirelessCA Home User Certificate Identifying Information Allthe necessary identifying information has already been collected You may now submit your request Waiting for server response El Waiting For server response Ee Internet 47 20 The certificate is issued by the server click Install this certificate to download and store the certificate to your local computer 3 Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ae Back x a A P Search 52 Favorites GA Media 4 B TN E E j http 192 168 1 10 ce
41. lients and Access Points that are in your signal range Select any one of them to establish communications by simply mouse double click or click on the Connect button Click Refresh button to start scanning for available network again Profile You can create and manage the created profiles for Home offices or public areas By double clicking on one of the created profile the setting will adapt to the configuration such as SSID channel and WEP settings saved by that particular profile Remove To remove the selected the profile Properties To view and change its settings of the profile Add To add a profile Then the following screen would appear re Hew Profile Prolie Hams S0 Wireles Hode lafresiucture Channel Tx Rale Power Mode Continuous Bocess Mode l T Data Encryption Dith bode Defauk he Network fey Cop Length Key Fama aa SSID Service Set Identifier which is a unique name shared among all clients and nodes in a wireless network The SSID must be identical for each clients and nodes in the wireless network Wireless Mode There are two types available for selection e Infrastructure to establish wireless communication with LAN and other wireless clients through the use the Access Points e Ad Hoc to establish point to point wireless communication directly with other wireless client devices such as wireless network PCI Adapter Channel The value of channel that AP will operat
42. nary pattern that 1s matched up with the IP address to turn part of the host ID address field into a field for subnets TCP IP Transmission Control Protocol Internet Protocol The basic communication language or protocol of the Internet It can also be used as a communications protocol in a private network 1 e intranet or internet When you are set up with direct access to the Internet your computer is provided with a copy of the TCP IP program just as every other computer that you may send messages to or get information from also has a copy of TCP IP Throughput The amount of data transferred successfully from one point to another in a given period of time WEP Wired Equivalent Privacy WEP is an encryption scheme used to protect wireless data communication To enable the icon will prevent other stations without the same WEP key from linking with the AP Wireless Bridge One of the additional AP operating modes offered by 54mpbs Access Point which allows a pair of APs to act as the bridge that connects two Ethernet networks or Ethernet enabled clients together 22 WNC 0300 Appendix Appendix A Networking Basis ooooccnnnnnooncnnnnnnoconnnnnanonoss 25 Appendix B 802 1X Authentication Setup ooooccnnnncnon APPENDIX A NETWORKING BASIS This chapter will help you learn the basics of home networking Using the Windows XP Network Setup Wizard Go to Start menu gt Network Setup Wizard eOntrehrancl Welcom
43. ocol Select the ESP type which i acceptable for this policy MD5 Challenge Z Microsoft Encrypted Authentication version 2 MS CHAP w2 Microsoft Encrypted Authentication MS CHAP i Encrypted Authentication CHAF F Unencrypted Authentication RAP SPAP Unauthenticated Access C Allow remote PPP clients to connect without negotiating any authentication method cancel toy 73
44. ols gt Active Directory Users and Computers 45 Go to Users Right click on the user that you are granting access and select Properties ae Active Directory Users and Computers gt Console Action View Window Help E E Administrator User FAE LOCAL i cert Publishers EE Builtin a eS Computers H E Domain Controllers FPI DHCP Users 2 ForeignSecurityPrincipals fon copy Dn Add members to a group P Dor Disable Account f Dor Reset Password fi Dor Move P Do Open home page fEDor Send mail fent Bore All Tasks fue Delete fI 1us Rename E rw Refresh 46 Go to Account tab and enable Store password using reversible encryption 47 Click OK to continue test Properties MemberOf Dian Remote control Environment User logon name ftest FSE LOCAL User logon name pre indows 2000 FAES ftest Logon Hours Log On To amp ecount te locked out Account options User must change password at next logon TECCEDI User cannot change password o e Store password using reversible encryption Account expires Never End of Friday Februan OF 2003 71 Security Group 2 DHCP Adminis Security Group Security Group Sessions Terminal Services Profile General Address Account Profile Telephones Organizat
45. onstantly operating with full power and 1t consum es the most power eMaximum Power Save the device consumes the least power and only operates when there is wireless network activity Power Save the device consumes the moderate level of power Preamble Select Long or Short Preamble type Preamble is a sequence of bits transmitted at 1Mbps that allows the PHY circuitry to reach steady state demodulation and synchronization of bit clock and frame start Two different preambles and headers are defined the mandatory supported Long Preamble and header which interoperates with the 1 Mbit s and 2 Mbit s DSSS specification as described in IEEE Std 802 11 and an optional Short Preamble and header as described in IEEE Std 802 11b At the receiver the Preamble and header are processed to aid in demodulation and delivery of the PSDU The Short Preamble and header may be used to minimize overhead and thus maximize the network data throughput However the Short Preamble is supported only from the IEEE 802 11b High Rate standard and not from the original IEEE 802 11 That means that stations using Short Preamble cannot communicate with stations implementing the original version of the protocol Click Apply for the changes to take effect And then the screen will return to Link Info Page Support Band o IB IEEE802 11b only e IG IEEE802 1 1g only e 1G Turbo Super G mode support 3 3 Advanced This is the pag
46. r account password Therefore you must have a valid account used by the server for validation 35 WindowsXP will prompt you to enter your user name and password Click on the network connection icon in the system tray to continue mk e My Documents a E hiv Computer om a My Netiork Places rf internet Erer Wireless Network Connection x Click here to enter your user name and password For the R cycle Bin network APFFFCO4 36 Enter the user name password and the logon domain that your account belongs if you have one or more network domain exist in your network 37 Click OK to complete the validation process Wireless Network Connection Authenticator Wireless Network Access Point This is the web page configuration in the Access Point that we use wizard Status Basic Setting IP Setting Advanced Setting Security C Disabled Encryption Key Length 64bits 128 bits Lifetime 30 Minutes RADIUS Server 1 1P bb ib ib Port haz Shared Secret 20 optional 1 b b P E Port Bo Shared Secret Apply Cantel Help 1 Enable 802 1x security by selecting Enable 2 If MD5 EAP methods is used then you can skip step 3 and go to step 4 3 Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day As soon as the lifetime of the Encryption Ke
47. reless Network Connection x Click here to select a certificate or other credentials for connection to the network APFFFCO4 24 Select the certificate that was issued by the server WirelessCA and click OK to continue Connect Wireless Hetwork Connection Friendly name ls2uer Vf relessL 4 Expiration date 162004 4 02 09 Phi 25 Check the server to make sure that it s the server that issues certificate and click OK to complete the authentication process Validate Server Certificate A The Root Certification Authority For the server s certificate is WirelessCA Do vou Wank to accept this connection 50 MD5 Authentication 26 Select Data encryption WEP enabled option but leave other option unselected 27 Select the key format that you want to use to key in your Network key ASCII characters 0 9 a z and A Z HEX characters 0 9 af 28 Select the key length that you wish to use 40 bits 5 characters for ASCII 10 characters for HEX 104 bits 13 characters for ASCII 26 characters for HEX 29 After deciding the key format and key length that you wish to use for network key Enter the network key in Network key text box Wireless Network Properties El E Wireless network key WEP This network requires a key for the following Data encryption WEF enabled Network Authentication Shared mode Network key Rey format ASCII characters e kep length
48. roperties window appears General ou can gel IF settings assigned automatically if your network supports this capability Othenvise you need to ask pour network administrator for the appropriate IF settings Select Obtain an IP address automatically if you are ona DHCP enabled network IP address Subnet mask Click OK to close the window with the changes made Default gateway f Obtain DNS server address automatically Use the following DNS server addresses Advanced Prefered DHS server Alternate DHS semer 35 Select Use the following IP General address ou can gel IF settings assigned automatically if your network supports Enter the IP address and this capability Othenvise you need to ask your network administrator for the appropriate IF settings subnet mask fields Enter the IP address of the Router in the Default gateway field IF address 192 168 1 2 Subnet mask 255 255 255 U Default gateway Enter the IP address of the Obtain ONS server address automatically Use the following DNS server genre Preferred ONS server Router in the DNS server field Alternate ONS server Advanced Ok Cancel Wireless Network In Windows 98SE and Windows ME Go to Start menu gt Settings gt E Control Panel gt Double click Configuration Identification Access Control on Net
49. rtsrw certfnsh asp g Go Microsoft Certificate Services Certificate Issued The certificate you requested was issued to you E Done Internet 21 Click Yes to store the certificate to your local computer Root Certificate Store xl i Do vou want bo 400 the Following certificate to the Root Store Subject WirelessC4 TW Issuer Self Issued Time Validity Monday January 06 2003 through Thursday January 06 2005 Serial Number 132713501 47463763 41E04CF 249709F4 Thumbprint shal 244POB3C 209F2F21 4DC262F9 2008DEFA 6490010E Thumbprint md5 1EBALECO 20364070 66512146 41366447 48 22 Certificate is now installed Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ay Back ix A P Search HZ Favorites a Media E 2 X A Address E http 192 168 1 10 certsrv certrmpn asp v E so Links Microsoft Certificate Services VVirelessCA Certificate Installed Your new certificate has been successfully installed Done Internet All the configuration and certificate download are now complete Let s try to connect to the Access Point using 802 1x TLS Authentication 23 Windows XP will prompt you to select a certificate for wireless network connection Click on the network connection icon in the system tray to continue TX A a hiv Computer om i My NetWork Places F Interes Explorers i Wi
50. s for Basic Service Set It is an Access Point and all the LAN PCs that associated with it Channel The bandwidth which wireless Radio operates is divided into several segments which we call them Channels AP and the client stations that it associated work in one of the channels CSMAICA In local area networking this is the CSMA technique that combines slotted time division multiplexing with carrier sense multiple access collision detection CSMA CD to avoid having collisions occur a second time This works best if the time allocated is short compared to packet length and if the number of situations 1s small CSMA CD Carrier Sense Multiple Access Collision Detection which is a LAN access method used in Ethernet When a device wants to gain access to the network it checks to see if the network is quiet senses the carrier If it is not it waits a random amount of time before retrying If the network 1s quiet and two devices access the line at exactly the same time their signals collide When the collision is detected they both back off and wait a random amount of time before retrying DHCP Dynamic Host Configuration Protocol which is a protocol that lets network administrators manage and allocate Internet Protocol IP addresses in a network Every computer has to have an IP address in order to communicate with each other in a TCP IP based infrastructure network Without DHCP each computer must be entered in manually the
51. talled To see what s included in a component click Details Components 5 Accessories and Utilities E E gt Certificate Services 14 MB SP Indexing Service 0 0 MB E Internet Information Services 115 21 7 MB 049 mananement and Monitoring Tank Er MA Description Installs a certification authority LA to issue certificates for use with public kep security applications Total disk space required 2 1 MB Iac Space available on disk 3524 4 ME E a Back Cancel 55 5 Select Enterprise root CA and click Next to continue Windows Components Wizard a x Certification Authority Type There are four types of certification authorities Certification Authority types Description The most trusted CA in an enterprise Should be installed C Enterprise subordinate CA before any other C Requires Active Director f Enterprise root CA C Stand alone root CA Stand alone subordinate CA Fil Advanced options Back Cancel 6 Enter the information that you want for your Certificate Service and click Next to continue Windows Components Wizard _ x CA Identifying Information Enter information to identify this LA CA name rete LA Organization PO Organizational unit PO City PO State or province fo Country region Jus E malil FO CA description PO Walid For a Bare Expires 148 2005 12 15 PM z Back Cancel 56 7 Go to Start gt
52. tatus General Support Connector Status Connected Duration 00 37 11 Speed 4 0 Mbps Signal Strength anol Achy Sent T Received Y Packets 21 840 21 356 Close 40 Click on the Wireless Network tab Wireless Network Connection Properties Ed General wireless Networks Authentication Advanced Connect using EY 108Mbps High Speed Network Adapter This connection uses the following tems Client for Microsoft Networks m File and Printer Sharing for Microsoft Networks los Packet Scheduler 4 Internet Protocol TCP IP Install Uninstall Description Allows your computer to access resources on a Microsoft network Show icon in notification area when connected 41 6 Click Properties of the available wireless network which you wish to connect or configure Please note that if you are going to change to a different 802 1x authentication EAP method i e switch from using MD5 to TLS you must remove the current existing wireless network from your Preferred networks first and add it in again Wireless Network Connection Properties x A T E General Wireless Networks Authentication Advanced Use Windows to configure my wireless network settings Available networks To connect to an available network click Configure 4 ODCASIA_LevelOne i FAE Preferred networks Automatically connect to avalable networks
53. this software may impair or destabilize the correct operation of your system either immediately or in the future Microsoft strongly recommends that you stop this installation now and contact the hardware vendor for software that haz passed Windows Logo testing Continue Anyway 3 Please click Finish Found Mew Hardware Wizard Completing the Found New Hardware Wizard The wizard has finished installing the software for 108Mbps High Speed Wireless Network Adapter Click Finish to close the wizard 4 To make sure if the installation is successful you could check it through the device management Ey Device Manager File Action View Help FAE 04 Computer ew Disk drives E ig Display adapters 24 DYDICD ROM drives ey Floppy disk controllers 8h Floppy disk drives H a Human Interface Devices 1 2 IDE ATAJATAPI controllers H S keyboards H t Mice and other pointing devices H dd Monitors Network adapters a 4 08Mbps High Speed Wireless Network Adapter ai Ports COM amp LPT Sa Processors Sound video and game controllers a Storage volumes a System devices Universal Serial Bus controllers eg PCMCIA adapters 5 Once the installation is successful a utility program icon will show on your desktop To lunch the utility just double click the icon LO8hMb pz Wireless LAN Adapter Confieuration Utility i 3 Configuration 3 1 Link Information The
54. to complete the Automatic Certificate Request Setup 19 Go to Start gt Run and type command and click Enter to open Command Prompt 20 Type secedit refreshpolicy machine_policy to refresh policy es Command Prompt Cin seceditrrefreshpolicy machine_policy Group policy propagation from the domain has been initiated for this computer I t may take a few minutes for the propagation to complete and the new policy to t lake effect Please check Application Log for errors if any e 60 Adding Internet Authentication Service 21 Go to Start gt Control Panel gt Add or Remove Programs 22 Select Add Remove Windows Components from the panel on the left 23 Select Internet Authentication Service and click OK to install Networking Services i X To add or remove a component click the check box 4 shaded box means that only part of the component will be installed To see what s included in a component click Details Subcomponents of Networking Services LJ B LOM Internet Services Prom El Domain Mame System CNS 1 1 ME E Internet Authentication Service U OME QoS Admiesion Control Service 0 0 ME L I Simple TCP IP Services 0 0 ME O El Site Server ILS Services 15 ME hd Description Enables authentication authornzation and accounting of dial up and PAN users LAS supports the RADIUS protocol Total disk space required 0 4 ME Mai Space available on disk
55. to the Certificate Service installed in Windows 2000 server 45 16 Now we are connected to the Certificate Service Select Request a certificate and click Next to continue 23 Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ae Back x a CA ya Search Hz Favorites a Media Es to Microsoft Certificate Services VVirelessCA Address FJ co Links gt Welcome You use this web site to request a certificate for your web browser e mail client or other secure program Once you acquire a certificate you will be able to securely identify yourself to other people over the web sign your e mail messages encrypt your e mail messages and more depending upon the type of certificate you request Request a certificate eck n a pending Done Internet 17 Select User Certificate request and click Next to continue A Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ae Back L x 2 0 A 2 Search S 7 Favorites Media G4 A gt Address El http 192 168 1 10 certsru certrqus asp w ES so Links Microsoft Certificate Services VvirelessCA Choose Request Type Please select the type of request you would like to make User certificate request User Certificate Advanced request E Done Internet 46 18 Clic
56. tomatically if pour network supports this capability Othenwse you need to ask your network administrator for subnet mask fields the appropriate IP settings aer sagat ally Use the following IP address Enter the IP address of the Router in the Default gateway IP address 192 168 1 2 field Subnet mask B55 255 255 O0 Default gateway Enter the IP address of the Router in the DNS server field Use the following DNS server agar Preferred ONS server Alternate ONS server TUN MID 34 NOTE The IP address must be within the same range as the wireless route or Access Point Wireless Network in Windows 2000 Local Area Connection 5 Properties E Fix Go to Start menu gt Settings gt a Sharing Network and Dial up Connect using Connections gt Double click on 3 108Mbps High Speed Wireless Network Adapter the Local Area Connection Configure Components checked are used by this connection m Client for Microsoft Hetwork s O amp Network Load Balancing Select Internet Protocol TCP IP and click Properties Icrosoft Networks Install Uninstall Cf Properties Y Description Transmission Control Protocol nternet Protocol The default Wide area network protocol that provides cormunication actos diverse interconnected networks Show icon in taskbar when connected Internet Protocol TCP IP Properties The TCP IP P
57. ucture An infrastructure network is a wireless network or other small network in which the wireless network devices are made a part of the network through the Access Point which connects them to the rest of the network ISM Band The FCC and their counterparts outside of the U S have set aside bandwidth for unlicensed use in the ISM Industrial Scientific and Medical band Spectrum in the vicinity of 2 4GHz in particular is being made available worldwide MAC Address Media Access Control Address is a unique hex number assigned by the manufacturer to any Ethernet networking device such as a network adapter that allows the network to identify 1t at the hardware level Multicasting Sending data to a group of nodes instead of a single destination Multiple Bridge One of the additional AP operating modes offered by Access Point which allows a group of APs that consists of two or more APs to connect two or more Ethernet networks or Ethernet enabled clients together The way that multiple bridge setups is based on the topology of Ad Hoc mode Node A network junction or connection point typically a computer or workstation Packet A unit of data routed between an origin and a destination in a network PLCP Physical layer convergence protocol PPDU PLCP protocol data unit Preamble Type During transmission the PSDU shall be appended to a PLCP preamble and header to create the PPDU Two different preambles and headers are defined as the mand
58. unication Instead each party generates its own key pairs and asks the other party to accept it The key is regenerated when the connection 1s established every time e Shared Authentication the sender and receiver shares the common key for data communication and the key is used for extended length of time e Auto depend on the communication to establish and automatically use the proper authentication mode The following will only be activated to allow for configuration when Encryption is enabled Default Key select one of the 4 keys to use Network Key enter values to these fields either in HEX or ASCII formats You only have to enter the key that you will use Key Length select 64 or 128 bits as the length of the keys Key Format ASCII or HEX 3 4 Site Survey This page allows you to enable the Site Survey function to scan for the available wireless network wireless clients and Access Points and establish wireless communications with one fe Link Info 108Mbps Wireless LAN Adapter Configuration Utility x Available Network BSS BSSID SSID WEP AP Channel 90 C0 02 FC 26 5C 1 Mo es 11 00 50 18 26 4F D4 34022 No Yes 11 00 07 24 90 04 B8 ddeasia Yes Yes E i Configuration Refresh j i Advanced i About Connect Add A remove Ka Properties Connect j 108Mbps Wireless LAN Adapter Configuration Utility Available Network displays the wireless networks wireless c
59. work i Gael TF The following network components are installed Select TCP IP of the network HE MES 4108Mbps WLAN PCI Adapter ee ee ee d mka Ba a e YT CPP 108 M LAN Adapter Click Properties to continue Primary Network Logan Puiindoms Legon File ard Print Sharing Descrphoan TEP VIP 2 the protocol you use to connect to the Internet and wide area networks OK Cancel The TCP IP Properties window appears Select Obtain an IP address automatically if you are ona DHCP enabled network Click OK to close the window with the changes made Select Specify an IP address Enter the IP address and subnet mask fields In the DNS Configuration Tab Page 1 enter the IP address of the Router in the Default gateway field 2 Enter the IP address of the Router in the DNS server field TCP IP Properties BY xi Advanced Bindings eign a DNS Configuration Gateway WINS Configuratin IP Address A An F address can be automatically assigned to this computer IF your network does not automatically assign IP addresses ask pour network administrator for an address and then type it in the space below Specify an IP address LITI IE Address a Detect connection to network media Cancel TCPAP Properties 71xj TOTO advanced beter DNS Configuration Gateway DWINS Configuration IP Address y n FP address can be autom
60. y is over the Encryption Key will be renewed by the Radius server 4 Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret which is used by the Radius Server 5 Enter the IP address of Port and Shared Secret used by the Secondary Radius Server 6 Click Apply button for the 802 1x settings to take effect after Access Point reboots itself NOTE As soon as 802 1x security is enabled all the wireless client stations that are connected to the Access Point currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected 54 Radius Server Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802 1x authentication which includes setting up Certificate Service for TLS Authentication and enable EAP methods 1 Login into your Windows 2000 Server as Administrator or account that has Administrator authority 2 Go to Start gt Control Panel and double click Add or Remove Programs 3 Click on Add Remove Windows components 4 Check Certificate Services and click Next to continue Windows Components Wizard Windows Components ou can add or remove components of Windows 2000 To add or remove a component click the checkbox A shaded bos means that only part of the component will be ins
Download Pdf Manuals
Related Search