Filter
Top Products
5-28
Cisco Aironet 340, 350, and CB20A Wireless LAN Client Adapters Installation and Configuration Guide for Windows
OL-1394-08
Chapter 5 Configuring the Client Adapter
Setting Network Security Parameters
The software components included in Install Wizard version 1.3 or later automatically support WPA
migration mode. WPA migration mode is an access point setting that enables both WPA and non-WPA
clients to associate to the access point using the same SSID.
Refer to one of these sections for instructions on enabling EAP authentication with WPA:
• Enabling LEAP, page 5-38
• Enabling EAP-FAST, page 5-42
• Enabling Host-Based EAP, page 5-49
Note WPA must also be enabled on the access point. Access points must use Cisco IOS Release 12.2(11)JA
or later to enable WPA. Refer to the documentation for your access point for instructions on enabling
this feature.
Fast Roaming (CCKM)
Some applications that run on a client device may require fast roaming between access points. Voice
applications, for example, require seamless roaming to prevent delays and gaps in conversation. Support
for fast roaming is available for LEAP-enabled clients in Install Wizard version 1.1 or later and
EAP-FAST-enabled clients in Install Wizard version 1.3 or later.
During normal operation, LEAP- or EAP-FAST-enabled clients mutually authenticate with a new access
point by performing a complete LEAP or EAP-FAST authentication, including communication with the
main RADIUS server. However, when you configure your wireless LAN for fast roaming, LEAP- or
EAP-FAST-enabled clients securely roam from one access point to another without the need to
reauthenticate with the RADIUS server. Using Cisco Centralized Key Management (CCKM), an access
point that is configured for wireless domain services (WDS) uses a fast rekeying technique that enables
client devices to roam from one access point to another in under 150 milliseconds (ms). Fast roaming
ensures that there is no perceptible delay in time-sensitive applications such as wireless Voice over IP
(VoIP), enterprise resource planning (ERP), or Citrix-based solutions.
This feature is enabled on the client adapter in two ways, depending on the software installed:
• If you are using ACU version 6.2 and client adapter firmware version 5.30.17 (which is included in
Install Wizard version 1.2) or later, you need to enable fast roaming in ACU. Refer to Step 10 in the
“Enabling LEAP” section or Step 12 in the “Enabling EAP-FAST” section for details.
• If you are using client adapter firmware version 5.20.17 (which is included in Install Wizard version
1.1), fast roaming is supported automatically.
Regardless of how fast roaming is enabled on the client adapter, it must also be enabled on the access
point.
Note Access points must use Cisco IOS Release 12.2(11)JA or later to enable fast roaming. Refer to the
documentation for your access point for instructions on enabling this feature.
Note If the Microsoft 802.1X supplicant is installed on your computer, you must disable one or two Windows
parameters in order for this feature to operate correctly. Refer to Step 13 in the “Enabling LEAP” section
or Step 15 in the “Enabling EAP-FAST” section for details.