User's Manual
5-25
Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide
OL-4211-05
Chapter 5 Configuring the Client Adapter
Setting Security Parameters
CCKM fast secure roaming Choose WPA/WPA2/CCKM and
LEAP, EAP-FAST, EAP-TLS,
PEAP (EAP-GTC), or PEAP (EAP
MSCHAP V2); then set the EAP
authentication settings
Note If you want to enable
CCKM, you must choose
WPA/WPA2/CCKM,
regardless of whether you
want the client adapter to
use WPA or WPA2. The
configuration of the access
point to which your client
adapter associates
determines whether CCKM
will be used with 802.1x,
WPA, or WPA2.
Use Cisco IOS Release 12.2(11)JA
or later, choose a cipher suite that is
compatible with CCKM, enable
both Network-EAP and Open with
EAP Authentication and CCKM
for the SSID, and configure for
participation in wireless domain
services (WDS)
Note To allow both 802.1X
clients and non-802.1X
clients to use the SSID,
enable optional CCKM.
Reporting access points
that fail LEAP
authentication
No settings required; automatically
enabled
No settings required; automatically
enabled in the firmware versions
listed on page 5-20.
MIC No settings required; automatically
enabled
Set up and enable WEP with full
encryption, set MIC to MMH or
check the Enable MIC check box,
and set Use Aironet Extensions to
Yes
TKIP No settings required; automatically
enabled
Set up and enable WEP, set TKIP to
Cisco or check the Enable Per
Packet Keying check box, and set
Use Aironet Extensions to Yes
Broadcast key rotation Enable LEAP, EAP-FAST,
EAP-TLS, PEAP (EAP-GTC), or
PEAP (EAP-MSCHAP V2)
Set up and enable WEP and set
Broadcast WEP Key Rotation
Interval to any value other than
zero (0)
Table 5-4 Client and Access Point Security Settings (continued)
Security Feature Client Setting Access Point Setting