1Mbps Wireless Network PC Card User Manual
Manufacturer's Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor. No warranty or representation, either expressed or implied, is made with respect to the quality, accuracy or fitness for any particular purpose of this document.
! Table of Contents: TABLE OF CONTENTS: 4 INTRODUCTION 5 PRODUCT FEATURES 5 SYSTEM REQUIREMENTS 5 ONE CD-ROM DRIVEGETTING STARTED 5 GETTING STARTED 6 GETTING TO KNOW THE 11MBPS WIRELESS NETWORK PC CARD WIRELESS NETWORK PC Card’S LEDs 6 SETTING UP THE WIRELESS NETWORK 6 INSTALLING YOUR 11MBPS WIRELESS NETWORK PC CARD 8 CONFIGURING YOUR WIRELESS NETWORK PC CARD Link Info.
INTRODUCTION The 11Mbps Wireless Network Adapter delivers reliable and high-speed wireless performance of 11Mbps Product Features - Full 2.4GHz IEEE 802.11b standard and Wi-Fi compliant - High-Speed data transfer rate of up to 11Mbps with automatic fallback under noisy environment or longer distance. - Excellent distance coverage with reliable performance. - Plug-and-Play setup and operation. - Supports strong security of 802.1x, which is available in Windows XP, and WEP 128 bit security.
GETTING STARTED Getting To Know The 11Mbps Wireless Network PC Card WIRELESS NETWORK PC Card’S LEDs " Power LED ON when the unit is powered up " WLAN LED ON indicates WLAN connection; blink indicates wireless activity Setting Up The Wireless Network There two wireless network topologies that you can setup your wireless card with. One is called “Ad-Hoc”, and the other is “Infrastructure”.
In order to setup an Infrastructure of a wireless network such as the example shown above, you will need the following: 1. A broadband Internet connection. 2. ADSL or Cable modem provided by your ISP as part of the broadband connection installation. 3. A Router that connects to the ADSL/Cable modem for internet connection sharing. 4. An Access Point to connect with the Router to form a wireless infrastructure network. 5.
Installing Your 11Mbps Wireless Network PC Card Installing Utility Program Please note that the installation screens in this quick guide are captured from WindowsXP. The other Windows systems will have similar screen for the installation procedure.
The Utility Icon appears in your desktop. - Turn off your computer - Insert the 11Mbps Wireless Network PC Card into the CardBus slot in your notebook - Turn on your computer - Continue with Driver Installation.
Simply, double-click the icon to launch the utility. Double-click on the utility icon in the system tray again to launch the 11Mbps PC Card Utility.
CONFIGURING YOUR WIRELESS NETWORK PC Card Link Info. Page This is the default page when the utility starts up. Status: Shows the BSSID associated, which can be used to identify the wireless network. SSID: Shows current SSID, which must be the same for the wireless client and AP in order for communication to be established. TxRate: Shows the current data rate used for transmitting. Channel: Shows the current channel for communication.
Configuration Page This is the page where you can change the basic settings of the Access Point with the minimum amount of effort to adjust a secure wireless network. SSID: Service Set Identifier, which is a unique name shared among all clients and nodes in a wireless network. The SSID must be identical for each clients and nodes in the wireless network.
Maximum Power Save – the PC Card consumes the least power and only operates when there is wireless network activity. ! Power Save – the PC Card consumes the moderate level of power. ! For the changes made to any of the items above to be effective, click “Apply”. The screen will be changed back to Link Info.
Security Page This is the page where you configure Security settings of your 11Mbps wireless PC Card. Data Encryption: Click the box to enable Data Encryption feature. Aut. Mode: There are three modes available to choose from. ! Open Authentication – the sender and receiver do not share secret Key for communication. Instead, each party generates its own key-pairs and ask the other party to accept it. The key is regenerated when the connection is established every time.
Available Network – displays the wireless networks (wireless clients and Access Points) that are in your signal range. Select any one of them and establish communication by simply mouse double-click or a single click on the “Connect” button. Click “Refresh” button to start scanning for available network again. Profile – You can create and manage the created profiles for Home, offices or public areas.
When you finish enter the setting for this profile, click “OK” to add a new profile.
About Page This page displays some information about the 11mpbs PC Card utility, which includes the version numbers for Driver, Firmware and Utility. When there is new version of software available for upgrade, you will be able to identify by version numbers.
APPENDIX A: TROUBLESHOOTING This chapter provides solutions to frequently encountered problems that can occur during the installation and operation of the 11Mbps Wireless Network PC Card. Please read through the following to solve your problems. 1. The wireless clients cannot access the network in the infrastructure mode. " Check that the wireless network device is being installed and working properly.
2. What is the difference between 11Mbps and 11Mbps wireless products? What’s the benefit of 11Mbps Wireless Access Point? The 11Mbps is made possible by the new modulation method called PBCC developed by TI, which is different from the current CCK modulation method for 11Mbps. The 11Mbps Wireless Access Point offers double data rate than that of 11Mbps with 20% more distance coverage. The 11Mbps wireless products also operate in the 2.
APPENDIX B: NETWORKING BASIS This chapter will help you learn the basics of home networking.
!Note: Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup. Simply insert the Network Setup Disk into the disk drive of a PC, and open to browse the content of the disk with “My Computer” or “Windows File Manager”. Double-click and run the file “netsetup” for the program to handle the rest.
Checking IP Address of Your Computer in Windows XP Sometimes you will need to know the IP address of the computer that you are using. For example, when you want to make sure that your computer is in the same network domain as that of your Access Point for you can configure and access the AP. When the command prompt window appears, type command “ipconfig /all” and press Enter. This command will display the IP addresses of all the network adapters in your computer.
Enter. This command releases the current IP address and acquire it from the network, i.e. DHCP server, once more. In this case, the IP address that we acquired is 192.168.1.3. However, it’s often that the acquired IP address of the network adapter might would not be the same. !Note: To renew IP under Windows 98 and Windows ME, you will have to go to the Start menu > Run > type winipcfg and click “OK”.
Dynamic IP Address V.S. Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network. These Dynamically assigned IP addresses will expire and may be changed over time. Static IP addresses are the IP addresses that users manually enter for each of the network adapters. !Note: There might be two or more Local Area Connection to choose from. You must select the one that you will use to connect to the network.
Dynamically Assigned IP Address 30
Static IP Address !Note: The IP address must be within the same range as the wireless route or Access Point.
Wireless Network In Windows 98 and Windows ME 33
APPENDIX C: 802.1x Authentication Setup There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authenticator and (3) Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP). The 802.1x Authentication is a complement to the current WEP encryption used in wireless network. The current security weakness of WEP encryption is that there is no key management and no limitation for the duration of key lifetime. 802.
the broadcast key and key length, all encrypted with the client’s WEP key. Supplicant: Wireless Network PC Card Here is the setup for the Wireless Network PC Card under Windows XP, which is the only Operating System that our driver supports for 802.1x. Microsoft is planning on supporting 802.1x security in all common Windows Operating System including Win98SE/ME/2000 by releasing Service Pack in 2003. Please note that the setup illustration is based on our 11Mbps wireless PC Card. 1.
5. Click on the “Wireless Network” tab.
6. Click “Properties” of the available wireless network, which you wish to connect or configure. Please note that if you are going to change to a different 802.1x authentication EAP method, i.e. switch from using MD5 to TLS, , you must remove the current existing wireless network from your Preferred networks first, and add it in again. To configure for using TLS authentication method, please follow steps 7 ~ 25. Please follow steps 26 ~ for using MD5 authentication method.
TLS Authentication 7. Select “The key is provided for me automatically” option 8. Click “OK” to close the Wireless Network Properties window. 9. Click “Authentication” tab 10. Select “Enable network access control using IEEE 802.1x” option to enable 802.1x authentication. 11. Select “Smart Card or other Certificate” from the drop-down list box for EAP type.
12. Click “OK” to close the Wireless Network Connection Properties window, thus make the changes effective. The wireless client configuration in the zero-configuration utility provided in Windows XP is now completed for TLS configuration. Before you can enable IEEE 802.1x authentication and have wireless client authenticated by the Radius server, you have to download the certificate to your local computer first.
TLS Authentication – Download Digital Certificate from Server In most corporations, it requires internal IT or MIS staff’s help to have the certificated downloaded to your local computer. One of the main reasons is that each corporation uses its own server systems, and you will need the assistance from your IT or MIS for account/password, CA server location and etc.
16. Now we are connected to the Certificate Service. Select “Request a certificate”, and click “Next” to continue.
17. Select “User Certificate request”, and click “Next” to continue.
18. Click “Submit >” to continue.
19. The Certificate Service is now processing the certificate request.
20. The certificate is issued by the server, click “Install this certificate” to download and store the certificate to your local computer. 21. Click “Yes” to store the certificate to your local computer.
22. Certificate is now installed. All the configuration and certificate download are now complete. Let’s try to connect to the Access Point using 802.1x TLS Authentication. 23. Windows XP will prompt you to select a certificate for wireless network connection. Click on the network connection icon in the system tray to continue.
24. Select the certificate that was issued by the server (WirelessCA), and click “OK” to continue. 25. Check the server to make sure that it’s the server that issues certificate, and click “OK” to complete the authentication process. MD5 Authentication 26. Select “Data encryption (WEP enabled)” option, but leave other option unselected. 27. Select the key format that you want to use to key in your Network key. ASCII characters: 0~9, a~z and A~Z HEX characters: 0~9, a~f 28.
29. After deciding the key format and key length that you wish to use for network key. Enter the network key in “Network key” text box. Please note that that value of Network key entered, and key format/length used, must be the same as that used in the Access Point. Although there are 4 set of keys can be set in the Access Point WEP configuration, it’s the first set of key that must be the same as that we used by the supplicant wireless client. 30.
31. Select “Authentication” tab. 32. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. 33. Select “MD-5 Challenge” from the drop-down list box for EAP type. 34. Click “OK” to close Wireless Network Connection Properties window, thus make all the changes effective.
Unlike TLS, which uses digital certificate for validation, the MD-5 Authentication is based on the user account/password. Therefore, you must have a valid account used by the server for validation. 35. WindowsXP will prompt you to enter your user name and password. Click on the network connection icon in the system tray to continue.
36. Enter the user name, password and the logon domain that your account belongs if you have one or more network domain exist in your network. 37. Click “OK” to complete the validation process.
Authenticator: Wireless Network Access Point This is the web page configuration in the Access Point that we use. 1. Enable 802.1x security by selecting “Enable”. 2. If MD5 EAP methods is used then you can skip step 3 and go to step 4. 3. Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use. Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day. As soon as the lifetime of the Encryption Key is over, the Encryption Key will be renewed by the Radius server.
Radius Server: Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802.1x authentication, which includes setting up Certificate Service for TLS Authentication, and enable EAP-methods. 1. Login into your Windows 2000 Server as Administrator, or account that has Administrator authority. 2. Go to Start > Control Panel, and double-click “Add or Remove Programs” 3. Click on “Add/Remove Windows components” 4.
7. Go to Start > Program > Administrative Tools > Certificate Authority 8. Right-click on the “Policy Setting”, select “new” 9. Select “Certificate to Issue” 10. Select “Authenticated Session” and “Smartcard Logon” by holding down to the Ctrl key, and click “OK” to continue.
11. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 12. Right-click on domain, and select ”Properties” to continue. 13. Select “Group Policy” tab and click “Properties” to continue.
14. Go to “Computer Configuration” > “Security Settings” > “Public Key Policies” 15. Right-click “Automatic Certificate Request Setting”, and select “New” 16. Click “Automatic Certificate Request ...
17. The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup, simply click “Next” through to the last step. 18. Click “Finish” to complete the Automatic Certificate Request Setup 19. Go to Start > Run, and type “command” and click “Enter” to open Command Prompt. 20. Type “secedit/refreshpolicy machine_policy” to refresh policy. Adding Internet Authentication Service 21. Go to Start > Control Panel > Add or Remove Programs 22.
Setting Internet Authentication Service 24. Go to Start > Program > Administrative Tools > Internet Authentication Service 25.
26. Enter the IP address of the Access Point in the Client address text field, a memorable name for the Access Point in the Client-Vendor text field, the access password used by the Access Point in the Shared secret text field. Re-type the password in the Confirmed shared secret text field. 27. Click “Finish” to complete adding of the Access Point.
28. In the Internet Authentication Service, right-click “Remote Access Policies” 29. Select “New Remote Access Policy”. 30. Select “Day-And-Time-Restriction”, and click “Add” to continue.
31. Unless you want to specify the active duration for 802.1x authentication, click “OK” to accept to have 802.1x authentication enabled at all times. 32. Select “Grant remote access permission”, and click “Next” to continue.
33.
For TLS Authentication Setup (Steps 34 ~ 38) 34. Select “Authentication” Tab 35.
36. Go to Start > Program > Administrative Tools > Active Directory Users and Computers 37. Select “Users”, and double-click on the user that can be newly created or currently existing, who will be configured to have the right to obtain digital certificate remotely. Please note that in this case, we have a user called, test, whose account/password are used to obtain the digital certificate from server.
38. Go to the “Dial-in” tab, and check “Allow access” option for Remote Access Permission and “No Callback” for Callback Options.
For MD5 Authentication (Steps 39 ~ 54) 39. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 40.
41. Select “Group Policy” tab, and click “Edit” to edit the Group Policy.
42. Go to “Computer Configuration” > “Windows Settings” > “Security Settings” > “Account Policies” > “Password Policies” 43. Click “Define this policy setting”, select “Enabled”, and click “OK” to continue.
44. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 45. Go to Users.
46. Go to “Account” tab, and enable “Store password using reversible encryption” 47. Click “OK” to continue.
48. Go to Start > Program > Administrative Tools > Internet Authentication Service. 49. Go to Remote Access Policies 50. Make sure that MD5 is moved up to Order 1 51.
52. Go to “Authentication” tab 53. Enable “Extensible Authentication Protocol” 54. Select “MD5-Challenge” for EAP type.
APPENDIX D: GLOSSARY Access Point ― An internetworking device that seamlessly connects wired and wireless networks. Ad-Hoc ― An independent wireless LAN network formed by a group of computers, each with an network adapter. AP Client – One of the additional AP operating modes offered by 11Mbps Access Point, which allows the Access Point to act as an Ethernet-to-Wireless Bridge, thus a LAN or a single computer station can join a wireless ESS network through it.
the OSI network protocol model. Browser ― An application program that enables one to read the content and interact in the World Wide Web or Intranet. BSS ― BSS stands for “Basic Service Set”. It is an Access Point and all the LAN PCs that associated with it. Channel ― The bandwidth which wireless Radio operates is divided into several segments, which we call them “Channels”. AP and the client stations that it associated work in one of the channels.
ESS ― ESS stands for “Extended Service Set”. More than one BSS is configured to become Extended Service Set. LAN mobile users can roam between different BSSs in an ESS. ESSID ― The unique identifier that identifies the ESS. In infrastructure association , the stations use the same ESSID as AP’s to get connected. Ethernet ― A popular local area data communications network, originally developed by Xerox Corp., that accepts transmission from computers and terminals.
Multicasting ― Sending data to a group of nodes instead of a single destination. Multiple Bridge – One of the additional AP operating modes offered by 11Mbps Access Point, which allows a group of APs that consists of two or more APs to connect two or more Ethernet networks or Ethernet enabled clients together. The way that multiple bridge setup is based on the topology of AdHoc mode. Node ― A network junction or connection point, typically a computer or workstation.
the IP address to turn part of the host ID address field into a field for subnets. TCP/IP ― Transmission Control Protocol/ Internet Protocol. The basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network, i.e. intranet or internet.
APPENDIX E: TECHNICAL SPECIFICATION 802.11b compliant (wireless) 1 / 2 / 5.5 / 11 Mbps Direct Sequence Spread Spectrum (DSSS) 1 Mbps – BPSK 2 Mbps – QPSK 5.5 / 11 Mbps – CCK RF Frequency 2412 MHz – 2462 MHz (North America) 2412 MHz – 2472 MHz (General Europe) 2412 MHz – 2484 MHz (Japan) Operating Channel 11 Channels (North America) 13 Channels (Europe) 14 Channels (Japan) RF Output Power 16 dBm (typical) Sensitivity 1, 2Mbps BPSK, QPSK -92 dBm 5.