Enabling Eap-Tls Or Peap - Cisco Aironet CB21AG Installation And Configuration Manual

Cisco aironet 802.11a/b/g wireless lan client adapters

Hide thumbs Also See for Aironet CB21AG:

Installation and configuration manual (286 pages)

Install wizard (34 pages)

User manual (22 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

page of 159

/ 159
Contents
Table of Contents
Bookmarks

Table of Contents

Setting Security Parameters

If you want to change the value of the Group Policy Delay parameter, enter a new value or use the up

Step 16

and down arrows to select a value between 0 and 65535 seconds. (Microsoft supports only values

between 30 and 600 seconds. The default value is 60 seconds.)

The Group Policy Delay parameter specifies how much time elapses before the Windows logon process

starts Group Policy, a Windows feature used by administrators to specify configuration options for

groups of users. The objective is to delay the start of Group Policy until wireless network authentication

occurs. The value that you set for this parameter goes into effect after the computer reboots with this

profile set as the active profile.

Note

Step 17

Click OK to save your settings and return to the Cisco Aironet Desktop Utility (Profile Management)

window.

Step 18

Refer to

Enabling EAP-TLS or PEAP

Before you can enable EAP-TLS or PEAP authentication, your network devices must meet the following

requirements:

•

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide

5-44

A Microsoft hot fix is required in order to use this parameter on computers running Windows

2000. Refer to the

"Installing a Microsoft Hot Fix for Group Policy Delay" on page 3-21

information on obtaining and installing the hot fix.

Chapter 6

for instructions on authenticating using EAP-FAST.

You must have a valid Windows username and password, and the password cannot be blank.

The appropriate certificates must be installed on your computer. EAP-TLS requires both a

Certificate Authority (CA) certificate and a user certificate while PEAP requires only a CA

certificate.

Note

Contact your system administrator if you need help obtaining and importing the necessary

certificates.

To support EAP-TLS machine authentication with machine credentials:

A machine certificate must be obtained from the server, and client machine access must be

–

enabled on the server.

Permissions for the MachineKeys folder, which stores the certificate pair keys for both the

–

computer and users, must be set correctly. Refer to Microsoft knowledgebase article Q278381

for information on correctly setting up folder permissions:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q278381

If you ever change permissions on higher-level directories and those settings are applied

Note

to all subdirectories, you may need to reset the permissions for the MachineKeys folder.

Chapter 5

Configuring the Client Adapter

OL-4211-05

for

Table of Contents

This manual is also suitable for:

Aironet pi21ag

Enabling Eap-Tls Or Peap - Cisco Aironet CB21AG Installation And Configuration Manual

Enabling EAP-TLS or PEAP

Related Manuals for Cisco Aironet CB21AG

Related Content for Cisco Aironet CB21AG

This manual is also suitable for:

Table of Contents