Edimax 802.11g Wireless LAN Cardbus Adapter User Manual

Download

Page 1

880022..1111gg W

Wiirreelleessss LLAANN

CCaarrddbbuuss AAddaapptteerr

User Manu al

Page 2

Ver sion: 1.1 (June, 2005)

Copyright © 2005/2006 by this company. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherw ise, w ith out the pri or written permission of th is c ompany

This company makes no representations or warranties, either expressed or implied, with respect to the contents hereof and specifically disclaims any warranties, merchantability or fitness for any particular purpose. Any software described in this manual is sold or licensed "as is". Should the programs p ro ve de fective follow ing thei r purchas e , the buyer (a nd not this com pan y, its distr ibutor, or its dealer) assumes the entire cost of all necessary serv icing, repair , and any inci den tal or conseque nt ial damages resulting from any de fe ct in the so f tware. Fu r ther, this com pany res er ves th e righ t to r evise this pu blic ation and to make changes from time to time in the con te nts hereo f without obligation to notify any person of such revision or changes.

All brand and product names mentioned in this manual are trademar ks and/or registe red t rademarks of their respecti ve holders.

Page 3

Fe deral Communication Commission

Interference Statement

This equipment has been tested and found to comply with the limits for a Class B digital dev ice, pursuant to Part 15 of FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruc tions , m a y cause harm ful inte r ference to radio com m unica tions . Howev er, there is no guarantee that interference will not occur in a particular installati on . If this equipm ent does caus e harm ful int er ferenc e to radio or television reception, which can be determined by turning the equipment off an d on , the us er is en cou raged to try to correc t the inter feren ce by one or more of the foll owing meas ures:

1. Reorient or r elocate t he r ec eiving antenn a.

2. Inc r ease the sep ar atio n betwe en the eq uipment and receiver.

3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connec te d.

4. Con su lt the dealer or an experienced radio technician for help.

FC C Caut i on

This equipment must be installed and operated in accordance with provided instr uctions and a minimum 5 cm spacing must be provided between computer mounted antenna and person’s body (excluding extremities of hands, wrist and feet) during wireless modes of operation.

This device complies wit h Pa rt 15 of the FCC Rules . Opera tion is s ubjec t to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

Any changes or modifications not ex pressly approved by the party responsible fo r compliance c ould void the autho ri ty to opera te equipm ent.

Federal Communication Commission ( FCC) Radiation Exposure Statement

This equipment complies with FCC radiation ex posure set forth for an un con trolled envi ronm en t . In orde r to a voi d th e pos s ibility o f exceeding the FCC radio frequency exposure limits, human proximity to the antenna shall not be less than 20cm (8 inches) during normal operation.

Page 4

R&TTE Compliance Statement

This equipment complies with all the requirements of DIRECTIVE 1999/5/CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL of March 9, 1 999 on radio equipment and telecommunication terminal Equipment and the mutual recognition of their conformity (R&TTE) The R&TTE Directive repeals and replaces in the directiv e 98/13/EEC (Telecommunications Terminal Equipment and Satellite Earth Station Equipment) A s of April 8, 2000.

Safety

This equipment is designed with the utmost care for the safety of those who install and use it. However, special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment. A ll guidelines of this and of the computer manufactur e must therefore be allowed at all times to ensure the safe use of the equipment.

EU Countries Intend ed for Use

The ETSI version of this device is intended for home and office use in A ustr ia, Belgium, Denmar k , Fi nland, France , Germ any, Gree ce , Irelan d, I taly, Lu xembourg , th e Netherlands , Por tugal, Spain, Sweden , and the Unite d Kingdom. The ETSI version of this device is also authorized for use in EFTA member st ates : Iceland , Liech tenste in , Norway, and Swi t ze rlan d.

EU C ountri es Not int end ed fo r use

No ne.

Page 5

CONTENTS

1 INTRODUCTION............................................................. 1

1.1 FEATURES........................................................................................ 1

1.2 SPECIFICATIONS................................................................................ 1

1.3 PACKAGE CONTENTS.......................................................................... 2

2 INSTALLATI ON PROCEDURE .......................................... 3

3 C ONFIGUR ATIO N UTI LI TY ........................................... 10

3.1 WIR ELESS CONNECTION STATUS......................................................... 10

3.2 PROFILE MANAGEMENT ....................................................................11

3.3 DIAGNOSTICS ................................................................................. 12

3.4 SECURITY......................................................................................13

3.4.1 WPA Setting................................................................................15

3.4.2 Using WPA Passphrase Security.........................................................22

3 . 4. 3 Pre -S har ed E ncryp tion Key s..............................................................23

OVERW RIT ING AN EXISTING STATIC WEP KEY ..............................................24

DISABLING STATIC WEP ..........................................................................24

4 TROUBLESHOOTI NG .................................................... 25

Page 6

1 Introduction

Thank you fo r pu rchasing the 802.11g Wirele ss LAN Carbus Adap ter. T his Adapter is de si gn ed to com ply with IEEE 802.11g Wi rel e ss LA N standa rd and easy to c arry with the Mini size. I t is suitable for any Laptop or De sktop computer s.

Thi s adapte r sup port s 64/128/152-bit WEP da ta en cryption that p rotects you r wirel ess net wo r k from ea vesdropping. It also supports WPA (Wi -Fi Protected Acce ss) feature that co m b ines IEEE 802.1x a n d TKIP (Temporal Key Integrity P rotocol) technologi es. Client users are required to authori ze before accessing to APs or AP Router s, and the data t ran smitted in the net wo r k is enc rypted/decrypted by a dynam i call y cha nged secret ke y.

I t supports the Super G mode feature to enhance the data rate to rea ch to 108Mbps, it can enhance the data ra te when it connect with Super G produ ct.

This adapter is with the versatile features; it is the best solution for you to build your wireless ne twork.

1.1 Features

• Complies wi th the IEEE 802.11b and IEEE 802.11g 2.4GHz standards.

• Up to 54Mbps high data transfer rate. ( 108M : Super G mode enabled)

• Sup por t 64/ 128/152- bit WEP, WPA, IE EE 80 2.1x h ig h leve l of s ecurity.

• Complies with IEEE 802.11d country roaming standard.

• Support the most popul ar operating system: Windows 98SE/Me/2000/XP.

• Suppor ts Standard 32bit Ca r dbus inte r fac e.

• Portable and Compact-size design.

• Sui table for Any Notebook.

1.2 Specifications

• Standard: IEEE 802.11g/b

• Bus Type: 32-bit Car dbus

• Frequency Band: 2.4000~2.4835GHz (Industrial Scienti fic Medical Band)

• M odulatio n : OFDM with BPSK, QPSK, 16QAM, 64QAM (11g)

BPSK, QPSK, CCK (11b)

• Data Rate: 54/48/36/24/18/12/11/9/6/5.5/2/1Mbps auto fallback (108Mbps: Super G enabled)

• Security: 64/128/152-bit WEP Data Encrypti on, WPA , IEEE 802.1x

• Antenna: Internal Antenna

• Drivers: Wi ndows 98SE/Me/2000/XP/2003 Server

• LED: Link, Activity

• T ransmit Power: 16 ~18 dBm (Typi cal )

Page 7

• Dimensi on: 8(H) x 118(W) x 54(D) mm

• T emperature: 32~131°F (0 ~55°C)

• Humidity: 0-95% (NonCondensing)

• Certific at ion: FCC, CE

1.3 Package Contents

Be fore you begi n the installation, please chec k the items of your package. The pac kage shoul d include the foll owing i tems:

• One PC Car d

• One CD (Driver/Utili ty/User’s Manual.)

• One Qu ick Gui de

I f a ny o f t he above i tems is missi ng, contact y our supplier as so on as possible.

Page 8

2 Installation Procedure

Be fore you proceed with the installati on, please notice foll owing descriptions.

Note1 : The fol l owing insta l lation was operated in Windows XP. (Procedur es are si m i lar for

Windows 98SE /M e/2000)

Note2: If you have installed the Wireless PC Card driver & utility before, please uninstall the

old v ersion fir st.

Note3 : For Window s 98SE pl ease m ake sure your copy of w i ndows i s fully updated wi th the

la tes t hotfix es by going to http://windowsupdate.mi cr osoft.com

Th is chap te r describ es u s in g the Ath e ro s insta lle r to in s ta ll th e Ath e ro s wirele s s net wo rk adapte r driver.

Installation

Note: Please ensure the Su per-G cardbus adapter is firmly inserted to the cardbus slot before startin g the setu p

program.

To install th e ACU and devi c e driver:

1. I n s ert the d evi ce into the co mp u ter, and i ns ert th e i n s tallatio n CD.

2. Open the InstallShield Wizard (setup.exe).

3. Th e Ath e ro s C lien t In s ta llatio n in s ta ller open s . Select the la n g ua ge yo u wish

the in s ta llatio n p rog ra m to p roce ed in . C lick Nex t.

4. The Atheros license agreement window appears. Read and accept the

agreem ent to continue . Cli ck Nex t.

5. T h e I nstallati on Pro g ram win do w appears with th re e setu p option s .

To in s ta ll th e clie n t utilitie s and d river, se lect th e appro p r ia te in s ta llatio n typ e (se e Tab le (2-1 ) a nd cli ck Nex t.

Page 9

Table 2-1. I nsta ller I nsta llat ion Se lections

Rad io B utton Description

Install Client Utilitie s and Dri ver (recommended)

Install s the driver and client utilities. This is the recommends option .

In stall Driver Only Installs only the driver without installing the client utilities.

Make Driver Install a tio n Diske tte(s)

Creates driver installation diskettes.

6. A promp t a p pears wa rning th a t the in s ta ll re q u ires th e s ys tem to be reb oo te d

a t the en d of th e in s ta llatio n p ro ces s . Click Y es to con tin u e .

7. Choose the setup dire ctory. The default is C:\Program Files \ Atheros.

Click Next.

8. Choose the program folder for the start menu. The default is Athero s . C lick

Next.

9. For a windo ws XP installation, the next screen define s the Windows Ze ro

Configura tion. W indows XP Ze ro Configura tion provides functio nality to a u toma ti ca l ly tr y to co nn ect th e s tati o n to availabl e wirel ess ne tworks. For comp lete in f o rma tio n o n Windows Ze ro Con f ig u ratio n , se e the M ic ros of t web site.

10 .I n this in s ta llation , s elect the Atheros C lien t U tili ty a n d Su p p lican t.

C lick Next. T h e insta ller a u to ma tically ins ta lls th e d ri ve r.

11 .M a ke s u re that the USB d e vice is inserted . I f it is n o t, in s ert it, th e n ca nce l

the fo und Ne w Ha rd ware Wizard if it appea rs. Proceed with the installa tion. Cl ick OK.

Page 10

12.Windows may display a Windows Logo error for the USB bootloader. Click

Continue Anyway.

Th e in s ta ller con tinu es in s ta llatio n .

13 .Win d o ws ma y d is p la y a W in dows L o g o er ror fo r the WL A N dr ive r. C lick C lick

Continue Anyway.

Th e in s ta ller con tinu es in s ta llatio n .

14 . Click OK at th e pro mp t to re b oot and compl ete the in stallatio n.

Page 11

Insta lling the At heros U SB W ire less Network Adapter

To in s ta ll th e U SB d r ive r a nd th e Athero s C lien t Utility, see “ T o in s ta ll th e ACU and USB device driver:” on page 2-1.

To in s ta ll the USB De vice Dr ive r sep arately:

1. Insert the USB device into the computer: The Found New Ha rdware Wizard

opens. Choose advanced installation and click Nex t.

2. Ch oos e Sea rch for dri ve r in the se lo ca tio n s . T he d river is loca te d in the

Nd is 5 x \ 2KXP d ire c to ry. ( For W in d ows 9 8 SE/ME comp u te rs , the d river is lo ca te d in the Ndis5 x\9 8ME).

3. Windows ma y display a Windows Logo error for the bootloader. C lick C ontinue

An ywa y. Th e insta ller will continu e with the in stalla tion .

Page 12

4. Cl ick Fi n ish to clos e th e Fou n d New H ardware Wiza rd and co m p l ete in s tallatio n

of the USB device bootloader.

5 . Th e F ound Ne w Ha rd wa re Wi zard opens to i nst al l software f or the USB dev i ce.

Click Nex t to continue .

6. Ch oos e Sea rch for dri ve r in the se lo ca tio n s . T he d river is loca te d in the

Nd is 5 x \ 2KXP d ire c to ry. ( For W in d ows 9 8 SE/ME comp u te rs , the d river is lo ca te d in the Ndis5 x\9 8ME).

Page 13

7. Windows may display a Windows Logo error for the WLAN driver. Click

C o n tinu e An yway. T h e in s ta ller will co n tinu e th e insta llatio n .

8. Cl ick Fi n ish to clos e th e Fou n d New H ardware Wiza rd and co m p l ete in s tallatio n

o f th e Ath eros U SB Netwo rk Adapter.

Page 14

Use the ACU to configure the device driver. The ACU provides extensive online help to a id i n co n f i g u rin g the de vice . Access th e A CU b y ri g h t- clicking th e tra y i co n and choo sin g Athero s Clie n t Utility.

III. Using the Configuration Utility

To setup the USB adapter, double-click the i con i n the sy stem tray.

For Windows XP, there is a “ Windows Zero Configurati on Tool” b y def ault fo r you to setup wireless client s. If you want to u se the Utility o f the USB adapter, please foll ow one of the ways as below.

. Double-clic k the icon.

B. Click “Ad van ce ”. C. U nchec k “U se Win do w s to

configure my wirele ss net wo rk se tting s”.

Page 15

3 Configuration Utility

The Client Utility is a user-mode utility designed to edi t and add profi les for, as well as displ ay and diagno stic s pe rtai ning to a selected wirel ess USB adapte r.

3.1 Wirel ess Co nnect ion St at us

When you open the Confi gura tion Utility, the system will scan all the channels to fi nd al l the access poi nts/stations within the accessible range of your card and automati call y connect to the wireless device with the hi ghest si gnal strength. From the screen , you may know all the infomration about the wireless connecti on.

Page 16

3.2 Profile Management

Parameter Description New To add a new configuration profi l e, clic k New on the Pro fi l e

Management tab. T o m odify a configura tion profi le, select the configurati on from the P rofile list and clic k the Modify bu tto n.

Modify

In the Atheros Client Utility, access the General tab by clicki ng New or

Modify on the Profile Management tab.

Edit the fields i n the General tab to confi gure the configuration profile. Make sure to also edit the Security and Advanced ta b s.

Remove Select the profi le to remo ve f rom the list of configuration p rofiles.

Import

1. From the Profile Management tab , clic k the Import b u tto n.

The Import Profi l e window appears.

2. Browse to the directory whe re the profi l e is l ocated.

3. Highli ght the profi l e nam e.

4. Cli ck Open. The imported profile appears in the pro fi l es

li st.

Export

1. From the Profile Management ta b, high light th e profile to

export.

2. Cli c k the Export button. The Expo r t Profile window

appea r s.

Page 17

3. Browse to the directory to export the pro fi l e to.

4. Cli ck Save . T he profi le is exported to the specified

loca tion.

Orde r Profiles

In cludi ng a profi le in the auto selection feature al lows the wireless adapter to automaticall y selec t that profile from the l ist of profiles and use i t to connec t to the networ k.

3.3 Diagnostics

The client utility includes a number of tools to display current diagno stic s and status info rmation.

Parameter Description Adapter Information The Adapter Information button contains general information

about the network inte rf ace ca rd (the wireless netwo r k adapte r ) and the network driver interface specification (NDIS) driver.

Ad vanced Statistic s The Diagnostic s tab of the Athero s Client Utility provides buttons

used to re trieve re ceive and transm i t statistics. The Diagnostic s tab does not require any configuration

Page 18

3.4 Security

Thi s Chapter de scribe s setting up se cu rity u sing the Athe ros Cl ient Utility(A CU). Whil e using the Athero s USB wirele ss netwo r k adapte r, encr yption data can protect it s as it i s t ran smitted th rough the wi rele ss networ k.

While using the Atheros USB wireless network adapter, encrypting data can protect its privacy as it is transmitted through the wireless network.

The ACU allows connection profiles of: z No security (not recommended)

Link encryption/decrypti on is disabled, no keys are installed.

z WPA security

Enables the use of Wi-Fi Protected Access (WPA). Thi s option requires IT administrati on. This option incl udes the EAP (wi th dynam i c WEP keys) security protocols: EAP, PEAP, and LEAP.

WPA is a standard-based, interoperable security enhancement that provides data protection and access control for wireless LAN systems. It is derived from and is forward-compatible with the upcoming IEEE

802.11i standard. WPA leverages Temporal Key Integrity Protocol (TKIP) and Michael message integri ty check (MIC) for data protection, and

802.1X for authenticated key m anagement. WPA supports two mutually exclusive key management types: WPA and

WPA passphrase (also known as WPA-Pre Shared Key (PSK)). Using WPA, clients and the authentication server authenticate to each other using an EAP authentication method, and the client and server generate a pairwi se master key (PM K). The server generates the PMK dynamically and passes it to the access point.

z WPA-PSK security

Enables WPA passphrase security (also known as WPA-Pre Shared Key (PSK)).

z 802.1x security

Enables 8 0 2.1x security. This option requires IT admini stration. This option includes the EAP (with dynamic WEP keys) security protocols: EAP, PEA P, an d LEAP.

802.1x is the standard for wi reless LAN security defined by IEEE as 802.1x for 802.11, or simply 802.1x. An access point that supports 802.1x and its protocol, Extensible Authentication Protocol (EAP), acts as the i nterface between a wi reless client and an authenti cati on server such as a RADIUS server, to which the access point communi cates over the wired network.

z Pre-Shared Key security (Static WEP)

Static WEP enables the use of up to four pre-shared (static wired equivalent privacy (WEP)) keys that are defined on both the access point and the client station. These keys are stored in an encrypted format in the registry of the Wi ndows device. When the driver loads and reads the USB devi ce's regi stry parameters, it also finds the static WEP keys, decrypts them, and stores them in vola tile memory on the USB devi ce.

If a device recei ves a packet that is not encrypted with the appropriate key, the device di scards the packet and never delivers i t to the intended recipient.

Page 19

This is because the WEP keys of all devices that are to communicate with each o the r must m atch.

Authenti cation Process

Enabling EAP on the access point and configuring the USB device to LEAP, EAP-TLS, PEAP (EAP-GTC), or PEAP (EAP-MSCHAP V2) authentication to the network occurs in the following sequence:

1. The cl ient associates to an access point and begins authenti cation.

2. Communi cating through the access point, the client and RADIUS server

complete authenti cation wi th the password (LEAP and PEAP) or certificate (EAP-TLS). The password is never transmitted during the process.

3. After successful authenti cation, the cli ent and RADIUS server derive a

dynami c WEP key uni que to the client.

4. The RADIUS server transmi ts the key to the access point using a secure

chan nel on the wir e d LAN .

5. For the length of a sessi on the access point and the client use thi s key to

encrypt or decrypt all unicast packets (and broadcast packets).

O verview Of the S ecurity C o nfigurat io n Op tions In ACU

Rad io B utton Descr ip tion

WPA

Enables the use of Wi -Fi Pro tected Access (WPA) . Choosi ng WPA opens the WPA EAP drop -down menu. T he

options include:

EA P-TLS EA P-TT L S PE AP (EAP -GT C) PE AP (EAP -MS CHAP V2 ) LEAP

WPA Pass phrase

Enable s WPA Passph ra se se curit y. Click on the Configure button and fill in the WPA Pa ssphra se.

802.1x

Enables 802.1 x security. This option requires IT administ ration. Choosi ng 802.1x open s the 802.1x EAP typ e drop-down

menu. T he options include:

EA P-TLS EA P-TT L S PE AP (EAP -GT C) PE AP (EAP -MS CHAP V2 ) LEAP

I f the ac cess point that the wi rele ss adapte r i s a ssociating to ha s WEP set to Optional and the cl ient ha s WEP en abled, ma ke sure

Page 20

that All ow A sso ciation to M ixed Cell s i s chec ked on the Security

Tab to al low association.

Pre-Shared Key(Static WEP)

Enable s the u se of pre -shared key s tha t a re de fined on bo th the a cce ss poi nt and the station.

To define pre-shared encryption key s, choose the Pre-Sh ared Key radio button and click the Configure button to fill in the Define

P re -Sha red Keys window .

I f the ac cess point that the wi rele ss adapte r i s a ssociating to ha s WEP set to Optional and the cl ient ha s WEP en abled, ma ke sure that All ow A sso ciation to M ixed Cell s i s chec ked on the Security

Tab to al low association.

None

No securit y (not re commended ).

3.4.1 WPA Security Settings

EAP Security

To use EAP security, access the Security tab in Profile Management.

1. In t h e A C U, edit t h e s ecuri t y settin g s by clickin g New or Mo dify o n t h e Profile Ma nagement tab.

2. Choose a profile to edit, or name the new profile in the Profile Ma n agement win d o w. Ente r the SSI D of th e a c ces s po int the s ta tio n co nnects to.

3. On the Secu rity tab , choose the WP A radio bu tton .

O R: On th e S e c ur ity ta b , c hoos e th e 8 02.1 x rad io butto n .

4. Choose EAP- TL S or EA P-TTL S from the drop-do wn menu

Page 21

Using EAP-TLS Security Imp ortan t N ote : To use EAP-TT LS secu rity, the machine must already have the EA P-

TT LS certifi cates do wnloaded onto it from a Cer ti ficate Autho rity ( CA ). Pl ease chec k with your IT adm i nistrator.

To use EAP-TLS security In the Atheros Client Utility, access the S e curity tab in the P rofile Management window.

1. On the S ecurity tab, choo se t he WPA radio button.

O R: On the Security tab, choo se the 8 02.1x radio button.

2. Choo se EAP -TLS f rom the drop-do wn menu.

E nabling EAP-TLS security:

Imp ortan t N ote : To use EAP-TT LS secu rity, the machine must already have the EA P-

TT LS certifi cates do wnloaded onto it from a Cer ti ficate Autho rity ( CA ). Pl ease chec k with your IT adm i nistrator.

1. If EAP -TLS is supported, choose EAP-TLS from the drop -do wn menu on the right,

then click the Configure button.

2. Sele ct the appropriate certificate authority from the list. The server /domai n nam e

and the logi n nam e are fil l ed in automatically from the certificate information. Clic k

OK.

3. Cli ck OK.

4. Activate th e profil e .

Page 22

Using EAP-TTLS Securit y Imp ortan t N ote : To use EAP-TT LS secu rity, the machine must already have the EA P-

TT LS certifi cates do wnloaded onto it from a Cer ti ficate Autho rity ( CA ). Pl ease chec k with your IT adm i nistrator.

To use EAP se curity In the Atheros Client Utility, access the Se curity ta b in the Profile Management window.

1. On the S ecurity tab, choo se t he WPA radio button.

O R: On the Security tab, choo se the 8 02.1x radio button.

2. Choo se EAP -TTLS from the drop-down menu.

E nabling EAP-TTLS securi t y:

1. If EAP -TTLS is supported, ch oose EAP-TTLS from the drop -do wn menu on the right,

then click the Confi gure button.

2. Sele ct the appropriate certificate from the drop-down list and cli ck OK.

3. Spe cify a user nam e for EAP authentica tion:

o Check Use Wi ndows Use r Name to use the Windows user name as the EAP

user name.

o O R: Enter a EAP use r name in the U ser Name field to use a separate user

name and passw or d and start the EAP authentication process.

4. Click Advanced and:

o Leave the server name fi el d blank fo r the client to a ccept a certificate from

any serve r with a certi fi cate si gned by the authority listed in the Netw or k Certificate Authority drop -down list. (recommende d)

o Enter the domain name of the server from which the client will accep t a

certificate.

o Change the l ogi n nam e if needed.

5. Click OK.

6. Enabl e the p rofile.

Page 23

Using PEAP-GTC Secu rity

I m p or ta n t No te ! To use PEAP (E AP -GTC) securi t y, the server must have WPA-PEAP certificates, and the Cer tifica te A uthorit y ( C A) server properties must alread y be set up. Please check with your IT a dmin istrator.

To use PEAP security, access the Security tab in the Profile Management window.

1. In the ACU, edit the securi ty settings by cli cking New or Modify on the Profile Management tab.

2. Choose a profile to ed it, or nam e the new pr ofile in the Pro f i le Management window. Enter the SSID of the access poi nt the client computer connects to .

3. On the Security tab, choose the WPA radio button. OR: On the Security tab, choose th e 802.1x radio button.

4. Choose PEAP (EAP-GTC) or PEAP (EAP-MSCHAP V2) from the dr op- d ow n me nu.

z PEAP (EAP-GTC) authentication is designed to support one-time Password (OTP), Windows

2000 domain, and L DAP user databases over a wireless LAN. It is based on EAP-TLS authentication but uses a password instead of a client certificate for authentication. PEAP (EAPGT C) uses a dynami c sessi on-based WEP key derived from the USB devi ce and RADIUS server to e n crypt data.

Networks that use an OTP user database require enteri ng a hardware or software token password to start the PEAP (EAP-GTC) authenti cation process and to gain access to the network. Networks that use a Windows 2000 domain user database or an L DAP user database (such as NDS) require entering a username, password, and domain name in order to start the PEAP (EAP-GTC) authentication process.

z The PEAP (EAP-MSCHAP V2) authentication type is based on EAPTLS authentication, bu t uses

password instead of a client certifi cate for authenticati on. PEAP (EAP-MSCHAP V2) uses a dynami c sessi on-based WEP key, whi ch is derived from the USB device and RADIUS server, to encr y pt da t a.

To use PEAP-GTC security In the Atheros Client Utility, access the S e curity tab in the P rofile Managem ent window.

1. On the Security tab, choose t he WPA radio button.

2. OR: On the Security tab, choo se the 8 02.1x radio button.

3. Choose PEAP (EAP -GTC ) from the dro p-down m enu.

4. Cli c k the Configu re button.

5. Sel ect the appropriate network certificate authority from the dro p-d own list.

6. Specify a user nam e for inner PEAP tunnel authentication:

– C heck Use Windows Use r Name to use the Windows user na m e as the PEAP

user name.

– OR: Enter a PEAP user name in the User Name field to use a se parate user

name a nd start the PEAP authentication process.

Page 24

7. C hoose Token or Static Password, dependi ng on the user database.

Note that Token uses a hardware token device o r the Secure Computing SofToken program (ver sion 1.3 or l ater) to obtain and enter a one - ti m e password during auth entication .

8. Click Advanced and:

– Leave the server name fi el d blank fo r the client to a ccept a certificate from

any serve r with a certi fi cate si gned by the authority listed in the Netw or k Certificate Authority drop -down list. (recommende d)

– En ter the domain name of the server from which the client will accept a

certificate.

9. The login nam e used for PEAP tunnel authentication, fil ls in automatically as PE AP-

xxxxxxxxxxxx, where xxxxxxxxxxxx is the computer's MA C address. Change th e login nam e if needed.

10. Cli ck OK.

11. Enable the p rofil e.

Using PEAP-MSCHAP V2 Security Imp ortan t N ote ! To use PEAP (EAP-MSCHAP V2) security , the server must h ave WPA-

PE AP c er ti ficates, and the server pro per ti es must already be set. Chec k with the IT manager.

To use PEAP-MSCHAP V2 security In the Athero s Client Utility, access the S e curity tab in the Profile Managem ent window.

1. On the Security tab, choose t he WPA radio button.

O R: On the Security tab, choo se the 8 02.1x radio button.

2. Choose PEAP (EAP -MSCHAP V2) from the drop-down menu.

3. Cli c k the Configu re button.

4. Sel ect the appropriate certificate from the drop-down list.

Page 25

5. Specify a user nam e for inner PEAP tunnel authentication:

– C heck Use Windows Use r Name to use the Windows user na m e as the PEAP

user name.

– OR: Enter a PEAP user name in the User Name field to use a se parate user

name a nd start the PEAP authentication process.

6. Click Advanced and:

– Leave the server name fi el d blank fo r the client to a ccept a certificate from

any serve r with a certi fi cate si gned by the authority listed in the Netw or k Certificate Authority drop -down list. (recommende d)

– En ter the domain name of the server from which the client will accept a

certificate.

– The login nam e used for PEAP tunnel authentication, fills i n automatically as

PE AP-xxxxxxxxxxxx, whe re xxxxxxxxxxxx is the com p u ter 's MAC address. Change t he l ogin name i f needed.

7. Click OK.

8. Enabl e the p rofile.

Page 26

Using LEAP Sec ur it y Imp ortan t N ote ! LEAP securi ty requires that al l infrastructu re de vices (e.g. acce ss

points and se rvers) are configured for L EAP authentica tion. Chec k with the IT m anager. To use security In the Atheros Client Utility, access the S e curity tab in the Profile

Management window.

Configuring LEAP :

The LEAP authentication type uses Cisco Key Integrity Protocol (CKIP) and MMH message i ntegrity check (MIC) for data protection. The USB devi ce uses the username and password to perform mutual authenticati on with the RADIUS server through the access point. To use LEAP se curity, access the Security tab in Profile Management.

1. In the ACU, edit the securi ty settings by cli cking New or Modify on the Profile Management tab.

2. Choose a profile to ed it, or nam e the new pr ofile in the Pro f i le Management window. Enter the SSID of the access poi nt the station connects to .

3. On the Security tab, choose the WPA radio button. OR: On the Security tab, choose th e 802.1x radio button.

4. Choose LEAP from the drop-down menu.

1. Cli c k the Configu re button.

2. Specify a user name and passwo rd:

Sel ect to Use Temporary User Nam e and Passw ord b y choo si ng the radio button:

Page 27

o Check Use Wi ndows Use r Name to use the Windows user name as the LEAP

user name.

o OR: Check Manually Prompt for LEAP U ser Name and Password to manual l y

Sel ect to Use Sa ved U ser Nam e and Password b y choo sing the radio bu tton:

o Spe cify the LEAP user name, p asswo rd, and dom ain to save and use.

3. Enter the user name and password.

4. C onfirm the passwo rd .

5. Specify a dom ain name:

o Check the Include Windows Logon Dom ain with U ser Name setti n g to pass

the Wi ndows login dom ai n and user name to the RAD IU S server. (default)

o O R: Enter a specific domain nam e.

6. If desired, chec k No Ne two r k Conne ction Unless U ser Is Logged In to force the

wireless adapter to disasso ciate after logging off .

7. Enter the LEAP authenticati on tim eout time (betwe en 30 and 500 seconds) to specify

how long LEAP should wait befo re declaring authentication fail ed, and sending an erro r message. The defaul t is 90 seconds.

8. Click OK.

9. Enabl e the p rofile.

3 .4.2 Us in g WPA Pass p hrase Sec ur ity

To use WPA Pa ssphrase security In the Atheros Client Utility, access the Se curity tab in the P rofile Managem ent window.

1. In the ACU, edit the securi ty settings by cli cking New or Modify on the Profi le Management tab.

2. Choose a profile to ed it, or nam e the new pr ofile in the Pro f i le Man agemen t wi nd ow . Ent er the SSID of the access point the client computer connects to.

3. On the Security tab, choose WPA Passphrase.

4. Click on the Security tab, and choose the WPA-PSK radio button. Cl ick the Confi gure button.

Page 28

5. Enter the WPA passphrase (for ASC II text, enter 8 -63 characte r s, fo r he xadecimal , ente r 64 characters). Clic k OK.

6. Click O K and enabl e the p rofile.

3.4.3 Pre-Shared Encryption Keys

To use Pre-Shared Key (sta tic WEP) se curity In the Atheros Client Utility, acce ss the S e curi ty tab in the Pr ofi le Manage me nt w in dow .

1. In the ACU, edit the securi ty settings by cli cking New or Modify on the Profi le Management tab.

2. Choose a profile to edi t, or name the new profile in the Profile M anagement window. Enter the SSID of the access point the client computer connects to.

3. On the Security tab, choose Pre-Shared Key (Stati c WEP).

Defining pre-shared encryption keys:

1. Cli c k the Define Pre -Sha red Keys radio button on the Se curity tab.

2. Click on Confi gure.

3. Fill in the fields i n the WEP Encryption keys dialog box:

Ke y Button Descr ipti on

Ke y Entry Determines the entr y method for an encr yption key:

he xadecim al (0 -9, A- F), o r ASCII text (all keyb oard cha ra cters except spaces).

En crypti on Keys Sele ct s the default encryption ke ys used. Only allows the

sele ction for a shared Fi r st, Second, Third, or Fourth key whose cor re sponding field has been completed.

W EP K eys (1-4 )

Defines a set of shared encr yption keys for networ k

Page 29

configurati on security. At l east one Shared Key field must be populated to enabl e secu rity using a shared key .

Clic k on the radio button to set the key as the default en cr ypt io n key .

WEP Key Size

Defines the size for each encryption key. T he opti ons include:

o 64- bit (e nter 10 digits for hexadecimal , 5 ASCII

char acter s)

o 128- bit ( enter 26 digits for hexadecimal , 13

digits for ASCII)

o 152-bit (en ter 32 digits hexa decimal, 16 digi ts

fo r ASCII )

4. Click OK for the changes to take effect.

Overwriting an Existing Static WEP Key

1. Cli c k the Define Pre -Sha red Keys radio button on the Se curity tab.

2. Click on Confi gure.

3. I n t he wi nd ow, all exi sting sta t ic WEP keys are di sp laye d as asterisks for security

reasons. Clic k in the fi el d of the existing stati c WEP key to ove r write.

4. Dele t e the asterisks in tha t f ield.

5. Enter a new key.

6. M a ke su re t o s e lec t t h e Transmit Key butto n to the l e ft of thi s key is selected for th e

key to transm it pa ckets.

7. Click OK.

D isabling S t at ic WEP

To disable static WEP for a par ti cular profi le, choo se None on the Profi l e

Management tab and cli ck OK.

OR: Select any other secu rit y option on the Pro file Managem ent tab to automaticall y

di sable stati c WEP.

Page 30

4 Troubleshooting

This chapte r p ro vides solutions to problems u sual ly encountered duri ng the installation and operation of the adapter.

1. Fo r Window s 98SE c om pute rs, if the Atheros Cli ent Util ity fails to loa d after properly installation, click on the windows “S tart” button on your t oolbar, selec t the “run” button, and enter “C :\ Window s\s ys tem \aegis2.exe” i nto the dia log box, then press e nte r, a dialog box w ill p op up, please select “ins tall” t hen press “enter”.

2. Fo r Window s XP or Wind ow s XP SP1, please update your win dows w i th the follow ing hotfix http ://suppor t.microsoft.com/?sci d=k b %3Ben-

us%3 B822603 &x=10&y =13 i f y o ur c o p y of Win d ow s XP ha s be en u pda te d

w ith S ervice Pack 2 ( SP2), you do not need t o apply this hotfix.

3. To Unins tall the Ath eros Clie nt Utili ty, please double c lick on “setup” on you r driver i nstallatio n C D, then selec t t he uni nstall option, the n press enter.

4. In Windows M E, if you receive an error ab out IP HLPAPI.DLL, please logoff your account, and re-login your account.

5. In Windows 98SE/ME, Err ors may be e ncoun tered when the d rivers are installed thr ough the “Found New Hardware Wizard” by c hoosing “Don’t search. I w ill cho ose the driv er to install”. To prev ent this error, please fo ll ow pag e 7 of th is user’s ma nua l.

Frequently Asked Questions (FAQ)

1. What is the IEEE 802.11g standard?

802. 11g is the new I EEE standard for high- speed wireless LAN communications that provi des for up to 54 Mbps data ra te i n the 2.4 GH z band. 802.11g is quickl y becoming the next mai nst ream wirele ss LAN te chnology for the home, office and public ne tw or ks.

802. 11g defines the use of th e same OF DM modul ation technique specified i n IEEE

802. 11a for the 5 GH z f requenc y band and appl i es it i n the same 2.4 GHz frequency band as IEEE 8 0 2.11b. The 802.11g standard requires backward compatibility with

802. 11b.

The standa rd speci fi cal ly call s for:

A. A new physical layer for the 802.11 Medi um Access Control (MAC) in the 2.4 GHz

f requen cy band, known as the extended rate PHY (E RP ). The E RP adds OFDM as a mandatory new coding schem e for 6, 12 and 24 M bps (mandato ry speeds), and 18, 36, 48 and 54 Mbps (optional speeds). The ERP includes the modulation

Page 31

schemes found in 802.11b including CCK for 11 and 5.5 M bps and Bar ker code modulation for 2 and 1 M bps.

B. A protection mechanism call ed RTS/CTS that govern s how 802.11g devices and

802. 11b devices interope rate.

2. What is the IEEE 802.11b standard？

The IEEE 802.11b Wireless LAN standard subcommittee, which formulates th e standard for the i ndustry. The obj ective is to enable wireless LAN ha rd ware from diffe ren t manufactures to communicate.

3. What does IEEE 802.11 feature s uppor t？

The product supports the fol l owing IEEE 802.11 functions:

z CSMA/CA plus A cknowledge Pro tocol z Mul ti -Channel Roami ng z Au tom atic Rate Sel ectio n z RTS/CTS Fe a ture z Fra gmentation z Power Management

4. What is Ad-hoc？

An Ad-hoc integrated wireless LAN is a group of computers, e ach has a Wirel ess LAN adapter, Connected as an independent wirele ss LAN. Ad hoc wireless LAN is applicable at a depa rtmental scale fo r a branch or SOHO operation.

5. What is Infrastructure？

An integrated wirele ss and wirele ss and wired LAN i s call ed an Inf ra stru ctu re configurati on. Infra structure is applicable to enterp rise scal e for wireless access to central database, or wireless applica tion for m obi le worke r s.

6. What is BSS ID？

A specific Ad hoc LAN is call ed a Basic Service Set (BSS). Compute r s i n a BSS m ust be configured wi th the same BSS I D.

7. What is WEP？

WEP is Wired Equival ent Privacy, a data privacy mechanism based on a 40 bi t shared key algori thm , as described in the IEEE 80 2 .11 standa rd .

8. What is TKIP?

TKIP is a quick-fix method to qui ckly o vercome the inherent weaknesses in WEP security, especially t he reuse of encryption keys. TKIP is involved in the IEEE 802.11i WLAN secu rit y standa rd, and the specification might be of fi cial l y released by early 2003 .

9. What is AES?

AE S (Advanced Encryption Stan dard ) , a chip-ba sed securit y, has been developed to ensu re the highest degree of security and authen ti city for digital information, wherever

Page 32

and however comm uni cated or sto red , while m aking more efficient use of hardware and/ or sof tware than previous enc ryption standards. It is also included in IEEE 802.11i standa rd. Compa re with AES, TKIP is a temp orary protocol for repla cin g WEP security until manufacturer s im pl em ent AES at the hardware level .

10. Can Wireless produc ts s uppor t pri nter sha ring？

Wireless products pe rform the same function as LAN product s. Therefore, Wireless product s can wo r k with Netware, Window s 2000, o r other LAN operati ng system s to support printer or file sharing.

1 1. Woul d the inform a tion be inte rce pted wh il e trans mi tti ng on air ？

WLAN features two-fold protection in secu rit y. On the hard ware side, as with Direct Sequen ce Spread Spectrum technology, it has the inherent secu rit y feat ure of scrambl ing. On the software side, WLAN series offer the encryption fu nction ( WEP) to enhance secu rit y and Access Control. U sers can set i t up depending upon their needs.

12. What is DSS S？ What is FHSS？ A nd what are their differences？

Frequenc y-hopping sp read -spect rum (FHSS) u ses a narro wband ca rrie r that change s f requen cy in a pattern that is kno wn to both tran sm i tter and receiver. Prope rly synchronized, the net effect is to m ai ntai n a single logical channel. To an unintended receiver, FHSS appea r s to be short -du ration impulse noise. Direct - sequence spreadspect rum (DSSS) generates a redundan t bi t pattern for each bit to be tran smi tted. This bit pattern i s called a chip (or chippi ng code). T he longer the chip is, the gre ater the p robability that the original data can be recovered . Even if one or more bits in the chip are damaged during transm ission, sta tistical techniques embedded i n the radio can reco ver the original data without-the need for retransm ission. To an uni ntended receiver, DSSS appears as low powe r wideband noise and is rejected (ignored) by most na r ro wband receive r s.

13. What is Spread Spec t rum？

Sp read Spectrum technology is a wideband radio frequency technique developed by the military for use in reliable, secure, mission-critical communication systems. It is designed to trade off bandwidth efficienc y for reliability, integrity, and security. In other word s, m or e bandwidth is consumed than in the case of narro wband transm ission, but the trade o ff produces a signal that is, in effec t, louder and thu s easi er to dete ct, p rovided that the re ceiver knows the parameter s of the spread-spe ctrum si gnal being broadcast. I f a re ceiver is not tuned to the right frequency, a spread –spectrum signal looks like bac kground noise. Ther e are two main alternati ves, Direct Sequence Spread Spe ctrum ( DSSS) and Frequency Hopping Spread Spectrum ( FHSS).

Edimax 802.11g Wireless LAN Cardbus Adapter User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual