Cisco Cisco Aironet 350 Wireless LAN Client Adapter
7
Release Notes for Cisco Aironet 350 and CB20A Client Adapter Install Wizard 1.3 for Windows
OL-5515-01
New and Changed Information
PACs are created by Cisco Secure ACS and are identified by an ID. The user obtains his or her own copy
of the PAC from the server, and the ID links the PAC to the profile created in ACU. When manual PAC
provisioning is enabled, the PAC file is manually copied from the server and imported onto the client
device. The following rules govern PAC storage:
of the PAC from the server, and the ID links the PAC to the profile created in ACU. When manual PAC
provisioning is enabled, the PAC file is manually copied from the server and imported onto the client
device. The following rules govern PAC storage:
•
In most cases PACs are provisioned and stored separately for each Windows logon user. These
per-user PACs are not viewable by other users.
per-user PACs are not viewable by other users.
•
If a profile is configured to use manual provisioning, each user must manually provision his or her
own PAC for that profile.
own PAC for that profile.
•
PAC files can be added or replaced using the import feature, but they cannot be removed or exported.
•
For profiles configured with saved EAP-FAST usernames and passwords, the PACs are not stored
per user but in a global PAC area shared by all users. Global PACs are also enabled when the No
Network Connection Unless User Is Logged In checkbox is unchecked. These global PACs can be
imported and used by all users.
per user but in a global PAC area shared by all users. Global PACs are also enabled when the No
Network Connection Unless User Is Logged In checkbox is unchecked. These global PACs can be
imported and used by all users.
Note
PACs are also stored globally on computers that use the Novell Network login prompt or any
other third-party login application that does not share its credentials with the EAP-FAST
supplicant.
other third-party login application that does not share its credentials with the EAP-FAST
supplicant.
EAP-FAST authentication is designed to support the following user databases over a wireless LAN:
•
Cisco Secure ACS internal user database
•
Cisco Secure ACS ODBC user database
•
Windows NT/2000/2003 domain user database
•
LDAP user database
LDAP user databases (such as NDS) support only manual PAC provisioning while the other three user
databases support both automatic and manual PAC provisioning.
databases support both automatic and manual PAC provisioning.
Note
Refer to
Chapter 5
of the Cisco Aironet 340, 350, and CB20A Wireless LAN Client Adapters Installation
and Configuration Guide for Windows (part number OL-1394-08) for instructions on enabling
EAP-FAST authentication for your client adapter.
EAP-FAST authentication for your client adapter.
WPA Migration Mode Now Supported by Clients
The software components included in client adapter Install Wizard version 1.3 now support Wi-Fi
Protected Access (WPA) migration mode for 350 series and CB20A cards. WPA migration mode is an
access point setting that enables both WPA and non-WPA clients to associate to an access point using
the same SSID. To use this feature, the access point must be configured for migration mode (WPA
optional with TKIP+WEP128 or TKIP+WEP40 cipher).
Protected Access (WPA) migration mode for 350 series and CB20A cards. WPA migration mode is an
access point setting that enables both WPA and non-WPA clients to associate to an access point using
the same SSID. To use this feature, the access point must be configured for migration mode (WPA
optional with TKIP+WEP128 or TKIP+WEP40 cipher).