Cisco Cisco Aironet 350 Wireless LAN Client Adapter

This section describes new features in firmware release 4.13.

This firmware release supports Cisco Aironet 350 series radio hardware.

Extensible Authentication Protocol (EAP) and LEAP (also referred to as EAP-Cisco Wireless) perform 
mutual authentication of the client and Cisco Secure RADIUS server.

The minimum firmware version required for LEAP support is 4.13.

Access Point firmware release 11.00 is the minimum version required to support this feature. 
Release 11.00 is the first version of firmware that enables the Access Point to be configured as an 
EAP or LEAP authenticator.

The Access Point requires an EAP authenticator. The RADIUS server must support the type of 
authentication you are using (either EAP or LEAP).

This section describes known problems for client adapter firmware release 4.13.

If a client adapter is associated to an Access Point that is configured for open authentication, LEAP 
authentication, and full encryption and the client has a WEP key stored in NVRAM, it is possible for the 
client to communicate with the Access Point using the incorrect WEP key (CSCds79736).

This problem can occur after the following sequence:

LEAP authentication is enabled on the client.

The client associates to the Access Point and is authenticated with LEAP.

LEAP is then disabled on the client, but WEP remains enabled. 

When the client reassociates with the Access Point, it incorrectly uses the key in working memory 
(the key used during LEAP authentication) instead of using the key stored in NVRAM.

You must force the client to use the key in NVRAM by either rebooting the client or by ejecting and then 
reinserting the client adapter.