Guest

Cisco Aironet Wireless LAN Client Adapters

Release Notes for Cisco Aironet Client Adapter Firmware, Version 4.25.23

  • Viewing Options

  • PDF (210.7 KB)
  • Feedback
Release Notes for Cisco Aironet Client Adapter Firmware, Version 4.25.23

Table Of Contents

Release Notes for Cisco Aironet Client Adapter Firmware, Version 4.25.23

Contents

Introduction

Important Notes

System Requirements

Network-EAP Authentication Requires Matching 802.1X Protocol Drafts

Upgrading to a New Firmware Release

Determining the Firmware Version

In Windows 95, 98, NT, 2000, Me, or XP

In Linux

In Windows CE

Upgrade Procedure for Windows and Linux

Windows 95, 98, NT, 2000, Me, or XP

Linux

Upgrade Procedure for Windows CE

New and Changed Information

Support for Enhanced Security

Documentation

Caveats

Resolved Caveats

Signal Strength Not Updated Correctly in Ad-Hoc Mode

Signal Quality Not Updated Correctly in Ad-Hoc Mode

ACU Displays MAC Address Rather Than IP Address of the Access Point

Client in World Mode Has 100-mW Power When Associated to a 30- or 50-mW Access Point

Firmware Flashing Stops at 23% with an Error

Open Caveats

Wideband Japan Channel Set Displays Incorrect Power Levels

Getting Bug Information on Cisco.com

Troubleshooting

Related Documentation

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Web Site

Cisco TAC Escalation Center


Release Notes for Cisco Aironet Client Adapter Firmware, Version 4.25.23


Contents

This document contains the following sections:

Introduction

Important Notes

System Requirements

Upgrading to a New Firmware Release

New and Changed Information

Caveats

Troubleshooting

Related Documentation

Obtaining Documentation

Obtaining Technical Assistance

Introduction

This document describes system requirements, upgrade procedures, new and changed information, and caveats for Cisco Aironet client adapter firmware release 4.25.23.

Important Notes


Caution The existing Mac OS drivers (version 1.0.2 and earlier for Mac OS 9.x and version 1.0.0 for Mac OS 10.1) are not compatible with firmware version 4.25.23. If you install firmware version 4.25.23 on your client adapter and use it with an existing Mac OS driver, you will be unable to use some of the adapter's capabilities, such as WEP and LEAP.


Note Although firmware version 4.25.23 is compatible with Windows CE and Linux, the latest drivers for these operating systems (version 1.70 for Windows CE and version 1.5.2 for Linux) do not support the message integrity check (MIC) and temporal key integrity protocol (TKIP) security features supported in this firmware release. Currently the only driver that supports MIC and TKIP is Windows driver version 8.01.06.


System Requirements

You must have a Cisco Aironet 340, 350, or 4800 series PC card, LM card, or PCI client adapter to install firmware version 4.25.23.

To take advantage of the security features introduced in client adapter firmware release 4.25.23, you must install Windows ACU version 5.01.001 or greater and Windows driver version 8.01.06 or greater (or Windows mini PCI driver version 2.20 or greater), and you must use access point firmware version 11.10T or greater.

Network-EAP Authentication Requires Matching 802.1X Protocol Drafts

In order to use Network-EAP authentication on your wireless network, your client devices and infrastructure devices (access points and bridges) must use the same 802.1X protocol draft. Client firmware release 4.25.23 supports draft 10 of the 802.1X protocol standard. Therefore, if client devices use this version of firmware, an access point or bridge to which they associate must also be configured to use draft 10. The table below lists firmware versions for Cisco Aironet products and the drafts with which they comply.

Firmware Version
Draft 8
Draft 10 1

Client adapters (PCM34x/35x, LMC34x/35x, and PCI34x/35x)

4.13

x

4.16

x

4.23

x

4.25 and later

x

Workgroup bridges (WGB34x/352)

8.58

x

8.61 and later

x

Access points (AP34x/35x)

11.05 and earlier

x

11.06 and later2

x

x

Bridges (BR352)

11.06 and later2

x

x

1 The functionality in draft 10 is equivalent to the functionality in draft 11, the ratified draft of the 802.1X standard.

2 The default draft setting in access point and bridge firmware version 11.06 and later is draft 10.

If your clients and infrastructure devices do not have matching 802.1X protocol drafts, upgrade the firmware in these devices to versions with the same draft number. However, if your access points or bridges are using firmware version 11.06 or later, you can use their Authenticator Configuration page to select the draft of the 802.1X protocol that they should use. To set the draft for your access points or bridges, follow the instructions in the Release Notes for Cisco Aironet Access Points for firmware version 11.06. You can access these Release Notes at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350rn/index.htm

Upgrading to a New Firmware Release

This section describes how to upgrade to firmware release 4.25.23.

Determining the Firmware Version

To determine the firmware version that your client adapter is currently using, follow the instructions below for your operating system.

In Windows 95, 98, NT, 2000, Me, or XP

Open ACU; then click the Status icon or select Status from the Commands drop-down menu. The firmware version is displayed in the Status screen.

In Linux

Open ACU; then select Status from the Commands drop-down menu. The firmware version is displayed in the Status screen.

In Windows CE

Select Start > Programs > Cisco > Load New Firmware. The firmware version is displayed in the Select New Firmware screen.

Upgrade Procedure for Windows and Linux

To upgrade your client adapter's firmware on Windows 95, 98, NT, 2000, Me, or XP or Linux, follow the steps below. To upgrade your client adapter's firmware on Windows CE, go to the "Upgrade Procedure for Windows CE" section.


Step 1 Use your computer's web browser to access the following URL:
http://www.cisco.com/public/sw-center/sw-wireless.shtml

Step 2 Under Wireless LAN Software, select Cisco Aironet 340 Series or Cisco Aironet 350 Series.

Step 3 Click the filename of the appropriate radio firmware image for your client adapter (for example, PC350v42523.exe).


Note If your wireless network uses LEAP authentication, remember to select a radio firmware image of the same draft standard as the access points to which your client adapter will be authenticating.



Note If your wireless network uses EAP-TLS or EAP-MD5 authentication, you must select draft 10 of the radio firmware image.


Step 4 Read and accept the terms and conditions of the Software License Agreement.

Step 5 Select the firmware file to download it.

Step 6 Save the file to a floppy disk or to your computer's hard drive.

Step 7 Locate the file on your floppy disk or on your computer's hard drive and use an unzip program to extract the image file to a folder.

Step 8 Make sure the client adapter is installed in your computer and is operational.

Step 9 Follow the instructions in one of the subsections below for your specific operating system.


Windows 95, 98, NT, 2000, Me, or XP


Step 1 Open ACU; then click the Load Firmware icon or select Load New Firmware from the Commands drop-down menu.

Step 2 Find the location of the new firmware in the Open Window's Look in box. The default location is InstallPath\Firmware, where InstallPath is the directory that ACU was installed in.

Step 3 Click the new firmware image (PC3x0vxxxxx.img) so it appears in the File name box at the bottom of the window.

Step 4 Click the Open button. A progress bar displays while the selected image is loaded into the client adapter's Flash memory.

Step 5 Click OK when the "Firmware Upgrade Complete!" message appears. The OK button cannot be selected until the process is complete or an error occurs.


Linux


Step 1 Select Load New Firmware from the Commands drop-down menu.

Step 2 In the File Selection window, find the location of the new firmware in the Files box.

Step 3 Under Files, click the new firmware image (PC3x0vxxxxx.img) so it appears in the Selection box at the bottom of the window.

Step 4 Click OK to load the firmware image into your client adapter's Flash memory.


Upgrade Procedure for Windows CE


Step 1 Use a serial or USB cable to connect your Windows CE device to a laptop or PC running ActiveSync. A message appears on the Windows CE device indicating that it is connecting to the host. After the Windows CE device is connected, the New Partnership window appears on the laptop or PC. This window asks if you want to set up a partnership.

Step 2 Perform one of the following:

If you want to establish a partnership that allows you to synchronize files between the laptop or PC and the Windows CE device, select Yes, click Next, and follow the instructions on the screen to specify the files to be synchronized and to finish setting up the partnership.

If you do not want to synchronize files and want to connect as a "guest," select No and click Next. The screen indicates that you are connected as a guest.

Step 3 Use the laptop or PC's web browser to access the following URL:
http://www.cisco.com/public/sw-center/sw-wireless.shtml

Step 4 Under Wireless Software Products, select Cisco Aironet 340 Series or Cisco Aironet 350 Series.

Step 5 Click the filename of the appropriate radio firmware image for your client adapter (for example, PC350v42523.exe).


Note If your wireless network uses LEAP, remember to select a radio firmware image of the same draft standard as the access points to which your client adapters will be authenticating.


Step 6 Read and accept the terms and conditions of the Software License Agreement.

Step 7 Select the firmware file to download it.

Step 8 Save the file to a floppy disk or to your laptop or PC hard drive.

Step 9 Open Windows Explorer, locate the file on your floppy disk or hard drive, double-click it, and extract the image file to a folder.

Step 10 In the ActiveSync window on the laptop or PC, click the Explore button to view the files on the Windows CE device.

Step 11 Drag and drop the firmware image (PC3x0vxxxxx.img) from Windows Explorer to a location in the ActiveSync window.


Note If your Windows CE device is a PPC running Windows CE 3.0, you must copy the firmware image to the My Documents folder or a folder under My Documents.


Step 12 After the file is copied, disconnect the Windows CE device.

Step 13 Make sure the client adapter is installed in your Windows CE device and is operational.

Step 14 On your Windows CE device, select Start > Programs > Cisco > Load New Firmware.

Step 15 Click the Select Firmware button.

Step 16 Find the location of the new firmware image in the Open window.

Step 17 Click the new firmware image file (*.img) so it appears in the Name box at the bottom of the Open window.

Step 18 Click OK. If the selected image is loaded successfully into the client adapter's Flash memory, a "Firmware Upgrade Complete!" message appears on the Load New Firmware screen.


New and Changed Information

This section describes new and changed information for release 4.25.23 of the Cisco Aironet client adapter firmware.

Support for Enhanced Security

Client adapter firmware release 4.25.23 and Windows driver release 8.01.06 support three new security features designed to prevent sophisticated attacks on your wireless network's WEP keys. Access point firmware version 11.10T or greater is required to enable these security features.

Message Integrity Check (MIC) - MIC prevents bit-flip attacks on encrypted packets. During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted message as legitimate. The MIC adds a few bytes to each packet to make the packets tamper-proof.

Temporal Key Integrity Protocol (TKIP) - This feature, also referred to as WEP key hashing, defends against an attack on WEP in which the intruder uses the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs.

Broadcast key rotation - EAP authentication provides dynamic unicast WEP keys for client devices but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the access point provides a dynamic broadcast WEP key and changes it at the interval you select. When you enable this feature, only wireless client devices using LEAP or EAP-TLS authentication can associate to the access point. Client devices using static WEP (with open, shared key, or EAP-MD5 authentication) cannot associate.


Note If you enable MIC or TKIP on the access point, your client adapter's driver and firmware must support these features; otherwise, the client cannot associate. Refer to the "Important Notes" section for details.



Note Refer to the Cisco Aironet Access Point Software Configuration Guide for instructions on enabling these security features on the access point.


Documentation

The documentation for the 340 and 350 Series Cisco Aironet Wireless LAN Adapters is changing with this release. Prior versions of client adapter software are documented in the Cisco Aironet Wireless LAN Adapters Hardware Installation Guide and the Cisco Aironet Wireless LAN Adapters Software Configuration Guide, both of which contain information for Windows, Windows CE, Linux, and Macintosh. Now one document is available for each operating system. Refer to the "Related Documentation" section for a list of these documents.

Caveats

This section describes resolved and open caveats for client adapter firmware release 4.25.23.

Resolved Caveats

The following caveats are resolved for client adapter firmware release 4.25.23.

Signal Strength Not Updated Correctly in Ad-Hoc Mode

When a client starts in ad-hoc mode, signal strength is 0. When a second client joins the cell, signal strength increases. When the second client leaves the cell, the signal strength stays the same even though it should return to 0 when no other clients are in the cell (CSCdu19772). This caveat is resolved in firmware release 4.25.23.

Signal Quality Not Updated Correctly in Ad-Hoc Mode

When a client starts in ad-hoc mode, signal quality is 0. When a second client joins the cell, signal quality increases. When the second client leaves the cell, the signal quality stays the same even though it should return to 0 when no other clients are in the cell (CSCdu19798). This caveat is resolved in firmware release 4.25.23.

ACU Displays MAC Address Rather Than IP Address of the Access Point

When LEAP is enabled, the status bar at the bottom of the ACU screen usually displays the MAC address, rather than the IP address, of the access point to which the client is associated (CSCdu53528). This caveat is resolved in firmware release 4.25.23.

Client in World Mode Has 100-mW Power When Associated to a 30- or 50-mW Access Point

A client in world mode has 100-mW power when associated to an access point that is set for 30 or 50 mW (CSCdu80530). The client should adopt a transmit power valid in the regulatory domain of the access point. This caveat is resolved in firmware release 4.25.23.

Firmware Flashing Stops at 23% with an Error

When you attempt to upgrade the client adapter firmware, the process stops at 23% and generates an error (CSCdu49124). This caveat is resolved in firmware release 4.25.23.

Open Caveats

The following are known problems for client adapter firmware release 4.25.23.

Wideband Japan Channel Set Displays Incorrect Power Levels

The 4800 series client adapters do not display the correct available power levels when programmed to the wideband Japan channel set (CSCdv57626).

Getting Bug Information on Cisco.com

If you are a Cisco registered user, you can use the Cisco TAC Software Bug Toolkit, which consists of three tools (Bug Navigator, Bug Watcher, and Search by Bug ID Number) that help you to identify existing bugs (or caveats) in Cisco software products.

Access the TAC Software Bug Toolkit today at the following URL:

http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl

Troubleshooting

For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at the following URL: http://www.cisco.com/tac. Select Wireless Technologies under "Top Issues."

Related Documentation

For more information about 340 and 350 series client adapters, refer to the following documents:

Cisco Aironet Wireless LAN Adapters Installation and Configuration Guide for Windows

Cisco Aironet Wireless LAN Adapters Installation and Configuration Guide for Windows CE

Cisco Aironet Wireless LAN Adapters Installation and Configuration Guide for Linux

Cisco Aironet Wireless LAN Adapters Installation and Configuration Guide for Mac OS

Obtaining Documentation

The following sections explain how to obtain documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following URL:

http://www.cisco.com

Translated documentation is available at the following URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a CD-ROM package shipped separately from the Cisco Aironet Series Wireless LAN Adapters CD that shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Inquiries to Cisco TAC are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:

http://www.cisco.com/register/

If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.