8 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES
Windows XP Windows XP is a popular platform for
wireless clients because of its native support of 802.1X
authentication and simplified configuration of wireless
networks. If you choose to use the 802.1X client
built-in to Windows XP, please note the following:
■ Microsoft has extensive documentation on how to
configure and use wireless 802.1X authentication
in an Active Directory environment, published on
their website. You can start with Microsoft’s Wi-Fi
center at:
www.microsoft.com/windowsserver2003/
technologies/networking/wifi/default.mspx
■ Installing Windows XP Service Pack 2 is recom-
mended for all wireless clients as it includes several
important hotfixes.
■ If you are not prepared to install Service Pack 2,
3Com strongly recommends that all wireless clients
use Service Pack 1a with the following hotfixes
installed:
■ KB826942—This is the WPA Hotfix Rollup and is
available through Microsoft Update
■ KB834669—This corrects an 802.1X client issue
which can cause system instability problems in
Windows XP. You will need to contact Microsoft
directly for this hotfix.
■ If your network uses logon scripts, Active Directory
group policies, or your users regularly share their
laptops, you should enable computer authentica-
tion (also known as machine authentication) to
achieve full functionality over your wireless con-
nection.
■ Download current drivers for your NICs from the
NIC vendor(s).
■ If your wireless NIC’s driver includes the AEGIS pro-
tocol manager for WPA support, 3Com recom-
mends against installing it. Some drivers install this
automatically if you run the setup.exe utility to
install the driver. 3Com strongly recommends that
you update the driver manually using the driver
properties in the Network control panel instead of
installing the client manager.
■ If you use computer authentication with different
VLANs for the Computer and User accounts and
do not have the WPA hotfix rollup (KB826942) or
Service Pack 2, you need to install Microsoft hotfix
KB822596. Otherwise, DHCP will not operate cor-
rectly after the user authenticates. You must con-
tact Microsoft technical support for this hotfix. It is
not available from their website. For more informa-
tion on computer authentication, see “Computer
Authentication”.
■ If MD5 challenge is configured on a Windows XP
client for wired authentication, the quiet period
must be set to 0 to guarantee successful authenti-
cation. In addition, if the authentication is carried
out manually, the timeout value must be set to no
less than 30 seconds in order to allow the user
ample time to enter their username and password.
For example, to configure 802.1X on a WX switch
to allow these users time to log in, type the follow-
ing commands:
WX1200# set dot1x quiet-period 0
WX1200# set dot1x tx-period 30