Intel LEN3945ABG Intel PRO/Wireless 3945ABG Network Connection User Manual Contents

Intel Mobile Communications Intel PRO/Wireless 3945ABG Network Connection Contents

UserManual.wiki >

Intel >

LEN3945ABG User Manual >

Users Manual

Intel(R) PRO/Wireless 3945ABG Network Connection User GuideWith your wireless network card, you can access wireless networks, share files or printers, or even share your Internet connection. All of these features can be explored with a wireless network in your home or office. This wireless local area network (WLAN) solution is designed for both home and business use. Additional users and features can be added as your networking needs grow and change. Your Intel(R) PRO/Wireless 3945ABG Network Connection adapter is compatible with 802.11a, 802.11b and 802.11g wireless standards. Operating at 5 GHz or 2.4 GHz frequency at speeds of up to 54 Mbps you can now connect your computer to existing high-speed networks that use multiple access points within large or small environments. Your wireless adapter maintains automatic data rate control according to access point location to achieve the fastest possible connection. All of your wireless network connections are easily managed by Intel(R) PROSet/Wireless software. Profiles that are set up through the Intel PROSet/Wireless software provide enhanced security measures with 802.1x network authentication. NOTE: The software is compatible with the Intel(R) PRO/Wireless 2915ABG Network Connection and the Intel(R) PRO/Wireless 2200BG Network Connection.Table of Contents● Use Intel PROSet/Wireless Software ● Connect to a Network ● Use Profiles ● Set up Security● Troubleshooting ● Administrator Tool

● Glossary ● Wireless Network Overview ● Security Overview ● Specifications ● Customer Support● Safety and Regulatory Information ● Warranty● Adapter RegistrationInformation in this document is subject to change without notice.© 2004–2005 Intel Corporation. All rights reserved. Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497 USA The copying or reproducing of any material in this document in any manner whatsoever without the written permission of Intel Corporation is strictly forbidden. Intel(R) is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and other countries. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Intel disclaims any proprietary interest in trademarks and trade names other than its own. Microsoft and Windows are registered trademarks of Microsoft Corporation. *Other names and brands may be claimed as the property of others. Intel Corporation assumes no responsibility for errors or omissions in this document. Nor does Intel make any commitment to update the information contained herein. "Important Notice FOR ALL USERS OR DISTRIBUTORS!!!! Intel wireless LAN adapters are engineered, manufactured, tested, and quality checked to ensure that they meet all necessary local and governmental regulatory agency requirements for the regions that they are designated and/or marked to ship into. Since wireless LANs

are generally unlicensed devices that share spectrum with radars, satellites, and other licensed and unlicensed devices, it is sometimes necessary to dynamically detect, avoid, and limit usage to avoid interference with these devices. In many instances Intel is required to provide test data to prove regional and local compliance to regional and governmental regulations before certification or approval to use the product is granted. Intel's wireless LAN's EEPROM, firmware, and software driver are designed to carefully control parameters that affect radio operation and to ensure electromagnetic compliance (EMC). These parameters include, without limitation, RF power, spectrum usage, channel scanning, and human exposure. For these reasons Intel cannot permit any manipulation by third parties of the software provided in binary format with the wireless WLAN adapters (e.g., the EEPROM and firmware). Furthermore, if you use any patches, utilities, or code with the Intel wireless LAN adapters that have been manipulated by an unauthorized party (i.e., patches, utilities, or code (including open source code modifications) which have not been validated by Intel), (i) you will be solely responsible for ensuring the regulatory compliance of the products, (ii) Intel will bear no liability, under any theory of liability for any issues associated with the modified products, including without limitation, claims under the warranty and/or issues arising from regulatory non-compliance, and (iii) Intel will not provide or be required to assist in providing support to any third parties for such modified products. Note: Many regulatory agencies consider Wireless LAN adapters to be "modules", and accordingly, condition system-level regulatory approval upon receipt and review of test data documenting that the antennas and system configuration do not cause the EMC and radio operation to be non-compliant."July 2005

Back to Contents Use Intel(R) PROSet/Wireless Software: Intel(R) PRO/Wireless 3945ABG Network Connection User Guide● Use Intel PROSet/Wireless as your Wireless Manager● Start Intel PROSet/Wireless ● Start Intel PROSet/Wireless from the Taskbar ❍ Taskbar Icons ❍ Tool Tips and Desktop Alerts ● Intel PROSet/Wireless Main Window ❍ Wireless Networks List ❍ Connection Status Icons❍ Network Properties❍ Connection Details ❍ Profiles List ● Intel PROSet/Wireless Menus ● Tools Menu ❍ Application Settings ❍ Intel Wireless Troubleshooter❍ Administrator Tool● Advanced Menu ❍ Adapter Settings ❍ Advanced Statistics ❍ Use Windows to manage Wi-Fi● Profiles Menu ❍ Manage Profiles❍ Import/Export❍ Manage Exclusions● Enable and Disable the Radio● Install and Uninstall the Software Use Intel PROSet/Wireless as your Wireless ManagerIntel(R) PROSet/Wireless is used to setup, edit and manage network profiles to connect to a network. It also includes advanced settings such as power management and channel selection for setting up ad-hoc networks. If you use Microsoft(R) Windows(R) XP Wireless Zero Configuration as your wireless manager, you can disable it from the Microsoft Windows Wireless Network tab. To disable Microsoft Windows XP Wireless Zero Configuration as your wireless manager: 1. Double-click the Intel PROSet/Wireless icon in the desktop task tray or click Start > Settings > Control Panel. 2. Double-click Network Connections.3. Right-click Wireless Network Connection.4. Click Properties.

5. Click Wireless Networks.6. Verify that the Use Windows to configure my wireless network settings is not selected. If it is, clear it.7. Click OK. This confirms that the Intel PROSet/Wireless utility is configured to manage your network profiles.NOTE: Check that the Application Settings option Notify when another application uses the wireless adapter is selected. This option prompts you when Microsoft Windows XP Wireless Zero Configuration starts to manage your network profiles. Start Intel PROSet/WirelessTo start Intel PROSet/Wireless use one of the following methods: ● Click Start > Programs > Intel PROSet Wireless > Intel PROSet Wireless.● Right-click the Taskbar icon located in the lower right corner of your Windows Desktop. Click Open Intel PROSet/Wireless.● Double-click the Taskbar icon to open Intel PROSet/Wireless.Exit Intel PROSet/Wireless: To close Intel PROSet/Wireless from the main window use one of the following: ● Select File > Exit from the main window. ● Click Close.● Click the Close button (X) at the top right corner of the window. Start Intel PROSet/Wireless from the TaskbarTo start Intel(R)PROSet/Wireless, double-click the Taskbar icon located in the lower right corner of your Windows desktop or right-click the Taskbar icon and click Open Intel PROSet/Wireless. Taskbar Menu Options The Intel PROSet/Wireless icon displays on the Taskbar located in the lower right corner of your Windows desktop. Right-click the status icon to display the menu options. Menu Item Comments

Searching for wireless networks: The wireless adapter searches for any available wireless networks. The icon is white with animation.No wireless networks found: There are no available wireless networks found. Intel PROSet/Wireless periodically scans for available networks. If you want to force a scan, double-click the icon to launch Intel PROSet/Wireless and click Refresh. The icon is red.Wireless network found: An available wireless network is found. Double-click the icon to display the Wireless Networks list. Select the network. Click Connect. The icon is yellow.Authentication failed. Unable to authenticate with wireless network. The icon is green with a yellow warning triangle.Connecting to a wireless network. Flashes while an IP address is being obtained or an error occurs.Connected to a wireless network: Connected to a wireless network. A Tool Tip displays network name, speed, signal quality and IP address. The icon is green with waves that reflect signal quality. The more waves, the better the signal quality. Tool Tips and Desktop AlertsThe Tool Tips and Desktop Alerts provide feedback and interaction. To display Tool Tips, move your mouse pointer over the icon. Desktop alerts are displayed when your wireless network changes state. For example, if you are out of range of any wireless networks, a desktop alert is displayed when you come into range. Select Show Information Notifications in the Application Settings to enable desktop alerts. Tool TipsTool tips display when the mouse pointer rolls over the icon. The tool tips display text for each of the connection states. Desktop Alerts When user action is required, a desktop alert displays. If you click the alert, then an appropriate action is taken. For example when wireless networks are found, the following alert displays:

Use the Intel PROSet/Wireless to: ● View the current connection status (signal quality, speed and current network name).● Scan for available wireless networks.● Manage profiles.● Auto-connect profiles to available networks in a specific order defined in the Profiles list.● Connect to infrastructure and ad hoc networks.● Configure adapter power settings.Connection Status IconsThe Intel PROSet/Wireless main window displays connection status icons which indicate the current connection status of your wireless adapter. The Taskbar icon also indicates the current connection status. Refer to Taskbar Icons for more information. Main Window Connection Status Description The icons are used to designate connection status. The icons are used to designate connection status. The icons are used to designate the connection status.

Icon DescriptionWireless Off: The radio is not associated to a network. Click the Wireless On button to enable the radio.The authentication process to connect to the network has not been started.Searching for wireless networks: The wireless adapter is scanning for any available wireless networks. Animated Icons: No wireless networks found: The adapter does not find any wireless networks. Wireless network found: An available wireless network is found. You can choose to connect to available networks displayed in the Wireless Networks list.Connecting to a wireless network. You are connecting to a wireless network. The crescent shaped curves switch between green and white until an IP Address is obtained or a connection error occurs.Connected to a wireless network: You are connected to a wireless network. The network name, speed, signal quality, and IP address display the current connection status. Click the Details button to display details of the current network connection.Network Name Network Name (SSID): This is the name of the network that the adapter is connected to. The Network Name SSID must be the same as the SSID of the access point.Signal Quality The signal quality icon bars indicate the quality of the transmit and receive signals between your wireless adapter and the nearest access point or computer in Device to Device (ad hoc) mode. The number of vertical green bars indicates the strength of the transmit and receive signals. The signal quality ranges from excellent to out of range. The following factors affect signal quality: ● Signal quality decreases with distance and is affected by metal and concrete barriers. ● Metal objects can reflect signals and cause interference. ● Other electrical devices can cause interference. Properties Provides adapter connection status information. See Properties Button for information. Wireless On (Off) Switch the radio off and on. Refer to Turn Wireless On or Off for more information.Help? Provides help information for this page. Close Closes the Intel PROSet/Wireless main window.

Access Points in this Network (0-50) ● Signal Strength: The Signal strength icon bars indicate the strength of the transmit and receive signals in percent values between your wireless adapter and the nearest access point.Indicates how well the wireless adapter communicates with an access point or another wireless computer in Device to Device (ad hoc) mode. Signal Quality ranges from Excellent to Out of Range. ● Displays 802.11a, 802.11b, or 802.11g. This icon indicates the band being used.● Channel: Displays the current transmit and receive channel being used for a particular wireless network.● BSSID (Infrastructure operating mode): Displays the twelve digit MAC address of the access points of the selected network. Manage Exclusions Refer to Manage Exclusions for more information.Close Closes the Network Properties.Help? Provides help information for this page.Connection Details When you are connected to a network, you can click the Details button on the Intel PROSet/Wireless main window to display the Connection Details. Connection Details descriptionName Description

Tools Application Settings: Use to set system wide connection preferences. Refer to Application Settings for information. Use Ctrl+P from your keyboard as an alternative to access this feature. Intel Wireless Troubleshooter: Use to resolve wireless network connection problems. Use Ctrl+W from your keyboard as an alternative to access this feature. Refer to Intel Wireless Troubleshooter for more information. Administrator Tool: Used by administrators or the person who has administrator privileges on this computer to configure shared profiles (Pre-logon, Persistent and Voice over IP (VoIP)). Refer to Administrator Tool for more information. Use Ctrl+T from your keyboard as an alternative to access this feature. NOTE: The Administrator Tool is available only if it installed during a custom installation of the Intel PROSet/Wireless software. Refer to Install or Uninstall the Software for more information on custom installation.Advanced Adapter Settings: Displays Adapter Settings which correlates to the settings in the Microsoft Windows Advanced settings. Refer to Adapter Settings for information. Use Ctrl+A from your keyboard as an alternative to access this feature. To access Adapter Settings from Microsoft Windows: ● Select Network Connections from the Windows Control Panel● Right-click the Wireless Network Connection. ● Select Properties from the menu.● Click Configure to display the Advanced settings for the adapter. Advanced Statistics: Select to determine how the adapter communicates with an access point. Use Ctrl+S from your keyboard as an alternative to access this feature. Refer to Advanced Statistics for more information. Use Windows to manage Wi-Fi: Select to enable Microsoft Windows XP Wireless Zero Configuration as the wireless manager. Use F10 from your keyboard as an alternative to access this feature. Refer to Switch to Microsoft Windows XP Wireless Zero Configuration for more information.Profiles Manage Profiles: Select to create or edit profiles. Use Ctrl+R from your keyboard as an alternative to access this feature. Manage Exclusions: Select to exclude networks from automatic connection. Refer to Manage Exclusions for more information. Use Ctrl+M from your keyboard as an alternative to access this feature.

Help Intel PROSet/Wireless Help: Starts the online help. Use F1 from your keyboard as an alternative to access this feature. To navigate the help window: ● Press F6 to toggle between the left and right pane. Use the up and down arrow as an alternative on your keyboard to move up and down within the pane. ● To view information, click Contents in the left-side pane or use Alt+C on your keyboard as an alternative to access this feature.● Double-click on a book icon to open a Contents' topic. Use the up and down arrows to select a topic and press Enter as an alternative to open the sub-topics. ● Click Index or Search to look for a specific term. Use Alt+S on your keyboard as an alternative to access the Search feature. About: Displays version information for the currently installed application components.Application Settings (Tools menu) The settings on this page control the behavior of the Intel PROSet/Wireless software. Application Settings descriptionName Description

Adapter Lists the network adapter that are currently available. It may be either an Intel(R) PRO/Wireless 3945ABG Network Connection, an Intel(R) PRO/Wireless 2915ABG Network Connection or, an Intel(R) PRO/Wireless 2200BG Network Connection.Advanced Settings: The following settings control how Intel PROSet/Wireless behaves and displays information. Taskbar Show application icon on the taskbar: Select to display the Taskbar status icon. This icon resides on the Windows Taskbar (Notification Area). This icon provides the status of your wireless connection. Clear to not display the Taskbar status icon. The Taskbar Status Icon provides several functions: ● Visual feedback for the connection state and wireless activity of your wireless network. The icon changes color and animation for different wireless activity. See Taskbar Icons for more information.● Menu: A menu is displayed when you right click the icon. From this menu you perform tasks such as turn on or off the radio or launch the Intel PROSet/Wireless application. See Taskbar Menu Options for more information.● Tool tips and desktop alerts. See:Tool Tips and Desktop Alerts for more information.Notifications Show Alert Notifications: Select to display desktop alerts next to the taskbar icon. When your action is required, a message displays. Only events of high importance trigger a desktop alert. If the desktop alert is selected, then the appropriate action is taken. Clear to not display desktop alerts. Refer to Tool Tips and Desktop Alerts for more information. Select one of the following options: Information Notifications: These desktop alerts are of lower importance. They do not require your interaction but can greatly improve the wireless experience. ● Show Information Notifications: Selected by default. All informational desktop alerts are displayed next to the taskbar status icon. These desktop alerts improve your wireless experience with notifications when available wireless networks are in range. They also inform you when a wireless connection has been made or has been lost. Refer to Tool Tip and Desktop Alerts for more information.● Show a list of available networks in the area when not connected: When Show Information Notifications is cleared, you can select this item. When the desktop alerts are disabled, this option allows you to continue to be notified of available networks when the wireless adapter is not connected. Notify when another application uses the wireless adapter: When selected, a message is displayed when other applications are trying to manage your wireless adapter. This is helpful if you use software provided by a hotspot location (coffee shop, airport terminal). To take advantage of the Intel PROSet/Wireless features, disable this software when you leave the hotspot.

Wireless Event Viewer Launches Wireless Event Viewer.Disable Notification Select to disable the alert notifications. Enable Notification Select to enable the alert notifications.Available Help Date Time error message: ● Description of error.● Link to resolve error (if available). See Resolve Errors for more information.● Link to recommended steps to resolve error.Administrator Tool (Tools menu)The Administrator tool is for administrators or the person who has administrator privileges on this computer. This tool allows the administrator to restrict what level of control the users of this computer have over their wireless connections. This tool is used also to configure common (shared) profiles. Users cannot modify Administrator settings or profiles unless they have the password for this tool. A password should be chosen that is secure and not easily guessed. You can export these settings and profiles as one package to other computers on your network. For more information, refer to the Administrator Tool section. Name DescriptionAdministrator Settings An administrator can select which level of control that users have over their wireless network connections. Refer to Administrator Tool Administrator Profiles Enable or disable Persistent, Pre-Logon and Voice over IP (VoIP) profiles on the computer. Refer to Administrator Tool. Adapter Settings An administrator can select which level of control that users have over their wireless network connections. Refer to Adapter Settings. Software Select which of the Intel PROSet/Wireless applications are installed on a user's computers. Refer to Administrator Tool. Administrator packages The Administrator Packages are used to save administrative profiles and other settings. You can copy or send this self-extracting executable to clients on your network. When it is run, the contents are installed and configured on the destination computer. Refer to Administrator Tool.Change Password Change the password for the Administrator Tool. See Change Password for more information.Close Closes the page.Help? Provides help information for this page.Adapter Settings (Advanced menu)

The Adapter Settings displays the device properties for the wireless adapter installed on your computer. It may be either an Intel(R) PRO/Wireless 3945ABG Network Connection, an Intel(R) PRO/Wireless 2915ABG Network Connection or, an Intel(R) PRO/Wireless 2200BG Network Connection. Adapter Settings description Name DescriptionAd Hoc Channel Unless the other computers in the ad hoc network use a different channel from the default channel, there is no need to change the channel. Value: Select the allowed operating channel from the list. ● 802.11b/g: Select this option when 802.11b and 802.11g (2.4 GHz) ad hoc band frequency is used. ● 802.11a: Select this option when 802.11a (5 GHz) ad hoc band frequency is used.

Ad Hoc Power Management Set power saving features for Device to Device (ad hoc) networks. ● Disable: Select when connecting to ad hoc networks that contain stations that do not support ad hoc power management ● Maximum Power Savings: Select to optimize battery life. ● Noisy Environment: Select to optimize performance or connecting with multiple clients. NOTE: This setting is unavailable if the adapter is an Intel PRO/Wireless 2915ABG Network Connection or an Intel PRO/Wireless 2200BG Network Connection.Ad Hoc QoS Mode Quality of Service (QoS) control in ad hoc networks. QoS provides prioritization of traffic from the access point over a wireless LAN based on traffic classification. WMM (Wifi MultiMedia) is the QoS certification of the Wi-Fi Alliance (WFA). When WMM is enabled, the adapter uses WMM to support priority tagging and queuing capabilities for Wi-Fi networks.● WMM Enabled.(Default)● WMM DisabledMixed mode protection Use to avoid data collisions in a mixed 802.11b and 802.11g environment. Request to Send/Clear to Send (RTS/CTS) should be used in an environment where clients may not hear each other. CTS-to-self can be used to gain more throughput in an environment where clients are in close proximity and can hear each other. Power Management Allows you to select a balance between power consumption and adapter performance. The wireless adapter power settings slider sets a balance between the computer's power source and the battery. ● Use default value: (Default) Power settings are based on the computer's power source.● Manual: Adjust the slider for the desired setting. Use the lowest setting for maximum battery life. Use the highest setting for maximum performance. NOTE: Power consumption savings vary based on infrastructure settings.Preamble Mode Changes the preamble length setting received by the access point during an initial connection. Always use a long preamble length to connect to an access point. Auto Tx Preamble allows automatic preamble detection. If supported, short preamble should be used. If not, use long preamble (Long Tx Preamble).Preferred Band Select the operating band. The selections are: ● 802.11g● 802.11a● 802.11bNOTE: This setting is available only for an Intel(R) PRO/Wireless 2200BG Network Connection.

Roaming Aggressiveness This setting allows you to define how aggressively your wireless client roams to improve connection to an access point. ● Default: Balanced setting between not roaming and performance.● Lowest: Your wireless client will not roam. Only significant link quality degradation causes it to roam to another access point.NOTE: This setting is unavailable if the adapter is an Intel(R) PRO/Wireless 2915ABG Network Connection or an Intel(R) PRO/Wireless 2200BG Network Connection.Throughput Enhancement Changes the value of the Packet Burst Control. ● Enable: Select to enable throughput enhancement.● Disable: (Default) Select to disable throughput enhancement. Transmit Power Default Setting: Highest power setting Lowest Minimum Coverage: Set the adapter to a lowest transmit power. Enable you to expand the number of coverage areas or confine a coverage area. Reduce the coverage area in high traffic areas to improve overall transmission quality and avoid congestion and interference with other devices.Highest Maximum Coverage: Set the adapter to a maximum transmit power level. Select for maximum performance and range in environments with limited additional radio devices. NOTE: The optimal setting is for a user to always set the transmit power at the lowest possible level still compatible with the quality of their communication. This allows the maximum number of wireless devices to operate in dense areas and reduce interference with other devices that this radio shares radio spectrum with. NOTE: This setting takes effect when either Infrastructure or Ad hoc mode is used. Wireless Mode Select which band to use for connection to a wireless network: ● 802.11a only: Connect the wireless adapter to 802.11a networks only● 802.11b only: Connect the wireless adapter to 802.11b networks only● 802.11g only: Connect the wireless adapter to 802.11g networks only.● 802.11a and 802.11g only: Connect the wireless adapter to 802.11a and 802.11g networks only.● 802.11b and 802.11g only: Connect the wireless adapter to 802.11b and 802.11g networks only● 802.11a, 802.11b, and 802.11g: (Default) - Connect to either 802.11a, 802.11b or 802.11g wireless networks.NOTE: These wireless modes (Modulation type) determine the discovered access points displayed in the Wireless Networks list.

OK Saves settings and returns to the previous page.Cancel Closes and cancels any changes.Help? Provides help information for this page.Advanced Statistics (Advanced menu)Provides current adapter connection information. The following describes information for the Advanced Statistics page. Name DescriptionStatistics Advanced Statistics: This information pertains to how the adapter communicates with an access point. Association: If the adapter finds an access point to communicate with, the value is in range. Otherwise, the value is out of range. ● AP MAC Address: The twelve digit MAC address (00:40:96:31:1C:05) of the AP.● Number of associations: The number of times the access point has found the adapter.● AP count: The number of available access points within range of the wireless adapter.● Number of full scans: The number of times the adapter has scanned all channels for receiving information.● Number of partial scans: The number of scans that have been terminated. Roaming: This information contains counters that are related to reasons for the adapter roaming. Roaming occurs when an adapter communicates with one access point and then communicates with another for better signal strength. ● Roaming Count: The number of times that roaming occurred.● AP did not transmit: The adapter did not receive radio transmission from the access point. You may need to reset the access point.● Poor beacon quality: The signal quality is too low to sustain communication with the access point. You have moved the adapter outside the coverage area of the access point or the access point's device address information has been changed.● AP load balancing: The access point ended its association with the adapter based on the access point's inability to maintain communication with all its associated adapters. Too many adapters are trying to communicate with one access point.● AP RSSI too low: The Receive Signal Strength Indicator (RSSI) is too low to maintain an association with the adapter. You may have moved outside the coverage area of the access point or the

access point could have increased its data rate.● Poor channel quality: The quality of the channel is low and caused the adapter to look for another access point.● AP dropped mobile unit: The access point dropped a computer from the list of recognizable mobile devices. The computer must re-associate with an access point.Miscellaneous: Use this information to determine if an association with a different access point increases performance and helps maintain the highest possible data rate. ● Received Beacons: Number beacons received by the adapter.● Percent missed Beacons: Percent value for missed beacons.● Percent transmit errors: The percentage of data transmissions that had errors.● Signal Strength: Signal strength of the access point which the adapter communicates with. Transmit/Receive (Tx/Rx) Statistics Displays percent values for non-directed and directed packets. Total host packets: The sum total number of directed and non-directed packets counts. ● Transmit - (Mbps)● Receive - (Mbps)Non-directed packets: The number of received packets broadcast to the wireless network. Directed packets: The number of received packets sent specifically to the wireless adapter. Total Bytes: The total number of bytes for packets received and sent by the wireless adapter.Reset Statistics Resets the adapter statistical counters back to zero and begins taking new data measurements.Close Closes and returns to the main window.Help? Provides help information for this page.Use Windows to manage Wi-Fi (Advanced menu)

The Microsoft Windows XP Wireless Zero Configuration feature provides a built-in wireless configuration utility. This feature can be enabled and disabled within Intel PROSet/Wireless or click Use Windows to manage Wi-Fi on the Tools menu or the Taskbar menu. If Windows XP Wireless Zero Configuration is enabled, the features in Intel(R) PROSet/Wireless are disabled. Import or Export Profiles (Profiles menu)

$Export profiles Step 1: Select one or more profiles to export from your profile list below: Select individual or multiple profiles from the list. The profile mode icon indicates either infrastructure or ad hoc mode is being used, and if security is being used. Step 2: Export the selected profile: Click Export to save your profiles to a selected directory. Step 3: Select the destination folder. Click Browse to search your hard disk for the destination directory. The C:\ drive is the default directory. Select the drive and directory. Click OK. Click OK to return to the Profiles page. Import profiles Select individual or multiple profiles to imports Profiles list. 1. Click Import to search your hard disk for profiles to import. 2. Select the profile from the selected drive or directory 3. Click Import. You are notified when the selected profile as been successfully imported.4. Click OK to return to the Profiles page. Click Cancel to close and cancel any changes. OK Saves settings and returns to the previous page.Help? Provides help information for this page.Manage Exclusions (Profiles menu)Exclude List Management is available when you either select Manage Exclusions from the Profiles menu or click the Properties button on the Wireless Networks list. IMPORTANT: You are not automatically connected to a network or an access point that is in this list. Use Exclude List Management to exclude entire wireless networks (SSID). For networks with more then one access point, you may exclude an individual wireless access point (BSSID). Name Description$

NOTE: When your computer is switched on, the radio is constantly transmitting signals. In certain situations, as in an airplane, signals from the radio may cause interference. Use the following methods if you need to disable the radio and use your notebook without emitting radio signals. Use the optional computer radio on or off switchIf your computer has an external switch installed, use it to switch the radio on or off. Refer to the computer manufacturer for more information about this switch. If you have Intel PROSet/Wireless installed, the current state of the radio displays in the Intel PROSet/Wireless main window and on the Taskbar. Use Intel PROSet/Wireless to switch the radio on or offFrom Intel PROSet/Wireless, the radio can be switched on or off. The status icon on Intel PROSet/Wireless displays the current state of the radio. From the Intel PROSet/Wireless main Window, click Wireless On or Wireless Off to toggle the radio on or off. Switch the radio on or off from the Task Tray IconTo switch the radio off or on, click the Taskbar icon and select Wireless On or Wireless Off. How to use the Device Manager to disable the radio The radio can be disabled (made non-functional) from the Microsoft Windows Device Manager. NOTE: If you disabled the radio from Microsoft Windows, then you must use Microsoft Windows to turn the radio on. You cannot use a hardware switch or Intel PROSet/Wireless to enable the radio again. Microsoft Windows XP1. From your desktop, right-click My Computer2. Click Properties. 3. Click Hardware. 4. Click Device Manager. 5. Double-click Network adapters.6. Right-click the installed wireless adapter.7. Choose Disable from the menu.8. Click OK.Install and Uninstall the SoftwareIntel Smart Wireless Solutions, the Single Sign On feature and Administrator Tool are not installed during the Typical installation process. To install these features, use the Custom option during the installation process. A Typical install includes the Wireless LAN adapter driver, the Intel PROSet/Wireless software and the Intel Wireless Troubleshooter.

To install the software:1. Insert the Installation CD in your CD drive. 2. Click Install Software on the Intel PROSet/Wireless Network screen.3. Read the license agreement. 4. Select I accept the terms in the license agreement.5. Click Next.6. Click Custom.7. Select from the list of features to install:Intel PROSet/Wireless: The Intel PROSet Wireless application software. ● Install: Click Intel PROSet Wireless. Select Install this feature and all subfeatures. Proceed to step 8. ● Not install: Click This feature will not be available. A red x displays next to the option indicates that it is not to be installed.Intel Smart Wireless Solutions: Provides an easy configuration wizard for connection to a wireless router. ● Install: Click Intel Smart Wireless Solutions. Select Install this feature and all subfeatures. Proceed to step 8. ● Not Install: Select This feature will not be available. A red x displays next to the option indicates that it is not to be installed. Intel Wireless Troubleshooter: Helps you resolve wireless connection issues. ● Install: Click Intel Wireless Troubleshooter. Select Install this feature and all subfeatures. Click Next and proceed to step 8. ● Not Install: Select This feature will not be available. A red x displays next to the option indicates that it is not to be installed.

5. You are asked what you would like to do with your current profiles and settings: You have chosen to completely remove the Intel PROSet/Wireless software. Select what to do with your current profiles and settings. ● Do not save my profiles and settings. Select to completely remove all of your current profiles and settings. If you reinstall the software, the profiles and settings are no longer available. ● Save my profiles and settings in the current format (Intel PROSet/Wireless 10.x). Select to save your current profiles and settings. If you reinstall the software, your current profiles and settings are available.● Convert and save my profiles and settings in Intel PROSet/Wireless 9.x format. If you need to revert to a previous version of Intel PROSet/Wireless software, select to save your settings. After you have reinstalled the software, your current profiles and settings are available. NOTE: Only settings applicable to the prior version of the software are available. 6. Make a selection and click OK. 7. Click Yes to restart your computer.Back to Top Back to Contents Trademarks and Disclaimers

$Advanced Settings DescriptionName DescriptionAuto Connect Automatic: (Default) Select to have Intel PROSet/Wireless automatically connect to this profile when it is in range. On Demand: Select to prevent automatic connection of a profile when the network is in range. For example, if there is a cost for a wireless connection and you did not want to connect automatically when in range. To connect to the network: 1. Select the network from the Wireless Networks list2. Click Connect. Auto Import Allows a network administrator to easily move the selected profile to other computers. When the exported file is placed in the Wireless\AutoImport directory on another computer, Intel PROSet/Wireless automatically imports the profile.$

6. Select the Network Authentication and Data Encryption options. Enter the encryption key settings and configure the 802.1x settings as required. Refer to Security Settings for more information.

$Import Profiles into the Profile ListTo import profiles manually: 1. Click Import on the Profiles page.2. Select the profile files to import.3. Click Import.4. You are notified that the profile has been successfully imported.5. Click OK. An administrator can set profiles to be imported automatically into the Profile list. Intel PROSet/Wireless monitors the import folder on your hard disk for new profile files. Only profiles that have been enabled through Enable Auto-Import in the Advanced Settings are automatically imported. If a profile of the same name already exists in the Profile list, you are notified to either reject the imported profile or accept it. If accepted, the existing profile is replaced. All imported user-based profiles are placed at the bottom of the Profile List, and the profile file is immediately deleted from your hard disk after it is imported, whether the import was successful or not. Password Protected ProfilesImport and export password protected user-based profiles automatically to remote systems. If a profile is password protected, before it can be edited, the assigned password must be entered. Refer to Password Protection for more information. Export Profiles from the Profiles List1. Select individual or multiple profiles from the list. To select multiple profiles: ❍ Use your mouse to highlight a profile.❍ Press Ctrl.❍ Click each profile that you want selected. 2. Select Export to export one or more profiles from the Profile list.3. Select the destination folder. Click Browse to search your hard disk for the destination directory. The C:\ drive is the default directory. 4. Click OK to export the selected profile. You are notified: Successfully exported selected profiles to the destination folder: C:\.Back to TopBack to Contents Trademarks and Disclaimers$

transmission. Enter the same password in all of the computers and access points in your home or small business network. Only devices that use the same encryption key can access the network or decrypt the encrypted data transmitted by other computers. The password automatically initiates the Temporal Key Integrity Protocol (TKIP) for the data encryption process. Network KeysWEP encryption provides two levels of security: ● 64-bit key (sometimes referred to as 40-bit)● 128-bit key (also known as 104-bit)For improved security, use a 128-bit key. If you use encryption, all wireless devices on your wireless network must use the same encryption keys. You can create the key yourself and specify the key length (64- or 128-bit) and key index (the location that a specific key is stored). The greater the key length, the more secure the key. Key Length: 64-bitPass phrase (64-bit): Enter five (5) alphanumeric characters, 0-9, a-z or A-Z.Hex key (64-bit): Enter 10 hexadecimal characters, 0-9, A-F. Key Length: 128-bitPass phrase (128-bit): Enter 13 alphanumeric characters, 0-9, a-z or A-Z. Hex key (128-bit): Enter 26 hexadecimal characters, 0-9, A-F. With 802.11, a wireless station can be configured with up to four keys (the key index values are 1, 2, 3, and 4). When an access point or a wireless station transmits an encrypted message that uses a key stored in a specific key index, the transmitted message indicates the key index that was used to encrypt the message body. The receiving access point or wireless station can then retrieve the key that is stored at the key index and use it to decode the encrypted message body. Personal Security: Configure Profiles for Device to Device (Ad Hoc) NetworksSet up a Client with Open Authentication and No Data Encryption (None) In device to device mode, also called ad hoc mode, wireless computers send information directly to other wireless computers. You can use ad hoc mode to network multiple computers in a home or small office, or to set up a temporary wireless network for a meeting. On the Intel(R)PROSet/Wireless main window, select one of the following methods to connect to a device to device network:

1. Security Settings: Select either WEP 64-bit or WEP 128-bit to configure WEP data encryption with a 64- or 128-bit key.When WEP encryption is enabled on a device, the WEP key is used to verify access to the network. If the wireless device does not have the correct WEP key, even though authentication is successful, the device is unable to transmit data. 2. Password: Enter the Wireless Security Password (Encryption Key). ❍ Pass phrase (64-bit): Enter five (5) alphanumeric characters, 0-9, a-z or A-Z. ❍ WEP key (64-bit): Enter 10 hexadecimal characters, 0-9, A-F.❍ Pass phrase (128-bit): Enter 13 alphanumeric characters, 0-9, a-z or A-Z. ❍ WEP key (128-bit): Enter 26 hexadecimal characters, 0-9, A-F.3. Key Index: Up to four passwords may be specified by changing the Key Index.4. To add more than one password: ❍ Select the Key Index number: 1, 2, 3, or 4.❍ Enter the Wireless Security Password.❍ Select another Key Index number.❍ Enter another Wireless Security Password.5. Click OK to return to the Profiles list.Personal Security: Configure Profiles for Infrastructure NetworksAn infrastructure network consists of one or more access points and one or more computers with wireless adapters installed. Each access point must have a wired connection to a wireless network. For home users, this is usually a broadband or cable network. Set up a Client with No (None) Data Encryption On the Intel(R)PROSet/Wireless main window, select one of the following methods to connect to an Infrastructure network: ● Double-click an Infrastructure network in the Wireless Networks list● Select an Infrastructure network in the Wireless Networks list. Click Connect. The Intel PROSet/Wireless software automatically detects the security settings for the wireless adapter. NOTE: Infrastructure networks are identified with an access point image ( ) in the Wireless Networks and Profiles list. Set up a Client with WEP 64-bit or WEP 128-bit Data EncryptionWhen WEP data encryption is enabled, a network key or password is used for encryption. A network key is provided for you automatically (for example, it might be provided by your wireless network adapter manufacturer), or you can enter it yourself and specify the key length (64- or 128-bit), key format (ASCII characters or hexadecimal digits), and key index

3. Key Index: Select 1, 2, 3 or 4. (Default key is 1.)4. Click Next. Step 2 of 2: MD5 User 1. Select one of the following credential methods: ❍ Use Windows logon user name and password: The 802.1x credentials match your Windows user name and password. Before connection, you are prompted for your Windows logon credentials. NOTE: This option is unavailable if Pre-Logon Connect is not selected during installation of the Intel PROSet/Wireless software. Refer to Install or Uninstall the Single Sign On Feature. ❍ Prompt for the user name and password: Prompt for your user name and password every time you log onto the wireless network. ❍ Use the following user name and password: Use your saved credentials to log onto the network. ■ User Name: This user name must match the user name that is set in the authentication server by the administrator prior to client authentication. The user name is case-sensitive. This name specifies the identity supplied to the

Step 1 of 2: TLS User1. Obtain and install a client certificate, refer to Set up the Client for TLS authentication or consult your system administrator. 2. Select one of the following to obtain a certificate: ● Use my smart card: Select if the certificate resides on a smart card.● Use the certificate issued to this computer: Click Select to choose a certificate that resides in the machine store.● Use a user certificate on this computer. Click Select to choose a certificate that resides on this computer. 3. Click Next.

Step 2 of 2: TLS ServerSelect one of the following: 1. Validate Server Certificate: ● Certificate Issuer: The server certificate received during TLS message exchange must be issued by this certificate authority (CA). Trusted intermediate certificate authorities and root authorities whose certificates exist in the system store are available for selection. If Any Trusted CA is selected, any CA in the list is acceptable. ● Allow intermediate certificates: The server certificate received during negotiation may have been issued directly by the CA or additionally by one of its intermediate certificate authorities. Select to allow a number of unspecified certificates to be in the server certificate chain between the server certificate and the specified CA. If cleared, then the specified CA must have been directly issued by the server certificate. 2. Specify Server or Certificate Name: Select if you want to specify your server or certificate name. The server name or domain to which the server belongs, depends on which of the two options below has been selected. ● Server name must match exactly: When selected, the server name entered must

$● Prompt each time I connect: Select to prompt for user name and password before you connect to the wireless network. The user name and password must be first set in the authentication server by the administrator.● Use the following: The user name and password are securely (encrypted) saved in the profile. ❍ User Name: This user name must match the user name that is set in the authentication server. ❍ Domain: Name of the domain on the authentication server. The server name identifies a domain or one of its subdomains (for example, zeelans.com, where the server is blueberry.zeelans.com). NOTE: Contact your administrator to obtain the domain name. ❍ Password: This password must match the password that is set in the authentication server. The entered password characters display as asterisks. ❍ Confirm Password: Reenter the user password. 2. Roaming Identity: If the Roaming Identity is cleared, %domain%\%username% is the default. When 802.1x MS RADIUS is used as an authentication server, the server authenticates the device that uses the Roaming Identity user name from Intel PROSet/Wireless software, and ignores the Authentication Protocol MS-CHAP-V2 user name. This feature is the 802.1x identity supplied to the authenticator. Microsoft IAS RADIUS accepts only a valid user name (dotNet user) for EAP clients. When 802.1x MS RADIUS is used, enter a valid user name. For all other servers, this is optional. Therefore, it is recommended to use the desired realm (for example, anonymous@myrealm) instead of a true identity. Step 2 of 2: TTLS Server1. Validate Server Certificate: Selected. 2. Certificate Issuer: The server certificate received during the TTLS message exchange must have been issued by this certificate authority (CA). Trusted intermediate certificate authorities and root authorities whose certificates exist in the system store are available for selection. If Any Trusted CA is selected, any CA in the list is acceptable.3. Specify Server or Certificate Name: The server name or domain to which the server belongs, whichever of the following has been selected. ● Server name must match exactly: When selected, the server name entered must match exactly the server name found on the certificate. The server name should include the complete domain name (for example, Servername.Domain name). ● Domain name must end in specified name: When selected, the server name identifies a domain and the certificate must have a server name belonging to this domain or to one of its subdomains (for example, zeelans.com, where the server is blueberry.zeelans.com) NOTE: These parameters should be obtained from the administrator. Set up a Client with AES-CCMP Data Encryption and PEAP Network AuthenticationPEAP authentication: PEAP settings are required for the authentication of the client to the$

$authentication server. The client uses EAP-TLS to validate the server and create a TLS-encrypted channel between client and server. The client can use another EAP mechanism (for example, Microsoft Challenge Authentication Protocol (MS-CHAP) Version 2), over this encrypted channel to enable server validation. The challenge and response packets are sent over a non-exposed TLS encrypted channel. The following example describes how to use WPA with AES-CCMP or TKIP encryption with PEAP authentication. To set up a client with PEAP Authentication: Obtain and install a client certificate. Refer to Set up the Client for TLS authentication or consult your administrator. 1. Click Profiles on the Intel PROSet/Wireless main window. 2. On the Profile page, click Add to open the Profile Wizard's General Settings.3. Profile Name: Enter a descriptive profile name.4. Wireless Network Name (SSID): Enter the network identifier. 5. Operating Mode: Click Network (Infrastructure). 6. Click Next to access the Security Settings.7. Click Enterprise Security.8. Network Authentication: Select WPA-Enterprise or WPA2-Enterprise. 9. Data Encryption: Select TKIP or AES-CCMP (Recommended). 10. Enable 802.1x: Selected.11. Authentication Type: Select PEAP to be used with this connection.Step 1 of 2: PEAP User PEAP relies on Transport Layer Security (TLS) to allow unencrypted authentication types (for example, EAP-Generic Token Card (GTC) and One-Time Password (OTP) support). 1. Authentication Protocol: Select either GTC, MS-CHAP-V2 (Default), or TLS. Refer to Authentication Protocols.2. User Credentials: Select one of the following : 3. Use Windows Logon: Allows the 802.1x credentials to match your Windows user name and password. Before connection, you are prompted for your Windows logon credentials.4. Prompt each time I connect: Prompts for user name and password every time you log onto the network. 5. Use the following: The user name and password are securely (encrypted) saved in the profile. ■ User Name: This user name must match the user name that is set in the authentication server. ■ Domain: Name of the domain on the authentication server. The server name identifies a domain or one of its subdomains (for example, zeelans.com, where the server is blueberry.zeelans.com). NOTE: Contact your administrator to obtain the domain name. ■ Password: This password must match the password that is set in the authentication server. The entered password characters display as asterisks. ■ Confirm Password: Reenter the user password. 6. Roaming Identity: If the Roaming Identity is cleared, %domain%\%username% is the default. When 802.1x MS RADIUS is used as an authentication server, the authentication server authenticates the device with the Roaming Identity$

$user name from the Intel PROSet/Wireless utility and ignores the Authentication Protocol MS-CHAP-V2 user name. This feature is the 802.1x identity supplied to the authenticator. Microsoft IAS RADIUS accepts only a valid user name (dotNet user) for EAP clients. Enter a valid user name whenever 802.1x MS RADIUS is used. For all other servers, this is optional, therefore, it is recommended that you no use a true identity, but instead the desired realm (for example, anonymous@myrealm). Configure Roaming Identity to support multiple users: If you use a Pre-Logon or Common connection profile that requires the roaming identity to be based on the Windows logon credentials, the creator of the profile can add a roaming identity that uses %username% and %domain%. The roaming identity is parsed and the appropriate log on information is substituted for the keywords. This allows maximum flexibility in configuring the roaming identity while allowing multiple users to share the profile. Please refer to your authentication server user guide for directions about how to format a suitable roaming identity. Possible formats are: %domain%\%username% %username%@%domain% %username%@%domain%.com %username%@mynetwork.com If Roaming Identity is cleared, %domain%\%username% is the default. Notes about the credentials: This user name and domain must match the user name that is set in the authentication server by the administrator prior to client authentication. The user name is case-sensitive. This name specifies the identity supplied to the authenticator by the authentication protocol operating over the TLS tunnel. This user identity is securely transmitted to the server only after an encrypted channel has been verified and established. Authentication Protocols: These parameter specifies the authentication protocols that can operate over the TTLS tunnel. Below are instructions on how to configure a profile that uses PEAP authentication with GTC, MS-CHAP-V2 (Default), or TLS authentication protocols. Generic Token Card (GTC)$

1. Obtain and install a client certificate, refer to Set up the Client for TLS authentication or consult your system administrator. 2. Select one of the following to obtain a certificate: ■ Use my smart card: Select if the certificate resides on a smart card.■ Use the certificate issued to this computer: Click Select to choose a certificate that resides in the machine store.■ Use a user certificate on this computer. Click Select to choose a certificate that resides on this computer. 3. Click Next.Step 2 of 2: PEAP Server 1. Select one of the following options: ● Certificate Issuer: Click Any Trusted CA as the default. ● Click allow intermediate certificates to allow a number of unspecified certificates to be in the server certificate chain between the server certificate and the specified CA. If cleared, then the specified CA must have directly issued the server certificate.● Specify Server or Certificate Name: 2. Server or Certificate Name: Enter the server name. 3. The server name or domain to which the server belongs, depends on which of the two options below has been selected. ● Server name must match the specified entry exactly: When selected, the

15. Click Enable Radio Management Support. Use Radio Management to detect rogue access points. 16. Click OK to return to the Security Settings. LEAP User:

EAP-FAST User1. Select the credentials retrieval method: ■ Use the Windows logon user name and password: The user credentials are retrieved from the Windows log on process. NOTE: This option is unavailable if Pre-Logon Connect is not selected during installation of the Intel PROSet/Wireless software. Refer to Install or Uninstall the Single Sign On Feature. ■ Prompt for the user name and password: Prompts for user name and password before you connect to the wireless network. The user name and password must first be set in the authentication server by the administrator.■ Use the following user name and password: The user name and password must be first set in the authentication server by the administrator. ■ User Name: This user name must match the user name that is set in the authentication server.■ Domain: Name of the domain on the authentication server. The server name identifies a domain or one of its sub-domains (for example, zeelans.com, where the server is blueberry.zeelans.com).

NOTE: Contact your administrator to obtain the domain name. ■ Password: This password must match the password that is set in the authentication server. The entered password characters display as asterisks. ■ Confirm Password: Reenter the user password.2. Allow automatic provisioning of Protected Access Credentials (PAC): EAP-FAST uses a PAC key to protect the user credentials that are exchanged. All EAP-FAST authenticators are identified by an Authority Identity (A-ID). The local authenticator sends its AID to an authenticating client, and the client checks its database for a matching AID. If the client does not recognize the AID, it requests a new PAC. Click the PACs button to view any PACs that have already been provisioned and reside on this computer. A PAC must have already been obtained to clear Allow automatic provisioning on the Security Settings. NOTE: If the provisioned Protected Access Credential (PAC) is valid, Intel(R) PROSet/Wireless does not prompt the user for acceptance of the PAC. If the PAC is invalid, Intel PROSet/Wireless fails the provisioning automatically. A status message is displayed in the Wireless Event Viewer that an administrator can review on the user's computer. PAC distribution can also be completed manually (out-of-band). Manual provisioning enables you to create a PAC for a user on an ACS server and then import it into a user's computer. A PAC file can be protected with a password, which the user needs to enter during a PAC import. To import a PAC: 1. Click PACs to open the Protected Access Credentials (PAC) list. 2. Click Import to import a PAC that resides on this computer or a server. 3. Select the PAC and click Open.

Back to Contents Security Overview: Intel(R) PRO/Wireless 3945ABG Network Connection User Guide● WEP Encryption ❍ Open and Shared Key authentication● 802.1x Authentication ❍ How 802.1x Authentication Works❍ 802.1x Features● WPA/WPA2 ❍ Enterprise Mode❍ Personal Mode❍ WPA-Enterprise and WPA2-Enterprise ❍ WPA-Personal and WPA2-Personal ❍ AES-CCMP❍ TKIP● TLS● TTLS● PEAP● Cisco Features ❍ Cisco LEAP❍ Cisco Rogue Access Point Security Feature❍ Fast Roaming (CCKM)❍ CKIP❍ 802.11b and 802.11g Mixed Environment Protection Protocol❍ EAP-FAST❍ Mixed Cell Mode❍ Radio Management WEP Encryption

Use IEEE 802.11 Wired Equivalent Privacy (WEP) encryption to prevent unauthorized reception of wireless data. WEP encryption provides two levels of security: 64-bit key (sometimes referred to as 40-bit) or a 128-bit key (also known as 104-bit). For stronger security, use a 128-bit key. If you use encryption, all wireless devices on your wireless network must use the same encryption keys. Wired Equivalent Privacy (WEP) encryption and shared authentication provides protection for your data on the network. WEP uses an encryption key to encrypt data before transmitting it. Only computers that use the same encryption key can access the network or decrypt the encrypted data transmitted by other computers. Authentication provides an additional validation process from the adapter to the access point. The WEP encryption algorithm is vulnerable to passive and active network attacks. TKIP and CKIP algorithms include enhancements to the WEP protocol that mitigate existing network attacks and address its shortcomings. Open and Shared Key authenticationIEEE 802.11 supports two types of network authentication methods: Open System and Shared Key. ● When Open authentication is used, any wireless station can request authentication. The station that needs to authenticate with another wireless station sends an authentication management request that contains the identity of the sending station. The receiving station or access point grants any request for authentication. Open authentication allows any device network access. If no encryption is enabled on the network, any device that knows the Service Set Identifier (SSID) of the access point can gain access to the network. ● When Shared Key authentication is used, each wireless station is assumed to have received a secret shared key over a secure channel that is independent from the 802.11 wireless network communications channel. Shared key authentication requires that the client configure a static WEP key. The client access is granted

only if it passes a challenge-based authentication.802.1x AuthenticationHow 802.1x Authentication Works802.1x Features Overview802.1x authentication is independent of the 802.11 authentication process. The 802.1x standard provides a framework for various authentication and key-management protocols. There are different 802.1x authentication types, each provides a different approach to authentication but all employ the same 802.1x protocol and framework for communication between a client and an access point. In most protocols, upon the completion of the 802.1x authentication process, the supplicant receives a key that it uses for data encryption. Refer to How 802.1x authentication works for more information. With 802.1x authentication, an authentication method is used between the client and a Remote Authentication Dial-In User Service (RADIUS) server connected to the access point. The authentication process uses credentials, such as a user's password that are not transmitted over the wireless network. Most 802.1x types support dynamic per-user, per-session keys to strengthen the static key security. 802.1x benefits from the use of an existing authentication protocol known as the Extensible Authentication Protocol (EAP). 802.1x authentication for wireless LANs has three main components: ● The authenticator (the access point)● The supplicant (the client software)● The authentication server (a Remote Authentication Dial-In User Service server [RADIUS])802.1x authentication security initiates an authorization request from the wireless client to the access point, which authenticates the client to an Extensible Authentication Protocol (EAP) compliant RADIUS server.

This RADIUS server may authenticate either the user (via passwords or certificates) or the system (by MAC address). In theory, the wireless client is not allowed to join the networks until the transaction is complete. There are several authentication algorithms used for 802.1x. Some examples are: EAP-TLS, EAP-TTLS, and Protected EAP (PEAP). These are all methods for the wireless client to identify itself to the RADIUS server. With RADIUS authentication, user identities are checked against databases. RADIUS constitutes a set of standards addressing Authentication, Authorization and Accounting (AAA). Radius includes a proxy process to validate clients in a multi-server environment. The IEEE 802.1x standard is for controlling and authenticating access to port-based 802.11 wireless and wired Ethernet networks. Port-based network access control is similar to a switched local area network (LAN) infrastructure that authenticates devices that are attached to a LAN port and prevent access to that port if the authentication process fails. What is RADIUS?RADIUS is the Remote Access Dial-In User Service, an Authorization, Authentication, and Accounting (AAA) client-server protocol, which is used when a AAA dial-up client logs in or out of a Network Access Server. Typically, a RADIUS server is used by Internet Service Providers (ISP) to perform AAA tasks. AAA phases are described as follows: ● Authentication phase: Verifies a user name and password against a local database. After the credentials are verified, the authorization process begins. ● Authorization phase: Determines whether a request is allowed access to a resource. An IP address is assigned for the dial-up client. ● Accounting phase: Collects information on resource usage for the purpose of trend analysis, auditing, session time billing, or cost allocation. How 802.1x Authentication Works

A simplified description of 802.1x authentication is: ● A client sends a "request to access" message to an access point. The access point requests the identity of the client. ● The client replies with its identity packet which is passed along to the authentication server. ● The authentication server sends an "accept" packet to the access point. ● The access point places the client port in the authorized state and data traffic is allowed to proceed. 802.1x Features● 802.1x supplicant protocol support ● Support for the Extensible Authentication Protocol (EAP) - RFC 2284 ● Supported Authentication Methods: ❍ EAP TLS Authentication Protocol - RFC 2716 and RFC 2246 ❍ EAP Tunneled TLS (TTLS) ❍ PEAP ● Supports Microsoft Windows XP and Windows 2000 WPA or WPA2Wi-Fi Protected Access (WPA or WPA2) is a security enhancement that strongly increases the level of data protection and access control to a wireless network. WPA enforces 802.1x authentication and key-exchange and only works with dynamic encryption keys. To strengthen data encryption, WPA utilizes Temporal Key Integrity Protocol (TKIP). TKIP provides important data encryption enhancements that include a per-packet key mixing function, a message integrity check (MIC) called Michael an extended initialization vector (IV) with sequencing rules, and a rekeying mechanism. With these improvement enhancements, TKIP protects against WEP's known weaknesses.

The second generation of WPA that complies with the IEEE TGi specification is known as WPA2. Enterprise Mode: Enterprise Mode verifies network users through a RADIUS or other authentication server. WPA utilizes 128-bit encryption keys and dynamic session keys to ensure your wireless network's privacy and enterprise security. Enterprise Mode is targeted to corporate or government environments. Personal Mode: Personal Mode requires manual configuration of a pre-shared key (PSK) on the access point and clients. PSK authenticates users via a password, or identifying code, on both the client station and the access point. No authentication server is needed. Personal Mode is targeted to home and small business environments. WPA-Enterprise and WPA2-Enterprise: Provide this level of security on enterprise networks with an 802.1x RADIUS server. An authentication type is selected to match the authentication protocol of the 802.1x server. WPA-Personal and WPA2-Personal: Provide this level of security in the small network or home environment. It uses a password also called a pre-shared key (PSK). The longer the password, the stronger the security of the wireless network. If your wireless access point or router supports WPA-Personal and WPA2-Personal then you should enable it on the access point and provide a long, strong password. The same password entered into access point needs to be used on this computer and all other wireless devices that access the wireless network. NOTE: WPA-Personal and WPA2-Personal are not interoperable. AES-CCMP - (Advanced Encryption Standard - Counter CBC-MAC Protocol) It is the new method for privacy protection of wireless transmissions specified in the IEEE 802.11i standard. AES-CCMP provides a stronger encryption method than TKIP. Choose AES-CCMP as the data encryption method whenever strong data protection is important. NOTE: Some security solutions may not be supported by

your computer’s operating system and may require additional software or hardware as well as wireless LAN infrastructure support. Check with your computer manufacturer for details. TKIP (Temporal Key Integrity Protocol) is an enhancement to WEP (Wired Equivalent Privacy) security. TKIP provides per-packet key mixing, a message integrity check and a rekeying mechanism, which fixes the flaws of WEP. TLSA type of authentication method using the Extensible Authentication Protocol (EAP) and a security protocol called the Transport Layer Security (TLS). EAP-TLS uses certificates which use passwords. EAP-TLS authentication supports dynamic WEP key management. The TLS protocol is intended to secure and authenticate communications across a public network through data encryption. The TLS Handshake Protocol allows the server and client to provide mutual authentication and to negotiate an encryption algorithm and cryptographic keys before data is transmitted. TTLSThese settings define the protocol and the credentials used to authenticate a user. In TTLS (Tunneled Transport Layer Security), the client uses EAP-TLS to validate the server and create a TLS-encrypted channel between the client and server. The client can use another authentication protocol, typically password-based protocols, as MD5 Challenge over this encrypted channel to enable server validation. The challenge and response packets are sent over a non-exposed TLS encrypted channel. TTLS implementations today support all methods defined by EAP, as well as several older methods (PAP, CHAP, MS-CHAP and MS-CHAPv2). TTLS can easily be extended to work with new protocols by defining new attributes to support new protocols. Authentication Protocols

● PAP: Password Authentication Protocol is a two way handshake protocol designed for use with PPP. Authentication Protocol Password Authentication Protocol is a plain text password used on older SLIP systems. It is not secure. ● CHAP: Challenge Handshake Authentication Protocol is a three way handshake protocol which is considered more secure than PAP (Password Authentication Protocol). ● MS-CHAP (MD4): Uses a Microsoft version of RSA Message Digest 4 challenge and reply protocol. This only works on Microsoft systems and enables data encryption. This authentication method causes all data to be encrypted.PEAPPEAP is a new Extensible Authentication Protocol (EAP) IEEE 802.1x authentication type designed to take advantage of server-side EAP-Transport Layer Security (EAP-TLS) and to support various authentication methods, including users' passwords and one-time passwords, and Generic Token Cards. Cisco FeaturesCisco LEAP Cisco LEAP (Cisco Light EAP) is a server and client 802.1x authentication through a user-supplied logon password. When a wireless access point communicates with a Cisco LEAP-enabled RADIUS (Cisco Secure Access Control Server [ACS]), Cisco LEAP provides access control through mutual authentication between client wireless adapters and the wireless networks and provides dynamic, individual user encryption keys to help protect the privacy of transmitted data. Cisco Rogue Access Point Security FeatureThe Cisco Rogue Access Point feature provides security protection from an introduction of a rogue access point that could mimic a legitimate access point on a network in order to extract information about user

When this feature is enabled your wireless adapter provides radio management information to the Cisco infrastructure. If the Cisco Radio Management utility is used on the infrastructure, it configures radio parameters, detects interference and rogue access points. Back to TopBack to Contents Trademarks and Disclaimers

Back to Contents Glossary of Terms: Intel(R) PRO/Wireless 3945ABG Network Connection User GuideGlossaryNumerical A B C D E F G H I L M N O P R S T WTerm Definition802.11 The 802.11 standard refers to a family of specifications developed by the IEEE for wireless LAN technology. The 802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients and provides 1 or 2 Mbps transmission in the 2.4 GHz band using either frequency hopping spread spectrum (FHSS) or direct sequence spread spectrum (DSSS).802.11a The 802.11a standard specifies a maximum data transfer rate of 54 Mbps and an operating frequency of 5 GHz. The 802.11a standard uses the Orthogonal Frequency Division Multiplexing (OFDM) transmission method. Additionally, the 802.11a standard supports 802.11 features such as WEP encryption for security.802.11b 802.11b is an extension to 802.11 that applies to wireless LANS and provides 11 Mbps transmission (with a fallback to 5.5, 2 and 1 Mbps) in the 2.4 GHz band. 802.11b uses only DSSS. Throughput data rate 5+ Mbps in the 2.4 GHz band.

802.11g The 802.11g standard specifies a maximum data transfer rate of 54 Mbps, an operating frequency of 2.4GHz, and WEP encryption for security. 802.11g networks are also referred to as Wi-Fi networks.802.1x 802.1x is the IEEE Standard for Port-Based Network Access Control. This is used in conjunction with EAP methods to provide access control to wired and wireless networks.AAA Server Authentication, Authorization and Accounting Server. A system to control access to computer resources and track user activity.Access Point Access point (AP). A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet.ad hoc network A communication configuration in which every computer has the same capabilities, and any computer can initiate a communication session. Also known as a peer-to-peer network or a computer-to-computer network.AES-CCMP Advanced Encryption Standard - Counter CBC-MAC Protocol is the new method for privacy protection of wireless transmissions specified in the IEEE 802.11i standard. AES-CCMP provides a stronger encryption method than TKIP. Authentication Verifies the identity of a user logging onto a network. Passwords, digital certificates, smart cards and biometrics are used to prove the identity of the client to the network. Passwords and digital certificates are also used to identify the network to the client. BER Bit error rate. The ratio of errors to the total number of bits being sent in a data transmission from one location to another.Bit Rate The total number of bits (ones and zeros) per second that a network connection can support. Note that this bit rate will vary, under software control, with different signal path conditions.

Broadcast SSID Used to allow an access point to respond to clients on a wireless network by sending probes.BSSID A unique identifier for each wireless client on a wireless network. The Basic Service Set Identifier (BSSID) is the Ethernet MAC address of each adapter on the network.CA (certificate authority)A corporate certification authority implemented on a server. In addition, Internet Explorer’s certificate can import a certificate from a file. A trusted CA certificate is stored in the root store. CCX Cisco Compatible eXtension. Cisco Compatible Extensions Program ensures that devices used on Cisco wireless LAN infrastructure meet the security, management and roaming requirements.Certificate Used for client authentication. A certificate is registered on the authentication server (i.e., RADIUS server) and used by the authenticator.CKIP Cisco Key Integrity Protocol (CKIP) is a Cisco proprietary security protocol for encryption in 802.11 media. CKIP uses a key message integrity check and message sequence number to improve 802.11 security in infrastructure mode. CKIP is Cisco's version of TKIP.Client computer The computer that gets its Internet connection by sharing either the host computer's connection or the Access Point's connection.DSSS Direct Sequence Spread Spectrum. Technology used in radio transmission. Incompatible with FHSS.EAP Short for Extensible Authentication Protocol, EAP sits inside of Point-to-Point Protocol’s (PPP) authentication protocol and provides a generalized framework for several different authentication methods. EAP is supposed to head off proprietary authentication systems and let everything from passwords to challenge-response tokens and public-key infrastructure certificates all work smoothly.

EAP-FAST EAP-FAST, like EAP-TTLS and PEAP, uses tunneling to protect traffic. The main difference is that EAP-FAST does not use certificates to authenticate. EAP-GTC The EAP-GTC (Generic Token Card) is similar to the EAP-OTP except with hardware token cards. The request contains a displayable message, and the response contains the string read from the hardware token card. EAP-OTP EAP-OTP (One-Time Password) is similar to MD5, except it uses the OTP as the response. The request contains a displayable message. The OTP method is defined in RFC 2289. The OTP mechanism is employed extensively in VPN and PPP scenarios but not in the wireless worldEAP-SIM Extensible Authentication Protocol-Subscriber Identity Module (EAP-SIM) authentication can be used with: ● Network Authentication types: Open, Shared, and WPA2-Enterprise. ● Data Encryption types: None, WEP and CKIP. A SIM card is a special smart card that is used by GSM-based digital cellular networks. The SIM card is used to validate your credentials with the networkEAP-TLS A type of authentication method using EAP and a security protocol called the Transport Layer Security (TLS). EAP-TLS uses certificates that use passwords. EAP-TLS authentication supports dynamic WEP key management.EAP-TTLS A type of authentication method using EAP and Tunneled Transport Layer Security (TTLS). EAP-TTLS uses a combination of certificates and another security method such as passwords.Encryption Scrambling data so that only the authorized recipient can read it. Usually a key is needed to interpret the data.

FHSS Frequency-Hop Spread Spectrum. Technology used in radio transmission. Incompatible with DSSS.File and printer sharingA capability that allows a number of people to view, modify, and print the same file(s) from different computers.Fragmentation thresholdThe threshold at which the wireless adapter breaks the packet into multiple frames. This determines the packet size and affects the throughput of the transmission.GHz Gigahertz. A unit of frequency equal to 1,000,000,000 cycles per second.Host computer The computer that is directly connected to the Internet via a modem or network adapter.Infrastructure Network A wireless network centered around an access point. In this environment, the access point not only provides communication with the wired network, but also mediates wireless network traffic in the immediate neighborhood.IEEE Institute of Electrical and Electronics Engineers (IEEE) is an organization involved in defining computing and communications standards.Internet Protocol (IP) addressThe address of a computer that is attached to a network. Part of the address designates which network the computer is on, and the other part represents the host identification.LAN Local area network. A high-speed, low-error data network covering a relatively small geographic area.LEAP Light Extensible Authentication Protocol. A version of Extensible Authentication Protocol (EAP). LEAP is a proprietary extensible authentication protocol developed by Cisco, which provides a challenge-response authentication mechanism and dynamic key assignment.MAC A hardwired address applied at the factory. It uniquely identifies network hardware, such as a wireless adapter, on a LAN or WAN.

Mbps Megabits-per-second. Transmission speed of 1,000,000 bits per second.MHz Megahertz. A unit of frequency equal to 1,000,000 cycles per second.MIC (Michael) Message integrity check (commonly called Michael).MS-CHAP An EAP mechanism used by the client. Microsoft Challenge Authentication Protocol (MSCHAP) Version 2, is used over an encrypted channel to enable server validation. The challenge and response packets are sent over a non-exposed TLS encrypted channel.ns Nanosecond. 1 billionth (1/1,000,000,000) of a second.OFDM Orthogonal Frequency Division Multiplexing.PEAP Protected Extensible Authentication Protocol (PEAP) is an Internet Engineering Task Force (IETF) draft protocol sponsored by Microsoft, Cisco, and RSA Security. PEAP creates an encrypted tunnel similar to the tunnel used in secure web pages (SSL). Inside the encrypted tunnel, a number of other EAP authentication methods can be used to perform client authentication. PEAP requires a TLS certificate on the RADIUS server, but unlike EAP-TLS there is no requirement to have a certificate on the client. PEAP has not been ratified by the IETF. The IETF is currently comparing PEAP and TTLS (Tunneled TLS) to determine an authentication standard for 802.1X authentication in 802.11 wireless systems. PEAP is an authentication type designed to take advantage of server-side EAP-Transport Layer Security (EAP-TLS) and to support various authentication methods, including user's passwords and one-time passwords, and Generic Token Cards.Peer-to-Peer ModeA wireless network structure that allows wireless clients to communicate with each other without using an access point.

Power Save mode The state in which the radio is periodically powered down to conserve power. When the notebook is in Power Save mode, receive packets are stored in the access point until the wireless adapter wakes up.Preferred network One of the networks that has been configured. Such networks are listed under Preferred networks on the Wireless Networks tab of the Wireless Configuration Utility (Windows 2000 environment) or Wireless Network Connection Properties (Windows XP environment).RADIUS Remote Authentication Dial-In User Service (RADIUS) is an authentication and accounting system that verifies users credentials and grants access to requested resources.RF Radio Frequency. The international unit for measuring frequency is Hertz (Hz), which is equivalent to the older unit of cycles per second. One Mega-Hertz (MHz) is one million Hertz. One Giga-Hertz (GHz) is one billion Hertz. For reference: the standard US electrical power frequency is 60 Hz, the AM broadcast radio frequency band is 0.55 -1.6 MHz, the FM broadcast radio frequency band is 88-108 MHz, and microwave ovens typically operate at 2.45 GHz. Roaming Movement of a wireless node between two micro cells. Roaming usually occurs in infrastructure networks built around multiple access points.RTS threshold The number of frames in the data packet at or above which an RTS/CTS (request to send/clear to send) handshake is turned on before the packet is sent. The default value is 2347.Shared Key An encryption key known only to the receiver and sender of data.SIM Subscriber Identity Module card is used to validate credentials with the network. A SIM card is a special smart card that is used by GSM-based digital cellular networks.

$TTLS Tunneled Transport Layer Security. These settings define the protocol and the credentials used to authenticate a user. In TTLS, the client uses EAP-TLS to validate the server and create a TLS-encrypted channel between the client and server. The client can use another authentication protocol, typically password-based protocols, such as MD5 Challenge over this encrypted channel to enable server validation. The challenge and response packets are sent over a non-exposed TLS encrypted channel. TTLS implementations today support all methods defined by EAP, as well as several older methods (CHAP, PAP, MS-CHAP and MS-CHAPv2). TTLS can easily be extended to work with new protocols by defining new attributes to support new protocols.WEP Wired Equivalent Privacy. Wired Equivalent Privacy, 64- and 128-bit (64-bit is sometimes referred to as 40-bit). This is a low-level encryption technique designed to give the user about the same amount of privacy that he would expect from a LAN. WEP is a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN. WEP aims to provide security by data over radio waves so that it is protected as it is transmitted from one end point to another.WEP Key Either a pass phrase or hexadecimal key.The pass phrase must be 5 ASCII characters for 64-bit WEP or 13 ASCII characters for 128-bit WEP. For pass phrases, 0-9, a-z, A-Z, and ~!@#$%^&*()_+|`-={}|[]\:";'<>?,./ are all valid characters.The hex key must be 10 hexadecimal characters (0-9, A-F) for 64-bit WEP or 26 hexadecimal characters (0-9, A-F) for 128-bit WEP.Wi-Fi Wireless Fidelity. Is meant to be used generically when referring of any type to 802.11 network, whether 802.11b, 802.11a, or dual-band.$

Wireless Router A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet. Also known as an access point. WLAN Wireless Local-Area Network. A type of local-area network that uses high-frequency radio waves rather than wires to communicate between nodes.WPA Wi-Fi Protected Access (WPA) is a security enhancement that strongly increases the level of data protection and access control to a wireless network. WPA is an interim standard that will be replaced with the IEEE’s 802.11i standard upon its completion. WPA consists of RC4 and TKIP and provides support for BSS (Infrastructure) mode only. (Not compatible with WPA2.)WPA2 Wi-Fi Protected Access 2 (WPA2). This is the second generation of WPA that complies with the IEEE TGi specification. WPA2 consists of AES encryption, pre-authentication and PMKID caching. It provides support for BSS (Infrastructure) mode and IBSS (Ad hoc) mode. (Not compatible with WPA.)WPA-Enterprise Wi-Fi Protected Access-Enterprise applies to corporate users. A new standards-based, interoperable security technology for wireless LAN (subset of IEEE 802.11i draft standard) that encrypts data sent over radio waves. WPA is a Wi-Fi standard that was designed to improve upon the security features of WEP as follows: ● Improved data encryption through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys have not been tampered with. ● User authentication, which is generally missing in WEP, through the extensible authentication protocol (EAP). WEP regulates access to a wireless network based on a computer’s hardware-specific MAC address, which is

relatively simple to be sniffed out and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network users can access the network. WPA is an interim standard that will be replaced with the IEEE’s 802.11i standard upon its completion.WPA-Personal Wi-Fi Protected Access-Personal provides a level of security in the small network or home environment. WPA-PSK Wi-Fi Protected Access-Pre-Shared Key (WPA-PSK) mode does not use an authentication server. It can be used with the data encryption types WEP or TKIP. WPA-PSK requires configuration of a pre-shared key (PSK). You must enter a pass phrase or 64 hex characters for a Pre-Shared Key of length 256-bits. The data encryption key is derived from the PSK.Back to TopBack to Contents Trademarks and Disclaimers

Back to Contents Administrator Tool: Intel(R) PRO/Wireless 3945ABG Network Connection User Guide● Set Administrator Password ● Administrator Packages ● Administrator Profiles ❍ Persistent❍ Pre-Logon❍ Voice over IP (VoIP) ● Administrator Tool Settings ● Administrator Settings ● Adapter Settings● Software ● Administrator TasksThe Administrator Tool is used by the person who has administrator privileges on this computer. This tool is used to configure common (shared) profiles, pre-logon profiles, and persistent connection profiles.The Administrator Tool can also be used by an Information Technology department to configure user settings within the Intel(R) PROSet/Wireless software and to create custom install packages to export to other systems. The Administrator Tool is located on the Tools menu. It must be selected during installation of the Intel PROSet/Wireless software or the feature is not displayed in the Tools menu. Set Administrator Password Users cannot modify Administrator settings or profiles unless they have the password for this tool. When you first access the Administrator Tool, you are required to enter a password. The password must not exceed 100 characters. Null passwords are not allowed.

1. Enter password: Create a password (maximum 100 characters). 2. Confirm Password: Reenter the password.3. Click OK. The Open Administrator Package displays. To change the existing password: 1. Click Administrator Tool from the Tools menu. 2. Click Change Password on the password entry form.3. Old Password: Enter the existing password.4. New Password: Enter the new password.5. Confirm Password: Reenter the new password again. 6. Click OK to save the new password and enter the Administrator Tool. Administrator PackagesThe Administrator Packages are used to save administrative profiles and other settings. You can copy or send this self-extracting executable to clients on your network. When the executable runs, the contents are installed and configured on the destination computer. To create a new package: 1. On the Tools menu, click Administrator Tool. 2. Enter your password to the Administrator Tool.3. Administrator Package: Click Create a new package.4. Click OK. 5. Select Include Settings on the Profiles, Settings, Adapter Settings, or Software pages to configure the options to be included in the package. 6. Click Close. 7. You are notified: The current package is changed. Would you like to save the changes?8. Click Yes. Save the executable file to a directory on the local disk drive. 9. Click Save. The file is created. NOTE: This process may take several minutes. 10. Click Finished to view the package contents. ❍ Click Apply this file to this computer if you want to use the package configuration on the Administrator's computer. ❍ Copy the executable file to any user's computer to install the configuration that has been saved in the package. 11. Click Enable Intel PROSet/Wireless. This procedure selects Intel(R) PROSet/Wireless to manage your network profiles.

NOTE: You can also select Save Package on the Administrator Tool File Menu to save the package. To edit a package: 1. Access the Administrator Tool.2. On the Open Administrator Package page, click Open to edit an existing package.3. Click Browse. Locate the package's executable file. 4. Click Open. Make your updates. 5. Click Close. 6. You are notified: The current package is changed. Would you like to save the changes?7. Click Yes. Save the executable file to a directory on the local disk drive. NOTE: You can also select Open Package on the Administrator Tool File menu to edit an Administrator Package. Administrator ProfilesAdministrator Profiles are owned and managed by the network administrator or the administrator of this computer. These profiles are common or shared by all users on this computer. However, end users cannot modify these profiles. They can only be modified from the Administrator Tool, which is password protected. There are three types of Administrator Profiles: Persistent, Pre-logon/Common and Voice over IP (VoIP).

$When a user logs off, any wireless connection is disconnected and a persistent profile (if one is available) is applied. Under certain circumstances it is desirable to maintain the current connection (for example, if user specific data needs to be uploaded to the server post-log off or when roaming profiles are used). Create a profile which is marked as both pre-logon and persistent to achieve this functionality. If such a profile is active when the user logs off, the connection is maintained. To create a Pre-Logon/Common Profile: 1. Click Include Profiles. 2. Click Pre-Logon/Common.3. Click Add to open the General Settings. 4. Wireless Network Name (SSID): Enter the network identifier. 5. Profile Name: Enter a descriptive profile name.6. Operating Mode: Infrastructure is selected. 7. Administrator Profile Type: Pre-logon/Common: Active when a user is logged on. This profile is shared by all users. This profile type is already selected. 8. Click Next. 9. Click Advanced to open the Advanced Settings. Use the Advanced Settings to set the following: ❍ Auto-Connect: Select to automatically or manually connect to a profile. ❍ Auto-Import this profile (for network administrators only).❍ Mandatory Access Point: Select to associate the wireless adapter with a specific access point. ❍ Password protect the profile: Select to password protect a profile. ❍ Start application: Specify a program to be started when a wireless connection is made. ❍ User Name Format: An administrator can select the user name format for the authentication server. The choices are: ❍ user (default)❍ user@domain❍ user@domain.com❍ DOMAIN\user10. Click OK to close the Advanced Settings.$