5 Network Support This chapter includes information about the different networks supported by the CN3 Mobile Computer, and ways to configure and manage those networks. Note that the CN3 automatically installs the appropriate software for radio or phone use when the CN3 is turned on. Note: Desktop icons and settings icons are shown to the left. Any place that Start is mentioned, tap the following Windows icon in the top, left corner of your CN3 desktop.
Chapter 5 — Network Support Wireless Network Support Radios are installed at the factory and cannot be installed by a user. The CN3 must be serviced to install or replace radios. Contact your Intermec representative for more information. Note: Changes or modifications not expressly approved by Intermec could void the user’s authority to operate the equipment.
Chapter 5 — Network Support In the Wireless Manager, either tap All or tap Bluetooth, then wait for “On” to appear beneath the Bluetooth row. Once activated, information appears in the Today desktop like the following. Note the Bluetooth icon is on the right. Tap Menu > Bluetooth Settings to perform a device search (more information on the next page). Tap Done to close the Wireless Manager. Enabling Bluetooth After a Clean Boot Bluetooth is not started by default after a clean-boot is performed.
Chapter 5 — Network Support In most cases, the CN3 will find other Bluetooth devices, such as a printer, GPS receiver, headset, or hands-free device. To scan for other Bluetooth devices 1 Tap the Devices tab, then tap Add new device... to search for (or scan) remote Bluetooth devices. 2 When the CN3 is finished scanning, any newly found devices appear in the box. Tap Refresh to perform additional searches.
Chapter 5 — Network Support 3 Select a device to which to connect, then click Next.
Chapter 5 — Network Support 4 Enter a passkey to establish a secure connection, then tap Next. Passkeys are typically provided in the documentation that comes with the Bluetooth device being searched. Tap Yes if prompted to let the other device connect with your CN3. 5 Select what services you want from this remote device, then click Finish to return to the Devices tab. To connect with other devices 1 Tap the COM Ports tab, then tap New Outgoing Port to connect to a Bluetooth device.
Chapter 5 — Network Support 2 Select the device to add, then click Next. 3 Select a port from the Port drop-down list, check Secure Connection, then click Finish to return to the COM Ports page. 4 Tap New Incoming Port to allow other Bluetooth devices to connect with your CN3. Select on which port to secure this connection, then click Finish to return to the COM Ports page. 5 You can press and hold on a device to edit that device or delete it from the list.
Chapter 5 — Network Support Using the Wireless Printing Applet The Wireless Printing applet separates the task of wireless printing from other Bluetooth management items not relevant to this task. Wireless Printing has a concept of the “current wireless printer.” This printer is the one to which the CN3 makes a connection when the wireless printing COM port is opened. If there is no current wireless printer, there is no wireless printing COM port.
Chapter 5 — Network Support To perform a Bluetooth device search 1 Select Start > Settings > the System tab > the Wireless Printing icon. 2 Clear the Show Printers Only box if you want to find more than just the Bluetooth printers. 3 Tap Search to initiate the device search. 4 In about half a minute, Bluetooth devices found within your range will appear. If your preferred printer is in the list, select to highlight the printer, then tap OK.
Chapter 5 — Network Support To perform a manual setup Note: If you know the Bluetooth Device Address of the printer you want to use, use this procedure to avoid a Device Search. 1 Select Start > Settings > the System tab > the Wireless Printing icon. 2 Tap Manual, enter the address of your device in the field, then tap OK. Tap Cancel to return to the first screen without making changes. When you set your printer manually, your device may not receive the printer name.
Chapter 5 — Network Support Connecting to Bluetooth Audio Devices The Bluetooth audio user interface is a part of the Bluetooth Audio applet. You can use this applet to search for, activate, and connect to Bluetooth audio devices, such as Bluetooth headsets. You can control the audio volume and the amplification for the microphone for the connected Bluetooth audio device (if the connected device has these capabilities). To access the Bluetooth Audio applet 1 From the CN3 desktop, select Start > Settings.
Chapter 5 — Network Support 3 Select the services tied to the Bluetooth audio device to which you are connecting, then tap Finish. Once the pairing is successfully completed, the Bluetooth audio device appears in the list of devices that are found. You can double-tap any of the devices for a pop-up menu to set it as a default, make a connection, refresh the connection, or delete the device from the list. Note: You can only select one Bluetooth audio device as the default device.
Chapter 5 — Network Support Connecting to a Bluetooth Headset If you find several Bluetooth audio devices, you can only connect to one audio device. Before you can connect to that device, you must set it as the default audio device. To connect to an audio device 1 Double-tap a device for its pop-up menu, then select to check Set as default if it is not already checked. On successful device activation, the device icon changes to include a red check mark.
Chapter 5 — Network Support 5 When connection is established, the “connected/disconnected” status changes to that of a “connected” status and the Audio Device Settings are enabled to adjust settings of the connected Bluetooth audio device.
Chapter 5 — Network Support Before you connect to the network, make sure Bluetooth is enabled on your CN3 so you can find and connect to remote devices. Go to “Personal Area Networks” on page 110 for information. Once connected, you should be able to browse Internet websites and use other online resources.
Chapter 5 — Network Support 3 Tap Add new device... if the phone is not listed in the known devices. Make sure your Bluetooth device is turned on before you start the search. 4 When the search for devices is complete, select your Bluetooth device, then tap Next to continue. 5 Enter the correct Passkey on both the Bluetooth device and the CN3, then tap Next to continue.
Chapter 5 — Network Support 6 Enter a name for the device if needed, or select what services to use, then tap Finish. 7 Select the Bluetooth device to use to connect to the network, then tap Next to continue. 8 Enter the appropriate number as it should be dialed for your Bluetooth connection, then tap Next to continue.
Chapter 5 — Network Support 9 Enter the user name, password, and domain required for your Bluetooth device, then tap Finish. Now you can establish a connection to your network via the Internet Explorer application. To disconnect, tap the Connectivity icon in the top menu bar, then select Disconnect. Local Area Networks (LANs) The CN3 is a versatile mobile computer that you can add to your wired or wireless LAN. It has an internal 802.11b/g radio to transfer data using wireless communications.
Chapter 5 — Network Support Using the CDMA Radio Phone Application With the CDMA radio module installed in your CN3, you can send and receive telephone EV-DO (1x Evolution Data Optimized) calls as well as transmit data via wide-area (WAN) cellular networks. The CN3 provides a phone speaker, microphone, and speakerphone, and supports the use of a Bluetooth headset or hands-free kit. At factorydefault, the phone is not activated.
Chapter 5 — Network Support Activating the Phone The CDMA phone is activated using the Activation Wizard in the Phone application. Contact your Intermec representative for more information. With the WAN radio module installed in your CN3, you can send and receive telephone calls. Use the speaker on the back of the computer as your earpiece and use the connector on the bottom of the computer for your mouthpiece.
Chapter 5 — Network Support 4 Enter your 6-digit activation code (hidden by asterisks), then tap Next to continue. 5 Enter the phone number and MSID from Sprint, then tap Next to continue. 6 The application prompts whether the information entered is correct. If so, tap Yes to continue, else tap No to return to the previous screen.
Chapter 5 — Network Support 7 The application acknowledges that your phone will be in service in up to four hours. Tap Finish to close the wizard. Note: Voice service is available immediately. Data service takes up to four hours of activation before you can use the service. If after four hours, a data connection is not established, go to “Updating Your PCS Vision Profile” on page 132 to manually launch data provisioning.
Chapter 5 — Network Support To use the Call History feature • Tap Call History to note the telephone numbers that were previously dialed from this CN3. To configure your phone settings • Either select Menu > Options from the Phone application, or • Select Start > Settings > the Personal tab > the Phone icon to access the applet.
Chapter 5 — Network Support To remain private • Tap 911 Only. This ensures that no service may use your location without you giving permission. Updating Your PCS Vision Profile Tap the Data Settings tab to either repair your connection settings or automatically update your PCS Vision. • When the built-in phone data connection used by Microsoft’s connection manager is corrupted, tap Repair Connectoid to repopulate the registry with the correct values for the data connection.
Chapter 5 — Network Support Note: The data provisioning process can be automatically initiated by the Sprint network, by attempting to make a cellular line connection to the WAN before the CN3 is data provisioned, or by manually starting the connections through this screen. Intermec recommends that Sprint Network “push” the data provisioning to your CN3. This should occur shortly after the voice activation is complete. To repair your connections 1 Click Repair Connected, then tap Yes to perform the repair.
Chapter 5 — Network Support Setting the Roaming Range Scroll to, then tap the System Settings tab to set your roaming feature to either automatic with having to go through your server or to roam through the Sprint server. To alert the caller when roaming is enabled • Tap Automatic. To roam the network through the Sprint server • Tap Sprint. To be notified when devices are located • Check Enable Call Guard alert when roaming.
Chapter 5 — Network Support Using the GSM/EDGE Radio Phone Application With the WAN radio module installed in your CN3, you can send and receive telephone calls as well as transmit data via wide-area cellular networks. The CN3 provides a phone speaker, microphone, and speakerphone, and supports the use of a Bluetooth headset or hands-free kit. At factory-default, the phone is disabled.
Chapter 5 — Network Support Activating the Phone The GSM/EDGE phone is activated via a SIM card that you can purchase from your network provider, and inserted in the miniSD/SIM cavity in the back of your CN3. Contact your Intermec representative for more information. To insert the SIM card 1 Press the power switch to suspend the CN3, then remove the battery pack from the back of the CN3. 2 Remove the two screws on the miniSD/SIM card slot door. Note the screws to this door are to be torqued to 1.5 in-lbs.
Chapter 5 — Network Support Tap the appropriate keys to enter a telephone number, then tap Talk to dial the number shown above the keypad. Tap this to backspace one digit Tap this to select a previously dialed number Tap this to access the Contacts application Tap this to view previous calls To use the Speed Dial feature • Tap Speed Dial to select a telephone number with which the CN3 is to dial automatically. Use the Contacts application to add to this list.
Chapter 5 — Network Support To customize your phone settings • Either select Menu > Options from the Phone application, or • Select Start > Settings > the Personal tab > the Phone icon to access the applet. Customizing the Phone Tap the Phone tab to customize your phone settings such as the ring type and ring tone to use for incoming calls, and the keypad tone to use when entering phone numbers. Tap Change PIN to reset the personal identification number for this phone.
Chapter 5 — Network Support 2 Make your changes, then tap ok to return to the Settings screen. Below is a sample Settings screen. Setting Up the Network Tap the Network tab to find, set, or select the type of network on which this phone is to communicate. Remote Access (Modems) You can set up connections to the Internet and corporate network at work to browse the Internet or intranet, send and receive e-mail, and synchronize information using ActiveSync. Connections are made via wireless networks.
Chapter 5 — Network Support • My Work Network Connect to the network at your company or organization where you work. Once connected, you can send and receive e-mail messages by using Messaging, view web pages by using Internet Explorer Mobile, and synchronize with your desktop. If this is the method you want to use, see “Connecting to Work” on page 143. Connecting to an Internet Service Provider You can connect to your ISP, and use the connection to send and receive e– mail messages and view web pages.
Chapter 5 — Network Support 4 If using an external modem connected to your CN3 with a cable, select “Hayes Compatible on COM1” from the Select a modem list dropdown list, then tap Next to continue. 5 Enter the access phone number, then tap Next. For more information, tap use dialing rules. 6 Enter the user name, password, and domain (if provided by an ISP or your network administrator), then tap Finish.
Chapter 5 — Network Support 7 Tap the Advanced tab from the Connections screen, then tap Dialing Rules to specify your current location. These settings apply to all connections. 8 Tap Use dialing rules, tap ok, then tap Edit to continue. 9 Specify your current phone type. If your phone type is pulse dialing, check Pulse dialing. If your type is tone dialing (as most phone lines are), then clear Pulse dialing. Continue to tap ok to close each page and return to the Settings page.
Chapter 5 — Network Support Connecting to Work If you have access to a network at work, you can send e-mail messages, view intranet pages, synchronize your CN3, and possibly access the Internet. Create a modem connection via a RAS (Remote Access Server) account. Before you can create this modem connection, your network administrator needs to set up a RAS account for you. Your network administrator may also give you Virtual Private Network (VPN) settings.
Chapter 5 — Network Support 5 Enter the access phone number, using some of the following guidelines. If you know part of the phone number changes frequently as you travel, create dialing rules to avoid creating numerous modem connections for the same phone number. For more information, tap use dialing rules. • Enter the phone number exactly as you want it dialed. For example, if you call from a business complex or hotel that requires a nine before dialing out, enter “9” in front of the phone number.
Chapter 5 — Network Support 4 Enter the user name, password, and domain (if provided by an ISP or your network administrator). If a domain name was not provided, try the connection without entering a domain name. Tap Finish. Creating a VPN Server Connection to Work A VPN connection helps you to securely connect to servers, such as a corporate network, via the Internet.
Chapter 5 — Network Support 3 In Name, enter a name for the connection, such as a company’s name. In Host name/ IP, enter the VPN server name or IP address. Next to VPN type, select the type of authentication to use with your device: “IPSec/L2TP” or “PPTP.” If you are not sure which option to choose, ask your network administrator. Tap Next to continue. 4 Select the type of authentication. If you select A pre-shared key, enter the key provided by your network administrator.
Chapter 5 — Network Support Insert necessary equipment, such as a network card, into the CN3, and use a desired program to begin connecting. Ending a Connection Use any of these methods to end your connection: • When connected via modem or VPN, tap the Connectivity icon on the top, then tap Disconnect. • When connected via cable or cradle, detach your CN3. • When connected via Infrared, move the CN3 away from the other computer or device. • When connected via a wireless network, switch off the connection.
Chapter 5 — Network Support The iFTP menu is available the next time you start iConnect. To manage the state of the FTP server • Modify these existing registry keys: HKEY_CURRENT_USER\Software\iConnect2\IConnect\Settings\FtpAutoStart HKEY_CURRENT_USER\Software\iConnect2\IConnect\Settings\FtpHeartbeat where 1 = enable and 0 = disable. Network Interfaces The default network adapter or radio is dependent on what radios are installed in your CN3.
Chapter 5 — Network Support The Wireless icon (shaped like a radio tower) appears in the toolbar, a check mark appears next to the “Wireless” option in the menu, and wireless communications is enabled. To configure wireless communications on the CN3 • Select Tools > Wireless Settings from the iConnect menu to access the Profile Wizard for the 802.11b/g radio module. To configure wireless 802.
Chapter 5 — Network Support To ping a specific host • Select Ping the host address below, then enter its IP address in the field beneath. After you make your selection, tap Ping! and wait for results. ISpyWiFi The ISpyWiFi utility provides more detailed information for the 802.11 radio connection in your CN3, such as MAC address, access point information, association, encryption, power management, antenna status, RSSI, data link rates, and supplicant status.
Chapter 5 — Network Support 3 Press and hold your stylus in an empty (white) area in the folder, for its pop-up menu, then select Paste Shortcut. 4 Close the File Explorer, select Start > Programs to locate the Shortcut to ISpyWifi icon. Tap this icon to access the ISpyWifi application. Note that this icon is temporary.
Chapter 5 — Network Support AP Status Shows whether the radio is associated with the access point Channel The channel on which the radio is communicating with the access point ESSID The text SSID (Network Name) for your network BSSID MAC address of radio AP with which the client radio is communicating Config Association Shows one of the following types: Open, WPA, WPA-PSK, WPA2, Network EAP Note that more information about these types start on page 183.
Chapter 5 — Network Support • SSID displays the broadcast range from the access point. • Signal shows the RSSI seen from the access point. • Channel lists the channel on which client radio is communicating with access point. • BSSID displays the MAC address for the access point radio • When Privacy shows a “Y,” WEP, TKIP, or AES encryption is used; an “N” indicates that no encryption is used.
Chapter 5 — Network Support • Click Configure Profile to launch the Profile Wizard and configure 802.11 options. See “Using the Profile Wizard” on page 161 for information on configuring this wizard. • Click Reconnect to disassociate the radio, momentarily dropping its connection. The radio then reassociates and reauthenticates, but does not do anything with the radio driver. • Click Clear Events to remove the information shown in the Supplicant Event box.
Chapter 5 — Network Support 4 Depending on how the screen is set up, you can toggle between a graph and a list of ping results: • Tap Graph to toggle to the graphical view of 25 of the most recent pings and their response results, like in the following sample graph: Last ping Maximum ping Minimum ping Average ping Note the size of the gray area represents the standard deviation from the mean.
Chapter 5 — Network Support The debug output file is then stored in the “\My Device” root folder as a text file called “uroddsvc.” Using File Explorer, press and hold your stylus on this file for its pop-up menu, then select any of its options to copy, beam, send, or delete this file. Configuring Security The CN3 provides three types of security for your wireless network: • Wi-Fi Protected Access 2 (WPA2/802.11i) • WPA • WEP. 802.
Chapter 5 — Network Support To configure Funk Security 1 Select Start > Settings > the System tab > the Intermec Settings icon. 2 Tap (+) to expand Communications > 802.11 Radio > Funk Security. 3 Select an active profile, then configure its security settings. Using WPA Security Wi-Fi Protected Access (WPA) is a strongly enhanced, interoperable Wi-Fi security that addresses many of the vulnerabilities of Wired Equivalent Privacy (WEP).
Chapter 5 — Network Support Configuring WPA Security With Funk Security Use this procedure to set WPA security with Funk security. 1 Make sure you have configured the communications and radio parameters on your CN3 and that Funk is your security choice. 2 Open Intermec Settings. Tap (+) to expand Communications > 802.11 Radio > Funk Security > Profile X with “X” being “1” through “4.” 3 For Association, select “WPA” and press Enter.
Chapter 5 — Network Support Configuring WPA-PSK Security With Funk Security 1 Make sure you have configured the communications and radio parameters on your CN3 and that Funk is your security choice. 2 Open Intermec Settings. Tap (+) to expand Communications > 802.11 Radio > Funk Security > Profile X with “X” being “1” through “4.” 3 For Association, select “WPA” and press Enter. 4 For 8021x, select “None” and press Enter. 5 For Pre-Shared Key, enter the pre-shared key or the passphrase.
Chapter 5 — Network Support Configuring 802.1x Security With Funk Security 1 Make sure you have configured the communications and radio parameters on your CN3 and that Funk is your security choice. 2 Open Intermec Settings. Tap (+) to expand Communications > 802.11 Radio > Funk Security > Profile X with “X” being “1” through “4.” 3 For Association, select “Open” and press Enter. When working with Cisco Aironet access points, you can select “Network-EAP.” 4 For Encryption, select “WEP” and press Enter.
Chapter 5 — Network Support Using Static WEP Security The CN3 uses the Wired Equivalent Privacy (WEP) protocol to add security to your wireless network based on the 802.11b/g standard. To use WEP security, you need an access point with an 802.11b/g radio. Configuring Static WEP Security With Funk Security Use this procedure to set Static WEP security with Funk security. 1 Make sure you have configured the communications and radio parameters on your CN3 and that Funk is your security choice.
Chapter 5 — Network Support Use the Profiles page to select and configure between the networking environments assigned to this 802.11b/g radio. • Tap the Profile drop-down list to choose between four different profiles assigned to this CN3, then tap Edit Select Profile, make the changes needed for this profile (starting on the next page), then tap ok to return to the Profiles page.
Chapter 5 — Network Support • SSID (Network Name) assumes the profile name unless another name is entered in this field. If you want to connect to the next available network or are not familiar with the network name, enter “ANY" in this field. Consult your LAN administrator for network names. • Check Enable Power Management to conserve battery power (default), or clear this box to disable this feature.
Chapter 5 — Network Support 4 Enter an ASCII key or a hex key either 5 or 13 bytes long based on the radio capability in the appropriate Key # field. Set a 5-byte value for 64bit WEP or a 13-byte value for 128-bit WEP. Precede hex keys with 0x and make sure the keys use 5 or 13 hex pairs. To enable WPA encryption using a pre-shared key 1 Set 8021x Security as “None.” 2 Set Association to “WPA.” 3 Enter the passphrase as ASCII (12345) in the Pre-Shared Key field.
Chapter 5 — Network Support 4 Enter the passphrase as ASCII (12345) in the Pre-Shared Key field. PEAP (Protected EAP) This protocol performs secure authentication against Windows domains and directory services. It is comparable to EAP-TTLS (see page 168), both in its method of operation and its security, though not as flexible. This does not support the range of inside-the-tunnel authentication methods supported by EAP-TTLS. Microsoft and Cisco both support this protocol.
Chapter 5 — Network Support 3 Select Prompt for password to have the user enter this password each time to access the protocol; or leave Use following password as selected and enter your unique password to use the protocol without entering a password each time you use your CN3. 4 Tap Get Certificates to obtain or import server certificates (page 170). 5 Tap Additional Settings to assign an inner PEAP authentication and set options for server certificate validation and trust.
Chapter 5 — Network Support TLS (EAP-TLS) EAP-TLS is a protocol that is based on the TLS (Transport Layer Security) protocol widely used to secure web sites. This requires both the user and authentication server have certificates for mutual authentication. While cryptically strong, this requires corporations that deploy this to maintain a certificate infrastructure for all their users.
Chapter 5 — Network Support 4 Tap ok to return to the Security page. TTLS (EAP-Tunneled TLS) This protocol provides authentication like EAP-TLS (see page 167) but does not require user certificates. User authentication is done using a password or other credentials that are transported in a securely encrypted “tunnel” established using server certificates. EAP-TTLS works by creating a secure, encrypted tunnel through which you present your credentials to the authentication server.
Chapter 5 — Network Support 2 Enter your unique Username to use this protocol. 3 Select Prompt for password to have the user enter this password each time to access the protocol, or leave Use following password as selected and enter your unique password to use the protocol without entering a password each time you use your CN3. 4 Tap Get Certificates to obtain or import server certificates (page 170).
Chapter 5 — Network Support 6 Enter the Anonymous EAP-TTLS Name as assigned for public usage. Use of this outer identity protects your login name or identity. Tap ok. Getting Certificates Certificates are pieces of cryptographic data that guarantee a public key is associated with a private key. They contain a public key and the entity name that owns the key. Each certificate is issued by a certificate authority. Use these fields for batch importing certificates into the Microsoft certificate store.
Chapter 5 — Network Support Both files must have the same name for the appropriate private key to associate with the correct certificate, such as admin.cer and admin.pvk. The certificate files are deleted from the CN3 after they import to the store. If there are no certificates to import, this action fails. To import user certificates 1 Tap the <<< button next to the Certificate Path field to select the user certificate (DER-encoded .cer file without the private key) to import.
Chapter 5 — Network Support To configure LEAP settings 1 Set 8021x Security as “LEAP,” then choose one of the following: • Set Association to “Open.” • Set Association to “WPA.” • Set Association to “WPA2” and Encryption to “TKIP” or “AES.” • Set Association to “Network EAP” and Encryption to either “WEP” or “CKIP.” (default configuration) 2 Enter your unique Username to use this protocol.
Chapter 5 — Network Support • Set Association to “Network EAP” and Encryption to either “WEP” or “CKIP.” 2 Enter your unique Username to use this protocol. 3 Select Prompt for password to have the user enter this password each time to access the protocol, or leave Use following password as selected and enter your unique password to use the protocol without entering a password each time you use your CN3. 4 Tap Additional Settings to set options for PAC management and assign an anonymous EAP-FAST name.
Chapter 5 — Network Support Configuring Advanced Settings • Wireless NICs and APs associate based on the SSID configured for the NIC. Given an SSID, the BSSID with the strongest signal is often chosen for association. After association, 802.1x authentication may occur and during authentication credentials to uniquely identify a user these are passed between the NIC and the AP. Base 802.1x technology does not protect the network from “rogue APs.
Chapter 5 — Network Support Configuring Microsoft Security The default security setting is Funk. If you want to use Microsoft security, you need to select it as your security choice. Intermec recommends that you use Intermec Settings to configure your security. For more information, see the Intermec Computer Command Reference Manual. To enable Microsoft Security 1 Select Start > Settings > the System tab > the Intermec Settings icon. 2 Tap (+) to expand Communications > 802.11 Radio > Security Choice.
Chapter 5 — Network Support To configure Microsoft Security using Intermec Settings 1 Tap (+) to expand Communications > 802.11 Radio > Microsoft Security. 2 Select Network name (SSID) and enter the SSID. To connect to an ad-hoc connection • Set Infrastructure Mode to “Ad hoc”. To disable WEP encryption • Set Network Authentication to “Open” if WEP keys are not required; or “Shared” when WEP keys are required. • Set Data Encryption to “Disabled”.
Chapter 5 — Network Support Configuring Preferred Networks Networks already configured are preferred networks. You can connect to only preferred networks or search for and connect to any available network. A wireless network can be added either when the network is detected, or manually by entering settings information. To determine if authentication information is needed, see your network administrator.
Chapter 5 — Network Support 5 Do one of the following: To disable WEP encryption • Set Authentication to either “Open” if WEP keys are not required; or “Shared” when WEP keys are required for association. • Set Data Encryption to “Disabled.” To enable WEP encryption • Set Authentication to either “Open” if WEP keys are not required; or “Shared” when WEP keys are required for association. • Set Data Encryption to “WEP.
Chapter 5 — Network Support To enable WPA authentication • Set Authentication to “WPA.” • Set Data Encryption to either “AES” or “TKIP.” • Enter the new Network key. To enable WPA authentication using a preshared key • Set Authentication to “WPA-PSK.” • Set Data Encryption to either “AES” or “TKIP.” • Enter the new Network key.
Chapter 5 — Network Support To enable WPA2 authentication • Set Authentication to “WPA2.” • Set Data Encryption to either “AES” or “TKIP.” • Enter the new Network key. To enable WPA2 authentication using a preshared key • Set Authentication to “WPA2-PSK.” • Set Data Encryption to either “AES” or “TKIP.” • Enter the new Network key. 6 Tap Next, select either “PEAP” or “Smart Card or Certificate” for the EAP type, then tap Properties to adjust its settings.
Chapter 5 — Network Support 7 Tap Finish to return to the Configure Wireless Network screen. 8 From the Networks to access drop-down list, select “All Available,” “Only access points,” or “Only computer-to-computer” depending on the type of networks to which you connect. Tap ok to close this screen. Note: If you select to connect to non-preferred networks, your CN3 detects any new networks and provides configuration opportunities.
Chapter 5 — Network Support Loading Certificates If you choose to use Transport Layer Security (TLS) with WPA or 802.1x security, you need to have a unique client certificate on the CN3 and a trusted root certificate authority (CA) certificate. If you choose to use PEAP, you need to load a root CA certificate. You can use a third-party CA to issue unique client certificates and a root certificate.
Chapter 5 — Network Support Encryption AES (Advanced Encryption Standard) A block cipher, a type of symmetric key cipher that uses groups of bits of a fixed length called blocks. A symmetric key cipher is a cipher using the same key for both encryption and decryption. As implemented for wireless, this is also known as CCMP, which implements AES as TKIP and WEP are implementations of RC4.
Chapter 5 — Network Support Authentication (continued) LEAP (Lightweight Extensible Authentication Protocol) Also known as Cisco-Wireless EAP, provides username/password based authentication between a wireless client and a RADIUS server. In the 802.1x framework, traffic cannot pass through a wireless network access point until it successfully authenticates itself. EAP-PEAP (Protected Extensible Authentication Protocol) Performs secure authentication against Windows domains and directory services.
Chapter 5 — Network Support SmartSystems™ Foundation Use the SmartSystems Foundation (www.intermec.com/SmartSystems) to configure and manage your network. You can also contact your Intermec representative for support. This tool, available as a free download from Intermec, includes a management console that provides a default method to configure and manage Intermec devices “out-of-the-box,” without the purchase of additional software licenses.
Chapter 5 — Network Support 186 CN3 Mobile Computer User’s Manual