Configure Wireless Client For Cisco Secure ACS

Configure the Wireless Network Connection

Complete these steps:

1. Log off and then log on by using the WirelessUser account in the wirelessdemo.local domain.
2. Choose Start > Control Panel, double-click Network Connections, and then right-click Wireless Network Connection.
3. Click Properties, go to the Wireless Networks tab, and ensure that the Use Windows to configure my wireless network settingsis checked.
   
4. Click Add.
5. Under the Association tab, type Employee in the Network name (SSID) field.
6. Select WPA for the Network Authentication and ensure that Data Encryption is set to TKIP.
   
7. Go to the Authentication tab.
8. Validate that EAP type is configured to use Protected EAP (PEAP). If it is not, select it from the drop-down menu.
9. If you want the machine to be authenticated prior to login (which allows login scripts or group policy pushes to be applied) checkAuthenticate as computer when computer information is available.
   
10. Click Properties.
11. As PEAP involves authentication of Server by the client ensure that Validate server certificate is checked. Also, make sure the CA that issued the ACS certificate is checked under the Trusted Root Certification Authorities menu.
12. Choose Secured password (EAP-MSCHAP v2) under Authentication Method as it is used for inner authentication.
    
13. Make sure the Enable Fast Reconnect check box is checked. Then, click OK three times.
    Step – x : Select the option Configure and uncheck the option present there if you want to enter the user and password manually, and ignore the Step – x if you are already logged in with the correct user and password.
14. Right-click the wireless network connection icon in systray and then click View Available Wireless Networks.
15. Click the Employee wireless network and click Connect.
    
    These screen shots indicate if the connection completes successfully.
    
    
    
    
16. After authentication is successful, check the TCP/IP configuration for the wireless adapter by using Network Connections. It should have an address range from the DHCP scope or the scope created for the wireless clients.
    We have also configured the Cellphones (tested on Nokia N79 and Windows Mobile) to connect to the wireless router by adding the certificates on them, and now they are also able to authenticate through RADIUS Server. I’ll post all the steps involved in it soon.

Multicast Stream – Tandberg MXP 990

Make sure that the PC is connected to the same LAN (or multi-cast enabled WAN) as the codec that is to be streaming

Note: The entire configuration related to my IP settings are erased or replaced with ‘X’. Please let me know if you face any problem, and keep following @ahsantasneem for more

Step 1: Static Public IP assignment, entering in all the IP fields for address, subnet mask, and gateway and DNS.

Step 2: Go to Endpoint Confiuration -> Streaming

Address: is defined as the IP-address of a streaming client, streaming server or a multicast address. Giving an address in the range 224.0.0.1-239.255.255.255 will broadcast the stream to any host that has joined the specified multicast group. Specifying normal broadcast address 255.255.255.255 will broadcast to any members on the LAN.

Address Port: If several codec’s are streaming to the same IP-address, different ports have to be used in order for the client to know which stream to receive. In this case 22232

Source -> Auto: Enables streaming of both local and far end video. Selection of which site to be streamed is done using voice switching (the site that speaks is streamed).

Streaming Password : Set password so that only participants entering correct password will be able to view the streaming session. Entering a password will prevent unauthorized people from accessing the streaming session

Step 3: Click -> Overview -> Streaming and press the link “Start Streaming” to start the stream.

A new webpage is opened with the streaming view displayed within the page. You can also open your web-browser directly to the streaming page by entering this URL into the browser(In this case):http://124.x.x.x/stream.sdp where 124.x.x.x would be the IP of your streaming device (Tandberg mxp 990). If a streaming client is successfully installed on the computer, a window will start up and soon show the incoming streamed information as shown below:

Step 4: To receive the stream directly from within QuickTime Player, launch QuickTime

player, and under the File Menu select ‘Open URL’ and enter http://124.x.x.x/stream.sdp where 124.x.x.x would be the IP of your codec.

SDP file

When streaming, the codec will generate a SDP file ‘stream.sdp’ which can be retrieved through the codecs web-interface (by http). This file describes what type of media is used (G.711 / H.261) and which (multicast or unicast) address the streaming is sent to. The clients (QuickTime and RealPlayer) use this information to listen for the stream.

Step 5: To end the streaming session, just press the “Disconnect Call” button on remote control or click the‘Stop Streaming’ icon on the web page provided the ‘Allow Remote Start’ is set to on.

Note: That just closing the web application will not end the streaming session, as other codec’s still might be able to receive the streamed information.

Supported Streaming clients

Cisco IP/TV, QuickTime version 4 or greater, RealPlayer version 7 and VIC

Cisco IP/TV http://www.cisco.com

QuickTime version 42 or greater http://quicktime.apple.com

VIC http://www-mice.cs.ucl.ac.uk/multimedia/software/vic/

RealPlayer7 or greater http://www.real.com