MC50 Integrator Guide8-22
Using LEAP for Wireless Network Security
LEAP is a security protocol that provides authentication and encryption for wireless networks using user names and passwords.
There are several password caching options used for LEAP:
• Save the password in the registry.
• Save the password until a warm boot (soft reset), but do not save in the registry. This method also has a timeout available.
• The username and password are not saved. Any change of status (roam or suspend/resume) requires login.
The default is set to cache the password until a warm boot, with no timeout. To use a different password caching option, reconfigure
the S24Profiles.reg registry file in the Platform folder.
Configuring Advanced Password Options
All password caching options are configured in the file S24Profiles.reg, located in the Platform folder. After completing configuration,
cold boot the mobile computer to apply the changes. Edit the file on a PC and copy it back onto the device. The section of this file
which needs editing reads:
“[HKEY_LOCAL_MACHINE\Comm\NETWLAN1\Parms].”
Cache the Password
To cache the password, edit the registry file using a text editor as follows:
1. Change the LCachePwd value from 1 to 0:
LCachePwd = dword:0
2. Uncomment the UNAME and UPwd values (delete the semicolons at the beginning of each line):
UNAME = myLEAPUserName
UPwd = myLEAPPassword
3. Change myLEAPUserName and myLEAPPassword to the correct username and password. Note that the user name and
password should be in quotes. If a domain name is required, enter this in the user name as: domain\username.
A backslash is used and most setups do not require a domain name even if Microsoft Windows
®
NT/2000
domains are used.
4. After changing the S24Profiles.reg file, copy the file onto the mobile computer into the Platform folder using ActiveSync,
overwriting the old file. Then, cold boot the mobile computer to apply the changes.
Cache the Password until a Warm Boot
Cache the password until a warm boot is the default setting. Set a timeout value in the registry to force the user to enter the username
and password after a power-on if the device has not gone through LEAP authentication after the set period of time. Normally, the
device goes through the LEAP authentication process at every power-up and every time it roams between APs.
Set the timeout in minutes using hexadecimal in the registry file. The default setting of zero disables the timeout feature. To change
the timeout setting, edit the registry file using a text editor (e.g., Notepad) as follows:
1. Ensure the “LCachePwd” value is set to dword:1.
LCachePwd = dword:1
To Next Page
Loading...
