More techie help

Dave · September 23, 2004 at 6:15 pm · Filed Under Off-topic ranting 

Last time I asked for help on something like this, we got swamped with emails. You guys rock. This one’s a bit more complex, but hopefully one of you guys will be able to help me out, as my company’s helpdesk has refused to support this problem.

Here’s the basic lowdown: I’m having issues with WEP encryption and my Cisco Aironet wireless card despite the system showing a connection (using Win2K). If anyone out there is a VPN-wireless network guru and wants to lend me some help so I can actually work without heading into the office tomorrow, that’d be fantasic. Email me or respond to the more details post in the comments.

Update: In typical USSM readership response time, it took you guys about two hours to diagnose and fix the problem. Satori, you’re the man.

Comments

15 Responses to “More techie help”

  1. Dave on September 23rd, 2004 6:43 pm

    Putting here for those that care. Basic specs:

    Windows 2000
    Cisco Aironet Adapter
    Microsoft Router

    The wireless network works tremendously well on my roomates laptop and my home system. We’ve got 128-bit WEP encryption setup, which was pretty easy to do in XP, which both of us use. My company assigned me a laptop to allow me to work from home, and I’ve been using VPN for the last few weeks. Last Tuesday, I got disconnected from the VPN and was never able to sign back on despite seeing a strong connection. I eventually realized that the connection my work computer was using was our neighbors, and I’m assuming he tossed some kind of firewall up last week.

    I’ve built a profile to tell the work laptop to only use our network, but haven’t had success yet. It will recognize the SSID and connect at 1Mbps, but the connection won’t produce any results. I’m thinking the problem is in the WEP encyrption.

    I’m forced to use the Aironet Desktop Utility to configure the network, and the WEP security entry has 4 key lines. Each one only holds enough characters for half of the passphrase, so I split it between lines one and two. However, each key line has a “transmit key” radio button, and only one can be highlited at a time, so I’m guessing I’m only transmitting 1/2 of the passphrase.

    When I ran the diagnostic network test, I see two potential problems:

    Authorization Test: Test bypassed. Authentication test bypassed because authentication is not in use.

    Which is weird, because I definitely have the WEP turned on, and I can’t find anywhere else to activate “authentication”.

    Network Test: Your IP address is auto-configured but you have not received IP address.
    Physical address: info here
    Dhcp Enable: Yes
    IP address: numbers.numbers.morenumbers.lastfewnumbers
    Subnet mask: numbers.numbers.morenumbers.lastfewnumbers
    Default Gateway: blank
    Test Failure: You have not configured your computer to use the client adapter.
    Solution: Use the network icon in the system preferences application to set the network configuration for your client adapter.

    This seems lik the obvious problem, but I don’t have any idea how to actually perform the solution.

    Any help is appreciated.

  2. Blair on September 23rd, 2004 7:29 pm

    i cant help much but i just visualize those saturday night live skits with jimmy fallon as the computer nerd. standing over you smerking going “MOOOVE!”

  3. Mike Thompson on September 23rd, 2004 10:59 pm

    From what I remember, the Aironet has 4 entries, but then has a selection for 40-bit or 128-bit encryption. If it is somewhere configured to 40-bit, maybe that’s why you can’t fit the entire 26 character encryption key? Unfortunately, that’s the only thing I can think of.

  4. Chris Spangler on September 23rd, 2004 11:07 pm

    When you setup WEP on your router did you use a passphrase to generate the key or did you generate the key yourself? If you used a passphrase and that is what you are entering in the Cisco utility that is the problem. You would need to put the actual key that was generated from the passphrase into the configuration tool. Your router should display the actual WEP key that is in use somewhere. If I’m off base here (it’s entirely possible), then check to make sure that you’re using 128-bit WEP encryption on your wireless card instead of 40-bit. I hope this helps even a little.

  5. barok on September 23rd, 2004 11:07 pm

    configuration
    WEP
    don’t know if it can help u.

  6. bigcat on September 23rd, 2004 11:13 pm

    Hey Dave,

    Wish I could help you, but you’re way beyond me! Looks like you have a great group of readers here that, hopefully, can help. Good luck…

  7. Satori on September 23rd, 2004 11:38 pm

    Iรขโ‚ฌโ„ขm forced to use the Aironet Desktop Utility to configure the network, and the WEP security entry has 4 key lines. Each one only holds enough characters for half of the passphrase,

    Passphrase/keys can come in a number of forms. From what you are describing, you are able to enter up to 13 values in each of the key’s, while the “passphrase” you are using is 26 values long. Is this correct?

    If it is, it could be a problem with HEX versus ASCII representation of your key. Here’s a quick conversion table:

    128-bit HEX -> 26 characters (0 to F)
    128-bit ASCII -> 13 characters

    The reason is that each of the ASCII characters is represented by 2 HEX values. Each HEX value is 4-bits, while each ASCII character is 8-bits long. You are actually only entering in 104-bits (please see the 802.11 standard for more info. ๐Ÿ™‚ )

    So, ASCII: 4*26 = 104. HEX: 8*13=104;

    So, what you’ll have to do is figure out the ASCII-representation fo your WEP-key. On potential issue is that some HEX-combinations will look funny in ASCII. Typing character values is easy, but some of the combinations are funky symbols.

    BTW, hopefully this isn’t an issue with passphrase vs. natural-WEP-key problems. In the old days, manufacturers used a generator that would create a normal WEP-key using a passphrase. This sounds like what Chris was eluding to.

    Hope this helps.

  8. jason in nj on September 24th, 2004 4:06 am

    delete the router – my girlfriend can’t use the router when vpn’ing to work, she has to connect directly to the cable modem…

  9. Satori on September 24th, 2004 4:15 am

    I took a look at the diagnostics portion of your post and it seems like you aren’t getting a valid IP. Most of the time, this is caused by the wrong WEP key. What you can check is to see if you are getting assigned an Auto-IP (usually 127.0.0.1). Yeah, windows zero-configuration sucks in this case, since it doesn’t specifically say your WEP-key is wrong. Anyways, the auto-IP assignment might take a while (a minute or more) depending on your environment.

  10. Satori on September 24th, 2004 4:26 am

    Try this combination:

    On your router, set the WEP-key to:
    41414141 (repeated up to 26 characters)

    On your local computer, set the WEP-key to:
    AAAAAA (repeated 13 times, and in CAPS)

    If it works, this would narrow it down to ASCII-to-HEX conversion issues.

  11. Dave on September 24th, 2004 8:18 am

    Once again, you guys rock. I was entering the key under ASCII, because my roomate gave me the passkey with lowercase letters, and HEX wouldn’t allow those, so it figured it must be wrong.

    You have no idea how much time you guys saved me with this. Big ups to USSM readers. You all rule.

  12. Michael Kale on September 24th, 2004 8:33 am

    Dave, If you want to see if WEP is the problem, you can turn it off temporarily and see if everything works. If it does, then WEP’s the problem, and if it’s still broken, there may be something else going on. If WEP is the problem, it likely means you need to use some othery way to enter the key. Every bit of wireless gear I’ve used has 800 different combinations of buttons and checkboxes and ways to enter the key(s) and it never makes any sense. Some tinkering will likely make it work, though I don’t know off the top of my head what settings to use. If you’re typing a passphrase, you’ll want to be in ascii mode, though if you can see (on the router) the hex representation of the passphrase, you may be able to enter that and change it to hex mode. Let me know if this doesn’t make any sense and I’ll clarify.

    Also, for the ultimate low-tech solution: If you just want to avoid going in to the office today, could you plug in your laptop with an ethernet cable for today to work while you figure out the WEP madness?

    Satori, doesn’t it generate the hex key via some kind of hash from the ascii? I don’t think it does a 32bit to 16bit conversion there, I think if you type in “laalaalaa” it will still spit out a 128 bit key. And the auto-assigned addresses are usually of the form 169.*.*.*, at least in my experience.

  13. Michael Kale on September 24th, 2004 8:34 am

    Cool, disregard my post then ๐Ÿ˜‰

  14. satori on September 24th, 2004 10:55 am

    Hi Mike,

    You’re right about the passphrase thing. The manufacturers “tried” to make things simplier, but ended up confusing people. What I described is >sort< of a hash algorithm, in a visual sense. On some devices, when entering in "laalaalaa", the software will append ASCII zero's to make it long enough. It's definitely a pain in the butt figuring this stuff out sometimes. I've got no idea why they don't just tell you directly that your WEP-key is wrong. And thanks for catching the error with the auto-IP thing. Got things mixed up a bit. I'll blame it on it being 4 in the morning when I posted the message. ๐Ÿ™‚

  15. satori on September 24th, 2004 10:59 am

    Weird, my post was cut-off in the middle. Anyways, with some software, it’ll add zeros, spaces or cut the passphrase to make it the right length. But since passphrase generation was never in the standard, the manufacturers actually ended up making things worse.

    And thanks for catching the auto-IP error. I’ll blame it on being 4 in the morning when I posted the message. ๐Ÿ™‚