Notes on Setting up Wireless Cards Based on the Intersil PRISM 2.5/3.0 Chipsets to Work with Release 3.7 of the Cisco VPN Client on Red Hat 8.0 (kernel version 2.4.18-14)

There are a number of pages on the Web that describe how to set up specific wireless cards based on the Intersil PRISM 2.5/3.0 chipsets under Red Hat 8.0. In general, the pages fall into two categories:
  • those that describe how to enable the card using the Wavelan IEEE/Orinoco driver (commonly referred to as orinoco_cs) that is now a standard kernel inclusion since version 2.4.3, and
  • those that describe how to set up an 11 Mbps linux-wlan PCMCIA driver.

However, the orinoco_cs driver shipped as part of the 2.4.18-14 kernel in Red Hat 8.0 suffers from an "Error - 110 writing Tx descriptor to BAP" problem. And release 3.7 of the Cisco VPN client does not appear to work with the linux-wlan driver. (The client tries to attach to the driver kernel module but fails.)

Use Version 0.13a (or later) of the Orinoco Driver

The problem seems to be in version 0.11b of the driver, which is shipped as part of kernel 2.4.18-14. The problem disappears if the more recent version of the driver - 0.13a - is used. The source code for this can be downloaded from David Gibson's Home Page, who is also the author of the driver. Rebuilding the driver requires installation of the kernel source and can be easily done by following the instructions in the README.orinoco file that comes as part of the driver distribution. The driver can then be configured by following the instructions in Section A of Configuring the Linksys WPC11 PCMCIA Wireless Card in Red Hat Linux 8.0 by Loran Hughes.

Configuring iptables

The Cisco VPN client relies on UDP traffic on destination port 500. If the Linux installation is configured to run as a firewall, which may be the case if a typical "default" installation is done, this could lead to the "peer not responding" problem. The easiest way of diagnosing this is to stop iptables and retry the connection:
/home/pjoisha $ /etc/init.d/iptables stop
/home/pjoisha $ vpnclient connect nuvpn
If the connection can be successfully established, the filtering rules need to be modified with root privileges:
/home/pjoisha $ /sbin/iptables -I INPUT -p udp -m udp --dport 500 -j ACCEPT
/home/pjoisha $ /sbin/service iptables save
/home/pjoisha $ /sbin/service iptables restart

This page has been accessed
[ hidden ]
times since its creation on December 10th, 2002.