802.1X supplicant configuration for Windows XP

Download as PDFDownload as PDF

802.1X Supplicant Configuration

The following instructions are for Windows XP SP2: other platforms or software may display different menus and forms but the same information will need to be entered.

  1. Right click on the wireless network icon in the system tray and select View available wireless networks
  1. Select the ‘eduroam’ SSID and click Connect (this attempted connection will fail, but it will ensure that Windows is aware that the network exists).
  1. Select Change advanced settings
  1. Select the Wireless networks tab
  1. Select the ‘eduroam’ SSID from preferred networks
  1. Click on Properties, which will open an eduroam properties window with the Association tab selected.
  3. Set Data Encryption to WPA2.
  5. Set Data Encryption to AES.
  7. Click on the Authentication tab

  1. Ensure that Enable IEEE 802.1X authentication for this network is ticked.
  1. Set the EAP Type to Protected EAP (PEAP). Deselect Authenticate as computer and Authenticate as guest.

  1. Select EAP Properties:
  1. Select Authentication method as Secured Password (EAP-MSCHAP v2).
  1. Select Configure...

15.    Ensure that Automatically use my Windows logon name and password is NOT selected. Click OK on the EAP MSCHAP v2 properties window.

  1. If you do not have your organisations root certificate installed, ensure that Validate server certificate is NOT ticked.
  1. If you do have your home organisation root certificate installed (optional):
  1. Ensure that Validate server certificate IS ticked.
  2. Choose the appropriate certificate from your Trusted root certification authorities list.
  1. Click OK for the PEAP Properties.
  1. Click OK for eduroam Properties.
  1. Click OK for Wireless Network Connection Properties.
  1. A dialogue balloon associated with the wireless network icon in the systems tray will appear, prompting the user to Select a certificate or other credentials. Click on this balloon.
  1. In the resultant Enter Credentials window, enter your eduroam username (including realm) and password, leaving the domain field blank.
  1. Click OK. Your laptop should now authenticate your credentials with your home organisation and, if successful, gain network access.