Product and Software: This article applies to all ArubaOS versions.
Windows Vista was designed from the ground up to provide support for wireless networking that is as closely integrated with the operating system as wired networking. This integration also offers improved stability and reliability.
Some enhancements in Vista compared to XP and earlier version are:
- For EAP-PEAP, Vista can know if authentication is certificate based or username and password based.
- Vista can know if the SSID is connected to Internet or not and can classify SSIDs as local, public, or domain. If the SSID is local, Vista can advise you to open your browser for captive portal authentication.
You can access the wireless supplicant by many ways, but the easiest way is to place the cursor on the wireless icon in the toolbar. A window shows the status of your wireless connection. (The wireless icon here is the computers with the red X next to them.)
If you double-click the wireless icon, you can connect to or disconnect from the wireless network.
If you choose the "connect or disconnect" option, a new window opens with all SSIDs that can be seen by Windows Vista. In this example, we have three SSIDs:
- aruba-ap: this one is open and authentication is by captive portal.
- WPA: WPA / TKIP, using EAP-PEAP with termination on the controller.
- WPA2: WPA2 / AES, using EAP-PEAP with termination on the controller.
The configuration on the controller is as follows:
!
wlan ssid-profile "default"
!
wlan ssid-profile "wpa"
essid "WPA"
opmode wpa-tkip
!
wlan ssid-profile "wpa2"
essid "WPA2"
opmode wpa2-aes
!
wlan virtual-ap "default"
!
wlan virtual-ap "wpa"
ssid-profile "wpa"
aaa-profile "default-dot1x"
!
wlan virtual-ap "wpa2"
ssid-profile "wpa2"
aaa-profile "default-dot1x"
!
ap-group "default"
virtual-ap "default"
virtual-ap "wpa"
virtual-ap "wpa2"
!
aaa profile "default-dot1x"
authentication-dot1x "default-dot1x"
dot1x-server-group "internal"
!
aaa authentication dot1x "default-dot1x"
termination enable
termination eap-type eap-peap
termination inner-eap-type eap-mschapv2
!
The following window is displayed:
If you try to connect to aruba-ap, unencrypted SSID, Vista displays the following warning message (similar to XP):
When you are connected, the following window is displayed:
After you are connected, if you place the cursor on wireless icon in toolbar, the following window is displayed:
Vista knows that this SSID is Local only because captive portal authentication is required for full Internet connectivity. This is useful for hotspots because you can know that captive portal authentication is required. If you click this window, the following details are displayed:
For WPA / WPA2 SSIDs, you must enter the EAP username and password or have the required certificate on your PC. In XP, the default EAP authentication was based on a smart card or certificate, which means that you needed to configure EAP as EAP-PEAP manually before proceeding. But in Vista, the configuration is done automatically because it can know the EAP type and request the required authentication accordingly.
If you click WPA or WPA2 SSIDs, Vista tries to connect and the following window is displayed (if it is the first time to connect to this SSID):
If you click "Enter/select additional log on information", you are asked for username and password because this is EAP-PEAP SSID.
After you verify your username and password, the controller certificate should be verified by your PC (because we have dot1x termination on the controller). In this example, the demo certificate on this controller, so we are asked to accept it.
After it is accepted, access to this SSID is granted.
The document at the following URL is a good reference for Vista wireless connectivity if you need more info. Wireless connectivity can be achieved from many locations in Vista.
http://education.arubanetworks.com/kb/Wireless Networking In Windows Vista.doc