Controller Based WLANs

What does the EAP-PEAP client configuration for dot1x users look like on Windows XP laptops?

Question:  What does the EAP-PEAP client configuration for dot1x users look like on Windows XP laptops?

 

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.

(The following screen shots are from a Windows client PC. However, the settings are common on all client workstations.)

Most Windows users use the built-in utility, so this article assumes that you will be using the Windows Zero Configuration Utility.

To configure the wireless client, select the Wireless Zero Configuration Utility from the Properties menu of the wireless card.

On the Wireless Networks tab, click Add.

 

1392_image001.jpg

 

 

On the Association tab, enter the SSID and choose WPA for the authentication and TKIP for the encryption.

 

1392_image002.jpg

 

 

On the Authentication tab, choose Protected EAP and leave the "Authenticate as computer when computer information is available" option checked.

 

1392_image003.jpg

 

 

Click Properties. Uncheck "Validate server certificate" and choose "Secured password (EAP-MSCHAP v2)" for the Authentication Method.

 

1392_image004.jpg

 

Click Configure and uncheck the only option.

 

1392_image005.jpg

 

 

Click OK to save the configuration.

 

1392_image006.jpg

 

 

 

Security warning: Unchecking the “Validate server certificate” in EAP-MSCHAPv2 environments introduces significant security threats as the MSCHAPv2 authentication can no longer be considered secure. Only if certificate validation is configured correctly, EAP-MSCHAPv2 should be considered in production environments. Do not turn off this validation option in production networks.

Version history
Revision #:
2 of 2
Last update:
‎07-07-2014 09:40 AM
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.