Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Win7 and WPA2-Enterprise SSID

This thread has been viewed 0 times

  • 1.  Win7 and WPA2-Enterprise SSID

    Posted May 01, 2013 11:32 AM

    got a customer who is 100% sure they didn't have to setup their WPA2-Enterprise SSIDs on Windows 7 manually in the past and the configuration wasn't done with a group policy either. does anyone here made that work once?

     

    my experience with Windows 7 is that i really have to create a new wireless network in Windows 7 and set the correct settings (certificate CA, ...,) myself. if i just click the SSID from the list then Windows 7 won't connect, and won't put it in the list of SSIDs for me to edit later on.

     

    does anyone have another way to handle this (expect for group policies, which are of course the best way, but i just want to know if i ever missed something).



  • 2.  RE: Win7 and WPA2-Enterprise SSID

    EMPLOYEE
    Posted May 02, 2013 08:26 AM

    If you want the user to manually enter credentials instead of automatically using the Windows logon credentials or machine credentials, you will have to manually configure the client, use Group Policy to push out the config, or use a supplicant configuration tool such as ClearPass QuickConnect or Eduroam SU1X.

     

    In terms of the certificate, Windows 7 will usually prompt the user to accept the presented server cert.



  • 3.  RE: Win7 and WPA2-Enterprise SSID

    EMPLOYEE
    Posted May 02, 2013 01:23 PM
    @boneyard wrote:

    got a customer who is 100% sure they didn't have to setup their WPA2-Enterprise SSIDs on Windows 7 manually in the past and the configuration wasn't done with a group policy either. does anyone here made that work once?

     

    my experience with Windows 7 is that i really have to create a new wireless network in Windows 7 and set the correct settings (certificate CA, ...,) myself. if i just click the SSID from the list then Windows 7 won't connect, and won't put it in the list of SSIDs for me to edit later on.

     

    does anyone have another way to handle this (expect for group policies, which are of course the best way, but i just want to know if i ever missed something).

    With Windows 7, if you are using an AD enterprise CA that issued the server certficate, if you just click on the SSID it will authenticate automatically and not require you to set anything up.  Unfortunately, it will default to machine only authentication.

     

    So the short answer, is YES, if the cert situation is setup properly, you just click and it will take the machine credentials and submit them.  By default, unfortunately, it takes the machine credentials even when the user is logged in.  That is probably the biggest reason why you need to set it up with group policy to submit user and computer credentials.