Friday, March 5, 2010

Connecting to secure Wireless Network Connections on Windows 7

Wireless access at the RSA Conference has been pretty good this week and since it’s a security conference, the official network is password protected with 802.1x PEAP. The wireless network help desk has printed instructions for connecting your XP or Vista laptop, but no instructions for Windows 7. I used a combination of the instructions and screenshots from both OSes to give me the details I needed to get Windows 7 connected.

Interestingly, the Windows Vista instructions implied a much faster process where the user is prompted to trust the server certificate and the PEAP and MSCHAP v2 settings do not need to be manually configured. I've never run Vista on a laptop, so I can't confirm or deny the need to configure those items. In XP and Windows 7, you have to make sure that the root certificate is trusted and other settings are configured before attempting to connect.

Below is an example of the secure network settings provided for the conference center and where to plug in that information in Windows 7. Settings may vary depending on the requirements of other secure networks you encounter.

Setting Information

SSID: secure2010
Network Authentication: WPA2 or WPA (enterprise)
Data Encryption: AES or TKIP
EAP type: PEAP
Validate server certificate: ms1.showfloor.net
Certification Authority: Thawte Premium Server CA
PEAP authentication method: MSCHAP v2
MSCHAP properties: Do not use Windows logon
Enable Fast Reconnect: No

Steps By Step

  1. Open Network and Sharing Center

  2. Set up a connection to a new network (manually create network)


  3. After the network connect is created, go to it’s properties. On the security tab, click the settings for PEAP.


  4. Check “connect to this server” and add the server name to validate the server certificate.

  5. Check the appropriate trusted root CA.

  6. Disable Fast Reconnect.

  7. Click the “configure” button for MSCHAP and unselect the option to use the Windows logon.

When you connect to the network you’ll be prompted for the username and password. Once entered, your connection will authenticate and you’ll be on your way.

No comments:

Post a Comment

MS ITPro Evangelists Blogs

More Great Blogs