Step 10: Configuring Wireless Client Computers For Peap-Ms-Chap V2 - Extreme Networks Summit WM Technical Reference Manual

Creating the Windows Security Infrastructure
IAS1.example.microsoft.com and IAS2.example.microsoft.com, then type the string
"example.microsoft.com". Ensure that you type the correct string, otherwise, authentication will fail.
3 Click OK to save changes to the Smart Card or other Certificate EAP type
To configure EAP-TLS authentication on a wireless client running Windows 2000 SP4, do the following:
1 Obtain properties of the wireless connection in the Dial-up and Network Connections folder. Click
the Authentication tab, and then select Enable network access control using IEEE 802.1X and the
Smart Card or other Certificate EAP type. This is enabled by default.
2 Click Properties. In the properties of the Smart Card or other Certificate EAP type, select Use a
certificate on this computer to use a registry-based user certificate or Use my smart card for a smart
card-based user certificate. If you want to validate the computer certificate of the IAS server, select
Validate server certificate (enabled by default). If you want to specify the names of the
authentication servers that must perform validation, select Connect to these servers and type the
names.
3 Click OK to save changes to the Smart Card or other Certificate EAP type.
Step 10: Configuring Wireless Client Computers for
PEAP-MS-CHAP v2
If you have configured Wireless Network (IEEE 802.11) Policies Group Policy settings and specified the
use of PEAP-MS-CHAP v2 authentication for your wireless network (the Protected EAP (PEAP) type
with the Secured password (EAP-MSCHAP v2) authentication method), then no other configuration for
wireless clients running Windows XP with SP1, Windows XP with SP2, or Windows Server 2003 is
needed.
To manually configure PEAP-MS-CHAP v2 authentication on a wireless client running Windows XP
with SP1, Windows XP with SP2, or Windows Server 2003, do the following:
1 Obtain properties of the wireless connection in the Network Connections folder. Click the Wireless
Networks tab, click the name of the wireless network in the list of preferred networks, and then click
Properties.
2 Click the Authentication tab and select Enable network access control using IEEE 802.1X and the
Protected EAP EAP type.
3 Click Properties. In the Protected EAP Properties dialog box, select Validate server certificate to
validate the computer certificate of the IAS server (enabled by default). If you want to specify the
names of the authentication servers that must perform validation, select Connect to these servers
and type the names. In Select Authentication Method, click Secured password (EAP-MSCHAP v2).
To configure PEAP-MS-CHAP v2 authentication on a wireless client running Windows 2000 SP4, do the
following:
1 Obtain properties of the wireless connection in the Dial-up and Network Connections folder.
2 Click the Authentication tab and select Enable network access control using IEEE 802.1X and the
Protected EAP EAP type.
3 Click Properties. In the Protected EAP Properties dialog box, select Validate server certificate to
validate the computer certificate of the IAS server (enabled by default). If you want to specify the
names of the authentication servers that must perform validation, select Connect to these servers and
type the names. In Select Authentication Method, click Secured password (EAP-MSCHAP v2).
52
Summit WM Technical Reference Guide, Software Version 5.1