1. Click Profiles on the Intel PROSet/Wireless main window.
2. On the Profile page, click Add to open the Create Wireless Profile General Settings.
3. Profile Name: Enter a descriptive profile name.
4. Wireless Network Name (SSID): Enter the network identifier.
5. Operating Mode: Click Network (Infrastructure).
6. Click Next to access the Security Settings.
7. Select Enterprise Security.
8. Network Authentication: Select WPA-Enterprise or WPA2-Enterprise.
9. Data Encryption: Select one of the following:
❍ TKIP provides per-packet key mixing, a message integrity check and a rekeying mechanism.
❍ AES-CCMP (Advanced Encryption Standard - Counter CBC-MAC Protocol) is used as the data
encryption method whenever strong data protection is important.
AES-CCMP is recommended.
10. Enable 802.1x: Selected.
11. Authentication Type: Select TTLS to be used with this connection.
Step 1 of 2: TTLS User
1. Authentication Protocol: This parameter specifies the authentication protocol operating over the TTLS
tunnel. The protocols are:
PAP (Default), CHAP, MS-CHAP and MS-CHAP-V2. See Security Overview for
more information.
2. User Credentials: For PAP, CHAP, MS-CHAP, and MS-CHAP-V2 protocols, select one of these
authentication methods:
Use Windows logon, Prompt each time I connect, or Use the following.
3. Roaming Identity: A Roaming Identity may be populated in this field or you can use %domain%\%
username% as the default format for entering a roaming identity.
When 802.1x Microsoft IAS RADIUS is used as an authentication server, the server authenticates
the device using the Roaming Identity from Intel PROSet/Wireless software, and ignores the
Authentication Protocol MS-CHAP-V2 user name. Microsoft IAS RADIUS accepts only a valid
user name (dotNet user) for the Roaming Identity. For all other authentication servers, the
Roaming Identity is optional. Therefore, it is recommended to use the desired realm (for example,
anonymous@myrealm) for the Roaming Identity rather than a true identity.
4. Click Next to access the TTLS Server settings.
Step 2 of 2: TTLS Server
1. Select one of the following credential retrieval methods:
Validate Server Certificate or Specify Server or
Certificate Name.
2. Click OK to save the setting and close the page.
Set up a Client with PEAP Network Authentication
PEAP authentication: PEAP settings are required for the authentication of the client to the authentication
server. The client uses EAP-TLS to validate the server and create a TLS-encrypted channel between client and
server. The client can use another EAP mechanism (for example, Microsoft Challenge Authentication Protocol
(MS-CHAP) Version 2), over this encrypted channel to enable server validation. The challenge and response
packets are sent over a non-exposed TLS encrypted channel. The following example describes how to use WPA
with AES-CCMP or TKIP encryption with PEAP authentication.
To set up a client with PEAP Authentication:
Obtain and install a client certificate. See
Set up the Client for TLS authentication or consult your
administrator.
1. Click Profiles on the Intel PROSet/Wireless main window.
2. On the Profile page, click Add to open the Create Wireless Profile General Settings.
3. Profile Name: Enter a descriptive profile name.
To Next Page
Loading...
Need help?
General
