PEAP authentication for laptops

Unanswered Question
Jul 17th, 2013
User Badges:

Hi All,


We have created SSID with 802.1x authentication with WPA2 AES encrytion(Broadcast) . When I am trying to access the SSID in my Android , apple mobile it is directly asking for username and password . And it is getting authenticated .


Whereas in windows 7 laptop , I need to create the SSID profile(and need to choose the security type and all) for associating to that . Is there anyway that client will be able to connect without any SSID profling configuration in laptop ?..


Thanks ,


Regards,

Vijay.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Stephen Rodriguez Wed, 07/17/2013 - 11:43
User Badges:
  • Purple, 4500 points or more

If they are corporate devices, you can use a GPO to push the WLAN config down to your users.




HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

George Stefanick Wed, 07/17/2013 - 11:45
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

Apple and other devices are smart and for ease of use figures out the auth and encryption.

Windows 7 not so much. You need to push the profile down or manually configure ..

Sent from Cisco Technical Support iPhone App

vijay kumar Wed, 07/17/2013 - 11:48
User Badges:

Is there any other L2 security method that wont require the configuration on client side ?

George Stefanick Wed, 07/17/2013 - 11:53
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

Sadly no unless you add or push a profile. We use Intel and have a profile on each device.

Sent from Cisco Technical Support iPhone App

Abhishek Abhishek Wed, 07/17/2013 - 18:12
User Badges:
  • Gold, 750 points or more

Hello Vijay,


As per your query i can suggest you the following solution-

PEAP authenticates wireless LAN clients using only server-side digital certificates by creating an encrypted SSL/TLS tunnel between the client and the authentication server. The tunnel then protects the subsequent user authentication exchange.


Follow these steps-


1.Open wifi settings


From the Home screen, press the Menu button and then select 'Settings'


2.Open Wireless & Networks


Select 'Wireless & networks'


3.Enable WiFi


If 'Wi-Fi' is Off, Select 'Wi-Fi'


4.Enter WiFi settings


Enter Wi-Fi settings

Select 'Wi-Fi settings'


5.Add SSID manually


Scroll to the bottom of the screen and select 'Add Wi-Fi network'

Enter HC_Secure in the Name field


6.Set Security


Select 'Security' drop-down menu and select '802.1x Enterprise'


7.Authentication (Phase 2)


Select 'Phase 2 authentication' drop-down menu and select 'MSCHAPV2'

Note: You may need to scroll down on the page to access the 'Phase 2 authentication' drop-down menu


8. Enter your Account


Enter your HC Network ID in the 'Identity' field and the password in the 'Wireless password' field

Note: You must scroll down on the page to access these fields


9.Save


Select the 'Save' button


Hope this will help you.

vijay kumar Wed, 07/17/2013 - 19:38
User Badges:

Hi Abishek ,


Thanks for the reply .  Actually i dont want to validate the serer site certifcate.And the problem is i dont want to configure these setttings in all the employee laptops  , which is very difficult for us . We dont want IT team support for configuring wireless settings on employees laptop .


When the employee connects to broadcasted SSID, laptop should automatically find the security settings of that SSID.

Please help.


Thanks ,

Regards,

Vijay.

Actions

This Discussion