802.1X pro Windows 7

Thorough and accurate description of 802.1X configuration in Windows Vista can be found in Microsoft instructions.

Enabling authentication service

You will start the configuration by searching for Services. A window containing services available on your computer will open. Look up the Wired AutoConf Service item. Set up automatic startup for it by right clicking, which will display a context menu.

Automatic startup

Configuration of network interface

Next, open Properties of the interface representing the Ethernet card of your computer (Control Panels/Network/Network and Sharing Center/View Network Connections). A new tab, entitled Authentication, has appeared among properties after 802.1X was turned on in accordance with the previous step. Go to this new card and tick Enable IEE 802.1x authentication box and select Protected EAP (PEAP) as a network authentication method.

Autentification method - Microsoft: Protokol PEAP

Click Settings button. To enhance safety, we recommend to fill in radius1.tul.cz;radius2.tul.cz (no space) into addresses of authentication servers. Tick the AddTrust External CA Root checkbox in the Trusted Root Certification Authorities field as well. (The AddTrust External CA Root certificate should be already present in your system. If missing, close the window, install the certificate and repeat the procedure.) . Turn off Enable Fast Reconnect option.

Properties of Protected EAP

Connecting to the network

When the computer connects to the network, a notice informing you about necessity of submitting authentication information will pop up in the bottom right corner.

Prompt for entering the autentification information

Click it – a dialog window for typing in you username and password will appear. Enter you name in name.surname@tul.cz shape, use your LIANE remote access password (not LIANE central password) as the password.

Prompt for entering the password

If the authentication is successful, full-featured network communication will open for you.

Saving the login name and password

IEEE 802.1X supplicant can save entered username and password in Windows Vista and use it automatically next time. This is very comfortable – next time, you will just start up your computer and be connected automatically to the network. However, there are two disadvantages to this approach. Unless your computer is protected by a password, anyone who starts it up will be authenticated using your name. Should he make some mess in the network, it is you who will be held responsible for his doings. The problem number two has got something to do with your password – if you change your LIANE password for remote access, the supplicant will continue providing the old one and the computer will not connect.

It is possible to determine whether you want or do not want to save your username and password, you can do this – as described above – in the properties panel of network interface.

It is up to you and your responsibility whether you choose to use the automatic username and password storage. If you do, be sure to turn it off temporarily when you change your password for the remote access to the LIANE network.