Configure Windows XP for secure wireless access
The following instructions will enable you to connect your Windows XP device to eduroam, the secure wireless network.
Configuration instructions
- Double click on "My Computer".
- Go to "My Network Places".
- Select "View Network Connections".
- If your device is wireless enabled it should show "Wireless Network Connection".
- Right click on the wireless icon and select "View wireless networks". The Wireless Network Connection window will show which wireless networks are available.
- Click "Change the order of preferred networks" to display the Wireless Network Connection Properties window.
- If the wireless network "eduroam" already exists in the "Preferred Networks" box, select it and click "Properties". If it does not appear click "Add".
- Set Network name (SSID) to "eduroam".
- Set Network Authentication to "WPA2". If WPA2 is not available on your device you may use WPA.
- Set Data encryption to "AES". If AES is not available on your device you may use TKIP.
- DO NOT click OK, but now select the "Authentication" tab.
- The option to "Enable IEEE 802.1x authentication" will be ticked but greyed out.
- Select "ProtectedEAP (PEAP)" from the list of EAP types.
- Deselect BOTH "Authenticate as computer" and "Authenticate as guest".
- Click "Properties".
- Ensure "Validate server certificate" is selected.
- Scroll down the list of Trusted Root Certificate Authorities and select "UTN-USERFirst-Hardware". The UTN-USERFirst-Hardware certificate is signed by "AddTrust External CA Root".
- Select "Secured password (EAP-MSCHAP v2)" from the list of Authentication methods.
- Ensure that "Enable Fast Reconnect" is NOT selected.
- Click "Configure".
- Ensure "Automatically use my Windows logon name" is NOT selected.
- Click "OK" to close the "EAP MSCHAPv2 Properties" window.
- Click "OK" to close the "Protected EAP Properties" window.
- Click "OK" to close the "Wireless Network Connection Properties" window.
The first time you attempt to connect to the eduroam secure wireless network, a balloon-tip will appear in the Windows system tray prompting you to "Select a certificate or other credentials".
Click in this balloon to display the "Enter Credentials" login window.
NB: If Windows taskbar balloon tips have been disabled, either by using the Windows XP "TweakUI" utility or directly editing the registry, then the balloon tip will not appear. You will need to click on the wireless network icon in the system tray to display the "Enter Credentials" login window.
Enter the following information:
- User name: Enter your username as your UUN plus "@ed.ac.uk", e.g. "s10987654@ed.ac.uk".
- Password: Enter the password which you specified when you registered for the Wireless service.
- Logon domain: Leave the "Logon domain" field blank.
- Click "OK".
Your device should now authenticate and, if successful, connect to the eduroam secure wireless network.
Limited or no connectivity
Your wireless device may tell you that you are connected to the eduroam network, but you have "limited or no connectivity".
If this problem occurs, right-click the wireless network icon in the Windows system tray and select Repair from the menu. Your device should then re-connect normally to the eduroam wireless network.
If the problem persists you may need to seek further assistance from the IS Helpline.
This article was published on Mar 30, 2011