Wireless LAN with 802.1x

Last modified by Sebastian Marsching on 2022/05/29 12:59

In Windows 7 it is quite easy to create a system-wide profile for a WiFi network with 802.1x authentication.

If the system is not part of a Windows domain (or the RADIUS server used for the WLAN does not use the accounts from Active Directory), it is still possible to use a user password combination for authentication. In this case, it is important to set the authentication mode to "User authentication" (although you use the same user for authenticating the whole computer). The "Enable Single Sign On for this network" flag must not be set, because in this case the credentials entered at the Windows login would also be used for authenticating the WiFi connection. The username / password should be stored for the connection. In this case, all users logged in to the computer will be able to use the WiFi network. I can also be used before login (e.g. if the login to an Active Directory is performed over the WiFi connection).

Last but not least, remember that the Certificate Authority (CA) has to be added to the Windows certificate store and enabled for the WiFi profile. In order to import the certificate, you have to start the Microsoft Management Console (mmc.exe) and add the certificates snap-in. You have to choose to edit the computer certificate store when adding the snap-in. Your CA should be added to the list of trusted root CAs.

See also: