Windows XP and WPA2 Wireless

Requirements

In order to connect to the UIwpa2 wireless network with a Windows XP computer, your system must:

• Have Service Pack 2 installed
• Have a WPA2-capable wireless network card
• Have Microsoft's KB893357 patch installed

Note: The KB893357 patch is not automatically installed as part of Microsoft's automatic update system. You'll need to use Internet Explorer to visit the link above, install the Microsoft Genuine Advantage software, and then install the patch itself. Then you'll need to reboot your computer and return to this page.

If your system doesn't meet the requirements for WPA2, you can continue to use UIUCnet Wireless instead.

Initial configuration

1. Under the Start Menu, click Connect To, then select Show All Connections.

(Note: If you use Classic View rather than XP view, open the Start menu, click Settings, and then select Network Connections.)

The Network Connections window will appear.

Network Connections window

2. Right click on the icon for your wireless adapter and choose Properties. The Wireless Connection Properties window will appear.

3. Click on the Wireless Networks tab.

Wireless Network Connection Properties window (Wireless Networks tab)

4. Click the Add button.

5. In the Wireless network properties window that appears, enter the following information in the Association tab:

• Network Name: UIwpa2
• Network Authentication: WPA2
• Data Encryption: AES

Wireless network properties window (Association tab)

6. Click the Authentication tab and enter the following information:

• EAP type: Protected EAP (PEAP)
• Uncheck the "Authenticate as computer when computer information is available" and "Authenticate as guest when user or computer information is available" boxes.

Wireless network properties window (Authentication tab)

7. Click the Properties button by the EAP Type list.

8. In the Protected EAP Properties window that appears, select the following information:

• Check the Validate server certificate item.
• Check the Connect to these servers item.
• In the servers text box, enter the following (without spaces): neauth1.cites.uiuc.edu;neauth2.cites.uiuc.edu
• In the list of Trusted Root Certification Authorities, check only Thawte Premium Server CA.
• Check the Do not prompt user to authorize new servers or trusted certification authorities item.
• From the Select Authentication Method menu, choose Secured password (EAP-MCHAP v2).
• Check the Enable Fast Reconnect item.

Protected EAP Properties window

9. Click the Configure button by the Select Authentication Method list.

10. In the EAP MSCHAPv2 Properties window that appears, the "Automatically use my Windows logon name and password (and domain if any)" item should not be checked.

EAP MSCHAPv2 Properties window

• Note for campus Active Directory users: If you always log on to the UIUC Active Directory domain rather than to your computer as a local system, you could change this configuration step to use your campus AD information for UIwpa2. See Active Directory and the UIwpa2 Network for more information.

11. Click OK three times: first in the EAP MSCHAPv2 Properties window, then in the Protected EAP Properties window, and finally in the Wireless network properties window.

You should now be looking at the Wireless Network Connection Properties window's Wireless Networks tab, and UIwpa2 should be displayed in the list of preferred networks.

Wireless Network Connection Properties window with UIwpa2 network preferred

When you click OK here, you're ready to begin the connection process.

Getting connected

When your network card has begun the process of connecting to the UIwpa2 network, a prompt bubble will appear over your task bar indicating that you need to "select a certificate or other credentials" to authenticate.

(Note: Campus Active Directory users who have altered their configuration as described above will not see this step.)

Prompt bubble over the task bar

1. Click on the Wireless Network Connection bubble in order to view the Enter Credentials window.

2. Enter the following information:

• User name: Your NetID
• Password: Your Active Directory password

(Not sure what your Active Directory password is? Try your Express Email or NetFiles password, or reset your AD password at the Password Home Page.)

• Logon domain: (Leave this field blank)

Enter Credentials window

3. Click OK.

Once your wireless card has finished authenticating with the UIwpa2 network, you'll be able to use the wireless network.

(Note: You'll only need to enter this information once.)

Trouble connecting?

If you have trouble getting connected to UIwpa2, or if your computer shows a connection but doesn't allow Internet access, remember: you can always use UIUCnet Wireless instead. Switch your selected network to UIUCnet and open a browser window to log in through QuickConnect, and you'll be ready to go.

Disconnecting when finished

When you're finished with UIwpa2:

1. Right-click on your wireless network icon in the task bar

2. Select View available wireless networks

3. Choose a different network from the list of available wireless networks.