Rhodes University Wireless Network

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Rhodes University Wireless Network"

Transcription

1 Rhodes University Wireless Network Like many organisations, Rhodes aims to secure its wireless network against unauthorised use. This document explains how this is achieved. Network Overview The University s wireless network consists of a number of different components that interoperate to provide secure, authenticated access to the network and Internet. The diagram below shows how the components of the network are interconnected. All components of the network must be functional for a user to successfully authenticate and connect. Rhodes Wireless Network Components Rhodes Network & the Internet Supplicant Wireless Access Points WPA-Enterprise Wireless Security Switch EAP RADIUS SSL edirectory The three dashed lines show the various secure (encrypted) tunnels that are established during the authentication process. The client initially establishes a tunnel to the University s RADIUS servers (blue, EAP) via a proxy on the wireless security switch. The RADIUS server then establishes a second tunnel (orange, SSL) to the University s edirectory (LDAP) servers. Together these two tunnels secure the user s credentials as they re transmitted over both the University s wireless and wired networks. Once authenticated, the client establishes a tunnel to the wireless security switch (green, WPA-Enterprise). This tunnel is then used for network traffic, and thus secures the user s communication over the wireless network. In practice many of the above components are redundant. Each wireless access point can automatically connect to either of two wireless security switches. These switches connect to a cluster of five RADIUS servers, any one of which is capable of handling authentication requests. The RADIUS servers load balance authentication requests between three edirectory replicas, with automatic failover. These wireless security protocols implemented by each of these components are explained in further detail in the sections below. 2009/02/07 1

2 Wireless Security Access to the wireless network is controlled by individual wireless access points in consultation with the wireless security switches they re connected to. These check that a particular device is authorised to use the network before allowing it to connect. We make use of devices that are certified under the WiFi-Protected Access (WPA) program, and utilise this standard for network authentication. Our access points will support the following protocols: Network Authentication: Data Encryption: WPA or WPA2 TKIP or AES The combination of WPA & TKIP is collectively known as WPA-Enterprise whilst WPA2 & AES combined form WPA2-Enterprise. Of these two, WPA2-Enterprise is the preferred method for doing network authentication as it is a newer standard and is known to be more secure than WPA-Enterprise. The other two combinations (WPA+AES & WPA2+TKIP) will work with Rhodes s wireless network infrastructure but they are not standards-based. The older, insecure Wired-Equivalency Protocol (WEP) is not supported in any form. Authentication Both versions of WPA-Enterprise make use of the Extensible Authentication Protocol (EAP) to authenticate and authorize particular users. As its name suggests, EAP provides for a number of different authentication methods. The following are supported at Rhodes: EAP-type: PEAP/MSCHAPv2 or TTLS/PAP or TTLS/MSCHAPv2 There s no preferred EAP type. Both PEAP and TTLS provide excellent security, and can be used interchangeably on our network. Each has their own pros and cons which might make them preferable in certain situations. TTLS/PAP is non-standard but is widely used and supported (for example by EDUROAM). WPA-Enterprise supports several other EAP authentication methods, most notably EAP-TLS (client certificates) and EAP-GTC (smart cards). Whilst some operating systems provide support for these EAP types, they re not widely used. Rhodes does not support any of these EAP types. The client part of EAP authentication (i.e. what s on the user s laptop) is called a supplicant. User Credentials EAP authentication is handled by the University s RADIUS servers, which in turn pass user credentials to the Novell edirectory (LDAP) servers for validation. These are the same servers that authenticate Rhodes users when they read , browse the Internet, etc. Users should therefore make use of their normal Rhodes username and password when connecting to the network. 2009/02/07 2

3 EAP and RADIUS support the concept of realms. A realm is used to provide routing information in environments where the same RADIUS servers handle authentication for several different organisations. Realms are often specified by appending sign and the realm to the person s username (e.g. Realms are unnecessary on the staff and student wireless networks, so users can leave any realm or domain field in their supplicant blank. If, however, they want to specify a realm, the correct one for staff and guests is ru.ac.za and the correct one for students is campus.ru.ac.za (i.e. the same as the domain in their address and the SSID of the wireless network they use). The TTLS EAP type requires an outer identity which it uses to route EAP messages correctly. When making use of TTLS, users should specify as their outer identity. In this context the realm is important; it cannot be left out. Operating System Support For reference, the following table shows which combinations of network authentication, data encryption and EAP type (as implemented by Rhodes network infrastructure) various operating systems are known to support: Security Options Operating System Windows XP (SP2 or later) Windows Vista Apple OSX Leopard Linux, *BSD, etc (wpa_supplicant 1 ) WPA + TKIP + PEAP WPA + TKIP + TTLS WPA + AES + PEAP? WPA + AES + TTLS? WPA2 + TKIP + PEAP? WPA2 + TKIP + TTLS? WPA2 + AES + PEAP WPA2 + AES + TTLS just works no yes yes no Key: Native operating system support Supported, but requires a third-party supplicant such as SecureW2 2 Not supported (conclusively known not to work)? Should be supported, but not able to test properly /02/07 3

4 The just works row of the table indicates how well the operating system concerned detects Rhodes wireless network and configures itself to make use of it. Operating systems with a yes here automatically detect a valid combination and thus work out-the-box with no specific user configuration (other than entering a username and password when prompted). Those with a no here require some level of user configuration before they ll connect. This could be as simple as selecting the right options, or could involve the installation of extra software such as a supplicant, drivers or a frontend. For example, installing KNetworkManager 3 in KDE 4 makes wpa_supplicant just work. Security Certificates The EAP methods Rhodes supports make use of X.509 certificates to secure user credentials as they re transmitted over the network. In order to work correctly, the wireless client needs to trust the certificate authorities that issue the certificates we use. Rhodes makes use of two different certificate authorities, and users of the wireless network should make sure that they trust both authorities. These are: Rhodes University CA (SHA1 fingerprint: 2b 47 db 5c a0 e4 c b b9 c d1 b4 ca a6 bd 5b) Thawte Premium Server CA (SHA1 fingerprint: 62 7f 8d d2 7d 7f c9 fe b3 f3 3e fa 9a) Rhodes CA certificate is available from Thawte s CA certificate is built into most operating systems and web browsers. Clients should not validate the certificate s CN (server name) because it s likely to change /02/07 4

5 Appendix: PEAP on Windows XP Manually add a new wireless network with the following settings: On the Association tab: Network Name (SSID): ru.ac.za Network Authentication: WPA2 Data Encryption: AES On the Authentication tab: EAP type: Protected EAP (PEAP) Authenticate as computer: unticked (is ticked by default) Authenticate as guest: unticked Then click Properties to change the PEAP properties On the PEAP properties dialog: Validate server certificate: ticked Connect to these servers: unticked Do not prompt user to authorize...: unticked Authentication Method: EAP-MSCHAPv2 Fast reconnect: ticked (actually, untick if you have problems) Then click Configure... to change the MSCHAPv2 properties On the EAP-MSCHAPv2 properties dialog: Automatically use my Windows logon...: unticked (this can be left ticked if the user logs into Windows with exactly the same username and password as they use for , etc. the danger is that if the password is wrong they'll get intruder locked out when Windows re-trys authentication) 2009/02/07 5

6 Appendix: wpa_supplicant on Linux/FreeBSD Option 1: TTLS Put the following into your /etc/wpa_supplicant.conf network={ ssid="campus.ru.ac.za" key_mgmt=wpa-eap proto=rsn WPA eap=ttls password="xxxxxxxxxxxx" ca_cert="/path/to/thawte.cer" } replacing ssid with the correct SSID, with the correct username and realm and XXXXXXXXXXXX with your normal Rhodes password. (Leave the anonymous_identity as-is, it is important). You'll also need to download and save the Thawte Premium Server CA certificate, and then fix the path in the ca_cert line. Option 2: PEAP Use this instead of the network section above as an alternative. The CA certificate is not required. network={ ssid="ru.ac.za" key_mgmt=wpa-eap eap=peap identity="username" password="xxxxxxxxxxxxx" phase2="auth=pap" } replacing ssid with the correct SSID, username with the correct username (no realm) and XXXXXXXXXXXX with your normal Rhodes password. 2009/02/07 6

How to connect to FVCC's WiFi

How to connect to FVCC's WiFi Table of Contents Table of Contents How to connect to FVCC's WiFi Don't panic! Summary Caveats / Troubleshooting Removing a wifi profile Android iphone Windows 7 Windows 8 Windows 10 Other troubleshooting

More information

Configuring the Client Adapter through the Windows XP Operating System

Configuring the Client Adapter through the Windows XP Operating System APPENDIX E Configuring the Client Adapter through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in

More information

Connecting to the NJITSecure wireless network.

Connecting to the NJITSecure wireless network. Connecting to the NJITSecure wireless network. 1. Start by going to the Start menu and selecting Control Panel 2. Your control Panel will most likely be in Category view, you will need to change it to

More information

Connecting to the Eduroam WiFi

Connecting to the Eduroam WiFi Connecting to the Eduroam WiFi The following guide illustrates the steps required to configure a Windows XP installation and internet browser ready for Eduroam use. Instructions for other versions of the

More information

How to connect to Wi-Fi

How to connect to Wi-Fi 41 How to connect to Wi-Fi LSBU uses the eduroam service to connect Wi-Fi devices. Once you are set up you will automatically be connected whenever you are in range. Wireless Internet access is available

More information

Internet access system through the Wireless Network of the University of Bologna (last update )

Internet access system through the Wireless Network of the University of Bologna (last update ) Internet access system through the Wireless Network of the University of Bologna (last update 7.03.2012) Printable service summary document: the updated version is available online at the following address

More information

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

802.1X: Deployment Experiences and Obstacles to Widespread Adoption 802.1X: Deployment Experiences and Obstacles to Widespread Adoption Terry Simons University of Utah; open1x.org Terry.Simons@utah.edu Jon Snyder Portland State University jon@pdx.edu 802.1X Adoption Ratified

More information

Instructions for connecting to winthropsecure

Instructions for connecting to winthropsecure Instructions for connecting to winthropsecure Windows 7/8 Quick Connect Windows 7/8 Manual Wireless Set Up Windows 10 Quick Connect Windows 10 Wireless Set Up Apple Quick Connect Apple Settings Check Windows

More information

Eduroam CAT. Stefan Winter, RESTENA TF-Mobility, Internetland, 30 june connect communicate collaborate

Eduroam CAT. Stefan Winter, RESTENA TF-Mobility, Internetland, 30 june connect communicate collaborate Eduroam CAT Stefan Winter, RESTENA TF-Mobility, Internetland, 30 june 2011 What's the CAT? Configuration Assistant Tool Prerequisiste: IdP lets us know its configuration details: CA, certificate CN(s),

More information

ONUnet ONU Setup Guide for Windows 7

ONUnet ONU Setup Guide for Windows 7 The steps below are designed to help Students, Faculty, and Staff connect to the wireless network at Olivet Nazarene University called ONU on Windows 7 (Guests should use ONUGuest). 1. Right click on the

More information

Campus Wi-Fi. Set up access to eduroam: the University Wi-Fi network

Campus Wi-Fi. Set up access to eduroam: the University Wi-Fi network Campus Wi-Fi Set up access to eduroam: the University Wi-Fi network Contents Before you get online... 2 Using eduroam... 3 Connect a phone/tablet... 3 Connect a PC/laptop... 4 Troubleshooting... 6 Help

More information

Eduroam network configuration using Linux

Eduroam network configuration using Linux Contents Eduroam network configuration using Linux 1 Configuration by using the gnome network manager 1.1 Configuring the Eduroam connection 2 Configuration by using Kubuntu 10.10 2.1 Step 1: Installation

More information

Johns Hopkins

Johns Hopkins Wireless Configuration Guide: Windows Vista Additional hopkins wireless network instructions and requirements for Windows XP, Mac OS X, and Linux can be found at: http://www.it.johnshopkins.edu/services/networking/wireless/

More information

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Prerequisites An activated MyID account is required to use ResNet s wireless network. If you have not activated your MyID account,

More information

ResNet Guide. For the University of Redlands. Determine Your Operating System... 2 Windows 8 / 8.1 Wireless Connection Instructions...

ResNet Guide. For the University of Redlands. Determine Your Operating System... 2 Windows 8 / 8.1 Wireless Connection Instructions... ResNet Guide For the University of Redlands Contents Determine Your Operating System... 2 Windows 8 / 8.1 Wireless Connection Instructions...4 Windows 7/ Wireless Connection Instructions... 8 Apple Lion

More information

Manual UCSFwpa Configuration for Windows 7

Manual UCSFwpa Configuration for Windows 7 Image not found https://it.ucsf.edu/sites/it.ucsf.edu/themes/custom/it_new/logo.png it.ucsf.edu Published on it.ucsf.edu (https://it.ucsf.edu) Home > Manual UCSFwpa Configuration for Windows 7 Manual UCSFwpa

More information

For my installation, I created a VMware virtual machine with 128 MB of ram and a.1 GB hard drive (102 MB).

For my installation, I created a VMware virtual machine with 128 MB of ram and a.1 GB hard drive (102 MB). HOWTO: ZeroShell WPA Enterprise by Paul Taylor ZeroShell can be obtained from: http://www.zeroshell.net/eng/ For my installation, I created a VMware virtual machine with 128 MB of ram and a.1 GB hard drive

More information

Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients

Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients Document ID: 64067 Contents Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Service Installation

More information

Configuring WPA2 for Windows XP

Configuring WPA2 for Windows XP Configuring WPA2 for Windows XP Requirements for wireless using WPA2 on Windows XP Your wireless card must support 802.1x, AES, and WPA2. Your computer must have Windows XP service pack 2 installed and

More information

Securewireless Windows 7 Setup Guide

Securewireless Windows 7 Setup Guide Securewireless Windows 7 Setup Guide 1. Click on the wireless icon in the lower right-hand corner of the taskbar and then click on Open Network and Sharing Center. 2. From the Network and Sharing Center

More information

802.1x Port Based Authentication

802.1x Port Based Authentication 802.1x Port Based Authentication Johan Loos Johan at accessdenied.be Who? Independent Information Security Consultant and Trainer Vulnerability Management and Assessment Wireless Security Next-Generation

More information

The SU1X 802.1X Configuration Deployment Tool

The SU1X 802.1X Configuration Deployment Tool Published on Jisc community (https://community.jisc.ac.uk) Home > Network and technology service docs > eduroam > Information for tech admins > The SU1X 802.1X Configuration Deployment Tool The SU1X 802.1X

More information

How to configure SecureW2

How to configure SecureW2 How to configure SecureW2 Disclaimer The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Copyright Notice

More information

APP NOTES Onsight Rugged Smart Camera Wireless Network Configuration

APP NOTES Onsight Rugged Smart Camera Wireless Network Configuration APP NOTES Onsight Rugged Smart Camera Wireless Network Configuration July 2016 Table of Contents 1. Overview... 4 1.1 Onsight Setup Wizard... 4 1.2 Onsight Wireless Manual Setup... 4 1.3 Hotspot Login...

More information

Wired Dot1x Version 1.05 Configuration Guide

Wired Dot1x Version 1.05 Configuration Guide Wired Dot1x Version 1.05 Configuration Guide Document ID: 64068 Introduction Prerequisites Requirements Components Used Conventions Microsoft Certificate Services Installation Install the Microsoft Certificate

More information

Configuring 802.1X Authentication Client for Windows 8

Configuring 802.1X Authentication Client for Windows 8 Configuring 802.1X Authentication Client for Windows 8 1. At the Metro Screen, press the windows key on your keyboard together with the alphabets x to go to the Control Panel. Page 1 1.1 In the Control

More information

Protected EAP (PEAP) Application Note

Protected EAP (PEAP) Application Note Revision 4.0 June 2004 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part

More information

New Windows build with WLAN access

New Windows build with WLAN access New Windows build with WLAN access SecRep 24 17-18 May 2016 Ahmed Benallegue/Hassan El Ghouizy/Priyan Ariyansinghe ECMWF network_services@ecmwf.int ECMWF May 19, 2016 Introduction Drivers for the new WLAN

More information

Introduction to eduroam

Introduction to eduroam Introduction to eduroam eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Poll Brief History eduroam initiative

More information

Server Certificate Validation

Server Certificate Validation Understanding Server Certificate Validation and 802.1X Update Kevin Koster Founder & Principal Cloudpath Networks Special Thanks To: Robert Hopley, RSA Chris Hessing, Cloudpath & OpenSEA Alex Sharaz, University

More information

Cisco Exam Questions & Answers

Cisco Exam Questions & Answers Cisco 300-208 Exam Questions & Answers Number: 300-208 Passing Score: 800 Time Limit: 120 min File Version: 38.4 http://www.gratisexam.com/ Exam Code: 300-208 Exam Name: Implementing Cisco Secure Access

More information

Configuring 802.1X Settings on the WAP351

Configuring 802.1X Settings on the WAP351 Article ID: 5078 Configuring 802.1X Settings on the WAP351 Objective IEEE 802.1X authentication allows the WAP device to gain access to a secured wired network. You can configure the WAP device as an 802.1X

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

802.1x Radius Setup Guide Working AirLive AP with Win X Radius Server

802.1x Radius Setup Guide Working AirLive AP with Win X Radius Server OvisLink 8000VPN VPN Guide 802.1x Radius Setup Guide Working AirLive AP with Win2003 802.1X Radius Server Table of Content Secured Enterprise Wireless Environment Configuration Guide... 3 WHAT IS THIS

More information

eduroam for Windows Vista

eduroam for Windows Vista Please note: You must read the Wireless Network Fair Usage and Security Policy at the end of this guide. This ensures that you are aware of all the rules regarding Wireless services and prevent your internet

More information

eduroam Web Interface User Guide

eduroam Web Interface User Guide eduroam Web Interface User Guide Contents Introduction 3 Login Page 3 Main Page 4 Managing your Radius Servers 5 Managing your Realms 8 Managing the Test Users 10 Managing the Access Points 12 Information

More information

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers

More information

WDT3250 RF Setup Guide

WDT3250 RF Setup Guide WDT3250 RF Setup Guide 2008 Wasp Technologies Table of Contents Overview...1 Using the Summit Client Utility Software...2 Main Window...2 Profile Window...3 Status Window...5 Diags Window...6 Global Window...6

More information

About 802.1X... 3 Yealink IP Phones Compatible with 802.1X... 3 Configuring 802.1X Settings... 5 Configuring 802.1X using configuration files...

About 802.1X... 3 Yealink IP Phones Compatible with 802.1X... 3 Configuring 802.1X Settings... 5 Configuring 802.1X using configuration files... About 802.1X... 3 Yealink IP Phones Compatible with 802.1X... 3 Configuring 802.1X Settings... 5 Configuring 802.1X using configuration files...5 Configuring 802.1X via web user interface...8 Configuring

More information

Configuring the Client Adapter

Configuring the Client Adapter CHAPTER 5 This chapter explains how to configure profile parameters. The following topics are covered in this chapter: Overview, page 5-2 Setting General Parameters, page 5-3 Setting Advanced Parameters,

More information

Junos Pulse Access Control Service

Junos Pulse Access Control Service Junos Pulse Access Control Service RADIUS Server Management Guide Release 4.4 Published: 2013-02-15 Part Number: Juniper Networks, Inc. 1194 rth Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000

More information

Using the Cisco Unified Wireless IP Phone 7921G Web Pages

Using the Cisco Unified Wireless IP Phone 7921G Web Pages CHAPTER 4 Using the Cisco Unified Wireless IP Phone 7921G Web Pages You can use the Cisco Unified Wireless IP Phone 7921G web pages to set up and configure settings for the phone. This chapter describes

More information

Wireless LAN Profile Setup

Wireless LAN Profile Setup Wireless LAN Profiles, page 1 Network Access Profile Settings, page 2 Wireless LAN Profile Settings, page 3 Wireless LAN Profile Group Settings, page 6 Create Network Access Profile, page 6 Create Wireless

More information

Part 1: Connecting to HawkNET on your Windows XP PC

Part 1: Connecting to HawkNET on your Windows XP PC Students are NOT permitted to use any device or product that extends the HawkNET network beyond the intended personal use. These restrictions include, but are not limited to, the use of personal routers,

More information

1 of 6 2/2/09 11:22 AM

1 of 6 2/2/09 11:22 AM Contact Us My Account Sign Out Search Home» Forums» Wireless and Mobile Security» Enterprise Lockdown Authentication between ldap and novell, using aruba as wlan provider View Votes Posted November 20th,

More information

Schema Elements. Introduction CHAPTER

Schema Elements. Introduction CHAPTER CHAPTER 2 Introduction This chapter contains detailed specifications for naming conventions, allowed element and attribute values, element structure and element combinations required to create the distribution

More information

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author:

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Klaas Wierenga SURFnet bv P.O. Box 19035 3501 DA Utrecht The Netherlands e-mail: Klaas.Wierenga@SURFnet.nl Keywords:

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

Configuring Local EAP

Configuring Local EAP Information About Local EAP, page 1 Restrictions on Local EAP, page 2 (GUI), page 3 (CLI), page 6 Information About Local EAP Local EAP is an authentication method that allows users and wireless clients

More information

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Best Practice Document Produced by the UNINETT-led Campus Networking working group Authors: Tom Myren (UNINETT), John-Egil

More information

Microsoft NPS Configuration Guide

Microsoft NPS Configuration Guide Microsoft NPS Configuration Guide eduroam (UK) Last Update: 12 th April 2018 Introduction 1 Contents 1. Introduction... 4 2. Limitations of Network Policy Server... 5 3. Installing NPS... 6 4. Certificates

More information

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X)

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) The goal of the course is to provide students with foundational knowledge in the capabilities and functions of the IEEE 802.1x

More information

The table below lists the protocols supported by Yealink SIP IP phones with different versions.

The table below lists the protocols supported by Yealink SIP IP phones with different versions. Table of Contents About 802.1X... 3 Yealink IP Phones Compatible with 802.1X... 3 Configuring 802.1X Settings... 5 Configuring 802.1X Using Configuration Files... 6 Configuring 802.1X via Web User Interface...

More information

Network Device Provisioning

Network Device Provisioning Network Device Provisioning Spring Internet2 Meeting April 23, 2013 Jim Jokl University of Virginia 1 The Problem Set Enable the use of strong authentication Passwords are painful and phishing is easy

More information

Eduroam Wireless Network Configuration (Mac OS X)

Eduroam Wireless Network Configuration (Mac OS X) Eduroam Wireless Network Configuration (Mac OS X) Last Revised: 06/10/11 Eduroam Wireless Network Configuration (Mac OS X) This Quick Start guide is for configuring a computer running Snow Leopard (Mac

More information

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003 PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003 Document ID: 72013 Contents Introduction Prerequisites Requirements Components Used Network Diagram Conventions Windows Enterprise

More information

How to manually set up EW-7228APn to extender wireless range

How to manually set up EW-7228APn to extender wireless range How to manually set up EW-7228APn to extender wireless range 1. Find out the IP address of your computer. Have your computer get on Internet as normally, without EW-7228APn turning on. If you use a Windows

More information

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc.

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc. A Division of Cisco Systems, Inc. Dual-Band 5 GHz 802.11a + GHz 2.4 802.11g WIRELESS Dual-Band Wireless A+G Notebook Adapter User Guide Model No. WPC55AG Copyright and Trademarks Specifications are subject

More information

Cisco Systems, Inc. Aironet Access Point

Cisco Systems, Inc. Aironet Access Point RSA SecurID Ready Implementation Guide Partner Information Last Modified: November 18, 2013 Product Information Partner Name Web Site Product Name Version & Platform Product Description Cisco Systems,

More information

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server Document ID: 112175 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Windows

More information

Using the Cisco Unified Wireless IP Phone 7921G Web Pages

Using the Cisco Unified Wireless IP Phone 7921G Web Pages 4 CHAPTER Using the Cisco Unified Wireless IP Phone 7921G Web Pages This chapter describes how to set up your PC to configure a Cisco Unified Wireless IP Phone 7921G by using a USB connector and how to

More information

Release Notes for Cisco Secure Services Client Release for Windows Vista

Release Notes for Cisco Secure Services Client Release for Windows Vista Release s for Cisco Secure Services Client Release 5.1.0.60 for Windows Vista October 2009 Contents This release note contains these sections: Contents, page 1 Introduction, page 2 System Requirements,

More information

Instant 3.3: BYOD and Captive portal Enhancements

Instant 3.3: BYOD and Captive portal Enhancements Instant 3.3: BYOD and Captive portal Enhancements 1 Instant 3.3: BYOD and Captive portal Enhancements BYOD on a Single SSID Instant OS 3.2 and earlier did not provide the ability to redirect a client to

More information

Configure 802.1x - PEAP with FreeRadius and WLC 8.3

Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Install httpd Server and MariaDB Install PHP 7 on CentOS 7

More information

CONFIGURATION MANUAL. English version

CONFIGURATION MANUAL. English version CONFIGURATION MANUAL English version Frama F-Link Configuration Manual (EN) All rights reserved. Frama Group. The right to make changes in this Installation Guide is reserved. Frama Ltd also reserves the

More information

Certificate Management

Certificate Management Certificate Management This guide provides information on...... Configuring the NotifyMDM server to use a Microsoft Active Directory Certificate Authority... Using Certificates from Outside Sources...

More information

Ayrstone AyrMesh Router Setup

Ayrstone AyrMesh Router Setup Ayrstone AyrMesh Router Setup This guide should help you set up AyrMesh Router SP. The setup is relatively simple but should you need more detailed directions, such as slide shows, video, or troubleshooting

More information

Edith Cowan University Information Technology Services Centre

Edith Cowan University Information Technology Services Centre Information There are three wireless networks on campus which give you access to the ECU website, the staff intranet, the internet and other ECU resources: ECU This is the easiest to use and safest wireless

More information

OTC Student Wireless Network

OTC Student Wireless Network OTC Student Wireless Network (Connection Instructions for Windows 8, Windows 7, MAC OSX, ios and Kindle) Note: The OTC student wireless network conforms to the IEEE 802.11 a/b/g protocol and standards.

More information

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors. IMC inode Intelligent Client v7.0 (E0106) Copyright (c) 2011-2014 Hewlett-Packard Development Company, L.P. and its licensors. Table of Contents 1. What's New in this Release 2. Problems Fixed in this

More information

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions MERUNETWORKS.COM February 2013 1. OVERVIEW... 3 2. AUTHENTICATION AND ACCOUNTING... 4 3. 802.1X, CAPTIVE PORTAL AND MAC-FILTERING...

More information

Network. NEC Portable Projector NP905/NP901W WPA Setting Guide. Security WPA. Supported Authentication Method WPA-PSK WPA-EAP WPA2-PSK WPA2-EAP

Network. NEC Portable Projector NP905/NP901W WPA Setting Guide. Security WPA. Supported Authentication Method WPA-PSK WPA-EAP WPA2-PSK WPA2-EAP USB(LAN) WIRELESS WIRELESS USB LAN L/MONO R L/MONO R SELECT 3D REFORM AUTO ADJUST SOURCE AUDIO IN MONITOR OUT AUDIO OUT COMPUTER / COMPONENT 2 IN PC CONTROL HDMI IN AUDIO IN AC IN USB LAMP STATUS NEC Portable

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

Secure Access Configuration Guide For Wireless Clients

Secure Access Configuration Guide For Wireless Clients ProCurve Networking Secure Access Configuration Guide For Wireless Clients Secure Access Configuration Guide For Wireless Clients Introduction... 2 Configuration Scenarios... 2 Required Network Services...

More information

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco AnyConnect as a Service György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security

More information

Wireless Setup Guide (for Windows XP, Windows Vista, Windows 7, Windows 8 and Mac OSx)

Wireless Setup Guide (for Windows XP, Windows Vista, Windows 7, Windows 8 and Mac OSx) Wireless Setup Guide (for Windows XP, Windows Vista, Windows 7, Windows 8 and Mac OSx) Wireless Setup Guide The following steps will take you through the process of setting up and connecting to your wireless

More information

WLAN Roaming and Fast-Secure Roaming on CUWN

WLAN Roaming and Fast-Secure Roaming on CUWN 802.11 WLAN Roaming and Fast-Secure Roaming on CUWN Contents Introduction Prerequisites Requirements Components Used Background Information Roaming with Higher-Level Security WPA/WPA2-PSK WPA/WPA2-EAP

More information

Wi-Fi connection problems not Apple devices

Wi-Fi connection problems not Apple devices The possible reasons why a device might not connect to a wireless network on a broadband router include:- Wi-fi not enabled on router Specific router issues Incompatible wireless mode MAC address filtering

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter User Guide Model No. WUSB54G Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

ipassconnect 3.65 Release Notes

ipassconnect 3.65 Release Notes ipassconnect 3.65 Release Notes Version 1.0, October 2008 Version History Version Date Notes 1.0 October 2008 General release availability document Introduction This document contains the latest information

More information

What Is Wireless Setup

What Is Wireless Setup What Is Wireless Setup Wireless Setup provides an easy way to set up wireless flows for 802.1x, guest, and BYOD. It also provides workflows to configure and customize each portal for guest and BYOD, where

More information

Software Manual Net Configuration Tool Rev. 4.05

Software Manual Net Configuration Tool Rev. 4.05 Software Manual Net Configuration Tool Rev. 4.05 http://www.bixolon.com Introduction 1. About this manual... 3 2. Supported Operating Systems... 3 3. Supported Printers... 4 4. Before Startup... 5 5. Installation

More information

Wireless Setup Instructions

Wireless Setup Instructions Wireless Setup Instructions THESE INSTRUCTIONS ARE VERY IMPORTANT TO SECURE YOUR WIRELESS NETWORK The purpose of this procedure is to "lock" your router so other users can not access your network without

More information

Release Notes for Cisco Aironet a/b/g Client Adapters (CB21AG and PI21AG) for Windows Vista 1.0

Release Notes for Cisco Aironet a/b/g Client Adapters (CB21AG and PI21AG) for Windows Vista 1.0 Release Notes for Cisco Aironet 802.11a/b/g Client Adapters (CB21AG and PI21AG) for Windows Vista 1.0 Contents This document contains the following sections: Introduction, page 2 System Requirements, page

More information

DCP585CW Windows Network Connection Repair Instructions

DCP585CW Windows Network Connection Repair Instructions Difficulty printing from your PC can occur for various reasons. The most common reason a networked Brother machine may stop printing, is because the connection between the computer and the Brother machine

More information

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS)

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) HOME SUPPORT PRODUCT SUPPORT WIRELESS CISCO 4400 SERIES WIRELESS LAN

More information

SDK Driver Supplicant sdcgina sdc_gina SCU scutray sdc_applet

SDK Driver Supplicant sdcgina sdc_gina SCU scutray sdc_applet RELEASE NOTES Laird Software Version 3.5.0.7 for the CF10/20 July 2015 These release notes contain a reverse chronological history of each released build with a summary of that build's new and enhanced

More information

ZENworks 11 Support Pack 4 User Source and Authentication Reference. October 2016

ZENworks 11 Support Pack 4 User Source and Authentication Reference. October 2016 ZENworks 11 Support Pack 4 User Source and Authentication Reference October 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions,

More information

User Guide Supplement Measurement Systems International

User Guide Supplement Measurement Systems International MSI-9850 Ethernet Option User Guide Supplement Measurement Systems International Integrated System Solutions for Industrial Weighing and Process Control Table of Contents Introduction...4 Quick Start...4

More information

2017 Johns Hopkins Network Connectivity Guide

2017 Johns Hopkins Network Connectivity Guide 2017 Johns Hopkins Network Connectivity Guide ResNet, the JHU Student Residential Network, is the free high-speed wired and wireless internet network service available to students, on campus, and living

More information

IEEE a/b/g Wireless USB 2.0 Adapter. User s Manual Version: 1.2

IEEE a/b/g Wireless USB 2.0 Adapter. User s Manual Version: 1.2 IEEE 802.11a/b/g Wireless USB 2.0 Adapter User s Manual Version: 1.2 Table of Contents 1 INTRODUCTION... 4 1.1 FEATURES & BENEFITS... 4 1.2 PACKAGE CONTENTS... 5 1.3 USB ADAPTER DESCRIPTION... 5 1.4 SYSTEM

More information

eduroam(uk) Service Provider Assurance Tool User Guide for Sys Admins Introduction Using the tool

eduroam(uk) Service Provider Assurance Tool User Guide for Sys Admins Introduction Using the tool eduroam(uk) Service Provider Assurance Tool User Guide for Sys Admins Introduction The eduroam(uk) Service Provider Assurance Tool is the latest test/monitoring module to be added to the eduroam(uk) Support

More information

802.1x. ACSAC 2002 Las Vegas

802.1x. ACSAC 2002 Las Vegas 802.1x ACSAC 2002 Las Vegas Jeff.Hayes@alcatel.com 802.1 Projects The IEEE 802.1 Working Group is chartered to concern itself with and develop standards and recommended practices in the following areas:

More information

Windows 8.1 and Windows 10 a) Connect to wireless network Click on the wireless icon in taskbar. Select detnsw and click on Connect.

Windows 8.1 and Windows 10 a) Connect to wireless network Click on the wireless icon in taskbar. Select detnsw and click on Connect. 1 HSHS BYOD Wireless Connection Windows 8.1 and Windows 10 a) Connect to wireless network Click on the wireless icon in taskbar. Windows 8.1 icon: Windows 10 icon: Select detnsw and click on Connect. or

More information

Improving Security in Wireless Networks

Improving Security in Wireless Networks Improving Security in Wireless Networks Introduction Wireless networking provides many advantages over conventional wired networks. For instance the ability to connect to your network resources without

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User's Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER

More information

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant Cisco AnyConnect Secure Mobility Solution György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security Deployment Methods Live Q&A 2011 Cisco and/or its affiliates.

More information

Wireless Security Setup Guide

Wireless Security Setup Guide Wireless Security Setup Guide NF10WV FAQs Wireless Security Overview To guard your home network against attack and prevent unauthorised access, it is very important that you follow this guide to secure

More information

Deliverable DJ Inter-NREN roaming technical specification document

Deliverable DJ Inter-NREN roaming technical specification document 22.06.06 Deliverable DJ5.1.4: Inter-NREN roaming technical specification document Deliverable DJ5.1.4 Contractual Date: 31/01/06 Actual Date: 22/06/06 Contract Number: 511082 Instrument type: Integrated

More information