How to configure SecureW2

Similar documents
SecureW2 Client for Windows Administrator Guide. Version 2.2

TippingPoint Best Practice Guide. RADIUS PEAP Configuration for IPS Devices and Cisco ACS. Version:

How to connect to Wi-Fi

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

IT Quick Reference Guides Connecting to SU-Secure using Windows 8

Wireless for Windows 7

BEFORE INSTALLATION: INSTALLATION:

Quick Start Program Installation Guide

Residence Towers Network Access for Windows XP / 2000 Computers

Manually Configuring Windows 8 for Wireless PittNet

Instructions for connecting to winthropsecure

Partner Information. Integration Overview Authentication Methods Supported

Configuring EAP-FAST CHAPTER

NCD ThinPATH PC Installation Guide and Release Notes

Installing Act! for New Users

Symantec Managed PKI. Integration Guide for ActiveSync

Securewireless Windows 7 Setup Guide

Part 1: Connecting to HawkNET on your Windows XP PC

EacStudent Wireless Access for Windows XP / 2000 Computers

Instructions for connecting to the FDIBA Wireless Network (Windows Vista)

Connecting to the NJITSecure wireless network.

IMPORTANT INFORMATION FOR CURTIN WIRELESS ACCESS - STUDENT / WINDOWS XP -

Manually Configuring Windows 7 for Wireless PittNet

Connecting to the eduroam Wireless Network. 1. If you are using a PC, move the. 2. Next Click or Tap the Settings. Help Sheet Windows 8.

Partner Information. Integration Overview. Remote Access Integration Architecture

Configure Wireless for Windows 7

SignWare-Pro. User s Guide. SignWare-Pro v1.2.

Cisco 802.1x Wireless using PEAP Quick Reference Guide

Mobile Admin GETTING STARTED GUIDE. Version 8.2. Last Updated: Thursday, May 25, 2017

x10data Smart Client 6.5 for Windows Mobile Installation Guide

Manual UCSFwpa Configuration for Windows 7

Connect to Wireless, certificate install and setup Citrix Receiver

Agilent CytoGenomics 2.5

Reference Card: How to connect Windows 7 to UniWireless

Instructions for connecting to the FDIBA Wireless Network. (Windows XP)

Contents. Windows 7 Instructions Windows 10 Instructions Android Instructions Mac OS Instructions ios Instructions...

Internet access system through the Wireless Network of the University of Bologna (last update )

Worldox Integration with Canon imageformula DR-C225 Scanner. Version 1.0

Your use of AirUWS-Lite is subject to the University s IT Acceptable Use of Resources Policy.

VISTA - CTI Multi-port Serial Adapter. Install Guide

Johns Hopkins

NT 0018 Instructions for Setting Up UoE_Secure (XP)

Johns Hopkins

Configuring WPA2 for Windows XP

Dell SonicWALL Aventail Connect Tunnel User s Guide

Windows 8.1 and Windows 10 a) Connect to wireless network Click on the wireless icon in taskbar. Select detnsw and click on Connect.

x10data Smart Client 7.0 for Windows Mobile Installation Guide

One Identity Active Roles 7.2. Replication: Best Practices and Troubleshooting Guide

Authorized Send User s Guide Version 4.0

To Activate your Wireless Account

simplifying... Wireless Access

Authorized Send User s Guide for imagerunner Machines Version 4.1

Threat Analysis Reporter

Dell Secure Mobile Access Connect Tunnel Service User Guide

Marathon. Quick Start Guide. Hand-Held Computer

Configuring 802.1X Authentication Client for Windows 8

REMOVE TSUWIRELESS WIRELESS NETWORK 2 CONNECTING TO TSU_SECURE WIRELESS NETWORK 7 CONNECT TO TNSTATE.EDU USING MOBILE DEVICE 11

Client Configuration Guide

Configuring Remote Access using the RDS Gateway

Using EAP Authentication

Setting Up Cisco SSC. Introduction CHAPTER

Upgrading BankLink Books

VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide

Browser Set-Up Instructions

Enterprise Vault.cloud CloudLink Google Account Synchronization Guide. CloudLink to 4.0.3

Connect to eduroam WiFi

AST2500 ibmc Configuration Guide

Wireless Setup Instructions for Windows 7

NeoAccel NeoAccel Management Console: Gateway Gateway Administration version version 2.3

GETTING STARTED GUIDE. Mobile Admin. Version 8.2

StarWind iscsi SAN Software: Using StarWind Tape Redirector and CA ARCserve Backup

Connecting Devices to the PSD-BYOD Network

LAB: Configuring LEAP. Learning Objectives

eduroam for Windows Vista

Configuring the Client Adapter through the Windows XP Operating System

Configuring Microsoft Outlook to Connect to Hosted Exchange Service

Nimsoft Monitor. exchange_response Guide. v2.5 series

Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7

Made in U.S.A. 1

12.0 Setting up the PC ready for BESA 11

Scribe Monitor App. Version 1.0

KINGSTAR 3.2. SOFT PLC RUNTIME INSTALLATION AND USER GUIDE KS-DOC-x R3

Corporate Registry: Access Code Guide. Corporate Registry

KnapSac Windows Server User's Guide

Wireless Fusion Enterprise Mobility Suite. User Guide for Version 3.20

NetApp Cloud Volumes Service for AWS

Metalogix Essentials for Office Creating a Backup

FPS BYOD Wireless Network

External Data Connector for SharePoint

Upgrading to Sage ACT! 2013 from ACT! 3.x, 4.x, 5.x (2000), or 6.x (2004)

Upgrade Guide. NovaBACKUP xsp NovaStor. All Rights Reserved.

Zebra Link-OS Printer Profile Manager Enterprise

Copyright NeoAccel Inc. SSL VPN-Plus TM. NeoAccel Management Console: Network Extension version 2.3

Wireless Data Privacy Configuration Guide. HP ProCurve Secure Access 700wl Series.

Outlook Web Access. Implementation Guide. (Version 5.4) Copyright 2012 Deepnet Security Limited

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

One Identity Safeguard for Privileged Sessions 5.9. Remote Desktop Protocol Scenarios

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

Agilent Genomic Workbench 6.0

INFORMATION SYSTEMS SERVICE NETWORKS AND TELECOMMUNICATIONS SECTOR

Transcription:

How to configure SecureW2

Disclaimer The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Copyright Notice Copyright 2009 SecureW2 B.V. All rights reserved Released: Juli 2009 This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-readable form without prior consent in writing from SecureW2 B.V. Every effort has been made to ensure the accuracy of this manual. However, SecureW2 makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. SecureW2 shall not be liable for any errors or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information of this document is subject to change without notice. Trademarks SecureW2 is a trademark of SecureW2 B.V. Other product names mentioned in this manual may be trademarks or registered trademarks of their related companies and are the sole property of their respective manufacturers. Page 2

1 SecureW2 TTLS and PEAP Configuration 1.1 Profile SecureW2 uses profiles to configure the TTLS and PEAP methods. This window allows you to create, edit and delete profiles as you wish. Profile New Configure Delete This drop down box lets you select the current profile for this connection. Tap on this button to create a new profile. Tap on this button to configure the profile currently selected in the drop down box. Tap on this button to delete the profile currently selected in the drop down box. NOTE:Administrative users have full access to all options displayed. Non-administrators are only able to configure the selected profile. They cannot create, select or delete a profile. Page 3

1.2 SecureW2 Profile Configuration After creating a new profile or when you wish to configure an existing profile you will be presented with the SecureW2 Profile Configuration window. This window is built up out of four tabs: Connection in which you specify connection settings; Certificates in which you specify how you wish to handle certificates of network authentication servers you connect to; Authentication in which you specify how you wish to authenticate; User account in which you specify how the user will present his/her credentials. NOTE: Non-Administrative users can only access the User account tab. 1.2.1 Connection In this tab you can specify connection settings: Use alternate outer identity Use anonymous outer identity Allows the use of a different outer identity. Sets the outer identity to an anonymous identity. If for example the username entered in the user credentials window is: usenamer@domain, selecting this option sets the outer identity to anonymous@domain. Page 4

Specify outer identity Enable session resumption (quick connect) This allows you to specify the Outer Identity that is to be used during authentication. Once a user has successfully been authenticated it is possible to use session resumption whenever the user s session times out or if a user has roamed to another access point. 1.2.2 Certificates In this tab you specify how you wish to handle certificates of network authentication servers that you connect to Verify Server Certificate Select this option if you want the SecureW2 Client to verify the certificate of the remote server that will carry out the authentication. NOTE: The certificate will be verified using the certificate trust of the local computer. Trusted Root CA Add CA Remove CA Verify This selection box contains the certificate authorities currently trusted by SecureW2. When you select this option a dialog box is shown with the current certificate authorities installed on the local computer. Select the appropriate ca and click on OK. The certificate authority will now appear in the selection box Trusted Root CA. When you select this option the highlighted certification authority will be removed from the selection box Trusted Root CA. Select this option to allow SecureW2 to verify the Page 5

server name Common Name in the certificate of the authenticating server. For example by specifying domain.com SecureW2 will connect to all servers with a Common Name ending in domain.com. NOTE: If you leave the Trusted Root CA empty you will receive a warning stated that SecureW2 will use the default Microsoft certificate trust to verify the certificates. 1.2.3 Authentication In this tab, you configure how you wish to authenticate when connecting to the network: Select Authentication Method EAP Type Configure This drop down box let's you select the inner authentication used by SecureW2. Currently you have two choices: 1. PAP (username password) 2. EAP (SecureW2 will use another EAP module to authenticate the user) When you select EAP as the inner authentication type this drop down box will be enabled. It shows the current EAP modules installed on the device from you may choose to use as the inner authentication. If an inner EAP module is configurable you can use this button to configure the selected inner EAP module. Page 6

1.2.4 User Account In this tab, you configure how the user will present her/his credentials when connecting: Prompt user for credentials Use this account to logon computer When this option is selected the user is prompted to enter his or her credentials during the authentication sequence. When this option is selected the user credentials will also be used to logon the computer during start up. Page 7

1.3 Advanced Configuration In this window, you configure the advanced options of SecureW2: Use alternate account to logon computer Server certificate must be installed on local computer Check for Microsoft Key extension When this option is selected the credentials entered in the fields Username, Password and Domain are used to authenticate the connection when the system itself wants to setup a 802.1X connection. When this option is selected the certificate of the server must be installed in the certificate store of the local computer. When this option is selected the certificate of the server must have the Enhanced Key Usage: Server Authentication. The options Server certificate must be installed on local computer and Check For Microsoft Key extension will only work if the option Verify Server Certificate is enabled in the Connection tab. Allow users to setup new connections Renew IP Select this option to allow users to setup new connections. By default, users are not allowed to setup new connections (meaning install unknown certificates). This is to prevent hackers from trying to trick users into connecting to their access point by inserting a certificate that appears to be from the user s organization. When this option is selected the SecureW2 client Page 8

address after authentication will try to renew the adapters IP address after successful authentication. IMPORTANT:Use only if necessary. This option is only applicable to setups where the DHCP renewal is not working correctly. Do NOT use in normal circumstances. 1.4 Connecting to the Network As soon as you have configured SecureW2, the authentication procedure for connecting to the network will start automatically. 1.4.1 Windows XP and Vista User Interface Windows XP and Vista use a specific user interface in which, before a user can interact, the user must first click on an Information pop-up in the bottom-right hand side of the screen. Simply click anywhere in the Information pop-up and the actual interaction window will appear in which the user may for example enter a username. There are two types of Information pop-ups used during the 802.1x authentication. IMPORTANT: Make sure the Show icon in notification area when connected is selected in the adapter properties. This will allow the Wired and Wireless Zero Config to interact with the user when needed. 1. When the user needs to enter his/her credentials: 2. When the Unknown server (See section 2.2 Unknown Server) window is to be displayed: Page 9

The first time you connect to an authentication server and the server certificate is not trusted; SecureW2 will pop up the Unknown server window. 'NOTE: The Unknown Server window will only appear if the option Allow users to setup new connections is selected.' This shows the certificate hierarchy in which the unknown server certificate resides. This window will only pop up if you have selected Verify server certificate in the certificate handling options of SecureW2. Before you can connect to the server all the certificates in the chain must be trusted. To trust a certificate is must be installed onto the device. Indicates a trusted certificate Indicates a certificate is not trusted Install All Certificates Install Certificate Installs the selected certificate as trusted. View Certificate Installs all displayed certificates as trusted. Lets you examine a certificate. Page 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback