Overview of Configuration Steps

Configuration of active directory certificate services

Field Menu Value
Active directory certificate services "Add Roles" assistant -> Server Roles. Enable
Certification authority web registration "Add Roles" assistant -> Role Services. Enable
Company "Add roles" assistant -> Installation type. Enable
Root certification authority "Add Roles" assistant -> Certification Authority Type. Enable
Generate new private key "Add Roles" assistant -> Private Key. Enable
Key character length "Add Roles" assistant -> Encryption. 2048
Hash algorithm "Add Roles" assistant -> Encryption. SHA1
Common name of certification authority "Add Roles" assistant -> Certification Authority. e.g. WorkshopWLANCA .
Suffix of the defined name "Add Roles" assistant -> Certification Authority. e.g. DC=wlan,DC=funkwerk,DC=com
Validity period "Add Roles" assistant -> Validity Period. 15 years

Reservation of access point IP addresses at DHCP server

Field Menu Value
Address leases Server Manager -> DHCP Server -> Address Leases. Add to reservation
Reservation name Server Manager -> DHCP Server -> Address Leases. E.g. WLANAccessPointRoom1
IP address Server Manager -> DHCP Server -> Address Leases. e.g. 192.168.1.254
MAC address Server Manager -> DHCP Server -> Address Leases. E.g. 00:a0:f9:a0:b2:21

Installation of network policies and access services

Field Menu Value
Network policies and access services "Add Roles" assistant -> Server Roles. Enable
Network policy server "Add Roles" assistant -> Role Services. Enable

Configuration of network policies and access services

Field Menu Value
Configure 802.1X Server Manager -> Network policies and access services (NPS) -> NPS (local). Starting
Secure wireless connections Server Manager -> Network policies and access services (NPS) -> NPS (local). Enable
Name Server Manager -> Network policies and access services (NPS) -> NPS (local). E. g. WLAN_Authentication
Display name configure 802.1X -> specify 802.1X Switches E.g. WLAN_AccessPoint_Room_1
Address (IP or DNS) configure 802.1X -> specify 802.1X Switches e.g. 192.168.1.254
Common secret key configure 802.1X -> specify 802.1X Switches e.g. supersecret
Type configure 802.1X -> Configure authentication method Microsoft: protected EAP (PEAP)
Certificate issued for: configure 802.1X -> Configure authentication method Server.wlan.bintec-elmeg.com
WLAN\WLAN_users configure 802.1X -> Specify user groups Add

Radius configuration of access point

Field Menu Value
Authentication Type System Management->Remote Authentication->RADIUS-> New WLAN (802.1x)
Server IP Address System Management->Remote Authentication->RADIUS-> New e.g. 192.168.1.10
RADIUS Password System Management->Remote Authentication->RADIUS-> New e.g. supersecret

WLAN configuration of the access point

Field Menu Value
Operation Mode Wireless LAN -> WLAN -> Radio Settings-> Access-Point / Bridge Link Master
Operation Band Wireless LAN -> WLAN -> Radio Settings-> 2.4GHz In/Outdoor
Channel Wireless LAN -> WLAN -> Radio Settings-> Auto
Network Name (SSID) Wireless LAN -> WLAN -> Wireless networks (VSS) ->New e.g. workshop
Security mode Wireless LAN -> WLAN -> Wireless networks (VSS) ->New WPA Enterprise
WPA Mode Wireless LAN -> WLAN -> Wireless networks (VSS) ->New WPA and WPA 2
WPA Cipher Wireless LAN -> WLAN -> Wireless networks (VSS) ->New AES and TKIP
WPA2 Cipher Wireless LAN -> WLAN -> Wireless networks (VSS) ->New AES and TKIP

Connection of a Windows 7 WLAN client

Field Menu Value
Certification authority certificate download Explorer 192.168.1.10 Enable
Certification authority certificate Explorer 192.168.1.10 Current (WorkshopWLANCA)
Certificate Explorer 192.168.1.10 Install certificate
Certificate memory Explorer 192.168.1.10 Save all certificates in the following memory

Configuration of the Windows 7 WLAN client

Field Menu Value
Wireless connection Manage wireless network connection Add
Network Name Manage wireless network connection e.g. workshop
Safety type Manage wireless network connection WPA2 Enterprise
Encryption type Manage wireless network connection AES
Modify connection settings Manage wireless network connection Enable
Select authentication method Manage wireless network connection Secure password (EAP-MSCHAP v2)

Copyright© Version 01/2020 bintec elmeg GmbH