Set up 802.1x authentication
802.1x authentication adds an extra level of security to the weak and vulnerable 802.11b authentication used by most wireless networks on the market today. Due to weaknesses in the Wired Equivalent Privacy (WEP) algorithm and issues surrounding misconfigured settings, sophisticated hackers or script kiddies with the right programs can gain access to a network in a few minutes. With the release of Windows XP, Microsoft puts added security in every user's grasp, with the one requirement that they have administrator permission. To set up the 802.1x security on a connection:
Go to Start
Right click on My Network Places and select Properties from the menu
Right-click the Wireless Network Connection and select Properties
The ability to use 802.1x is available for all network connections, not just the Wireless Network Connection.
Click the Authentication tab:
Check the Network access control using IEEE 802.1X check box to enable 802.1x authentication (enabled by default)
Clear the Network access control using IEEE 802.1X check box to disable 802.1x authentication
Figure 6-3: Connection Authentication Properties window
Under EAP type, select the Extensible Authentication protocol you wish to use with the connection. If you use Smart Card or other Certificate, other options are available by clicking Properties and adjusting the Smart Card or other Certificate Properties.
To use the authentication provided by the certificate on your smart card, click Use my smart card.
To use the authentication provided by the certificate stored on your computer, click Use a certificate on this computer
If using a certificate on the local computer:
Check the Validate server certificate box
Select Connect only if server name ends with, enter domain name, and select the Trusted root certificate authority from the drop down menu.
Figure 6-4: Smart Card or other Certificate Properties window
Select Use a different user name for the connection if the smart card or local certificate does not contain proper information for the connection
To enable a computer to attempt authentication if the user is not logged on, select the Authenticate as computer when computer information is available check box.
To indicate that the computer should attempt authentication if authentication information is not available, check the Authenticate as guest when user or computer information is unavailable check box.