Skip to main contentSkip to search
Skip to main content

Windows - EAP-PEAP Configuration

Configure Windows devices to connect securely to IronWiFi WPA-Enterprise wireless networks using EAP-PEAP authentication. This widely supported method protects username and password credentials within an encrypted TLS tunnel, providing strong security for Windows environments.

Overview

EAP-PEAP is a widely supported authentication method that creates a secure TLS tunnel to protect user credentials. Windows 10 and later versions include built-in support for EAP-PEAP.

Prerequisites

  • Windows 10 or 11
  • Valid IronWiFi user credentials (username and password)
  • Wireless network configured with WPA2-Enterprise

Configuration Steps

Windows 10/11

  1. Click the WiFi icon in the system tray
  2. Select your enterprise wireless network
  3. Click Connect
  4. When prompted for credentials:
    • Username: Your IronWiFi username (usually email address)
    • Password: Your IronWiFi password
  5. If prompted about the server certificate, click Connect to accept

Advanced Configuration

For more control over the connection settings:

  1. Open Settings > Network & Internet > WiFi
  2. Click Manage known networks
  3. Click Add a new network
  4. Enter the following settings:
    • Network name: Your SSID
    • Security type: WPA2-Enterprise
    • EAP method: PEAP
    • Authentication method: EAP-MSCHAPv2

Certificate Validation

For enhanced security, configure certificate validation:

  1. Open Control Panel > Network and Sharing Center
  2. Click Set up a new connection or network
  3. Select Manually connect to a wireless network
  4. Configure the network and click Next
  5. Click Change connection settings
  6. Go to the Security tab
  7. Click Settings next to the EAP type
  8. Check Verify the server's identity by validating the certificate
  9. Select Trusted Root Certification Authorities

Group Policy Deployment

For enterprise deployment via Group Policy:

Create a new policy with:

  • SSID: Your network name
  • Authentication: WPA2-Enterprise
  • Encryption: AES
  • EAP type: Microsoft: Protected EAP (PEAP)

Troubleshooting

Connection Fails

  1. Verify your username and password are correct
  2. Ensure the wireless network is within range
  3. Check that your account is active in the IronWiFi console

Certificate Errors

If you receive certificate warnings:

  1. The server certificate may not be trusted
  2. Contact your administrator to verify the RADIUS server certificate
  3. Temporarily disable certificate validation to test (not recommended for production)

Cannot See Network

  1. Ensure the SSID is being broadcast
  2. Verify your wireless adapter supports WPA2-Enterprise
  3. Update wireless adapter drivers

Same protocol on other devices

Other protocols on Windows

Foundational reading

Was this page helpful?