vB Easy Archive - WPA2 AES PEAP WIFI

Pages: 1

WPA2 AES PEAP WIFI - Needs Certificate?
(Click here to view the original thread with full colors/images)

Posted by: ryanc2

Posted over at Xda-developers, but no responses, so I'm hoping the pros at HOFO can help.

Trying to setup my HTC S620 with wifi connection at work using WPA2 - AES
encryption and PEAP. After trying to logon to the domain, it tells me this network requires a certificate to identify me (which it doesn't). I've connected several laptops without having a certificate loaded w/o problems (we don't validate certificates).

The only thing I don't see on the S620 is the option for authentication type - MS-CHAP-V2, which is how I setup my laptop.

Any ideas?

Posted by: dogatemycompute

I am copying/pasting this from my post on MSDN. I worked on this problem for days and i'm quite frustrated that Microsoft did not fix it right out of the box. I'm not sure how much it will help but hopefully it will get you connected or at least point you in the right direction. It seems to be centered around some missing or incorrectly configured registry keys:

---------------------------------------

Greetings,

I am using a similar system and I was able to get my Windows Mobile Pro 6.1 (HTC Mogul) to work after 3 days of troubleshooting. Thanks goes to Tom_HHA above who commented on the EAP extention number (25 vs 26) and to IANA for their help publishing the applicable RFCs.

http://www.iana.org/assignments/eap-numbers

Below is my configuration. It may or may not be applicable to your situation but it may help get you connected.

Tom_HHA commented that after pressing FINISH he was prompted for he username, password, domain repeatedly.

"The device ask for a domain username/password but keeps redisplaying the prompt after 5sec or so"

I do not have a complete understanding of why but after making the necessary registry changes I was also prompted for my username/password repeatedly. I entered the password once, checked the "save password" box and just kept pressing OK until the window went away. I *suspect* (although I could be terribly wrong) that WM is attempting the connection using various adapters until it finds one that works. If anyone from Microsoft can help explain why pressing OK once causes the prompt to reappear but pressing OK several times leads to a successful connection? I also would like some additional clarification about the "network adapters" tab, how to use that tab and what effect that has on the existing connections. My currently highlighted adapter is PPTP NDISWAN Miniport but I strongly suspect the highlighted adapter is not indicitive of what adapter is actually being used.

If anyone has any difinitive answers then I would appreciate sharing of knowledge.

REGEDIT4

[HKEY_LOCAL_MACHINE\Comm\EAP\Extension]

[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\26]
"ValidateServerCert"=dword:00000000
"InteractiveUIPath"="eapchap.dll"
"Path"="eapchap.dll"
"InvokeUserNameDialog"=dword:00000001
"InvokePasswordDialog"=dword:00000001
"FriendlyName"="MSV2-Challenge"

[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\4]
"Path"="eapchap.dll"
"InvokeUserNameDialog"=dword:00000001
"InvokePasswordDialog"=dword:00000001
"FriendlyName"="MD5-Challenge"

[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25]
"ValidateServerCert"=dword:00000000
"EAPMSCHAPv2Only"=dword:00000001
"InteractiveUIPath"="eaptls.dll"
"Path"="eaptls.dll"
"ConfigUIPath"="eaptls.dll"
"InvokePasswordDialog"=dword:00000001
"InvokeUserNameDialog"=dword:00000001
"FriendlyName"="PEAP"

[HKEY_LOCAL_MACHINE\Comm\EAP\Extension\13]
"FriendlyName"="Smart Card or Certificate"
"IdentityPath"="netui.dll"
"ConfigUIPath"="netui.dll"
"InteractiveUIPath"="netui.dll"
"Path"="eaptls.dll"

Add a network:

Network Name: (your ssid)

Connects to: Work

This is a hidden network: Checked

Configure Network Authentication:

Authentication: WPA

Data Encryption: TKIP

Key Provided Automatically: Checked

Configure Network Authentication: (screen #2)

Use IEEE 802.1x network access control: Greyed out and checked

EAP Type: PEAP

(I did not click on the Properties button - just click FINISH)