Configuring WinXP Dell wireless client for TTLS+PAP (v3.0, 27th Feb 2014)

Described here are the steps involved in configuring the Dell wireless client under Windows XP to use eduroam, authenticating via TTLS+PAP. Your home site will be able to tell you whether TTLS+PAP is the appropriate authenticiation method that you should use.

Wherever you see the icon in the instructions below you can click on the text beside it to display further information and click on it again to hide the detailed text once more. Click on an image to open a larger version in a new browser window.

Information you will need

To complete these instructions you'll need some information specific to your home site/organisation, plus your own credentials, as listed below. If any of the details in your wifi profile are incorrect then your authentication will fail and you will not gain wifi access via eduroam. The IT department of your home site will be able to provide you with these details:

Information requiredSample string in the instructions below
Your home site's domain name as would appear in, for example, your e-mail address e.g. ucd.iemysite.ie
[OPTIONAL] The name of the CA certificate used by your home site for eduroam. You will not require this if your site is using a public CA which is already defined within your wireless client.GTE CyberTrust Global Root
[OPTIONAL] A file containing the actual CA certificate used by your site for eduroam. You will not require this if your site is using a public CA which is already defined within your wireless client.cacert.crt
The name on the SSL certificate presented by the authentication server at your home site e.g. tweedledum.ucd.ie certname.mysite.ie
The username you use to authenticate against your home account. Note the inclusion of your domain name e.g. jsoap@ucd.iemyname@mysite.ie
The password you use to authenticate against your home account.mypassword

Notes on the Dell wireless client under WinXP

Configuration instructions

Follow these steps to configure your wireless client:

  1. If your home site has provided you with a file containing a CA certificate then you will need to install it here, otherwise skip to the next step.

    Installing the CA certificate

    Further info on CA certificate

  2. Click on the application icon in the tray.
    Select the Wireless Networks tab.
    Click Add.
  3. Click Manually connect to and advanced network.
  4. Define the profile details:
    Network name (SSID): eduroam
    Remove after:Select Never
    Network authentication:Select WPA-Enterprise
    EAP method:Select TTLS
    Inner EAP method:Select PAP
    Un-select Prompt for user name and password
    Domain\User Name: myname@mysite.ie
    Password: mypassword

    Further info on credential settings

  5. Select the Client Identity tab.
    Define your client identity:
    Logon or identity: anonymous@mysite.ie

    Further info on Client Identity

  6. Select the Server Identity tab.
    Define your server identity details:
    Select Validate server certificate
    Issuer:Click Select..., and select the CA for your home site from either the "Root Certificates" or "Intermediate Certificates" list as appropriate.
    Select Server name must match exactly
    Server name: certname.mysite.ie

    Further info on server identity

    Click OK

  7. You can make eduroam your preferred network by highlighting the eduroam entry and using the Up button to move it to the top of the list of preferred networks.
    Click Apply
    Click OK
Your wireless client is now configured to avail of eduroam and should automatically connect when at a site where the eduroam service is available.