Note

Access to this page requires authorization. You can try signing in or .

Access to this page requires authorization. You can try .

WPA2-Enterprise with PEAP-MSCHAPv2 profile sample

This sample profile uses Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MSCHAPv2) with UserName**/**Password to authenticate to the network. The user is prompted to enter credentials.

This sample is configured to use Wi-Fi Protected Access 2 security running in Enterprise mode (WPA2-Enterprise). The WPA2-Enterprise security type uses 802.1X for the authentication exchange with the backend. The Advanced Encryption Standard (AES) cipher type is used for encryption.

<?xml version="1.0" encoding="US-ASCII"?>
<WLANProfile xmlns="https://www.microsoft.com/networking/WLAN/profile/v1">
 <name>SampleWPA2EnterprisePEAPMSCHAP</name>
 <SSIDConfig>
 <SSID>
 <name>SampleWPA2EnterprisePEAPMSCHAP</name>
 </SSID>
 </SSIDConfig>
 <connectionType>ESS</connectionType>
 <connectionMode>auto</connectionMode>
 <MSM>
 <security>
 <authEncryption>
 <authentication>WPA2</authentication>
 <encryption>AES</encryption>
 <useOneX>true</useOneX>
 </authEncryption>
 <OneX xmlns="https://www.microsoft.com/networking/OneX/v1">
 <EAPConfig>
 <EapHostConfig xmlns="https://www.microsoft.com/provisioning/EapHostConfig" 
 xmlns:eapCommon="https://www.microsoft.com/provisioning/EapCommon" 
 xmlns:baseEap="https://www.microsoft.com/provisioning/BaseEapMethodConfig">
 <EapMethod>
 <eapCommon:Type>25</eapCommon:Type> 
 <eapCommon:AuthorId>0</eapCommon:AuthorId> 
 </EapMethod>
 <Config xmlns:baseEap="https://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1" 
 xmlns:msPeap="https://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1" 
 xmlns:msChapV2="https://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1">
 <baseEap:Eap>
 <baseEap:Type>25</baseEap:Type> 
 <msPeap:EapType>
 <msPeap:ServerValidation>
 <msPeap:DisableUserPromptForServerValidation>false</msPeap:DisableUserPromptForServerValidation> 
 <msPeap:TrustedRootCA /> 
 </msPeap:ServerValidation>
 <msPeap:FastReconnect>true</msPeap:FastReconnect> 
 <msPeap:InnerEapOptional>0</msPeap:InnerEapOptional> 
 <baseEap:Eap>
 <baseEap:Type>26</baseEap:Type> 
 <msChapV2:EapType>
 <msChapV2:UseWinLogonCredentials>false</msChapV2:UseWinLogonCredentials> 
 </msChapV2:EapType>
 </baseEap:Eap>
 <msPeap:EnableQuarantineChecks>false</msPeap:EnableQuarantineChecks> 
 <msPeap:RequireCryptoBinding>false</msPeap:RequireCryptoBinding> 
 <msPeap:PeapExtensions /> 
 </msPeap:EapType>
 </baseEap:Eap>
 </Config>
 </EapHostConfig>
 </EAPConfig>
 </OneX>
 </security>
 </MSM>
</WLANProfile>

Related topics

Feedback

Was this page helpful?

Additional resources

  • Last updated on