N800 Certificate Based PEAP Authentication

The N800 lives or dies be connectivity, specifically Wifi connectivity lacking an integrated cellphone as it does. So connecting to my work network was going to be key to its utility for me. Which promised to be some fun and games, given that my work network is based around WPA, with a certificate and Active Directory based authentication. To my surprise connecting proved to be relatively easy, although some of the settings were counter-intuitive. I’m documenting the process here for anyone else faced with this, or similar network issues.

Step one is to get the certificate file from your server (a Windows 2003 based Radius server in my case) and install it using the certificate manager. How you get the certificate is up to you. As Network and IT manager at my workplace I just exported it from the server itself. You may have to cosy up to one of your network engineers or alternatively find a way of exporting it from a wirelessly connected PC. Once you have the file copy it to a location on the Internet Tablet. To install the certificate go to Tools, Control Panel and Certificate Manager and choose Import. Locate the file and ensure that WLAN is selected as allowed.

Next use Connection Manager to find the protected network and choose connect. You should be prompted for some settings. Use the following:

Set Network mode to infrastructure;

Security Method to WPA with EAP;

EAP type to PEAP;

Select Certificate to None(!);

EAP method to EAP MSCHAPv2;

User name to domain\username (i.e. the name of your AD domain and then your username);

When the wizard tells you its completed you will need to hit the advanced button and make a change on the EAP tab so that Use manual username is ticked, re-enter your username in the domain\username format and then make sure client authentication is unchecked.

You should now be able to connect to your secured network without any further problems.