Additional configuration is necessary if opting to use EAP-TTLS/PAP authentication for wireless clients. JumpCloud recommends when possible to utilize PEAP for authentication, as no additional configuration is necessary with rare exceptions. Please refer to Configuring your WiFi Clients to use JumpCloud RADIUS for additional information.
- Configuring RADIUS Servers in JumpCloud
- Configuring a Wireless Access Point (WAP), VPN or Router for JumpCloud’s RADIUS
For Windows 8 and above, this protocol is natively supported. Other operating systems may also have native support or may require a third party supplicant.
Download the JumpCloud RADIUS CertificateIn order for Windows to trust JumpCloud's RADIUS servers, a certificate must be installed on each client system being configured for access. Download the JumpCloud RADIUS certificate here.
Import the JumpCloud RADIUS Certificate
- Select Start, type
mmc, and then press ENTER
- On the File menu, select Add/Remove Snap-in
- Under Available snap-ins, select Certificates, and then select Add
- Select Local computer, and select Finish
- Select OK
- In the console tree, double-click Certificates
- Right-click the Trusted Root Certification Authorities store.
- Select All Tasks, select Import to import the certificate.
- Within the Certificate Import Wizard, select the file download above and select Next
- Choose to Place all certificates in the following store with a value of
Trusted Root Certification Authorities
- Select Finish
Wireless Network Configuration
- Right-click the wireless icon in your task bar, and click Open Network and Sharing Center
- Click Set up a new connection or network
- Click Manually connect to a wireless network and click the Next button
- Populate the following:
- Network name: SSID name configured on the WAP/Router device
- Security Type:
- Encryption Type:
- Security Key: <blank>
- Note: Check Connect even if the network is not broadcasting if not broadcasting the RADIUS SSID
- Click the Next button
- On the Successfully added screen, click Change connection settings
- Click the Security tab
- Click the Choose a network authentication method: dropdown and select
- Click the Settings button next to authentication method.
- Ensure that
Unencrypted password (PAP)is chosen for Select a non-EAP method for authentication
- From the Trusted Root Certification Authorities, choose
- Click the OK button.
- (Optional for not having to supply credentials) Back on the Windows Properties window, click the Advanced settings button
User authenticationfrom the authentication mode drop-down
- Click Save credentials which will allow you to input username and password.
Removing Wireless Network Configuration
If you choose to utilize PEAP for authentication instead of EAP-TTLS/PAP, or are possibly looking to remove the service, you will be required to delete the existing wireless connection. After the connection has been successfully removed you may again connect to your WAP or Router device using non-EAP-TTLS methods. No additional configuration is required for PEAP with JumpCloud RADIUS, so with the old profile removed the user may connect to networking device normally.
- Click the Network icon on the lower right corner of your screen
- Click Network settings
- Click Manage Wi-Fi settings
- Under Manage known networks, click the network you want to delete
- Click Forget. The wireless network profile is deleted