ASU Wired NAC - How do I Manually Configure 802.1X for Wired Authentication in Windows 10?
Use the following instructions to manually configure 802.1X authentication on Windows 10 for wired LAN connections.
This is necessary in order to connect to the authenticated ASU network when using a wired network LAN connection. Without authenticating, your system by default will connect to the untrusted network segment, 3580. Eventually, this segment will have Internet only access.
1. Enable 802.1x according to instructions in article How do I Enable 802.1X Authentication with the Wired Autoconfig Service on Windows 10?
2. Right click on your network adapter (Local Area Connection Properties) icon in the Windows Taskbar and select Properties.
Alternatively, open Network Connections from Control Panel.
2a. For newer releases of Window 10, version 1709 and later, navigation has changed:
- Be sure WiFi is turned off, and active wired Ethernet is plugged in so interface shows connected.
- Select Settings, then Network and Internet.
- Under related settings, select Change Adapter options .
- Highlight Ethernet, and select Change settings of this connection.
3. Click on the Authentication tab.
4. Check Enable IEEE 802.1x authentication.
5. Check Remember my credentials for this connection each time I’m logged on.
6. Check Fallback to unauthorized network access.
7. Choose Microsoft Protected EAP (PEAP) from the Choose a network authentication method: dropdown.
8. Click Settings.
Protected EAP Properties to configure:
1. When connecting: Uncheck Validate server certificate. See the image below.
2. Check Enable Fast Reconnect. See the image below.
3. Click Configure… to view the EAP MSCHAPv2 Properties. See the image below.
EAP MSCHAPv2 Properties:
1. Uncheck the checkbox as shown in the image below.
2. Click OK.
3. Click on Additional Settings.
4. Check Specify authentication mode, and set User or computer authentication.
(this enables machine auth for domain joined machines)
5. Click OK again.
6. Click OK again.
7. Unplug your wired Ethernet cable and wait 30 seconds, then plug it back into your PC. Alternatively you can restart your PC with the Ethernet cable left connected.
8. Once your Ethernet connection is re-established do the following:
Windows Security - Network Authentication Window:
1. Enter your ASURITE ID and password.
2. Click OK.