Brookes eduroam wireless setup for Windows Vista and 7

 

How to join the eduroam@brookes wireless service

 

Remember: you must first register for eduroam@brookes in order to connect to it.

Note: To use eduroam@brookes you must have a compatible IEEE 802.11b/802.11g wireless hardware, that supports WPA (preferably WPA2), and the appropriate up to date drivers, installed and working. This hardware is usually fitted as standard on modern laptops but you must ensure that it is working correctly before proceeding with these instructions. Usually this is indicated by Windows being able to detect wireless networks even though it may not be able to connect to them.
Refer to the manufacturer's instructions to ensure that the wireless device conforms to the necessary specifications.

 

You will need the following:

• A wireless enabled computer with compatible hardware.
• A root certificate to allow your computer to trust Brookes (see below). This should be included with Vista.

The following instructions are for Windows Vista and Windows 7. Other platforms (e.g. Mac OS X) or software may display different menus and forms but the same information will need to be entered.

 

Preparing your computer

 

Ensure your computer is fully updated with security updates and patches from http://update.microsoft.com and that you have the latest wireless drivers from the manufacturer of your wireless card.

You may need to download some files prior to connecting to the wireless service so you will have to carry out these steps using a different network connection than Brookes wireless or on a different computer (and then copy the files across via a disk).

 

Connect to eduroam@brookes

 

Try to connect initially, it should just work! If the following fails you will need to setup the connection manually (jump to manual instructions).

 

1. Click on the wireless icon in the system tray to view available networks. Click to connect to 'eduroam'.
2. When prompted click to provide additional log on information.
   
   
   
3. In the resultant Enter Credentials window, enter your Brookes userid (including realm, eg 01234567@brookes.ac.uk) in the User name box and in Password enter your normal Brookes logon password. Leave the Logon domain field blank.
   
   
   Please note that your username and password are not transferable and should not be given to, or used by, anyone else. See the Regulations for the use of IT facilities for more information.
   
   
   
4. Click OK. Your laptop should now authenticate your credentials with Brookes and, if successful, gain network access.
   
   
   If you see a Windows Security Alert warning message regarding "eduroam.brookes.ac.uk presented a valid certificate issued by UTN-USERFirst-Hardware" or "AddTrust" similar to the one shown here simply click Connect (you may need to do it again if the same warning pops up) until it successfully connects.
   
   
   
5. If you are prompted to' Validate Server Certificate', click OK to accept it.
   
   

   You should now be connected to eduroam@brookes.

 

 

 

 

 

 

Manual connection setup

 

If the above steps fail you will need to follow the steps below to manually setup the eduraom@brookes connection.

 

To see if you are in range of an eduroam@brookes access point

1. Make sure your wireless card is enabled.
   
   

2. Open the Vista Start menu and then select the Connect To option to view available wireless network connections or click on the wireless system tray applet.
   
   
3. The Wireless Network Connection window will be opened.
   
   
4. The eduroam network should be listed. Check that the green indicator bars on the right show that you have a strong signal strength.

Select the ‘eduroam’ SSID and click Connect (this attempted connection may fail, but it will ensure that Windows is aware that the network exists and that it will be listed in the known networks).

 

To join the eduroam@brookes network

1. Right click on the eduroam Wireless Network Connection and select Properties.
   
   
   
   
   If Properties is unavailable in the menu you may have an out of date wireless driver. You can get to the properties by clicking 'Set up a connection or network', choosing to 'Manually connect to a wireless network', then setting the network name as 'eduroam', the security to 'WPA2-Enterprise' and the encryption to 'AES'. When you click next you will have the properties dialog opened.
   
   
2. Select the Connection tab and tick Connect automatically when this network is in range.
   Ensure that Connect to a more preferred network if available is not selected (this will prevent the eduroam@brookes connection from being interrupted if there is another interfering signal nearby).
   
   
   Note: If Windows says it is unable to manage your wireless connection you may be using a proprietary client wireless application, eg by Belkin, BT or Intel, that came with your wireless card. These may need disabling but that is beyond the scope of this document. You can contact Hardware Support (AG02) for further advice on 01865 483324, or internal extension 3324.
   
   
3. Click the Security tab.
   
   
4. Set Security type to WPA2-Enterprise.
   
5. Set Encryption type to AES.
   
6. Note: If the above settings are not available set Network Authentication to WPA-Enterprise and Encryption type to TKIP. This setting is not as secure but is supported by a wider range of hardware. Use WPA2 if possible.
   
7. Set Choose a network authentication method to Protected EAP (PEAP).
   
8. If you wish to have your username and password saved, and used automatically to reconnect, you can tick the option to Cache user information for subsequent connections to this network.
   
9. Click the Settings button next to the Protected EAP (PEAP) option.
   
   
10. On the Protected EAP Properties dialog tick Validate server certificate.
    
11. Set Connect to these servers to eduroam.brookes.ac.uk
12. Tick the checkbox for UTN-USERFirst-Hardware.
    
13. At the bottom of this dialog 'Select authentication method' should say 'Secured Password (EAP-MSCHAP v2)'.
    
14. Ensure that Enable Fast Reconnect is ticked and that Enable Quarantine checks and Disconnect if server does not prevent cryptobinding TLV are unticked.
    
15. Click the Configure button and uncheck 'Automatically use my Windows logon name and password'. Click OK to save this change and close the EAP MSCHAP v2 properties dialog window.
    
    
    
    
16. Click OK to save the changes and close the Protected EAP Properties dialog window.
    
17. Click OK to save the changes to eduroam Wireless Network Properties.
    
18. You will now be back at the Connect to a Network dialog window. Select the eduroam connection and click the Connect button.
    
19. When prompted click on the option to provide additional log on information.
    
    
    
20. In the resultant Enter Credentials window, enter your Brookes userid (including realm, eg 01234567@brookes.ac.uk) in the User name box and in Password enter your normal Brookes logon password. Leave the Logon domain field blank.
    
    
    Please note that your username and password are not transferable and should not be given to, or used by, anyone else. See the Regulations for the use of IT facilities for more information.
    
    
    
21. Click OK. Your laptop should now authenticate your credentials with Brookes and, if successful, gain network access.
    
    
    If you see a Windows Security Alert warning message regarding "eduroam.brookes.ac.uk presented a valid certificate issued by UTN-USERFirst-Hardware" similar to the one shown here simply click Connect (you may need to do it again if the same warning pops up) until it successfully connects. You will then need to go back into the settings and check the the server name is ticked and is entered as eduroam.brookes.ac.uk (step 9).
    
    
    
    
    
    
22. You may be prompted to Validate Server Certificate, click OK to accept it.
    
    

    You should now be connected to eduroam@brookes.

    Note: if you move out of wireless signal range you may need to re-enter your userid and password (see step 20).

 

For help with connection problems contact the Computer Services Centre on 01865 483333, or internal extension 3333, or email eduroam@brookes.ac.uk. For general advice contact the Service Desk on 01865 483311, or internal extension 3311, or email servicedesk@brookes.ac.uk.

 

How to remove your authentication details for the Brookes wireless service

 

Note: if you only wish to temporarily disable access to eduroam@brookes (eg if you are lending your laptop to someone else) you can do this through the eduroam@brookes registration page (select Update Settings on the left hand menu and set Disable access to eduroam@brookes to 'Yes' and click the Submit button to save). You can reverse this disabled state at any time by setting it to No.

 

You may need to remove the userid and password details that you have saved for the Brookes wireless service. You may wish to do this to stop your computer from automatically connecting to the service or if the computer was borrowed from someone else (note: laptops hired from Computer Services Reception are wiped and reinstalled when they are returned so the wireless details will be deleted anyway).

 

Edit the properties of the eudroam connection and return to the dialog shown in step 3. Uncheck the box marked 'Cache user information for subsequent connections to this network'. You will need to do this for each user that logs into this computer and you may have to restart for the changes to take effect.

 

On line resources

General information about Brookes wireless.

Maps of the Brookes campuses showing signal coverage.

---