To configure wireless network security by using a GPO, follow this procedure:
1.Open a blank Microsoft Management Console (MMC) console, and add the Group Policy Object Editor snap-in. Open the GPO you will use to apply the wireless network configuration settings.
2.Expand the GPO, Computer Configuration, Windows Settings, and then Security Settings. Click Wireless Network (IEEE 802.11) Policies.
3.By default, there are no policies. Right-click Wireless Network (IEEE 802.11) Policies,and then click Create Wireless Network Policy. The Wireless Network Policy Wizard appears.
4. Click Next.
5. Type a name for the policy, and then click Next.
6.Select the Edit Properties check box, and then click Finish. The properties dialog box appears.
7.Click the General tab, as shown in Figure 10.8. The security-related settings are Networks To Access, which specifies whether the client is allowed to connect to ad hoc networks, and Automatically Connect To Non-Preferred Networks, which you might want to disable to prevent clients from connecting to potentially dangerous, untrusted wireless networks.
8.Click the Preferred Networks tab.This tab lists preferred networks, which are networks that Windows XP will automatically connect to. There are no preferred networks by default.
9. Click Add.The New Preferred Setting Properties dialog box appears, as shown in Figure 10.9.
The Network Properties tab allows you to specify whether WEP encryption will be used. Generally, you should select the Data Encryption and The Key Is Provided Automatically check boxes. Leave the Network Authentication check box cleared to use open network authentication.
10.Click the IEEE 802.1X tab. Select the Enable Network Access Control Using IEEE 802.1X check box.
11.If you want to be able to manage the computer across a wireless network when no user is logged on, select the Authenticate As Computer When Computer Information Is Available check box.
12.Click the EAP Type list to select either Smart Card Or Other Certificate or Protected EAP. This setting must correspond to the setting specified on the IAS server.
13.Click the Settings button to configure the selected EAP type. This dialog box is exactly the same as the dialog box used to configure wireless clients locally.
14. Click OK three times to return to the MMC console.
Note that you can only create a single wireless network policy for each GPO.
Configuring WAPs :
The final step of the wireless network configuration process is to configure and enable your WAPs. Unfortunately, the user interface varies for each WAP. At a minimum, you will need to configure the following settings:
■ Select WEP or WPA encryption and the encryption level.
■ Specify 802.1X authentication and the authentication method.
■ Specify the SSID.
■ Specify the IP address of the IAS RADIUS servers.
■ Specify a shared key corresponding to the shared secret specified during the IAS configuration.
The final step of the wireless network configuration process is to configure and enable your WAPs. Unfortunately, the user interface varies for each WAP. At a minimum, you will need to configure the following settings:
■ Select WEP or WPA encryption and the encryption level.
■ Specify 802.1X authentication and the authentication method.
■ Specify the SSID.
■ Specify the IP address of the IAS RADIUS servers.
■ Specify a shared key corresponding to the shared secret specified during the IAS configuration.
