Wi-Fi WPA-Enterprise with PEAP-MSCHAPv2 Profile Sample (Compact 2013)

3/26/2014

This sample profile uses Protected Extensible Authentication Protocol (PEAP) with Microsoft Challenge Handshake Authentication Protocol version 2 (MSCHAPv2) with a username and password to authenticate to the network. It prompts the user to enter credentials.

This sample is configured to use Wi-Fi Protected Access security running in Enterprise mode (WPA-Enterprise). The WPA-Enterprise security type uses 802.1X for the authentication exchange on the server. Encryption uses Temporal Key Integrity Protocol (TKIP).

<?xml version="1.0"?>
<WLANProfile xmlns="https://www.microsoft.com/networking/WLAN/profile/v1">
    <name>SampleWPAEnterprisePEAPMSCHAP</name>
    <SSIDConfig>
        <SSID>
            <name>SampleWPAEnterprisePEAPMSCHAP</name>
        </SSID>
    </SSIDConfig>
    <connectionType>ESS</connectionType>
    <connectionMode>auto</connectionMode>
    <MSM>
        <security>
            <authEncryption>
                <authentication>WPA</authentication>
                <encryption>TKIP</encryption>
                <useOneX>true</useOneX>
            </authEncryption>
            <OneX xmlns="https://www.microsoft.com/networking/OneX/v1">
                <EAPConfig>
                    <EapHostConfig xmlns="https://www.microsoft.com/provisioning/EapHostConfig" 
                                   xmlns:eapCommon="https://www.microsoft.com/provisioning/EapCommon">
                        <EapMethod>
                            <eapCommon:Type>25</eapCommon:Type> 
                            <eapCommon:AuthorId>0</eapCommon:AuthorId> 
                       </EapMethod>
                       <ConfigBlob><!-- This is empty. See note below --></ConfigBlob>
                   </EapHostConfig>
                </EAPConfig>
            </OneX>
        </security>
    </MSM>
</WLANProfile>

Remarks

PEAP implementation ofWindows Embedded Compact supports only ConfigBlob, which contains all EAP configurations as a hexadecimal binary. For most settings, the value of ConfigBlob is empty.

Note

When ConfigBlob is empty, it uses the default EAP configuration. You can also customize ConfigBlob, which is the configuration binary of the given EAP formatted in hexadecimal. You can obtain the corresponding configuration binary from the ppConfigOut parameter of EapHostPeerInvokeConfigUI. If you call EapHostPeerInvokeConfigUI, it promotes the corresponding EAP configuration UI to edit the configuration. The output of ppConfigOut is the binary of the configuration. You must format the binary to hexadecimal before saving it to ConfigBlob.

See Also

Tasks

Wi-Fi Non-Broadcast Profile Sample
Wi-Fi WPA-Enterprise with TLS Profile Sample
Wi-Fi WPA-Personal Profile Sample
Wi-Fi WPA2-Enterprise with PEAP-MSCHAPv2 Profile Sample
Wi-Fi WPA2-Enterprise with TLS Profile Sample
Wi-Fi WPA2-Personal Profile Sample

Other Resources

Wi-Fi Profile Samples