Home > Wireless LAN > Encryption and Authentication > RADIUS: Push a PEAP wireless profile to a Windows 7 domain member computer via GPO

RADIUS: Push a PEAP wireless profile to a Windows 7 domain member computer via GPO

Table of contents
No headers
Active Directory Group Policy can be used to push a preferred wireless network and its associated security and connection requirements to domain member systems.

In this example GPO will be used to push an SSID configured for machine authentication using PEAP-MSCHAPv2 to Windows 7 domain member systems.

1. Open the domain Group Policy Management snap-in.

2. Create a new GPO or use an existing GPO.

3. Edit the GPO and navigate to Computer Configuration>Policies> Window Settings>Security Settings>Public Key Policies>Wireless Network (IEEE 801.X) Policies.

4. Right Click Wireless Network (IEEE 801.X) Policies and choose Create a New Windows Vista Policy.

5Provide a Vista Policy Name:.

6. Click Add for Connect to available networks...

7. Choose Infrastructure.

8. On the Connection tab, provide a Profile Name: and enter the SSID of the wireless network forNetwork Name(s). Click Add.

9. Click the Security tab. Configure the following:


Authentication: WPA2-Enterprise or WPA-Enterprise

Encryption: AES or TKIP

Network Authentication Method: Microsoft: Protected EAP (PEAP)

Authentication mode: Computer Authentication

10. Click Properties.

11. For Trusted Root Certification Authorities select the check box next to each CA in the Active Directory PKI infrastructure and click OK.

12. Click OK to close out and click Apply on wireless policy page to save the settings.

13. Apply the GPO to the domain or OU containing the domain member computers.

You must to post a comment.
Last modified
08:47, 3 Feb 2015


This page has no custom tags.


This page has no classifications.

Article ID

ID: 1862

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case