Configuration Guide to Use WPA

For Notebook Running on Windows 7

For users who want to access OUHK WLAN in more secure means, they are advised to make the connection with WPA which is built as standard by Wi-Fi Alliance. With WPA connection, user data is encrypted and more secured keying mechanism is implemented so as to increase the difficulty of the wireless LAN being broken in.

As a trade-off,  WLAN user needs to ensure the Wi-Fi card is WPA-compliance, latest WLAN driver can be downloaded from the vendor web site

A.    Wireless Network (WLAN) Card Configuration

     Ø                Configure your Wi-Fi interface card with driver program provided with the installation manual  (for newer notebook model, this step is unnecessary since embedded Wi-Fi Centrino interface is usually built already).  To check whether your Wi-Fi card is configured successfully, you can follow the steps described below

    Ø              You can proceed on if the Wi-Fi  interface configured properly, otherwise, you should refer to your installation manual or contact the supplier to solve the installation problem

       A.1    IP address and DNS resolution setting

    Ø               To utilize WLAN within campus, the IP address of your PC is automatically assigned by the WLAN infrastructure, while Domain Name Service (DNS) is also managed by OUHK WLAN infrastructure.   Steps are shown below.

  Ø              Click Control Panel [控制台] ==> Network and Internet [網路和網際網路] => Network and Sharing Center [網路和共用中心} => Change Adapter Setting [變更界面卡設定]=> Wireless Network Connection [無線網路連線]=> Properties[內容] ,  then right click Internet Protocol Version 4(TCP/IPv4) [網際網路通信協定4版(TCP/IPv4)] properties of the Wi-Fi interface.

               

        Check Obtain an IP address automatically [自動取得 IP 位址and Obtain DNS server address automatically [自動取得 DNS 伺服器位址] as shown below

              

                      

B.    WPA Profile Configuration

        B.1   Profile Creation

       Ø               From the Network and Internet [網路和網際網路] window within Control Panel, click the Network and Sharing Center [網路和共用中心] => Manage Wireless Networks [管理無線網路]

             

                   

           

            Ø              Click on the Add [新增] tab shown as above, then press OK [確定] button for further configuration

 

           B.2   Connection parameters configurations

            Ø              For the Network name (SSID)  field, user may enter either one of following SSID depends on his / her role:

                      a.    OUHK-Student              :    For active students whom has activated Single Password

                      b.    OUHK-Staff                   :    For staffs / tutors whom has email account and activated Single Password already

                      c.    eduroam                          :    For visiting users from member institutions

                      d.    Universities via CSL  :    For OU users whom locate in CSL hotspots, to login back to OUHK WLAN infrastructure

                      e.    Universities via Y5ZONE    :    For OU users whom locate in Y5ZONE hotspots, to login back to OUHK WLAN infrastructure 

      Ø              The Association menu will be displayed as below with Network name (SSID) OUHK-Student or OUHK-Staff set

             Ø              Select WPA2-Enterprise in the Security Type [安全性] pull down menu, and then AES in the Encryption Type [加密類型] pull down menu

           

   Ø              Click on the  Security [安全性] on the top menu bar as shown below

            Ø              Select Microsoft: Protected EAP (PEAP) in the Network Authentication Method [網路驗證方法] pull down menu

            Ø              Click on Setting [設定] button to proceed  for further configuration of EAP parameters

                     

   Ø              Refer to following diagram, tick the check box Validate server certificate [確認伺服器憑証]

            Ø              Tick the check box Connect to these server [連線到這些伺服器] and then fill in wlan.ouhk.edu.hk  

            Ø              Uncheck the check box Do not prompt user to authorize new servers or trusted certification authorities [不要提示使用者來授權新伺服器或信任的憑証授權單位]

            Ø              In Select Authentication Method [選擇驗証方法], select Secured password (EAP-MSCHAP v2) item

            Ø              Tick the check box Enable Fast Reconnect [啟用快速重新連線]

            Ø              Click on Configure [設定] button to proceed  for further configure on EAP MSCHAPv2 Properties 

                 

                Ø              Refer to following menu, uncheck check box Automatically use my Windows logon name and password (and domain if any) [自動使用我的 Windows 登入名稱及密碼 (及網域,如果有的話)]

             Ø              Click OK button to proceed for connection setting

              

             Ø              Click OK button to proceed back to the Security Tab [安全性]

             

           Ø              Enable Specify Authentication Mode [指定驗證模式] and select User or Computer Authentication [使用者或電腦驗證] under Advanced settings [進階設定]

       

 

C.    Wireless Network Connection

            Ø              Click on Icon as shown below,  tick the check box Connect when the network is in range [當這個網路在範圍時連線(C)]

            Ø              Click OK [確定] button to proceed

            

             Ø               If WPA-enabled WLAN is detectable by your notebook PC, an icon as below will be shown on the system tray.

             Ø              Click on the SSID to make connection

           

    Ø              Logon box will display as below, enter  your  userID on the User name [使用者名稱(U)] field,  while Single Password on the Password [密碼(P)] field.

                     a.  For OUHK user authenticate with SSID OUHK-Student / OUHK-Staff, please enter your user name (e.g. s1234567 ) in User Name[使用者名稱(U)] field, while password in the Password  [密碼(P)] field.

                     b. For eduroam user, please enter your username with domain belonged (user@my.homeU.edu.hk  -  e.g.  s1234567@polyu.edu.hk  as assuming a PolyU student working in OU) in User Name [使用者名稱(U)] field, while password in the Password  [密碼(P)] field.

                     c. For OUHK user authenticate with SSID Universities via CSL at CSL hotspots,  please enter your username with OUHK domain (e.g. s1234567@ouhk.edu.hk  ) in User Name [使用者名稱(U)] field, while password in the Password  [密碼(P)] field

                    d. For OUHK user authenticate with SSID  Universities via Y5ZONE  at Y5ZONE hotspots,  please enter your username with OUHK domain (e.g. s1234567@ouhk.edu.hk  ) in User Name [使用者名稱(U)] field, while password in the Password  [密碼(P)] field

              

             Ø        After the  User Name [使用者名稱(U)] field  field, and Password [密碼(P)] field have been entered. The following Windows Security Alert pop-up will be displayed.  Click on the Connect button to accept it.

            

            To verify whether the notebook device is authenticated with a correct authority,  you can click on the Detail button in the Windows Security Alert wizard to view. (shown as below)                      .

            

            Ø              As your identity is authenticated successfully by OUHK WLAN, you should see following when click on the wireless icon of the system tray