Windows XP and Vista don't support TTLS out of the box, so it requires the installation of a helper program. The program to use is SecureW2, which unfortunately is no longer freeware. However, the last freeware version 1.13 is reported as still working very well on all versions from XP to Windows 7. I have managed to find a version from the University of Manitoba. To download, type "guest" in the UMnetID field and click Continue, then Utilities, then download SecureW2 Eap Suite version 1.13.
The following instructions were taken from Windows 7 - EAP-TTLS securew2. Alternative and much more graphically-oriented instructions can be found in WPA2 Enterprise with 802.1x / EAP-TTLS section "Client 802.1x | Windows XP/Vista".
- Download the EAP Suite v 1.13, and install it. Most likely, you'll have to restart Windows 7 after the install.
- After reboot, click the Windows start button, then Control Panel. The Control Panel opens.
- In the left pane, click Control Panel Home, then in the right pane under the Network and Internet section click View network status and tasks.
- In the left pane, click Manage wireless networks. A list of previously connected wireless networks appears.
- If YourNetwork appears in the list, double-click the YourNetwork icon and go to step 12. Otherwise, proceed to the next step.
- Click Add.
- Click Manually create a network profile. A dialogue box appears.
- In the Network name: field, type YourNetwork
- In the Security type: drop-down box, select 802.1x.
- Click Next. The message 'Successfully added YourNetwork' should appear.
- Click Change connection settings. The YourNetwork Wireless Network properties dialogue box appears.
- Click the Security tab.
- Ensure the settings are as follows:
- Security type: 802.1x
- Encryption type: WEP
- Choose a network authentication method: SecureW2 EAP-TTLS
- Check the Cache user information for subsequent connections to this network check box
- Click Settings...
- Click New and enter YourNetwork. Click OK.
- In the Connection tab, ensure the Use alternate outer identity checkbox is selected, and the Use anonymous outer identity radio button is selected.
- Ensure the Enable session resumption (quick connect) checkbox is selected.
- In the Certificates tab, ensure the Verify server certificate checkbox is selected, then click Add CA. Locate and highlight Thawte Premium Server CA then click Add CA.
- Ensure the Verify server name: checkbox is selected, then enter auth.yournetwork.com in the corresponding field.
- In the Authentication tab, for the Select Authentication Method: drop-down menu, ensure PAP is selected.
- Click Advanced.
- Ensure the Allow users to setup new connections checkbox is selected.
- Click OK to close each open dialogue box.
secureW2 is avaiable here: http://www.utwente.nl/icts/programmas/securew2/
– motobói – 2015-05-18T14:20:26.817It's not looking promising...:( you may also want to ask on http://serverfault.com as those guys do administration and may know more about configuring this security for end users.
– JNK – 2010-09-09T16:57:09.700