====== 802.1x Windows 7 ======

If this is the first time that the computer is connected via 802.1x authentication must enable the service.

===== Enabling the service =====

  * click the **Start** button in the Search box, type **services.msc** and then press ENTER, 
  * on the //Services// tab that opens, look for the service named **Wired AutoConfig** right-click and select **Properties**, 
  * change the item **Startup type** from //Manual// to **//Automatic//**, 
  * if the service status is //Stopped//, click on the **Start** button.

{{:pub:client-802.1x-windows7-eng-1.png?nolink&300|}}

===== Settings Supplicant 802.1x =====


  * Open the settings for the network adapter: DX-click on the icon of the LAN connection (lower right) then select //Open Network and Sharing Center//, click on //Change adapter setting//,
  * DX-click on the connection for which you want to enable 802.1x authentication then select **//Properties//**, 
  * click on tab **//Authentication//** and then select the check boxes:
    * //Enable IEEE 802.1X authentication//,
    * //Remember my credentials...//,
    * //Fallback to unauthorized...//.

{{:pub:client-802.1x-windows7-eng-2.png?nolink&300|}}

  * Click on the button **//Settings//** and on the Protected EAP Properties window that appears check that:
    * is checked //Validate server certificate// choosing from the //Trusted Root Certification Authorities// the voice //AddTrust External CA Root//,
    * is checked //Connect to these servers// stating the following (separated by ;) //nps1.unitn.it;nps2.unitn.it;nps3.unitn.it//,
    * the authentication method selected is //Secured password (EAP-MSCHAP v2)//.

{{:pub:client-802.1x-windows7-eng-3.png?nolink&300|}}

----

The following configuration is required only for PC **NOT** in the UNITN domain (for PC in the UNITN domain skip this step) 
  * Click the **Configure** button, then from the Properties window that appears EAP MASCHAPv2 **de**select the item //Automatically use....// as shown below:

{{:pub:client-802.1x-windows7-eng-4.png?nolink&300|}}

----

  * Click the button **Additional Settings...** for the tab //Properties - Local Area Connection (LAN)// and on the tab //Advanced setting// that will appear check:
    *  that the item //Specify authentication mode// is checked, choosing among: 
      * //User authentication// (For computer **NOT** in UNITN domain),
      * //User or computer authentication// (For computer in UNITN domain),
    *  click on the button **Save Credetials**.

{{:pub:802.1x:client-802.1x-windows7-eng-7.png?300|}}

  * After connecting the network cable when prompted, enter your unitn credentials
{{:pub:client-802.1x-windows7-eng-5.png?nolink&300|}}

In the event that the credentials are not recognized you will be automatically redirected to a Captive Portal authentication.

===== Problems=====

 Force the reauthentication:
  * Unselect //Remember my credentials...// then deactivate/activate the network card:

{{:pub:client-802.1x-windows7-eng-6.png?nolink&300|}}