Checklist: Configure NPS for Secure Wireless Access

Applies To: Windows Server 2008

Configure NPS for Secure Wireless access

This checklist provides the steps required to deploy 802.1X wireless access points with Network Policy Server (NPS).

Task Reference

Install and configure 802.1X wireless access points on your network.

RADIUS Server for 802.1X Wireless or Wired Connections and your hardware documentation

Determine the authentication method you want to use.

RADIUS Server for 802.1X Wireless or Wired Connections; Certificate Requirements for PEAP and EAP; EAP Overview; PEAP Overview; and your hardware documentation

Autoenroll a server certificate to NPS servers or purchase a server certificate.

Deploy a CA and NPS Server Certificate and Obtaining and Installing a VeriSign WLAN Server Certificate for PEAP-MS-CHAP v2 Wireless Authentication (

If you are using EAP-TLS or PEAP-TLS without smart cards, autoenroll client or computer certificates to domain member client computers.

Deploy Client Computer Certificates and Deploy User Certificates

Configure 802.1X wireless clients using Group Policy.

Configure 802.1X Wireless Clients Running Windows Vista with Group Policy

Configure 802.1X wireless access points as RADIUS clients in NPS.

Add a New RADIUS Client and RADIUS Clients

Create a user group in Active Directory® Domain Services (AD DS) that contains the users who are allowed to access the network through the wireless access points.

Create a Group for a Network Policy

In NPS, configure one or more network policies for 802.1X wireless access.

Add a Network Policy; Create policies for 802.1X Wired or Wireless with a Wizard; and Network Policies