Implementing Your Wireless Network
Applies To: Windows Server 2008, Windows Vista
Following are the requirements for deploying a wireless access infrastructure by using the scenarios documented in this guide:
Before you deploy this scenario, you must first purchase and physically install 802.1X-capable wireless access points (APs) to provide wireless coverage in the desired locations at your site.
Active Directory Domain Services (AD DS) must be installed.
Dynamic Host Configuration Protocol (DHCP) servers must be configured to allocate IP address to wireless access clients, after those clients are authenticated and authorized by Network Policy Server (NPS).
NPS must be installed on one or more servers on your network. NPS servers are logically connected to your network so that they can receive incoming access requests directly from wireless APs, or have them forwarded from wireless APs to NPS by a Remote Authentication Dial-In User Service (RADIUS) proxy.
For smart card or other certificate deployments using either PEAP-TLS or EAP-TLS authentication, you must have already installed and configured a private certification authority (CA) on your network to issue server certificates to your NPS servers, and client certificates to your client computers and users.
You must have determined whether your 802.1X authenticated wireless access solution will use secure password authentication (PEAP-MS-CHAP v2), or smart cards, or other certificates (PEAP-TLS or EAP TLS).
For secure password deployments that use PEAP-MS-CHAP v2 authentication, you must have either configured a private CA on your network to issue server certificates to your NPS servers, or you must have purchased server certificates from a public CA, such as VeriSign.
You or someone else in your organization must be familiar with the IEEE 802.11 standards that are supported by your wireless APs and the wireless network adapters installed in the client computers on your network; for example, radio frequency types, 802.11 wireless authentication (WPA2 or WPA), and ciphers (AES or TKIP).