The Cable Guy - July 2010
Connecting to Wireless Networks with Windows 7
Windows 7 includes a simplified user experience for IEEE 802.11 wireless LAN networks. This article describes how to connect to and configure wireless networks on a computer running Windows 7.
Wireless network configuration methods
You can configure connections to wireless networks, known as wireless profiles, for a computer running Windows 7 with the following methods:
Network notification area icon
This is the primary method by which users connect to available wireless networks.
Set up a connection or network dialog box
This is a method by which users can manually create wireless network profiles.
Manage Wireless Networks dialog box
This is another method to manually configure wireless networks and specify their detailed settings.
Network administrators can use Group Policy settings in an Active Directory Domain Services (AD DS) environment to centrally configure and automatically deploy wireless network settings for domain member computers. For more information, see Wireless Group Policy Settings for Windows Vista, the April 2007 The Cable Guy article.
Network administrators can use commands in the netsh wlan context of the Netsh.exe tool to manually configure wireless networks and their settings. There are Netsh commands to export an existing wireless profile to an XML file and then import the wireless profile settings stored in the XML file on another computer. For more information, see Netsh Commands for Wireless Local Area Network (WLAN) in Windows Server 2008 R2.
The following sections describe in detail how to connect to a wireless network using the Network notification area icon and the Set up a connection or network dialog box in Windows 7, how to manage your wireless networks, and how to connect to non-broadcasting wireless networks.
The Network notification area icon
To connect to an available wireless network, click the Network icon in the notification area of your desktop. The resulting pane contains a list of detected wireless networks and, for domain-joined computers, the names of wireless networks configured through Group Policy. Figure 1 shows an example.
Figure 1 Example of the list of available networks
From this pane you can connect to a listed wireless network by double-clicking it, clicking the network and then clicking Connect, or by right-clicking the network and clicking Connect.
To view information for a listed wireless network, place the mouse pointer over the network name. The information includes the wireless network's name, signal strength, security type, radio type (802.11b/g/n), and Service Set Identifier (SSID). To refresh the list of wireless network, click the up/down arrow icon in the upper right of the pane. To disconnect from a connected wireless network, right-click the network and then click Disconnect.
You can obtain status of a connected network and properties of a connected network or a network that has been configured through Group Policy through the wireless network's context menu. Figure 2 shows an example of the Wireless Network Connection Status dialog box.
Figure 2 Example of the Wireless Network Connection Status dialog box
The properties dialog box of a wireless network is described later in this article.
Set up a connection or network dialog box
You can access the Set up a connection or network dialog box in Windows 7, as shown in Figure 3, from the Set up a new connection or network link in the Network and Sharing center.
Figure 3 The Set up a connection or network dialog box
To manually create a wireless network profile, click Manually connect to a wireless network, and then click Next. You should see Figure 4.
Figure 4 The Enter information for the wireless network you want to add page
On the Enter information for the wireless network you want to add page, configure the following:
Network name Type the name of the wireless network.
Security type Select the method used to authenticate a connection to the wireless network. The choices are the following:
No authentication (Open) Open system authentication with no encryption.
WEP Open system authentication with Wired Equivalent Privacy (WEP).
WPA2-Personal Wi-Fi Protected Access 2 (WPA2) with a preshared key (also known as a passphrase).
WPA-Personal Wi-Fi Protected Access (WPA) with a preshared key.
WPA2-Enterprise WPA2 with IEEE 802.1X authentication.
WPA-Enterprise WPA with IEEE 802.1X authentication.
802.1x IEEE 802.1X authentication with WEP (also known as dynamic WEP).
The choices listed depend on the capabilities of your wireless network adapter that are reported to Windows. If an authentication type does not appear in the list, ensure that your wireless adapter supports the type and that you have installed the latest driver for your adapter that is compatible with Windows 7.
The shared key authentication method is not listed. Microsoft strongly discourages its use because it provides weak security for your wireless network. To configure shared key authentication, select No authentication (Open) here and then select Shared from the Security tab in the properties of the wireless network (described later in this article).
Encryption type Select the method used to encrypt data sent over the wireless network. The choices depend on the selected security type.
When you select the No authentication (Open) security type, None is selected for you.
When you select the WEP security type, WEP is selected for you.
When you select the 802.1x security type, WEP is selected for you.
When you select the WPA2-Personal, WPA2-Enterprise, WPA-Personal, WPA-Enterprise security types, you can select AES or TKIP.
The encryption type choices listed depend on the capabilities of your wireless network adapter that it reports to Windows.
Security Key Type the WEP key (if you selected the WEP security type), the WPA preshared key (if you selected the WPA-Personal security type), or the WPA2 preshared key (if you selected the WPA2-Personal security type). For the WPA2-Enterprise, WPA-Enterprise, and 802.1x security types, Windows 7 automatically determines the security key when performing 802.1X-based authentication.
Hide characters Specifies whether you want to view the value typed in Security Key.
Start this connection automatically Specifies whether Windows 7 will automatically connect to this wireless network. If you clear this checkbox, you must manually connect to the wireless network from the list of networks available from the Network notification area icon.
Connect even if the network is not broadcasting Specifies whether Windows should attempt to connect even if the wireless network is not broadcasting its name. This will cause Windows to send Probe Request frames to locate the wireless network. These probe request frames can be used by malicious users to determine the name of the non-broadcast network. For more information about the privacy issues of non-broadcast networks, see Non-broadcast Wireless Networks with Microsoft Windows.
When you click Next, you should see Figure 5.
Figure 5 The Successfully added page
You can click Change connection settings to access the properties of the wireless network, as described later in this article, or click Close.
The Manage Wireless Networks dialog box
You can access the Manage Wireless Networks dialog box from the Manage wireless networks link in the Network and Sharing Center. Figure 6 shows an example.
Figure 6 The Manage Wireless Networks dialog box
Note If the Manage wireless networks link is not present from the Network and Sharing Center, click the Change adapter settings link and ensure that your wireless network adapter is enabled on your laptop or notebook computer, appears in the Network Connections folder as a wireless connection, and is enabled. If your wireless network adapter appears in the Network Connections folder as a wired connection, ensure that you have installed the latest driver that is compatible with Windows 7.
From the Manage Wireless Networks dialog box, you can add a new wireless network, remove a selected wireless network, obtain the properties of the wireless network adapter, and choose the type of profile to assign to new wireless networks (applies to all users or the current user).
To manually add a wireless network, click Add to launch the Manually connect to a wireless network wizard, which allows you to create a wireless network profile for either an infrastructure or ad hoc wireless network. Figure 7 shows an example.
Figure 7 The How do you want to add a network? page
To create a wireless profile for an infrastructure wireless network, click Manually create a network profile. To create a wireless profile for an ad hoc wireless network, click Create an ad hoc network.
To view or modify the properties of a wireless network in the list, double-click the name in the Manage wireless networks dialog box. Windows 7 displays the dialog box in Figure 8.
Figure 8 The Wireless Network Properties dialog box
From the Connection tab, you can view the wireless network's name, SSID, network type (either Access point for infrastructure mode networks or Computer-to-computer for ad hoc mode networks), and availability. You can also configure the following:
Connect automatically when the network is in range
Connect to a more preferred network if available
Specifies whether Windows 7 will automatically disconnect from this wireless network if a more preferred wireless network comes within range.
Connect even if the network is not broadcasting its name (SSID)
The Copy this network profile to a USB flash drive link launches the Copy Network Settings wizard, which writes the wireless network profile settings to a USB flash drive. You can then use this flash drive to automate the wireless network profile configuration of other computers.
Figure 9 shows the Security tab.
Figure 9 The Security tab of the Wireless Network Properties dialog box
On the Security tab, you can specify the following security types:
No authentication (Open)
Shared key authentication. The Security tab is the only location where you can configure shared key authentication because its use is highly discouraged.
Based on the selected security type, you can configure either a network security key or specify and configure a network authentication method. If you specify WPA-Enterprise, WPA2-Enterprise, or 802.1x as your security type, you must configure the following (as shown in the Figure 9):
Choose a network authentication method Select an Extensible Authentication Protocol (EAP) method and click Settings to configure the EAP type as needed.
Remember my credentials for this connection each time I'm logged on Specifies that when the user logs off, the user credential data is not removed from the registry. If you clear the checkbox, the next user logs on, they will be prompted for their credentials (such as user name and password).
If you specify the use of WPA-Personal or WPA2-Personal as your security type or No authentication (Open) or Shared as your security type with WEP as your encryption type, you must configure a network security key, as shown in Figure 10.
Figure 10 Example of configuring a network security key
If you choose the WPA-Enterprise, WPA2-Enterprise, or WPA2-Personal security types, you can also configure advanced settings. Figure 11 shows the Advanced settings dialog box for the WPA2-Enterprise security type.
Figure 11 The Advanced settings dialog box
On the 802.1X settings tab, you can specify the authentication mode (User or computer authentication, Computer authentication, User authentication, or Guest authentication), save a set credentials for user authentication, and delete credentials for all users.
Single sign-on (SSO) allows you to configure when 802.1X authentication occurs relative to the user logon and to integrate user logon and 802.1X authentication credentials on the Windows logon screen. For more information about SSO settings, see Wireless Group Policy Settings for Windows Vista, the April 2007 The Cable Guy article.
Figure 12 shows the 802.11 settings tab.
Figure 12 The 802.11 settings tab
In the Fast roaming section, you can configure Pairwise Master Key (PMK) caching and preauthentication options. For more information about fast roaming settings, see Wireless Group Policy Settings for Windows Vista, the April 2007 The Cable Guy article.
Note When you select the WPA-Enterprise security type, the Advanced settings dialog box does not contain the 802.11 settings tab.
The Enable Federal Information Processing Standard (FIPS) compliance for this network check box allows you to specify whether to perform AES encryption in a FIPS 140-2 certified mode. FIPS 140-2 is a U.S. government computer security standard that specifies design and implementation requirements for cryptographic modules. Windows 7 is FIPS 140-2 certified. When you enable FIPS 140-2 certified mode, Windows 7 performs the AES encryption in software, rather than relying on the wireless network adapter. This check box only appears when you select WPA2-Enterprise or WPA2-Personal as the authentication method on the Security tab.
Non-broadcasting wireless networks
A non-broadcasting wireless network does not advertise its network name, also known as its SSID. A wireless access point of a non-broadcasting wireless network can be configured to send Beacon frames with an SSID set to NULL. A non-broadcasting wireless network is also known as a hidden wireless network. You can configure wireless networks in Windows 7 as broadcast or non-broadcast. A computer running Windows 7 will attempt to connect to wireless networks in the preferred networks list order, regardless of whether they are broadcast or non-broadcast. Additionally, non-broadcast networks appear last in the list of available networks with the name Other Network. Figure 13 shows an example.
Figure 13 Example of a non-broadcast wireless network
When you connect to the Other Network, Windows 7 prompts you to specify the wireless network name (SSID). Figure 14 shows an example.
Figure 14 Typing the name of a non-broadcast wireless network
For More Information
For more information about wireless networking in Windows, consult the following resources:
For a list of all The Cable Guy articles, click here.