none
Windows CE 5.0 and WPA TKIP PEAP Wireless Connection

    Question

  • Hi,

     

    I wonder if someone could help me.

     

    I am trying to manually configure using the Wireless Zero Configuration dialog on a Windows CE 5.0 device a wireless connection to a WPA TKIP PEAP network.

     

    I have managed to set this up successfully on a Windows Mobile 5.0 device (XDA Orbit).

     

    So I use exactly the same settings for the Windows CE 5.0 device however it can not connect. I am presented with the Username and Password dialog and I have reentered the two values a lot of times (so it is not a typo) however it does not connect.

     

    The strange thing is that if I do not use the Wireless Zero Configuration and use a third party application (Summit's Application) I can configure and connect to the wireless network.

     

    The reason I would like the WZC to connect is because I need WZC enabled to be able to programmatically confirgure the connection using the OpenNETCF's SetWirelessSettingsAddEx method.

     

    I am trying to configure this connection on two Windows CE 5.0 devices and have tried on both devices without any luck, however both devices can be configured using the Summit software.

     

    I am in the process of trying to get hold of the SDK for the Summit software however this could be a while before I do.

     

    Also if anyone has had any experience of setting up a wireless connection to a WPA TKIP PEAP network programmatically I would really like to know how this was done as I can not see how the EAPParameters for the OpenNETCF's SetWirelessSettingsAddEx method supports a Username and Password.

     

    Thank you very much for taking the time to read this and I look forward to your reply.

     

    Thanks in advance.

     

    Paul Diston

    Thursday, August 2, 2007 3:16 PM

All replies

  • Hi, Paul,
     
    I've the same problem with you about the usename and password.
    Have you got any solution or any ideas?
     
    Thanks!
     
    Elsa
    Friday, August 10, 2007 3:23 AM
  • Hi,

     

    I am currently in the process of using a third party SDK to be able to configure the wireless connection. The third party SDK is only compatible with a certain make of wifi modem so might not work on all devices. As things are still up in the air, I can not give the name of the company we are working with but if you confirm which device you are trying to configure then I can feedback whether the SDK will work or not.

     

    Thanks

     

    Paul

     

    Friday, August 10, 2007 8:07 AM
  • Hi,
     
    My device is HTC_P3450 with WM6.
     
    Thanks !
     
    Elsa
    Monday, August 13, 2007 3:28 AM
  • Hi,

     

    The problem I include in this post is regarding the setup of a WPA TKIP PEAP network on a Windows CE 5.0 device, your device (running WM 6.0) should have no problem connecting to such a problem as our Windows Mobile 5.0 devices connect without problem.

     

    Can you explain exactly what your problem is then I might be able assit you, as the third party software I mention is used because I am using a Windows CE 5.0 device.

     

    Thanks

     

    Paul

     

    Monday, August 13, 2007 7:58 AM
  • Hi All,

      I'm having the same problem. I have a HTC_P3450 with WM6.

     

    When i try to configue my wifi connection on my phone, i do the following

     

    Screen 1

    Network Name : "test"    <-- text field is prepopulated and disabled

    Connects To : work

    This is a hidden network (unchecked)

    This is a device to device (ad-hoc) connection - (unchecked) and disabled

     

    Screen 2

    Authentication : WPA

    Data Encryption: TKIP

    This key is automatically provided (checked) and disabled

     

    Screen 3

    Use IEEE 802.1x network access control (checked) and disabled

    EAP Type: PEAP

     

    Button [Properties] - When Clicked i get :

    Warning

    Cannot log on to the wireless network. this newtwork required a personal certificate to positively identify you.

     

    Expected result should be property screen so i can

    Uncheck Validate server certificate

    Select authentication method : EAP-MSCGAP V2

     

    Let me know if you need any more information

     

    Steve

    Tuesday, August 14, 2007 7:42 PM
  • I found a solution for my problem

     

    It involves modifying the registry on my WM6

     

    To force it to accept the PEAP server's certificate without attempting any other validation, add the following registry key:

    [\HKLM\Comm\EAP\Extension\25\]
    "ValidateServerCert"=dword:00000000

     

    I used this tool

    http://www.breaksoft.com/Blog/Utilities/2005/1/Mobile_Registry_Editor.aspx

     

    and used this [EnableRAPI.zip] to unlock my registry

    http://www.breaksoft.com/Blog/Posts/2005/8/Mobile_Registry_Editor_FAQ.aspx

     

    Good luck

     

    Steve

    Tuesday, August 14, 2007 8:20 PM
  • Hi,

     

    We have used that registry change for our Windows Mobile 5.0 devices however Windows CE 5.0 does not support this registry change.

     

    We have now found a solution to the Windows CE 5.0 and WPA TKIP PEAP connection problem using Summit Data Communication's SDK. This has successfully worked on both a Datalogic Jet and Datalogic Falcon.

     

    I think the Summit SDK only supports particular radios and devices therefore it might not be suitable for everyone's needs.

     

    If anyone requires any more information, please let me know.

     

    Thanks

     

    Paul Diston

     

     

    Wednesday, August 15, 2007 8:48 AM
  • Hey guys,

     

    We are using PEAP on Cisco AP's, is there a way to force using domain authentication and not use certificates? I get the prompt for domain credentials, but dont get connected. I get the same error in the first post about certificates.

     

    Registry change?

     

    Friday, November 2, 2007 10:17 AM
  • Hi,

     

    Which device and OS are you using?

     

    Paul

    Friday, November 2, 2007 10:21 AM
  • Hi Paul,

     

    I have this problem on three devices, one running WM5, one running WM6 Pro and the other running smartphone edition WM6.

     

    The one I am currently testing with is WM6 Pro - HTC TyTN

     

    CHeers,

     

    James

     

    Friday, November 2, 2007 11:28 AM
  • Hi James,

     

    The registry change :-

    [\HKLM\Comm\EAP\Extension\25\]
    "ValidateServerCert"=dword:00000000

     

    Should by pass the use of certificates. It has worked on two Windows Mobile 5 devices I have tried it on.

     

    Thanks

     

    Paul

     

    Friday, November 2, 2007 11:32 AM
  • Hi PAUL

    I purchased a SDA (HTC Tornado - unlocked Tmobile SDA one) with Windows Mobile 5 smartphone to take advantage of our WiFi network . I am having problems setting up my WiFi connection and i cant find a solution..please help me...

    When using my laptop wifi connect I set up the following
    Network Authentication OPEN
    Data Encryption WEP
    key is automatically provided (i tick this option)
    Enable IEEE 802.1x authentication for this network
    EAP Type as PEAP.
    Then under configuration of PEAP I uncheck Validate Server Certificate and authentication method selected as "Secured password (EAP-MSCHAP v2) and "enable fast reconnect" is also ticked.

    With these settings it works perfectly well in laptop. But with these settings made in the SDA phone it gives the following error msgs ; "The server certificate is issued by an unknown authority" and "Cannot log on to the wireless network. This network requires a personal certificate to positively identify you."

     

    I have done the registry edit as Paul said. It stopped showing the message ""The server certificate is issued by an unknown authority". But the other msg still comes. Actually for PEAP we wont want personal certificate. I think this is a bug. Then i installed a dummy personal cert to cover this bug. Now no more error msgs, but internet is not connected.

     

    Then i installed the root certificate (specific for my univ) i got from my laptop (windows xp). But no effect. I checked under root cert to see if it is there and i saw it there.

     

    Sorry for this long story sometimes we need long explanations to fully understand the problem.

     

    SOMEBODY PLEASE HELP ....

     


     

    Sunday, November 18, 2007 4:13 PM
  • Hi Paul,

     

    I am currently using Vario III ( HTC Kaiser ). I am at the University of Sheffield in England. I am trying to connect to their wireless network, but everytime I do this, it pops up " this network requires a personal certificate to positively identify you ". I have tried the registry hack, but still it keeps on popping up ( then again I am a proper noob, and probably set it up wrong. But seeing other examples of setting up registry, I just created a new DWORD registry in the folder 25 , named it ValidateServerCert and put the value of 0. I am using the php registry editor btw. Please tell me if I am doing something wrong).  Well, in the univeristy website, these are the instruction given for connecting to XP.

     

    1. Select the eduroam network and click on Change Advanced Settings.
    2. Select the Wireless Networks tab, select eduroam and click Properties.
    3. Set Authentication to WPA and Data Encryption to TKIP. Select the Authentication tab.
    4. Set the EAP Type to PEAP and untick the box to Authenticate as Computer. Click Properties to configure the EAP type.
    5. Untick the Validate Server Certificate checkbox, set Authentication Method to EAP-MSCHAP v2 and click Configure.

    6. Untick the checkbox to use the Windows logon name and click OK.

    7. Click OK, until you are asked to enter your credentials.

    8. When prompted, enter your username and Remote Access password. Leave Logon Domain field blank and click OK.

     

    I did the hack, and everytime I press the properties button, I get the error message. Please tell me what to do. Is there any other way for WM6 coz the registry hack isnt working?? 

    Tuesday, November 20, 2007 4:15 PM
  • Hi,

     

    You mention that you are using a php registry editor. Are you running this registry editor on the actual device. If not I would recommend using TRE Registry Editor (http://www2r.biglobe.ne.jp/~tascal/download/pocketpc/index_e.htm) this actually runs on the device. Once you have installed this application you can make the relevant changes and try again.

     

    Thanks

     

    Paul

     

    NOTE: I will not be held responsible for any issues/problems/errors of any kind as a result of using external pieces of software. What worked for me may not work for you.

     

    Tuesday, November 20, 2007 4:22 PM
  • its running on my phone. i also tried external software running from my laptop. didnt work though. I will try this though. dont u have any other solution ??

    Tuesday, November 20, 2007 4:25 PM
  • Hi,

     

    If you use the TRE utitlity first then we can see where we can go from there.

     

    Thanks

     

    Paul

    Tuesday, November 20, 2007 4:27 PM
  • Paul, have you found resolution to to problem.  I have tried everything it seems to get my htc620 to work.

    Wednesday, November 21, 2007 12:22 PM
  •  

    same with me, changed the registry...doesnt work. I wouldve degraded to wm5, but, am afraid as tmobile has done something to the kaiiser this time, degrading will mean my phone will just get bricked. any other solutions for WM6 ?? help
    Wednesday, November 21, 2007 1:37 PM
  •  Jeobu wrote:

    Hi PAUL

    I purchased a SDA (HTC Tornado - unlocked Tmobile SDA one) with Windows Mobile 5 smartphone to take advantage of our WiFi network . I am having problems setting up my WiFi connection and i cant find a solution..please help me...

    When using my laptop wifi connect I set up the following
    Network Authentication OPEN
    Data Encryption WEP
    key is automatically provided (i tick this option)
    Enable IEEE 802.1x authentication for this network
    EAP Type as PEAP.
    Then under configuration of PEAP I uncheck Validate Server Certificate and authentication method selected as "Secured password (EAP-MSCHAP v2) and "enable fast reconnect" is also ticked.

    With these settings it works perfectly well in laptop. But with these settings made in the SDA phone it gives the following error msgs ; "The server certificate is issued by an unknown authority" and "Cannot log on to the wireless network. This network requires a personal certificate to positively identify you."

     

    I have done the registry edit as Paul said. It stopped showing the message ""The server certificate is issued by an unknown authority". But the other msg still comes. Actually for PEAP we wont want personal certificate. I think this is a bug. Then i installed a dummy personal cert to cover this bug. Now no more error msgs, but internet is not connected.

     

    Then i installed the root certificate (specific for my univ) i got from my laptop (windows xp). But no effect. I checked under root cert to see if it is there and i saw it there.

     

    Sorry for this long story sometimes we need long explanations to fully understand the problem.

     

    SOMEBODY PLEASE HELP ....

     


     

     

    Hi

     

    I ve posted the above earlier and couldnt find a solution yet. Can sombody please help to solve this issue ? The admins here are also unable to solve the issue. They strongly believe that the problem is with Windows Mobile 5.

     

    Will "Odyssey Client" help in this  issue ? But is very expensive to buy. If it helps is there a way to get the WM5 compatible version (without paying $$$)

     

    Somebody please help me to solve this one...i am literarlly stuck now...even the network admin here cant solve this

     

    please help

    Wednesday, November 21, 2007 11:55 PM
  • Hi,

     

    We have same problem Datalogic Scorpio with windows ce 5.0 and wpa tkip peap.

    Could you let me know the solution for datalogic products?

     

    Thanks

     

    Juhana Hietala 

    Friday, November 23, 2007 4:07 PM
  • Hi,

     

    We used the Summit SDK for our Datalogic Jet devices. It would be best to contact Datalogic in the first instance to determine if the Summit SDK can be used on this particular model of Datalogic device.

     

    Thanks

     

    Paul

    Friday, November 23, 2007 5:15 PM
  • The new model of Scorpio comes with Summit radio and works fine. Old model uses symbol radio and have those connection problems.

    I contacted to Datalogic before and they gave me answer that only solution is to install odyssey client.

    I can get old model Scorpio online but if device goes power saving mode or it gives warm boot i have to remove wlan profile and make it again and again....

     

    Thanks

     

    Juhana

     

     

    Friday, November 23, 2007 6:11 PM