802.1x
To use 802.1x for wireless authentication you need two things. A PKI Infrastructure (although very simple) and Radius Server.
CA Server
If you do not have an Enterprise CA you need to install one. This i pretty straight forward but you need to get it right.
Setting up Radius
Verify that the server running the IAS has a valid certificate from the CA.
Create a new RADIUS client for the wireless AP or Controller unit.
Create a new Remote Access policy for the Wireless Users.
Click EAP Methods and edit PEAP. verify that you are using the correct Cert and Eap Type.
Group Policy Settings
Create a new Group Policy for Wireless Networking. This policy should contain two settings:
Certificate Auto Enrollment
Go to Computer configuration – Windows Settings – Public Key Policies – Automatic Certificate Request Settings
Right click and select New Automatic Certificate Request.
Select Computer and finish the wizard.
Wireless Preferred Networks and Settings
Go to Computer configuration – Windows Settings – Wireless Network
Create a new Profile and add the following settings:
Add a new preferred network with these settings:
You need to set up the following things:
SSID
Network Authentication
Data encryptionEAP Mode
Trusted Root Certificate Servers
Selected Authentication Method