40 Chapter 4
Preserving Wireless Connections
Windows Embedded Standard includes a tool called Regpersistence.exe which is
designed to configure wireless access in Write Filter Enable mode. When you configure
wireless access with this utility, the authentication credentials persist across reboots,
eliminating the need to re-authenticate each time the client systems are restarted. The
utility preserves the service set identifier (SSID) for wireless connections across
workgroup modes and domains. When Windows Embedded Standard clients restart, they
are automatically connected to the desired wireless access point.
Windows Embedded Standard clients can connect to wireless networks using the
following network authentication modes:
• Open mode with WEP
Note
This authentication mode requires the network key to be entered while the
client is connected to the wireless network. Windows Embedded Standard
clients are automatically connected to the wireless network after reboot.
• Shared mode with WEP
• WPA authentication with AES and TKIP
• WPA-PSK with AES and TKIP data encryption.
• WPA2 with AES and TKIP data encryption
• WPA2-PSK with AES and TKIP data encryption.
• PEAP authentication process
The session keys that are generated during the PEAP authentication process provide
keying material for the Wired Equivalent Privacy (WEP) encryption keys that encrypt the
data that is sent between wireless clients and wireless access points.
You can use PEAP with any of the following authentication methods for wireless
authentication (PEAP is not supported for use with EAP-MD5):
• EAP-TLS, which uses certificates for server authentication and either certificates or
smart cards for user and client computer authentication.
• EAP-MS-CHAP v2, which uses certificates for server authentication and credentials for
user authentication.
• Non-Microsoft EAP authentication methods.
Note
PEAP is available as an authentication method for 802.11 wireless clients,
but it is not supported for virtual private network (VPN) clients or other
remote access clients. Therefore, you can configure PEAP as the
authentication method for a remote access policy only when you are using
Internet Authentication Service (IAS).