Test Case

Show / Hide direct link   <ROOT> 5197PA: Win 8 / 10: Wireless Security Function Test using OS Native - PP-80476



Version 1.2
Created on 19/07/2013 17:32:46  by Kristian Galacgac
Summary
Preconditions
Status:   Review Complete
Priority:   Medium
BASIC INFORMATION
Section:S/W Test Require attachment:No
Team:Network Group:Test Coverage
Lessons Learned:No Phase:FVT, SIT
Locations:Inhouse: AWS and Cambridge, Inhouse: AWS, Inhouse: Cambridge, Compal, Flextronics, Quanta, Wistron Owned By:Eiji Ogata/LENOVO
Objective:To verify all the WL functions using OS native with the latest server.
CRITERIA
Successful authentications
No system malfunction/performance degradation
EUT QUANTITY
Two systems
EQUIPMENT
PPA Networking facilities.
Critical Attribute:[0] : WLS - Wireless

CONFIGURATION
REFERENCE PROCEDURE
STATISTIC INFO
Operating System Win81-64bit Win81-32bit Win10-32bit Win10-64bit Total
Test Points
Duration
Workload
# Step actions Win81-64bitWin81-32bitWin10-32bitWin10-64bit
1 Wireless Profile Verification using Windows Native AAAA
2 Wireless Profile Verification AAAA
3 Network Reliability Test AAAA
4 Wireless Security Authentication Matrix using Windows Native AAAA
DETAILS
ATTENTION!! Please follow below information.
1. Please check Error and Warning message in Event Viewer before you start the test case and after you complete the test case, and report it to your team lead, then arrange to open defect, if needed.

2. Perform All Test in Battery Mode (Some of the test items need to perform in AC Mode, follow each Test Case).

3. All Test Activity should be performed with AMT Enabled as Default (applicable on vPro enabled systems).

4. Please check Usability / Cosmetic issues (correct sentence/appropriate display/etc.) and open defect, if needed.

UR-3893AP
Known Limitations

1. Profile Properties is Blank when connect to AP w/ Certificate
Approved as Permanent Limitation
Reference Defect: ECR186573

. ECR187346 COM:W8.1:No Wifi Properties when connected to cisco security - UR4129
Reason:
When connect to access point which needs security such as certificate, the properties of wireless LAN profile is blank.
This issue only happens when connect access point which needs certification or Cisco security. This is a matter not showing "Properties" field only and the connection/accessing works fine. So, we can deem that user impact is low.
We reported to Microsoft this problem (MS BUG#481719 (for ECR186582/ECR186573),but they closed the issue by "won't fix" (See remark/comments) Also we reported to Microsoft this problem MS BUG#494537(for ECR187346), and MS says this is a same thing with MS BUG#481719.
Restriction
Information
1. Windows 8 does not have CCKM support.
Reference Defects:
ECR139900;ECR139709;ECR139924, W8:FFRT:Cannot connect when encryption is WEP using Intel-CCKM option


2. WPA Security type on Network properties is not available in Win8.1 OS.
Handled as Help Center Info
Reference Defects: ECR187661, ECR187662, ECR185878

3. EAP-SIM, EAP-AKA, EAP-AKA authentications are missing in control panel
This is by design unless the device has a SIM card. In Win8.1, EAP filters all three SIM based authentication methods: EAP-SIM, EAP-AKA, EAP-AKA' if the device doesn't have a sim device.
Reference Defects: ECR181398, ECR187276, ECR182785

4. Cisco security is not available in Jackson Peak 2 inbox driver
This is as designed. Inbox driver does not have cisco security support.
Reference Defects: ECR187476



Wireless Profile Verification using Windows Native
Test Item
Check Item / Criteria
Configuration
Result
Win8.1 32
Win8.1 64
WEP Profile Verification
  1. Login as Domain user
  2. From Control Panel Open Network Connections
  3. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  4. Check the option `Use Windows to Configure my wireless network settings
  5. Click "Add" under the Preferred Networks option
  6. Enter the SSID Name and check whether following options are enabled:
  7. Network Authentication (Open)
  8. Data Encryption Mode (WEP Enabled)
  9. Uncheck "The Key is provided for me automatically"
  10. Select the correct "Key Index" (Key1/Key2/Key3/Key4) as set in Access Point
  11. Enter the Network Key and Confirm network Key and Press OK.
  12. Now the Authentication is succeeded and IP Address is assigned to the client system
  13. Check Network Connectivity by issuing Ping Command
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
Wireless Client Configuration
  1. Connect the System to Windows 2012 Domain Network by ethernet
  2. Register the Wireless Client as Domain Member of Windows 2012 Domain
  3. Add the Domain User to the Local Administrator group.
  4. Log in as the Domain user.
  5. Download Simple User Certificate using Internet Explorer or Microsoft Management Console from Certification Server in Windows 2012 Domain. (For ex: 192.168.21.1 /certsrv)
  6. After Certificate is successfully downloaded, from Internet Explorer, Click Tools>Internet options>content>certification and verify the downloaded certificate is listed. Click Advanced tab and select `Client Authentication` Box in Certificate purposes option.

  • The User Certificate shall be successfully downloaded
  • No Error Message while downloading the Certificate


Stand alone


A


A
EAP-TLS-WEP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following options are enabled:- Data Encryption Mode (WEP Enabled) & "The Key is provided for me automatically"
  8. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Smart card or other Certificate
  9. Uncheck the option `Authenticate as computer when computer information is available`.
  10. Click Properties and check the following options:- Select the option `Use a Certificate on this Computer` Under When Connecting & check the option `Use Simple Certificate Selection` (Recommended)
  11. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  12. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  13. Check the option `Use a different user Name for the connection`
  14. Click Ok.
  15. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  16. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  17. Now the Authentication is succeeded and IP Address is assigned to the client system
  18. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  19. Check Network Connectivity by issuing Ping Command.
  20. Check the Event Log of Radius Server and Authentication is successful.
  21. Check the Access Point Event Log and Authentication is successful
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
PEAP-MSCHAP-WEP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following options are enabled:- Data Encryption Mode (WEP Enabled) & "The Key is provided for me automatically"
  8. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Protected EAP (PEAP)
  9. Uncheck the option `Authenticate as computer when computer information is available`.
  10. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  11. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  12. Select the Authentication Method `Secured Password` (EAP-MSCHAP-V2).
  13. Check Enable Reconnect option and Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any)
  14. Now 802.1x Authentication process starts and there will be a message box from OS and Enter the User Name,password and Domain name.
  15. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  16. Now the Authentication is succeeded and IP Address is assigned to the client system
  17. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  18. Check Network Connectivity by issuing Ping Command.
  19. Check the Event Log of Radius Server and Authentication is successful.
  20. Check the Access Point Event Log and Authentication is successful
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-TLS-TKIP/WPA2-TLS-TKIP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following option is enabled:- "The Key is provided for me automatically"
  8. Change the Network Authentication to "WPA" and Data Encryption to "TKIP"
  9. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Smart card or other Certificate
  10. Uncheck the option `Authenticate as computer when computer information is available`.
  11. Click Properties and check the following options:- Select the option `Use a Certificate on this Computer` Under When Connecting & check the option `Use Simple Certificate Selection` (Recommended)
  12. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  13. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  14. Check the option `Use a different user Name for the connection`
  15. Click Ok.
  16. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  17. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  18. Now the Authentication is succeeded and IP Address is assigned to the client system
  19. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  20. Check Network Connectivity by issuing Ping Command.
  21. Check the Event Log of Radius Server and Authentication is successful.
  22. Check the Access Point Event Log and Authentication is successful
  23. Change the Network Authentication to "WPA2" in Step 8 and perform from step 15 - 22
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-TLS-AES / WPA2-TLS-AES Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following option is enabled:- "The Key is provided for me automatically"
  8. Change the Network Authentication to "WPA" and Data Encryption to "AES"
  9. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Smart card or other Certificate
  10. Uncheck the option `Authenticate as computer when computer information is available`.
  11. Click Properties and check the following options:- Select the option `Use a Certificate on this Computer` Under When Connecting & check the option `Use Simple Certificate Selection` (Recommended)
  12. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  13. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  14. Check the option `Use a different user Name for the connection`
  15. Click Ok.
  16. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  17. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  18. Now the Authentication is succeeded and IP Address is assigned to the client system
  19. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  20. Check Network Connectivity by issuing Ping Command.
  21. Check the Event Log of Radius Server and Authentication is successful.
  22. Check the Access Point Event Log and Authentication is successful
  23. Change the Network Authentication to "WPA2" in Step 8 and perform from step 15 - 22
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA- PEAP-MSCHAP-TKIP/WPA2-PEAP-MSCHAP-TKIP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following option is enabled:- "The Key is provided for me automatically"
  8. Change the Network Authentication to "WPA" and Data Encryption to "TKIP"
  9. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Protected EAP (PEAP)
  10. Uncheck the option `Authenticate as computer when computer information is available`.
  11. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  12. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  13. Select the Authentication Method `Secured Password` (EAP-MSCHAP-V2).
  14. Check Enable Reconnect option and Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any)
  15. Now 802.1x Authentication process starts and there will be a message box from OS and Enter the User Name,password and Domain name.
  16. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  17. Now the Authentication is succeeded and IP Address is assigned to the client system
  18. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  19. Check Network Connectivity by issuing Ping Command.
  20. Check the Event Log of Radius Server and Authentication is successful.
  21. Check the Access Point Event Log and Authentication is successful
  22. Change the Network Authentication to "WPA2" in Step 8 and perform from step 15 - 21
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA- PEAP-MSCHAP- AES / WPA2-PEAP-MSCHAP-AES Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Control Panel open Network Connections
  4. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  5. Check the option `Use Windows to Configure my wireless network settings
  6. Click "Add" under the Preferred Networks option
  7. Enter the SSID Name and check whether following option is enabled:- "The Key is provided for me automatically"
  8. Change the Network Authentication to "WPA" and Data Encryption to "AES"
  9. Now Click Authentication Tab and Check the following options:- Enable IEEE 802.1x authentication for this Network & EAP Type : Protected EAP (PEAP)
  10. Uncheck the option `Authenticate as computer when computer information is available`.
  11. Click `Validate Server certificate` option and `Connect to these servers`. Enter the Server Name in `Connect to these servers` option.(For Example : Wifisvr.wifi.com)
  12. Select the correct Root Certificate of the Test Server in `Trusted Root Certification Authorities`
  13. Select the Authentication Method `Secured Password` (EAP-MSCHAP-V2).
  14. Check Enable Reconnect option and Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any)
  15. Now 802.1x Authentication process starts and there will be a message box from OS and Enter the User Name,password and Domain name.
  16. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  17. Now the Authentication is succeeded and IP Address is assigned to the client system
  18. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  19. Check Network Connectivity by issuing Ping Command.
  20. Check the Event Log of Radius Server and Authentication is successful.
  21. Check the Access Point Event Log and Authentication is successful
  22. Change the Network Authentication to "WPA2" in Step 8 and perform from step 15 - 21
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-PSK-TKIP (ASCII/Hex) / WPA2-PSK-TKIP (ASCII/Hex) Verification
  1. Login as Domain user
  2. From Control Panel open Network Connections
  3. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  4. Check the option `Use Windows to Configure my wireless network settings
  5. Click "Add" under the Preferred Networks option
  6. Enter the SSID Name and check whether following options are enabled:
  7. Network Authentication (WPA-PSK)
  8. Data Encryption Mode (TKIP Enabled)
  9. Enter the Network Key as well as Confirm Network Key and Press OK.
  10. Now the Authentication is succeeded and IP Address is assigned to the client system
  11. Check Network Connectivity by issuing Ping Command
  12. Check the Access Point Event Log and Authentication is successful.
  13. Change the Network Authentication to "WPA2-PSK" in Step 7 and perform from step 10-12
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-PSK-AES (ASCII/Hex) / WPA2-PSK-AES (ASCII/Hex) Verification
  1. Login as Domain user
  2. From Control Panel open Network Connections
  3. Right Click Wireless Network Properties and Click Wireless Networks Tab.
  4. Check the option `Use Windows to Configure my wireless network settings
  5. Click "Add" under the Preferred Networks option
  6. Enter the SSID Name and check whether following options are enabled:
  7. Network Authentication (WPA-PSK)
  8. Data Encryption Mode (AES Enabled)
  9. Enter the Network Key as well as Confirm Network Key and Press OK.
  10. Now the Authentication is succeeded and IP Address is assigned to the client system
  11. Check Network Connectivity by issuing Ping Command
  12. Check the Access Point Event Log and Authentication is successful.
  13. Change the Network Authentication to "WPA2-PSK" in Step 7 and perform from step 10-12
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
Attachment "ATT2GABX.jpg"can be seen at the bottom of the page.


Wireless Profile Verification

Test Item
Check Item / Criteria
Configuration
Result
Win8.1 32
Win8.1 64
WEP Profile Verification
  1. Login as Domain user
  2. From Network Center, click Set up a connection
  3. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  4. On Network name, enter the SSID Name
  5. On Security type, choose WEP
  6. On Security Key/Passphrase, type the key then click Next
  7. On Successfully added window, click Change connection settings
  8. Change the Key Index from Connection and Security tabs if necessary then click OK
  9. On Successfully added window, click Connect to...
  10. Select the created profile, click the Connect button
  11. Now the Authentication is succeeded and IP Address is assigned to the client system
  12. Check Network Connectivity by issuing Ping Command and through the Network Center
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be availability


Stand alone


A


A
Wireless Client Configuration
  1. Connect the System to Windows 2012 Domain Network by ethernet
  2. Register the Wireless Client as Domain Member of Windows 2012 Domain
  3. Add the Domain User to the Local Administrator group.
  4. Log in as the Domain user.
  5. Download Simple User Certificate using Internet Explorer or Microsoft Management Console from Certification Server in Windows 2012 Domain. (For ex: 192.168.21.1 /certsrv)
  6. After Certificate is successfully downloaded, from Internet Explorer, Click Tools>Internet options>content>certification and verify the downloaded certificate is listed. Click Advanced tab and select `Client Authentication` Box in Certificate purposes option.

  • The User Certificate shall be successfully downloaded
  • No Error Message while downloading the Certificate


Stand alone


A


A
EAP-TLS-WEP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose 802.1x then click Next
  7. On Successfully added window, click Change connection settings
  8. Configure 802.1x authentication
  9. On Security tab, choose Smart card or other Certificate then click Settings button
  10. On Smart Card or other Certificate Properties -> When connecting, select the option "Use a Certificate on this Computer"
  11. Check the option", "Use Simple Certificate Selection"(Recommended)
  12. Check "Validate Server certificate" and "Connect to these servers" options.
  13. Enter the Server Name in "Connect to these servers" option.(For Example : Wifisvr.wifi.com)
  14. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  15. Check the option "Use a different user Name for the connection"
  16. On Smart Card or other Certificate Properties window, click OK
  17. On 802.1x Wireless Network Properties window, click OK
  18. On Successfully added window, click Connect to...
  19. Select the created profile, click the Connect button
  20. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  21. Now the Authentication is succeeded and IP Address is assigned to the client system
  22. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  23. Check Network Connectivity by issuing Ping Command and through the Network Center
  24. Check the Event Log of Radius Server and Authentication is successful.
  25. Check the Access Point Event Log and Authentication is successful
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
PEAP-MSCHAP-WEP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose 802.1x then click Next
  7. On Successfully added window, click Change connection settings
  8. Configure 802.1x authentication
  9. On Security tab, choose Protected EAP (PEAP) then click Settings button
  10. On Protected EAP Properties, check the options "Validate server certificate" and "Connect to these servers"
  11. Enter the Server Name in Connect to these servers option (For Example: Wifisvr.wifi.co,)
  12. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  13. ON select Authentication Method, select "Secured Password (EAP-MSCHAP-V2)"
  14. Check Enable Fast Reconnect option
  15. Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any) then click OK
  16. On Protected EAP Properties window, click OK
  17. On 802.1x Wireless Network Properties window, click OK
  18. On Successfully added window, click Connect to...
  19. Select the created profile, click the Connect button
  20. Now 802.1x Authentication process starts and there will be a message box from OS and Enter the User Name,password and Domain name.
  21. Open Network connections tab from Control Panel and view the Authentication Status Message displayed over the Wireless Network Connection like Attempting to authenticate /Authentication Succeeded.
  22. Now the Authentication is succeeded and IP Address is assigned to the client system
  23. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  24. Check Network Connectivity by issuing Ping Command and through the Network Center
  25. Check the Event Log of Radius Server and Authentication is successful.
  26. Check the Access Point Event Log and Authentication is successful
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-Enterprise-TKIP/WPA2-Enterprise-TKIP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose WPA-Enterprise
  7. On Encryption Type, choose TKIP then click Next
  8. On Successfully added window, click Change connection settings
  9. Configure 802.1x authentication
  10. On Security tab, choose Smart card or other Certificate then click Settings button
  11. On Smart Card or other Certificate Properties -> When connecting, select the option "Use a Certificate on this Computer
  12. Check the option", "Use Simple Certificate Selection"(Recommended)
  13. Check "Validate Server certificate" and "Connect to these servers" options.
  14. Enter the Server Name in "Connect to these servers" option.(For Example : Wifisvr.wifi.com)
  15. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  16. On Smart Card or other Certificate Properties window, click OK
  17. On 802.1x Wireless Network Properties window, click OK
  18. On Successfully added window, click Connect to...
  19. Select the created profile, click the Connect button
  20. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  21. Now the Authentication is succeeded and IP Address is assigned to the client system
  22. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  23. Check Network Connectivity by issuing Ping Command and through the Network Center
  24. Check the Event Log of Radius Server and Authentication is successful.
  25. Check the Access Point Event Log and Authentication is successful
  26. Change the Security Type to "WPA2-Enterprise" in Step 6 and perform from step 7 - 24
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-Enterprise-AES/WPA2-Enterprise-AES Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose WPA-Enterprise
  7. On Encryption Type, choose AES then click Next
  8. On Successfully added window, click Change connection settings
  9. Configure 802.1x authentication
  10. On Security tab, choose Smart card or other Certificate then click Settings button
  11. On Smart Card or other Certificate Properties -> When connecting, select the option "Use a Certificate on this Computer
  12. Check the option", "Use Simple Certificate Selection"(Recommended)
  13. Check "Validate Server certificate" and "Connect to these servers" options.
  14. Enter the Server Name in "Connect to these servers" option.(For Example : Wifisvr.wifi.com)
  15. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  16. On Smart Card or other Certificate Properties window, click OK
  17. On 802.1x Wireless Network Properties window, click OK
  18. On Successfully added window, click Connect to...
  19. Select the created profile, click the Connect button
  20. Now 802.1x Authentication process starts and there will be a message box from OS as `Click here to select a certificate or other credentials for connection to the network EAP-AP`. Click Ok in the Screen `Connect Wireless network Connection`.
  21. Now the Authentication is succeeded and IP Address is assigned to the client system
  22. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  23. Check Network Connectivity by issuing Ping Command and through the Network Center
  24. Check the Event Log of Radius Server and Authentication is successful.
  25. Check the Access Point Event Log and Authentication is successful
  26. Change the Security Type to "WPA2-Enterprise" in Step 6 and perform from step 7 - 24
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA- Enterprise-PEAP-MSCHAP-TKIP/WPA2-Enterprise-PEAP-MSCHAP-TKIP Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose WPA-Enterprise
  7. On Encryption type, choose TKIP then click Next
  8. On Successfully added window, click Change connection settings
  9. Configure 802.1x authentication
  10. On Security tab, choose Protected EAP(PEAP) then click Settings button
  11. On Protected EAP Properties, check the options "Validate server certificate" and "Connect to these servers"
  12. Enter the Server Name in Connect to these servers option (For Example: Wifisvr.wifi.co,)
  13. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  14. ON select Authentication Method, select "Secured Password (EAP-MSCHAP-V2)"
  15. Check Enable Fast Reconnect option
  16. Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any) then click OK
  17. On Protected EAP Properties window, click OK
  18. On 802.1x Wireless Network Properties window, click OK
  19. On Successfully added window, click Connect to...
  20. Select the created profile, click the Connect button
  21. Now the Authentication is succeeded and IP Address is assigned to the client system
  22. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  23. Check Network Connectivity by issuing Ping Command and through the Network Center
  24. Check the Event Log of Radius Server and Authentication is successful.
  25. Check the Access Point Event Log and Authentication is successful
  26. Change the Security Type to "WPA2-Enterprise" in Step 8 and perform from step 7 - 25
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA- Enterprise-PEAP-MSCHAP-AES/WPA2-Enterprise-PEAP-MSCHAP-AES Verification
  1. Login as Domain user
  2. Confirm whether Client Certificate is downloaded successfully.
  3. From Network Center, click Set up a connection
  4. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  5. On Network name, enter the SSID Name
  6. On Security type, choose WPA-Enterprise
  7. On Encryption type, choose AES then click Next
  8. On Successfully added window, click Change connection settings
  9. Configure 802.1x authentication
  10. On Security tab, choose Protected EAP(PEAP) then click Settings button
  11. On Protected EAP Properties, check the options "Validate server certificate" and "Connect to these servers"
  12. Enter the Server Name in Connect to these servers option (For Example: Wifisvr.wifi.co,)
  13. Select the correct Root Certificate of the Test Server in "Trusted Root Certification Authorities"
  14. ON select Authentication Method, select "Secured Password (EAP-MSCHAP-V2)"
  15. Check Enable Fast Reconnect option
  16. Click Configure button and uncheck the option `Automatically use my Windows Logon Name and Password (and Domain Name if any) then click OK
  17. On Protected EAP Properties window, click OK
  18. On 802.1x Wireless Network Properties window, click OK
  19. On Successfully added window, click Connect to...
  20. Select the created profile, click the Connect button
  21. Now the Authentication is succeeded and IP Address is assigned to the client system
  22. Verify IP Address is assigned by the DHCP Server after Authentication is successful
  23. Check Network Connectivity by issuing Ping Command and through the Network Center
  24. Check the Event Log of Radius Server and Authentication is successful.
  25. Check the Access Point Event Log and Authentication is successful
  26. Change the Security Type to "WPA2-Enterprise" in Step 8 and perform from step 7 - 25
  • Mutual Authentication of Server-Client and Client - Server shall happen
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-Personal-TKIP (ASCII/Hex) / WPA2-Personal-TKIP (ASCII/Hex) Verification
  1. Login as Domain user
  2. From Network Center, click Set up a connection
  3. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  4. On Network name, enter the SSID Name
  5. On Security type, choose WPA-Personal
  6. On Encryption type, choose TKIP then click Next
  7. On Security Key/Passphrase, type the key then click Next
  8. On Successfully added window, click Change connection settings
  9. Change some settings from Connection and Security tabs if necessary then click OK
  10. On Successfully added window, click Connect to...
  11. Select the created profile, click the Connect button
  12. Now the Authentication is succeeded and IP Address is assigned to the client system
  13. Check Network Connectivity by issuing Ping Command and through the Network Center
  14. Check the Access Point Event Log and Authentication is successful.
  15. Change the Security Type to "WPA2-Personal" in Step 5 and perform from step 6-14
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A
WPA-Personal-AES (ASCII/Hex) / WPA2-Personal-AES (ASCII/Hex) Verification
  1. Login as Domain user
  2. From Network Center, click Set up a connection
  3. On Set up a connection or network window, click Manually connect to a wireless network then click Next
  4. On Network name, enter the SSID Name
  5. On Security type, choose WPA-Personal
  6. On Encryption type, choose AES then click Next
  7. On Security Key/Passphrase, type the key then click Next
  8. On Successfully added window, click Change connection settings
  9. Change some settings from Connection and Security tabs if necessary then click OK
  10. On Successfully added window, click Connect to...
  11. Select the created profile, click the Connect button
  12. Now the Authentication is succeeded and IP Address is assigned to the client system
  13. Check Network Connectivity by issuing Ping Command and through the Network Center
  14. Check the Access Point Event Log and Authentication is successful.
  15. Change the Security Type to "WPA2-Personal" in Step 5 and perform from step 6-14
  • No Error Message related to authentication failure shall occur.
  • IP Address shall be assigned by DHCP Server
  • Network Connectivity shall be available


Stand alone


A


A

Wireless Security Authentication Matrix using OS Native

LEAP Verification

Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
LEAP
LEAPWEP
CISCO ACS
Windows Username & Password
WEP
A
A
A
AutoPrompt Username & Password
WEP
A
A
A
Use Saved Username & Password
WEP
A
A
A
WPA2-LEAP-AES
CISCO ACS
Windows Username & Password
AES
A
A
A
AutoPrompt Username & Password
AES
A
A
A
Use Saved Username & Password
AES
A
A
A


Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
LEAPCCKM
CCKM-LEAP-TKIP
CISCO ACS
Windows Username & Password
TKIP
A
NA
NA
AutoPrompt Username & Password
TKIP
A
NA
NA
Use Saved Username & Password
TKIP
A
NA
NA
CCKM-LEAP-WEP
CISCO ACS
Windows Username & Password
WEP
A
AutoPrompt Username & Password
WEP
A
NA
NA
Use Saved Username & Password
WEP
A
NA
NA
CCKM-LEAP-AES
CISCO ACS
Windows Username & Password
AES
A
NA
NA
AutoPrompt Username & Password
AES
A
NA
NA
Use Saved Username & Password
AES
A
NA
NA


EAP-FAST Verification
Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-FAST
EAPFAST-WEP
CISCO ACS
Use certificate on this computer
WEP
A
A
A
Use one-time password
WEP
A
A
A
Use Windows username and password
WEP
A
A
A
Prompt automatically for username and password
WEP
Use Saved Username and Password
WEP
A
A
A
WPA2-EAPFAST-AES
CISCO ACS
Use certificate on this computer
AES
A
A
A
Use one-time password
AES
A
A
A
Use Windows username and password
AES
A
A
A
Prompt automatically for username and password
AES
A
A
A
Use Saved Username and Password
AES
A
A
A


Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-FASTCCKM
CCKM-EAPFAST-WEP
CISCO ACS
Use certificate on this computer
WEP
A
NA
NA
Use one-time password
WEP
A
NA
NA
Use Windows username and password
WEP
A
NA
NA
Prompt automatically for username and password
WEP
Use Saved Username and Password
WEP
A
NA
NA
CCKM-EAPFAST-AES
CISCO ACS
Use certificate on this computer
AES
A
NA
NA
Use one-time password
AES
A
NA
NA
Use Windows username and password
AES
A
NA
NA
Prompt automatically for username and password
AES
A
NA
NA
Use Saved Username and Password
AES
A
NA
NA


WPA-PSK Verification
Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
WPA - PSK
WPAPSKASCII
No
Pre-Shared Key
TKIP
A
A
A


WPA2-PSK Verification
Authentication
SSID
Authentication
Server
User Credential
Encryption
Intel
Realtek
Broadcom
WPA2 - PSK
WPA2PSKHex
No
Pre-Shared Key
AES
A
A
A


PEAP-GTC Verification
Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
PEAP-GTC
PEAP-GTCWEP
CISCO ACS/ RSA Secure ID
Use one-time password
WEP
A
A
A
Use Windows username and password
WEP
A
A
A
Prompt automatically for username and password
WEP
Use Saved Username and Password
WEP
A
A
A
WPA2-PEAP-GTC-AES
CISCO ACS/ RSA Secure ID
Use one-time password
AES
A
A
A
Use Windows username and password
AES
A
A
A
Prompt automatically for username and password
AES
A
A
A
Use Saved Username and Password
AES
A
A
A


Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
PEAP-GTCCCKM
CCKM-PEAP-GTC-TKIP
CISCO ACS/ RSA Secure ID
Use one-time password
TKIP
A
NA
NA
Use Windows username and password
TKIP
A
NA
NA
Prompt automatically for username and password
TKIP
NA
NA
Use Saved Username and Password
TKIP
A
CCKM-PEAP-GTC-WEP
CISCO ACS/ RSA Secure ID
Use one-time password
WEP
A
NA
NA
Use Windows username and password
WEP
A
NA
NA
Prompt automatically for username and password
WEP
NA
NA
Use Saved Username and Password
WEP
A
NA
NA
CCKM-PEAP-GTC-AES
CISCO ACS/ RSA Secure ID
Use one-time password
AES
A
NA
NA
Use Windows username and password
AES
A
NA
NA
Prompt automatically for username and password
AES
A
NA
NA
Use Saved Username and Password
AES
A
NA
NA


PEAP-CHAP Verification
Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
PEAP-CHAP
PEAPCHAPWEP
Win2003 / Win2008 / Win2012
Certificate
WEP
A
A
A
WPA2-PEAPCHAP-AES
Win2003 / Win2008 / Win2012
Certificate
AES
A
A
A

Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
PEAP-CHAPCCKM
CCKM-PEAPCHAP-TKIP
Win2003 / Win2008 / Win2012
Certificate
TKIP
A
NA
NA
CCKM-PEAPCHAP-WEP
Win2003 / Win2008 / Win2012
Certificate
WEP
A
NA
NA
CCKM-PEAPCHAP-AES
Win2003 / Win2008 / Win2012
Certificate
AES
A
NA
NA


EAP-TTLS Verification
Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-TTLS
EAPTTLSWEP
Funk Odyssey
Certificate
WEP
A
A
A
WPA2-EAPTTLS-AES
Funk Odyssey
Certificate
AES
A
A
A

Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-TTLSCCKM
CCKM-EAPTTLS-TKIP
Funk Odyssey
Certificate
TKIP
A
NA
NA
CCKM-EAPTTLS-WEP
Funk Odyssey
Certificate
WEP
A
NA
NA
CCKM-EAPTTLS-AES
Funk Odyssey
Certificate
AES
A
NA
NA


EAP-TLS Verification
Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-TLS
EAPTLSWEP
Win2003 / Win2008 / Win2012
Certificate
WEP
A
A
A
WPA2-EAPTLS-AES
Win2003 / Win2008 / Win2012
Certificate
AES
A
A
A

Authentication
SSID
Authentication Server
User Credential
Encryption
Intel
Realtek
Broadcom
EAP-TLSCCKM
CCKM-EAPTLS-TKIP
Win2003 / Win2008 / Win2012
Certificate
TKIP
A
NA
NA
CCKM-EAPTLS-WEP
Win2003 / Win2008 / Win2012
Certificate
WEP
A
NA
NA
CCKM-EAPTLS-AES
Win2003 / Win2008 / Win2012
Certificate
AES
A
NA
NA


Network Reliability Test

Test Item Check Item / Criteria Configuration
Result
Win8.1 32
Win8.1 64
Warm Boot Tests
  1. After Successful authentication and Network Connection is established, Restart the System
  2. Login as Domain User and Check Wireless Connection is restored to the same profile used before restarting the system
  3. Repeat the steps 1-2 for 10 Times and verify the criteria.

  • Authentication shall be successful after each Restart
  • Network Connectivity shall be established after each Restart
  • Network connection be restored to Previously used Profile unless AP is powered off
  • No Error Message after Restart


Stand alone


A


A
Cold Boot Tests
  1. After Successful authentication and Network Connection is established, Shutdown the System
  2. Power On the system again
  3. Login as Domain User and Check Wireless Connection is restored to the same profile used before restarting the system
  4. Repeat the steps 1-3 for 10 Times and verify the criteria

  • Authentication shall be successful after Cold Boot
  • Network Connectivity shall be established after each Restart
  • No Error Message occurs


Stand alone


A


A
Power Management - Suspend/ResumeTest
  1. After Successful authentication and Network Connection is established,Close the Lid (Fn+F4) to suspend the system
  2. Open the Lid after 1 minute.
  3. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.
  4. Repeat Steps 1-3 for ten times and verify the criteria

  • Authentication shall be successful after each PM
  • Network Connectivity shall be established after each PM
  • No Error Message occurs


Stand alone


A


A
Power Management - LID Close -
  1. After Successful authentication and Network Connection is established close the lid to suspend the system
  2. Resume the system by opening the lid after 1 minute.
  3. Ensure Authentication is successfull and Network Connectivity is restored to the previously connected AP /Network.
  4. Repeat Steps 1-3 for 10 times and verify the criteria
  • Authentication shall be successful after each PM
  • Network Connectivity shall be established after each PM
  • No Error Message occurs


Stand alone


A


A
Power Management - Hibernate / Resume Test
  • After Successful authentication and Network Connection is established
  • Press Fn+F12 and hibernate the system
  • Resume after 1 minute.
  • Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.
  • Repeat Steps 1-4 for ten times and verify the criteria

    • Authentication shall be successful after each PM
    • Network Connectivity shall be established after each PM
    • No Error Message occurs


    Stand alone


    A


    A
    Logoff/Login with Suspend/Resume
    1. After Successful authentication and Network Connection is established,logoff the system
    2. Now login to the system again
    3. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.
    4. Press Fn+F4 to suspend the system
    5. Resume after 1 minute.
    6. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.

    • Authentication shall be successful after each PM
    • Network Connectivity shall be established after each PM
    • No Error Message occurs


    Stand alone


    A


    A
    Logoff/Login with LID Close
    1. After Successful authentication and Network Connection is established, logoff the system
    2. Now login to the system again
    3. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP/Network.
    4. Close the lid to suspend the system
    5. Resume by pressing Fn key after 1 minute.
    6. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP/Network.
    • Authentication shall be successful after each PM
    • Network Connectivity shall be established after each PM
    • No Error Message occurs

    Stand alone
    Logoff/Login with Hibernation/Resume
    1. After Successful authentication and Network Connection is established,logoff the system
    2. Now login to the system again
    3. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.
    4. Press Fn+F12 to hibernate the system
    5. Resume after 1 minute.
    6. Ensure Authentication is successful and Network Connectivity is restored to the previously connected AP /Network.

    • Authentication shall be successful after each PM
    • Network Connectivity shall be established after each PM
    • No Error Message occurs


    Stand alone


    A


    A
    OTHER DETAILS
    EUT Quantity : Two systems 1. "Please check Error and Warning message in Event Viewer before you start the test case and after you complete the test case, and report it to your team lead."
    2. "Perform All Test in Battery Mode (Some of the test items need to perform in AC Mode, follow each Test Case)"
    (All Test Activity should be performed with AMT Enabled)
    Test Item
    Configuration
    Intel
    Realtek
    Broadcom
    128 bit WEP Verification
    Standalone
    A
    A
    A
    EAP-TLS-WEP Verification
    Standalone
    A
    A
    A
    PEAP-MSCHAP-WEP Verification
    Standalone
    A
    A
    A
    WPA-TLS-TKIP Verification
    Standalone
    A
    A
    A
    WPA-TLS-AES Verification
    Standalone
    A
    A
    A
    WPA-PEAP MSCHAP - TKIP Verification
    Standalone
    A
    A
    A
    WPA-PEAP MSCHAP - AES Verification
    Standalone
    A
    A
    A
    WPA- PSK - TKIP (ASCII/Hex) Verification
    Standalone
    A
    A
    A
    WPA- PSK - AES (ASCII/Hex) Verification
    Standalone
    A
    A
    A
    WPA2-TLS-TKIP Verification
    Standalone
    A
    A
    A
    WPA2-TLS-AES Verification
    Standalone
    A
    A
    A
    WPA2-PEAP MSCHAP - TKIP Verification
    Standalone
    A
    A
    A
    WPA2-PEAP MSCHAP - AES Verification
    Standalone
    A
    A
    A
    WPA2- PSK - TKIP (ASCII/Hex) Verification
    Standalone
    A
    A
    A
    WPA2- PSK - AES (ASCII/Hex) Verification
    Standalone
    A
    A
    A

    TEMS Reviewer Log:
    Review Logs
    Created last 2016-06-13 14:15:50 by Eiji Ogata. Review Comments(Review Complete): review completed.
    Keywords:   None
    Requirements :   None
    Attached files :
    CCKM_W8.jpg - CCKM_W8.jpg (355625 bytes, ) 07/03/2015

    Update History:
    This document is not yet modified.