Hello!
I'm replacing our Cisco Wi-Fi 2504 wireless controller and 2600 series APs with a Fortinet solution (431F & 433F APs paired with a FortiGate 600E internal wireless controller).
I am intending to use WPA3 with our WiFi6 compatible laptops and WPA2 with our WiFi5 laptops. The SSIDs are set to WAP3 SAE Transition.
The good news:
-Both WiFi6 & WiFi5 laptops are connecting with the intended authentication method and speed.
The question:
-How can I push the passphrase for a SSID to multiple laptops so that users will not need to enter the passphrase manually?
I did find an article that showed me how to use 'netsh' to export the SSID and passphrase to an XML file. Then I created a batch file to use netsh to add the SSID to target computers. It seemed to work, however, when the test user clicked on the SSID name in the Windows network list, the user was still asked to enter the passphrase. Below are the basic commands.
-netsh wlan export profile key=clear folder="C:\stage\wifi6"
-netsh wlan add profile filename="C:/stage\wifi6\Wi-Fi-Corp.xml" user=current
I am guessing netsh was not the answer because the pre-shared key is not in the XML file?
I also tried to use group policy to push the SSID information, but WPA3 was not supported.
Just to see if it would work, I then tried to push the SSID configured with WPA2 authentication; however, I never came to a setting where I could enter the actual passphrase.
My next thought is to use PowerShell, but before spending time on that, I thought I might be wise to ask. Has anyone found a method to pre-configure a SSID passphrase on a Windows 10 laptop?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Craig Beck on Experts Exchange gave me a suggestion that will help me complete the depolyment today. I will still bring up a RADIUS server and also update the ADMX for AD so that I can select WPA3.
The solution was to take away user=current from the netsh import command.
Hello TMA,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Craig Beck on Experts Exchange gave me a suggestion that will help me complete the depolyment today. I will still bring up a RADIUS server and also update the ADMX for AD so that I can select WPA3.
The solution was to take away user=current from the netsh import command.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1698 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.