Onboard a Windows device to a wired network with credentials

In this topic, you will learn how to onboard using credentials, a Windows 10 computer, and a wired network managed by Portnox™ Cloud.

Note: The user interface and the names of options may differ slightly for other Windows versions.
Note: If your instance is integrated with Microsoft Azure and your Azure access policy enforces multi-factor authentication (MFA), to log in using credentials you need to set up a MFA bypass by following the steps in this topic: Bypass multi-factor authentication in Azure.
  1. Open the Windows 10 Network and Sharing Center window (Control Panel > Network and Internet > Network and Sharing Center) and click on the Change adapter settings option.

  2. Right-click on the Ethernet connection that represents the adapter connected to the wired network managed by Portnox Cloud and select the Properties option from the pop-up menu.

  3. In the Ethernet Properties window, click on the Authentication tab and in the Choose a network authentication method field, select Microsoft: EAP-TTLS. Then, click on the Settings button.

    Note: If there is no Authentication tab, open the Windows Services app, find the Wired AutoConfig service, Start it, and in its Properties, set Startup type to Automatic.
  4. In the TTLS Properties window, in the Client authentication section, select the supported authentication method.

    Note: This authentication method is the method used to communicate with internal or external authentication repositories. Different repositories may support different methods. For example, cloud-based repositories like Microsoft Azure, Google Workspace, and Okta supports PAP only, but the on-premises repositories such as AD and LDAP supports MSCHAP. If you don’t know the correct method for your user repository, try different ones to see which one works. We also recommend that you read the following topic about the security of different authentication methods: EAP methods and their security.
    Important: To make sure that the network you connect to is not spoofed, we recommend that in the Trusted Root Certification Authorities list, you find and activate all DigiCert certificates as well as the clear-rad.portnox.com certificate, if present.
  5. Click on the OK button to close the TTLS Properties window. Click again on the OK button to close the Ethernet Properties window.

    You can do this step later, after you successfully connected to the network.

  6. When you connect the adapter to the network, Windows shows the Sign in window. In the Sign in window, enter your credentials, and click on the OK button.

    You can also enter your identity in the down-level logon name format: domain\user, for example, vorlon.com\kosh.

Result: Your Windows 10 computer is connected to a wired network managed by Portnox Cloud.

Troubleshooting information: See the following topic: How to troubleshoot typical device onboarding issues.