May 5, 2009 Page 1
CruzNet Secure Set-Up Instructions for Windows Vista
1. In order to start using CruzNet Secure, you'll first need to create a password at https://vpn.soe.ucsc.edu/. Click on the “reset your password” link.
2. On the Reset My VPN Password screen:
1. Enter your CruzID in the “Login Name” field
2. Type the words that appear in the “Captcha” box at the bottom of the screen (the words should be separated with a space).
3. Click the “Reset My Password” button.
3. You will receive a message informing you that a link has been sent to you via email.
May 5, 2009 Page 2 4. Open your UCSC email account. You should see a message titled “VPN Password Reset.” Click on the link contained in the email.
5. The link will take you to the “Complete Password Reset” page.
1. Enter the password you wish to use in the “New Password” field.
2. Re-enter the password in the “Confirm Password” field 3. Click the “Change My Password” button.
May 5, 2009 Page 3 6. You will receive a confirmation message. You will need the password you have created to access CruzNet Secure once you have completed the setup process.
May 5, 2009 Page 4 7. Next, you will need to download the UCSC NOC Certificate Authority available at
https://www2.ucsc.edu/its/cruznetsecure/cruznetsecure_certs/ucsc_noc_ca.der (use Internet Explorer to access this). You will see a File Download window. Select "Open."
8. You will see an Internet Explorer Security warning. Click “Allow” at the bottom of the screen.
May 5, 2009 Page 5 9. You should now see the Certificate window. Click the "Install Certificate" button at the bottom of the window.
10. You are now in the Certificate Import Wizard window. Click “Next.”
May 5, 2009 Page 6 11. You are now on the Certificate Store screen.
1. Select "Place all certificates in the following store" by clicking in the circle, 2. Click "Browse"
12. The Select Certificate Store window will appear. Find “Trusted Root Certificate Authorities" om the list and click on it. It will be highlighted as shown in the picture below. Click OK.
May 5, 2009 Page 7 13. You will be back to the Certificate Import Wizard screen. You should see that “Trusted Root Certificate Authorities" appears in the box labeled “Certificate Store.” Click “Next.”
14. You should be on the Completing the Certificate Import Wizard window. Here you can see what settings you have selected. Click “Finish” at the bottom of the window.
May 5, 2009 Page 8 15. You will see a security warning window. At the bottom of the screen, you are asked if you want to install the certificate. Click “yes.”
16. A message will appear, telling you that the import was successful. Click “OK.”
May 5, 2009 Page 9
May 5, 2009 Page 10 17. To configure your wireless connection, right click the wireless icon at the bottom right corner of your screen (near the clock) and select “Network and Sharing Center.” If you are not able to find the icon or it is not present, you should be able to open it from "Control Panel".
18. Once you are in the Network and Sharing Center screen, click on "Manage wireless networks."
You will find it in the “Tasks” menu on the left side of the window.
May 5, 2009 Page 11 19. You will now see the Manage Wireless Networks screen. Click “Add.”
May 5, 2009 Page 12 20. On the “How do you want to add a network” screen, click on “Manually create a network profile.”
May 5, 2009 Page 13 21. On the next screen, you will fill in the following information for CruzNet Secure:
1. Network name: cruznetsecure
2. Network Authentication: WPA-Enterprise 3. Data Encryption: TKIP
4. Check "Connect even if network is not broadcasting" (CruzNet Secure does not broadcast its SSID)
Click next to continue.
22. You should see the message “Successfully added cruznetsecure.” Click on “Change network settings.”
May 5, 2009 Page 14 23. You are now on the cruznetsecure Wireless Properties screen. Click the “Security” tab at the top of the window.
1. Under “Choose a network authentication method” make sure that “Microsoft: Protected EAP (PEAP)" is selected in the drop down menu.
2. Click the settings button.
May 5, 2009 Page 15 24. You will now see the “Protected EAP Properties” window.
1. Make sure "Validate server certificate" is checked 2. Check the box labeled "Connect to these servers:"
3. In the blank type: wifiauth.ucsc.edu
4. Under "Trusted Root Certification Authorities:" Check: "UCSC NOC Certificate Authority"
If UCSC NOC Certificate Authority is not present the certificate has either not been imported or was imported into the incorrect store. You can try importing the certificate again from the top of this document.
5. Check: "Do not prompt user to authorize new servers or trusted certification authorities".
6. Under "Select Authentication Method” select “Secured password (EAP-MSCHAP v2)” from the list and click "Configure..."
May 5, 2009 Page 16 25. You should see a window titled EAP MSCHAPv2 Properties. Uncheck "Automatically use my Windows logon name and password (and domain if any)". It is very important to assure this is not checked as Windows will not prompt you for your username and password if it is.
Click “OK” to close the EAP MSCHAPv2 Properties, and also click OK to close the “Protected EAP Properties window.
26. At this point your configuration is complete. Click "OK" on each of the windows that have opened.
Click close on the Manually connect to a wireless network window.
To complete the connection to cruznetsecure, click on the wireless icon at the bottom of the screen.
You should see your current connection status. Click on “Connect or disconnect…”
May 5, 2009 Page 17 27. You should see a list of available networks. Click on cruznetsecure.
28. The next window tells you that additional log on information is required. Click “Enter/select additional log on information.”
May 5, 2009 Page 18 29. You will see a screen asking for your User name and Password. Enter you CruzID as the username and the password you created above in the password field. Click OK.
You are now connected to cruznetsecure.