The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Following are examples of valid .xml distribution package files from typical enterprise environments.
Note In all of the examples, the license string is functionally invalid. Replace with one appropriate to your application.
•Example B-1—Illustrates only the base elements of a distribution package. No networks are defined in this example. (Use Example B-1.)
•Example B-2—illustrates the addition of minimal, nonauthenticating, open Wi-Fi and wired networks. (Use Example B-2.)
•Example B-3—Illustrates a nonauthenticating, WPA personal Wi-Fi network with the following properties:
–user connection context
–WPA-Personal association with TKIP encryption
Such a network would be applicable to any corporate-supplied home equipment (where you configure the key) that your end-user might have for connecting to your enterprise network remotely. (Use Example B-3.)
Note Any of the following authenticating Wi-Fi network definitions can be extracted and used in a wired authenticating network by removing the associationMode element. Extract the following:
<authenticationNetwork>
Retain otherwise: .....
Remove this: <associationMode>...</associationMode>
</authenticationNetwork>
•Example B-4—Illustrates an authenticating Wi-Fi network with the following properties:
–machine/user connection context
–user password credentials obtained from an initial, one-time prompt
machine password obtained automatically from the MS Active Directory setup
–single, tunneled EAP method
–server validation based on release 4.0 current functionality
(Use Example B-4.)
•Example B-5—Illustrates an authenticating Wi-Fi network with the following properties:
–machine/user connection context
–user password credentials obtained from the operating system (single-signon)
machine credential obtained automatically from the MS Active Directory setup
–multiple, tunneled EAP methods
–server validation based on multiple authentication server rules and new release 4.1 CA certificate deployment support
(Use Example B-5.)
•Example B-6—Illustrates an authenticating, Wi-Fi network with the following properties:
–Novell domain compatible network
–user connection context
–user password credentials obtained from the OS (single-signon)
–single, tunneled EAP method
–server validation based on release 4.0 current functionality
(Use Example B-6.)
•Example B-7—Illustrates an authenticating, Wi-Fi network with the following properties:
–machine connection context
–machine credentials obtained from new release 4.1 static credential support
–single, tunneled EAP method
–server validation based on release 4.0 current functionality
(Use Example B-7.)
•Example B-8—Illustrates an authenticating, Wi-Fi network with the following properties:
–user connection context
–user client certificate credentials obtained from a smartcard
–TLS EAP method
–server validation based on release 4.0 current functionality
(Use Example B-8.)
•Example B-9—Illustrates an authenticating Wi-Fi network with the following properties:
–user connection context
–user password credentials obtained from an initial, one-time prompt
–single, tunneled EAP method
–server validation based on release 4.0 current functionality
(Use Example B-9.)
•Example B-10—Illustrates an authenticating Wi-Fi network with the following properties:
–user connection context
–user password credentials obtained from new release 4.1 static credential support
–FAST EAP method with new release 4.1 manual PAC provisioning support
(Cisco ACS server configured for no autonomous PAC provisioning.)
–server validation based on associated PAC rule
(Use Example B-10.)
•Example B-11—Illustrates a wired-only version with the following properties:
–preset end-user version
–authenticating network only
–machine and user connection context
–FAST EAP method only
–no server validation
(Use Example B-11.)
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wiredNetwork>
<displayName>My Corporate Wired Network</displayName>
<openNetworkMachineConnection/>
</wiredNetwork>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<openNetworkUserConnection>
<autoConnect>true</autoConnect>
</openNetworkUserConnection>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<sharedKeyNetwork>
<userConnection>
<keySettings>
<wpa>
<key>
<ascii encrypt="true">mySecret</ascii>
</key>
<encryption>TKIP</encryption>
</wpa>
</keySettings>
<autoConnect>true</autoConnect>
</userConnection>
</sharedKeyNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<machineUserAuthentication>
<machine>
<collectionMethod>
<auto/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</machine>
<user>
<autoConnect>true</autoConnect>
<collectionMethod>
<prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</user>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</machineUserAuthentication>
<serverValidation>
<validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<machineUserAuthentication>
<machine>
<collectionMethod>
<auto/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</machine>
<user>
<autoConnect>true</autoConnect>
<collectionMethod>
<singleSignOn/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</user>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
<eapPeap>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>false</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapPeap>
</eapMethods>
</machineUserAuthentication>
<serverValidation>
<validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
<matchSubjectAlternativeName name="Cert Rule 3" match="endsWith">myCorp2.net</matchSubjectAlternativeName>
</validationRules>
<trustedRootCACerts>
<certificate>
<caReference>E:\path\CaCertFile</caReference>
</certificate>
</trustedRootCACerts>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<userAuthentication>
<autoConnect>
<connectBeforeLogon>true</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<singleSignOn/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
<validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<machineAuthentication>
<collectionMethod>
<static/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
<staticIdentity encrypt="true">machineName</staticIdentity>
<staticPassword encrypt="true">machineSecret</staticPassword>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</machineAuthentication>
<serverValidation>
<validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<prompt>
<credentialsStorage>
<logonSession/>
</credentialsStorage>
</prompt>
</collectionMethod>
<useAnonymousId>false</useAnonymousId>
<eapMethods>
<eapTls>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<certificateSource>
<smartCardOnlyCertificate/>
</certificateSource>
</eapTls>
</eapMethods>
</userAuthentication>
<serverValidation>
<validationRules>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
<validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<authenticationNetwork>
<userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<static/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
<staticIdentity encrypt="true">userName</staticIdentity>
<staticPassword encrypt="true">userSecret</staticPassword>
<pacs>
<pac>
<pacReference encrypt="true">E:\path\pacFile</pacReference>
<secretKey encrypt="true">pacPassword</secretKey>
</pac>
</pacs>
<eapMethods>
<eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
<trustedServerIds>
<trustedServerId name="PAC AID Rule 1">
<reference>
<aIdReference>E:\path\pacRefFile</aIdReference>
<secretKey>1234</secretKey>
</reference>
</trustedServerId>
</trustedServerIds>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" minor_version="1" major_version="4">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes></allowedAssociationModes>
<allowedEapMethods>
<eapFast/>
</allowedEapMethods>
<serverValidationPolicy>
<allowUserValidationControl/>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
</networkPolicy>
<networks>
<wiredNetwork>
<displayName>My Corporate Wired Network</displayName>
<authenticationNetwork>
<machineUserAuthentication>
<machine>
<collectionMethod>
<auto/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</machine>
<user>
<autoConnect>true</autoConnect>
<collectionMethod>
<singleSignOn/>
</collectionMethod>
<useAnonymousId>true</useAnonymousId>
</user>
<eapMethods>
<eapFast>
<validateServerIdentity>false</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapGtc/>
<eapMschapv2/>
</innerEapMethods>
</eapFast>
</eapMethods>
</machineUserAuthentication>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
</authenticationNetwork>
</wiredNetwork>
</networks>
<connectionSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>false</validateWpaHandshake>
</connectionSettings>
<userControlPolicy>
<clientUIType>preset</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
</allowedMedia>
</userControlPolicy>
</configuration>