The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Following are examples of valid .xml distribution package files from typical enterprise environments. The file listings are augmented with crossreferences to the features indicated in the high-level descriptions. The file, sscAdminGuideExXml.zip, also distributed in the SSCAdminUtils zip file, contains all of these examples as individual .xml files, for a convenient starting point and easy text editing.
Note In all of the examples, the license string is functionally invalid. Replace with one appropriate to your application.
•Example B-1—Illustrates only the base elements of a distribution package. No networks are defined in this example. (Use Example B-1.)
•Example B-2—illustrates the addition of minimal, nonauthenticating, open (1) Wi-Fi and (2) wired networks. (Use Example B-2.)
•Example B-3—Illustrates (1) a nonauthenticating, WPA personal Wi-Fi network with the following properties:
–(2) user connection context
–(3) WPA-Personal association with TKIP encryption
Such a network would be applicable to any corporate-supplied home equipment (where you configure the key) that your end-user might have for connecting to your enterprise network remotely. (Use Example B-3.)
Note Any of the following authenticating Wi-Fi network definitions can be extracted and used in a wired authenticating network by removing the associationMode element. Extract the following:
<authenticationNetwork>
Retain otherwise: .....
Remove this: <associationMode>...</associationMode>
</authenticationNetwork>
•Example B-4—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) machine/user connection context
–(3) user password credentials obtained from an initial, one-time prompt
(4) machine password obtained automatically from the MS Active Directory setup
–(5) single, tunneled EAP method
–(6) server certificated validation based on release 4.0 functionality
(Use Example B-4.)
•Example B-5—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) machine/user connection context
–(3) user password credentials obtained from the operating system (single-signon)
(4) machine credential obtained automatically from the MS Active Directory setup
–(5) multiple, tunneled EAP methods
–(6) server certificate validation based on multiple authentication server rules and release 4.1 (7) CA certificate deployment support
(Use Example B-5.)
•Example B-6—Illustrates (1) an authenticating, Wi-Fi network with the following properties:
–Novell domain compatible network
–(2) user connection context
–(3) user password credentials obtained from the OS (single-signon)
–(4) single, tunneled EAP method
–(5) server certificate validation based on release 4.0 functionality
(Use Example B-6.)
•Example B-7—Illustrates (1) an authenticating, Wi-Fi network with the following properties:
–(2) machine connection context
–(3) machine credentials obtained from release 4.1 static credential support
–(4) single, tunneled EAP method
–(5) server certificate validation based on release 4.0 functionality
(Use Example B-7.)
•Example B-8—Illustrates (1) an authenticating, Wi-Fi network with the following properties:
–(2) user connection context
–(3) user client certificate credentials obtained from a smartcard
–(4) TLS EAP method
–(5) server certificate validation based on release 4.0 functionality
(Use Example B-8.)
•Example B-9a—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) user connection context
–(3) user password credentials obtained from an initial, one-time prompt
–(4) EAP-FAST-GTC method (autonomous, authenticated PAC provisioning)
–(5) server certificate validation for PAC provisioning based on release 4.0 functionality
(Use Example B-9a.)
•Example B-9b—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) user connection context
–(3) user password credentials obtained from an initial, one-time prompt
–(4) EAP-FAST-GTC method (autonomous, unauthenticated PAC provisioning)
–(5) server AID validation for PAC provisioning based on release 4.0 functionality
(Use Example B-9b.)
•Example B-9c—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) user connection context
–(3) user password credentials obtained from an initial, one-time prompt
–(4) FAST EAP-MSCHAPv2 method with release 4.1 manual PAC provisioning support
(Cisco ACS server configured for no autonomous PAC provisioning.)
–(5) no server validation
(Use Example B-9c.)
•Example B-10—Illustrates (1) an authenticating Wi-Fi network with the following properties:
–(2) user connection context
–(3) user password credentials obtained from new release 4.1 static credential support
–(4) single, tunneled EAP method
–(5) server certificate validation based on release 4.0 functionality
(Use Example B-10.)
•Example B-11—Illustrates (1) a wired-only version with the following properties:
–(2) preset end-user version
–(3) authenticating network only
–(4) machine and user connection context
–(5) FAST EAP method only
–(6) server certificate validation
(Use Example B-11.)
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(2) <wiredNetwork>
<displayName>My Corporate Wired Network</displayName>
<openNetworkMachineConnection/>
</wiredNetwork>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
<openNetworkUserConnection>
<autoConnect>true</autoConnect>
</openNetworkUserConnection>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
<alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
<wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <sharedKeyNetwork>
(2) <userConnection>
<keySettings>
(3) <wpa>
<key>
<ascii encrypt="true">mySecret</ascii>
</key>
<encryption>TKIP</encryption>
</wpa>
</keySettings>
<autoConnect>true</autoConnect>
</userConnection>
</sharedKeyNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(5) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(6) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
(3) <forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <machineUserAuthentication>
<machine>
<collectionMethod>
(4) <auto/>
</collectionMethod>
<unprotectedIdentityPattern>host/anonymous</unprotectedIdentityPattern>
<protectedIdentityPattern>host/<fqhn></protectedIdentityPattern>
</machine>
<user>
<autoConnect>
<connectBeforeLogon>true</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
</user>
<eapMethods>
(5) <eapFast>
(6) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</machineUserAuthentication>
<serverValidation>
(6) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="21">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(5) <eapFast/>
(5) <eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(6) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <machineUserAuthentication>
<machine>
<collectionMethod>
(4) <auto/>
</collectionMethod>
<unprotectedIdentityPattern>host/anonymous</unprotectedIdentityPattern>
<protectedIdentityPattern>host/<fqhn></protectedIdentityPattern>
</machine>
<user>
<autoConnect>
<connectBeforeLogon>true</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <singleSignOn/>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
</user>
<eapMethods>
(5) <eapFast>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
(5) <eapPeap>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>false</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapPeap>
</eapMethods>
</machineUserAuthentication>
<serverValidation>
(6) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
<matchSubjectAlternativeName name="Cert Rule 3" match="endsWith">myCorp2.net</matchSubjectAlternativeName>
</validationRules>
<trustedRootCACerts>
(7) <certificate>
<caReference>E:\path\CaCertFile</caReference>
</certificate>
</trustedRootCACerts>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>true</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <singleSignOn/>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
<eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
(5) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
<eapFast/>
(4) <eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <machineAuthentication>
<collectionMethod>
(3) <static/>
</collectionMethod>
(3) <unprotectedIdentityPattern>anonymous</unprotectedIdentityPattern>
(3) <protectedIdentityPattern>machineName</protectedIdentityPattern>
(3) <staticPassword encrypt="true">machineSecret</staticPassword>
<eapMethods>
(4) <eapPeap>
<validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
</innerEapMethods>
</eapPeap>
</eapMethods>
</machineAuthentication>
<serverValidation>
(5) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
(3) <logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<prompt>
<credentialsStorage>
(3) <logonSession/>
</credentialsStorage>
</prompt>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<certificateSource>
(3) <smartCardOnlyCertificate/>
</certificateSource>
<innerEapMethods>
(4) <eapTls>
<validateServerIdentity>true</validateServerIdentity>
</eapTls>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
(5) <validationRules>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
(3) <forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
(4) <eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
(5) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
(3) <forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
(4) <eapMschapv2/>
(4) <eapGtc/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
(5) <trustedServerIds>
<trustedServerId name="PAC AID Rule 1">
<reference>
<aIdReference>E:\path\pacRefFile</aIdReference>
<secretKey>1234</secretKey>
</reference>
</trustedServerId>
</trustedServerIds>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <allowUserValidationControl/>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
(3) <forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <prompt>
<credentialsStorage>
<forever/>
</credentialsStorage>
</prompt>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
(4) <pacs>
<pac>
<pacReference encrypt="true">E:\path\pacFile</pacReference>
<secretKey encrypt="true">pacPassword</secretKey>
</pac>
</pacs>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>false</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
(4) <eapMschapv2/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes>
<!--open network-->
<open/>
<!--shared key network-->
<wpa-Personal/>
<wpa2-Personal/>
<!--authenticating network-->
<wpa-Enterprise/>
<wpa2-Enterprise/>
<!--legacy WEP shared key and authenticating networks-->
<wep/>
</allowedAssociationModes>
<allowedEapMethods>
<!--wired only-->
<eapMd5/>
<eapMschapv2/>
<eapGtc/>
<!--wired or wireless-->
(4) <eapFast/>
<eapPeap/>
<eapTls/>
<eapTtls/>
<leap/>
</allowedEapMethods>
<serverValidationPolicy>
(5) <alwaysValidate>
<allowUserTrustedServers>true</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
<duration>5</duration>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wifiNetwork>
<displayName>My Corporate Wi-Fi Network</displayName>
<ssid>MyCorpNet</ssid>
<associationRetries>3</associationRetries>
<beaconing>true</beaconing>
(1) <authenticationNetwork>
(2) <userAuthentication>
<autoConnect>
<connectBeforeLogon>false</connectBeforeLogon>
</autoConnect>
<collectionMethod>
(3) <static/>
</collectionMethod>
(3) <unprotectedIdentityPattern>anonymous@engr.myCompany.com</unprotectedIdentityPattern>
(3) <protectedIdentityPattern>userName</protectedIdentityPattern>
(3) <staticPassword encrypt="true">userSecret</staticPassword>
<eapMethods>
(4) <eapFast>
(5) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
</innerEapMethods>
</eapFast>
</eapMethods>
</userAuthentication>
<serverValidation>
(5) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
<associationMode>
<wpa-Enterprise>TKIP</wpa-Enterprise>
</associationMode>
</authenticationNetwork>
</wifiNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>true</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
<clientUIType>configurable</clientUIType>
<allowLicensing>false</allowLicensing>
<allowedMedia>
<wired/>
<wifi/>
</allowedMedia>
</userControlPolicy>
</configuration>
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="..\distributionPackage.xsd" major_version="4" minor_version="2">
<license>T244-YKGP-UMG5-Y2F2-5KMH-5OYX-DAR4-POND-52Z5-MHJZ-3LOD-SLYL-U5YA-IUKU-M3TC-JNO7-3MEM-LGAA</license>
<networkPolicy>
<allowedAssociationModes></allowedAssociationModes>
<allowedEapMethods>
(5) <eapFast/>
</allowedEapMethods>
<serverValidationPolicy>
(6) <alwaysValidate>
<allowUserTrustedServers>false</allowUserTrustedServers>
</alwaysValidate>
</serverValidationPolicy>
<allowUserSimultaneousConnectionsControl>false</allowUserSimultaneousConnectionsControl>
<allowedCredentialStorage>
<forever/>
<logonSession/>
</allowedCredentialStorage>
<allowUserWpaHandshakeValidationControl>false</allowUserWpaHandshakeValidationControl>
<allowPublicProfileCreation>false</allowPublicProfileCreation>
<allowedClientCertificates>
<noEkuFilter/>
</allowedClientCertificates>
</networkPolicy>
<networks>
(1) <wiredNetwork>
<displayName>My Corporate Wired Network</displayName>
(3) <authenticationNetwork>
(4) <machineUserAuthentication>
<machine>
<collectionMethod>
<auto/>
</collectionMethod>
<unprotectedIdentityPattern>host/anonymous</unprotectedIdentityPattern>
<protectedIdentityPattern>host/<fqhn></protectedIdentityPattern>
</machine>
<user>
<autoConnect>
<connectBeforeLogon>true</connectBeforeLogon>
</autoConnect>
<collectionMethod>
<singleSignOn/>
</collectionMethod>
<unprotectedIdentityPattern>anonymous@<domain></unprotectedIdentityPattern>
<protectedIdentityPattern><username></protectedIdentityPattern>
</user>
<eapMethods>
(5) <eapFast>
(6) <validateServerIdentity>true</validateServerIdentity>
<enableFastReconnect>true</enableFastReconnect>
<protectClientCertificate>true</protectClientCertificate>
<innerEapMethods>
<eapMschapv2/>
</innerEapMethods>
</eapFast>
</eapMethods>
</machineUserAuthentication>
<serverValidation>
(6) <validationRules>
<matchSubjectAlternativeName name="Cert Rule 1" match="endsWith">myCorp.com</matchSubjectAlternativeName>
<matchSubjectName name="Cert Rule 2" match="exactly">My Corporation</matchSubjectName>
</validationRules>
<trustAnyRootCaFromOs/>
</serverValidation>
<interactiveAuthenticationRetries>4</interactiveAuthenticationRetries>
<nonInteractiveAuthenticationRetries>4</nonInteractiveAuthenticationRetries>
</authenticationNetwork>
</wiredNetwork>
</networks>
<stationSettings>
<simultaneousConnections>singleHomed</simultaneousConnections>
<validateWpaHandshake>false</validateWpaHandshake>
</stationSettings>
<userControlPolicy>
(2) <clientUIType>preset</clientUIType>
<allowLicensing>false</allowLicensing>
(1) <allowedMedia>
<wired/>
</allowedMedia>
</userControlPolicy>
</configuration>