EAP-TTLS client setup guide – Windows XP

This guide explains how to use the EAP-TTLS authentication protocol for SwissVPN connections under Microsoft Windows XP. The MS-CHAPv2 authentication protocol normally used with SwissVPN, in conjunction with the long/random passwords, already provides a high degree of security. However, EAP-TTLS is a more recent protocol that provides maximum security by using server certificates and RSA.

1. Download the SwissVPN EAP-TTLS client and save it to a location where you can find it easily – e.g. your desktop.
2. Find the downloaded file and double-click it to start the installer.

   
3. Choose the language and follow the on-screen instructions to install the client (simply click "Next"/"I Agree"/"Install").
4. Let the installer reboot your computer when it prompts you to do so.
5. If you haven't configured your SwissVPN connection yet, now would be the time to do so: follow the instructions in the generic SwissVPN setup guide for your operating system.
6. Choose Start > Settings > Network Connections.

   
7. Right-click the SwissVPN connection that you created earlier on, and select "Properties".

   
8. On the "Security" tab, choose "Advanced (custom settings)" and then click the "Settings..." button.

   
9. Choose "Use Extensible Authentication Protocol (EAP)" and then select "SecureW2 TTLS" from the drop-down menu below. After that, click the "Properties" button.

   
10. Choose the "SwissVPN" profile from the drop-down menu, then click OK three times.

    
11. Double-click the SwissVPN connection in your "Network Connections" folder. Enter your SwissVPN user name and password (leave the "Domain" field empty) and click "OK".

    
12. You are now connected to SwissVPN via an EAP-TTLS authenticated and 128-bit encrypted connection!