Page History
...
- Install the server certificate on the RADIUS server, which is used to establish the TLS tunnel for secure communication.
- Configure the RADIUS server to support EAP-TTLS or EAP-PEAP and to verify the username and password credentials.
draw.io Diagram border true diagramName freeradiconfig-unpd simpleViewer false width links auto tbstyle top lbox true diagramWidth 521 revision 1 - Ensure that the CA certificate (used to sign the server certificate) is trusted by client devices.
4.Configure the Wi-Fi Access Point:
The Wi-Fi AP must be configured to use WPA2-Enterprise (or WPA3-Enterprise) and must use EAP-TTLS or EAP-PEAP as the authentication methods.
Steps:
- Set the Security Mode on the AP to WPA2-Enterprise or WPA3-Enterprise.
- Specify the RADIUS server IP address and shared secret on the AP to allow it to forward authentication requests to the RADIUS server.
- Enable EAP-TTLS or EAP-PEAP as the authentication method on the AP.
5. Configure the Passpoint Profile for Username and Password Authentication:
- The Passpoint profile on the client device needs to specify the EAP method (either EAP-TTLS or EAP-PEAP) and the credentials (username and password) that the client will use to authenticate.
- The profile also contains the identity provider (IDP) information that allows the device to automatically connect to Passpoint-enabled networks.
Steps:
Configure the ANQP (Access Network Query Protocol) settings on the Wi-Fi AP to advertise support for EAP-TTLS or EAP-PEAP.
On the client device, create a Passpoint configuration profile that specifies the username and password for authentication, as well as the EAP type (EAP-TTLS or EAP-PEAP)
Overview
Community Forums
Content Tools
Tasks