Juniper Mist wireless controller- Passpoint configuration

In this guide we describe how to configure your Juniper environment to work with Passpoint profiles, OpenRoaming and SIM card authentication


  1. Access to the Mist Dashboard as a user with administrative privileges.
  2. Information about the assigned RADIUS servers (Server IP address, port numbers, shared secrets):
    1. Email or document that contains this information


    2. Access to the IronWiFi Management Console - Sign in or Open Account

Log in to the Juniper Mist Dashboard

To start the configuration process, log in to the Mist dashboard as admin. For
existing environments with additional users, log in as a user with
administrative privileges.


The Juniper Mist dashboard appears.



Configure WLAN & SSID options


Site identifier

IrionWiFi uses the NAS identifier (NAS-ID) to identify your venue (a site location)
with each RADIUS access request. If you're new to IronWiFi, we recommend
creating a new SSID to avoid impacting any existing SSID configurations running in


Create a WLAN & a new SSID

1. Select Network > WLANs from the Juniper Mist Dashboard. 


The WLANs page appears.

2. Select the Site to use at the top left and click Add WLAN in the top right
corner. In this example, the site is “Primary Site”. 


The New WLAN page appears.


3. For SSID, enter “IronWiFi” or any other name to your liking, it is not

Dizajn bez názvu (1)

Configure Security settings

1. For Security, select WPA-2/EAP (802.1X).


Red text appears at the top left indicating that you have to add at least one
RADIUS authentication server.



AT&T MNC / MCC Configuration

1. On the Mist Dashboard click on Network > WLANs section as shown below


2. To configure Hotspot 2.0 capabilities click on the enabled option under Hotspot 2.0
menu. The following menu options will appear.


3. For the Operators category click on the + sign and select the Google &
AT&T operators from the drop down menu.

4. For the Venue Name category type in an appropriate name E.g. Shopping￾Center_123-Main-Street_AnyCity_State_Zip-Code.

5. Once configured the page should look as follows:


6. Click on the > Advanced Settings option to configure the next steps for Hotspot 2.0,
the following options appear:


7. For Domain Name option type

To enable OpenRoaming functionality, add also these domains -  


8. For Roaming Consortium ID type in AA146B0000

Add the following OIs to enable OpenRoaming - 

    1. BAA2D00000
    2. 5a03ba0000

9. Under NAI Realm, for Name type an appropriate name E.g. IronWiFi_Realm while for
EAP Type select AKA from the dropdown menu. Once configured the setup would
appear as follows:

IronWiFi (2)