In this guide we describe how to configure your Meraki devices to work with Passpoint profiles
- Access to the Meraki Dashboard as a user with administrative privileges.
- Supported Meraki device - this solution works with all devices of the MR series.
- Information about the assigned RADIUS servers (Server IP address, port numbers, shared secrets):
To start, you need to configure your Meraki with the exact same configuration required for supporting the WPA2 Enterprise service.
In the Meraki dashboard, configure the SSID and Access Control
- Log in to the Meraki dashboard
- Navigate to Wireless -> Access Control
- Select an SSID
- Enter an SSID name
- Change SSID status to Enabled
- Select Enterprise with my RADIUS server as the security type
- Select none for the splash page
- Open RADIUS section, click Add server, and enter information about your assigned RADIUS authentication and accounting servers - RADIUS server IP addresses, port numbers, and secrets
In the Meraki dashboard, configure Hotspot 2.0
- Click on Wireless -> Hotspot 2.0 -> and select the SSID from Step 2.
- Enable Hotspot 2.0
- Enter your venue name, select your venue type, and network type that best describes your network
- To the domain list, add the following:
- The following OI should be added to the Roaming Consortium list:
- Click on the Create realm button in the section NAI Realms and add the following:
- The format is 0
- Realm name - ironwifi
- Click Add an EAP method -> add Method ID and Authentication Methods:
- 13: EAP-TLS - Certificate
- 21: EAP-TTLS - PAP, MSCHAP, MSCHAPv2
Click the Save Changes button.
This is an example of how the finished configuration should look like:
Install the Passpoint profile on your client devices
This feature is available only to customers with IronWiFi Captive Portal service enabled.
- Sign in to the IronWiFi Management Console -> Networks -> Captive Portals -> click portal name
- Under the Provisioning URL field on the Captive Portal settings page, add Operator name. This name will be displayed on your guests device to help them identify your network.
- Click on the Provisioning URL (OSU) link. Invite your users to visit this link before arriving to set up their devices for fast, easy and secure network connection.
- Authenticate using one of the available authentication methods
- Install the Passpoint profile by clicking the Download Passpoint Profile button and following the instructions
- If you want to install an OpenRoaming profile that can be used to access compatible networks worldwide, you can do so on this page - https://osu.ironwifi.com
Connect to the Hotspot 2.0 network
- Connect to the network by using the recently installed profile, which can be found under the name "OperatorName @ IRONWIFI".
Captive Portal access control
After successful association to the network, you can add more advanced IronWiFi Captive Portal access control.
1. In the IronWiFi console, create a Captive Portal of type Meraki (Click-Through)
2. Add as many authentication providers as you want
3. In the Meraki Dashboard, enable Splash page of type Click-through
4. Go to Wireless -> Configure Splash page, select the SSID, and add a Custom splash URL