Juniper Mist HS2.0 / Passpoint with RadSec
Prerequisites
- Access to the Mist Dashboard as a user with administrative privileges.
- Access to the IronWiFi Management Console - Sign in or Open Account
- RadSec enabled on your Network as detailed here (you will need to download the certificate bundle)
- Passpoint profile installed on your device(s) - see here for the Passpoint installation information. The Passpoint profile can be generated by visiting the Provisioning URL (OSU) that is available on your Captive Portal setting page in IronWiFi Console
Log In to Mist Cloud as the user with Admin priviledges
Go to Organization > Settings
In the Mist Certificate section, click Add a RadSec certificate and add the Root CA and Intermediate CA to the RadSec Certificates:
Next, click on Add AP RadSec certificate and copy and paste into the relevant windows your RadSec certificate and the key (open the certificate and key in the text editor), click Save:
Go to Site > WLANs
Create new WLAN, set security type to WPA2 / Enterprise.
Set Passpoint to enabled, configure operators - add AT&T and Google, set Venue Name, open Advanced Settings and enter ironwifi.net as Domain Name and add AA146B0000 as Roaming Consortium ID, finally in the NAI Realm add ironwifi.net and set EAP Type to TTLS.
In Authentication Servers select RadSec and add radsec.ironwifi.com as Server Name.
Click Add Server and add your RadSec server IP. You can also add secondary RadSec server IP for redundancy. Use meaningful string for NAS Identifier.
Click on Save in the upper right corner and test connectivity after the SSID appears on your list.
Related Articles
Juniper Mist wireless controller- Passpoint configuration
Prerequisites Access to the Mist Dashboard as a user with administrative privileges. Information about the assigned RADIUS servers (Server IP address, port numbers, shared secrets): Email or document that contains this information OR Access to the ...Invalid Signature error when downloading Passpoint profile on Windows
Due to change of logic introduced in Windows update in the past few months, that was seemingly reversed in the latest Experience Pack, whilst downloading Passpoint profile on Windows machine from the Captive Portal environment, you might encounter ...MikroTik ROS v7 OpenRoaming with RadSec
Sign in to the IronWiFi Management Console Go to Networks -> Select the network you want to enable the OpenRoaming and RadSec for. Select Enabled from the drop-down menu for both RadSec and OpenRoaming The page will reload and you will see the link ...OpenWiFi - Passpoint configuration
Prerequisites Access to the Controller as a user with administrative privileges. Supported OpenWiFi device - this solution has been tested with EdgeCore EAP101 Information about the assigned RADIUS servers (Server IP address, port numbers, shared ...Ubiquiti Unifi - Passpoint Configuration
Prerequisites Access to the Ubiquiti Dashboard as a user with administrative privileges. Supported Ubiquiti device. These access points have Hotspot 2.0 certification: UAP-AC-M-PRO UAP-AC-LITE UAP-AC-PRO UAP-AC-IW UAP-AC-M These access points are not ...