This guide is for Network version 8.4.x and above ONLY. Ubiquiti has recently reintroduced Passpoint feature into their codebase.

Further information about Unifi and  Passpoint can be found on the Unifi website: Unifi Passpoint

Prerequisites

1. Access to the Ubiquiti Dashboard as a user with administrative privileges.
2. Information about the assigned RADIUS servers - Server IP address, port numbers, shared secrets - available from IronWiFi Management Console - Sign in or Open Account

About this guide

This guide describes how to set up and test your Ubiquiti UniFi environment so you can use it with IronWiFi Passpoint:  

• Log in to the Ubiquiti UniFi dashboard as a user with administrative privileges.
• Configure a secure RADIUS connection.
• Configure the wireless LAN.

Log in to the Ubiquiti UniFi Dashboard

To start the configuration process, log in to the Ubiquiti UniFi Dashboard as admin (https://unifi.ui.com/dashboard).  For existing environments with additional users, log in as a user with administrative privileges.

Configure the RADIUS Profile

Navigate to Settings -> Profiles -> Radius, click Create New

Fill in the fields, clicking Add after adding each server, tick Wireless Networks, Accounting and set Interim Update Interval

Click Apply Changes when done.

Configure Wireless Network

Click on WiFi, click Create New

Fill in name, click Manual next to Advanced, switch HotSpot2.0 to Passpoint option.

Add Venue Information accordingly.

Add ironwifi.net as NAI Realm, select EAP-TTLS and add PAP and MSCHAP v2, click Save.

Add SIM as NAI Realm,  select EAP-SIM as EAP Method, select SIM and USIM as Sub-Methods, click Save.

Add AKA as NAI Realm,  select EAP-AKA Authentication as EAP Method, select SIM and USIM as Sub-Methods, click Save.

Add AKA' as NAI Realm,  select EAP-AKA' as EAP Method, select SIM and USIM as Sub-Methods, click Save.

In the Roaming Consortium List add ironwifi.net as Name and following Organization IDs -

• AA146B0000 - ironwifi.net
• BAA2D00000 - openroaming settled
• 5A03BA0000 - openroaming settlement free
• 004096 - Old Cisco RCOI 

In 3GPP Celullar Network add ATT1 as Country Name, 310 as Country Code, 310 as MCC and 410 as MNC, click Save

Add ATT2 as Country Name, 310 as Country Code, 310 as MCC and 280 as MNC, click Save

Add ATT3 as Country Name, 310 as Country Code, 310 as MCC and 150 as MNC, click Save

Add ATT4 as Country Name, 310 as Country Code, 310 as MCC and 100 as MNC, click Save

Add ironwifi.net as Domain Name and add Operator Friendly Name [this setting is overwritten with the input from the generated profile]

Select the remaining option according to your requirements, select correct RADIUS Profile and click Apply Changes