This describes how to configure the Wi-Fi interface.
In both cases, SCEP and files from UMS, the device needs to have a working Ethernet or Wi-Fi connection to the SCEP server or the UMS first, so that it can fetch the necessary certificates before it can connect to the target Wi-Fi.
Using SCEP (NDES)
-
In Setup go to Network > LAN Interfaces > Wireless.
-
Check Activate Wireless Interface.
-
Go to Default WiFi-network.
-
Select Enable WPA Encryption.
-
Enter the Wireless Network Name (SSID).
-
Select WPA Enterprise or WPA2 Enterprise according to your preferences.
-
Set EAP Type to TLS
or set EAP Type to PEAP and Auth Method to TLS.IGEL OS supports both EAP-TLS and PEAP-EAP-TLS. Choose one that is supported by your infrastructure.
-
Leave Validate Server Certificate enabled.
-
Enter the path to a CA Root Certificate if you use a CA other than those supported by IGEL OS.
-
Check Manage Certificates with SCEP (NDES).
-
Click Save.
Using Certificate and Key Files
-
In Setup go to Network > LAN Interfaces > Wireless.
-
Check Activate Wireless Interface.
-
Go to Default Wi-Fi network.
-
Select Enable WPA Encryption.
-
Enter the Wireless Network Name (SSID).
-
Select WPA Enterprise or WPA2 Enterprise according to your preferences.
-
Set EAP Type to TLS
or set EAP Type to PEAP and Auth Method to TLSIGEL OS supports both EAP-TLS and PEAP-EAP-TLS. Choose one that is supported by your infrastructure.
-
Leave Validate Server Certificate enabled. Enter the path to a CA Root Certificate if you use a CA other than those supported by IGEL OS.
-
Enter the path to the Client Certificate file in PEM (base64) format, e.g.
/wfs/wpa-tls/client.crt.
Leave this field blank if you use a PKCS#12 file containing both certificate and private key. -
Enter the path to the Private Key file in PEM (base64) format.
If you use a PKCS#12 file containing both certificate and private key, enter its path here. -
Specify the Identity to be used if your key/certificate contains more than one entry.
-
Enter the Private Key Password.
-
Click Save.