Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/Mobile/help/en-us/index.html?contextId=ios-device-policy-wifi

Wi-Fi configuration (iOS device policy)

The Wi-Fi configuration lets you specify settings for connecting to Wi-Fi networks.

Setting Description
SSID The name of the Wi-Fi network.
Connect automatically Automatically connect when the Wi-Fi network is available.
Hidden network The Wi-Fi network doesn’t broadcast its SSID.
Turn off private address

Join the network using the device’s hardware MAC address instead of a network-specific address created by iOS.

This setting reduces the connection’s privacy. Only use it if the device must identify itself using the same MAC address across your networks.

Note that Synchronized Security doesn’t work for devices that use a private MAC address. Sophos Central Wireless only knows the private address of a device, while Sophos Mobile only knows the hardware address.

For details on Synchronized Security, see Synchronized Security.
Security type The Wi-Fi security method (such as WPA2) and variant (Personal or Enterprise) the device uses.
Password

The password for the Wi-Fi network.

This option is available when you’ve selected a personal security type.
Protocols

The authentication protocol settings.

  • Accepted EAP types: The EAP types that the device accepts for authentication.
  • EAP-FAST: For EAP-FAST, you can configure a Protected Access Credential (PAC).
  • Internal identity: The protocol for tunneled user authentication (for TTLS).
  • TLS minimum version, TLS maximum version: The minimum and maximum versions of the TLS protocol that the device accepts for EAP authentication.

Protocols is available when you’ve selected an enterprise security type.
Authentication

The client authentication settings.

  • User: The username for the connection to the Wi-Fi network.
  • Require password on each connect: Select this to send the password with every authentication.
  • Password: The password for the Wi-Fi network.
  • Identity certificate: The certificate for the connection to the Wi-Fi network. Before you can select a certificate, you must add it to the policy with a Client certificate configuration.
  • External identity: The externally visible ID (for TTLS, PEAP, and EAP-FAST).

Authentication is available when you’ve selected an enterprise security type.
Trusted certificates

The server certificate.

Before you can select a certificate, you must add it to the policy with a Root certificate configuration.

Trusted certificates is available when you’ve selected an enterprise security type.
Proxy

Select Manually to configure the connection details manually.

Select Automatic if you have a proxy auto-config (PAC) file.