This article is to be used as a short reference guide on how to manually set up a WPA2-Enterprise with RADIUS Authentication (IEEE 802.1X) wireless profile on Android devices. This profile will allow the client devices to connect to the SSIDs configured with WPA2-Enterprise with 802.1X authentication as the association requirement.
Note: As each version of Android and device manufacturer make slight variations to the layout and options in Android, this information should be used as general guidelines as your options and configuration may vary slightly. This is based on Android version 9.
Starting with Android 11 QPR1, you must enter the domain for server certification validation in order to successfully connect. Enter: meraki.com
- At the home page, navigate to Settings.
- Navigate to Network & Internet
- Select Wifi
- Select + Add Network
- Enter the Network SSID name and choose 802.1x EAP from the Security drop-down menu.
- Choose PEAP from the EAP method drop-down menu.
- Choose MSCHAPV2 from the Phase 2 authentication drop-down menu.
- Choose Root CA certificate and specify the domain listed in the server's certificate CN or SAN from the CA Certificate drop-down menu. If the RADIUS server is using public root CA then a user can choose the "Use system certificates" option and specify the domain name.
- In the Anonymous Identity field enter the email address as seen on the Wireless > Users list in Dashboard
NOTE: Some device manufacturers require that this information is entered in the Identity field rather than the Anonymous Identity field. If one field fails to work on your device, try entering the information into the other field and test again.
- Enter the password for the corresponding username in the password field.
- Optionally, check the Show Password check-box to verify that the password was entered correctly.
- Press Save in order to save the changes.