Hotspot 2.0, also known as Passpoint, is a service provider feature that assists with carrier offloading. Hotspot 2.0 SSIDs include additional 802.11u information that supported client devices can use to determine if they are able to join the network automatically. The configuration example below demonstrates the basic capabilities of Hotspot 2.0 using the Meraki APs and a Apple iPhone.
Please refer to our Meraki Hotspot 2.0 documentation for a complete list of supported 802.11u elements.
This feature is currently in a service provider-only closed beta.
The following sections outline how to configure Hotspot 2.0 in the Meraki Dashboard:
WPA2-Enterprise is required for Passpoint/Hotspot 2.0, as shown below on the Wireless > Configure > Access control page:
If using an external authentication server such as Active Directory or RADIUS, ensure that a user has been created on that server.
For this configuration example we are using Meraki hosted 802.1X RADIUS, so we create a user on the Network Wide > Configure > Users page:
On the Wireless > Configure > Hotspot 2.0 page, select the WPA2-Enterprise SSID configured in the previous step. Set Hotspot 2.0 to Enabled, then enter both an Operator Name and a domain in the Domain List. This example uses the t-one SSID, and is configured to broadcast Meraki Product Management as the Operator and meraki.local as the Domain.
There are a number of additional configuration options that are not used in this example:
In our example with an iPhone, a custom iOS profile for Hotspot 2.0 needs to be created and installed using Apple Configurator.
When Apple Configurator first opens, click the Prepare button at the top of the page, then click the Install Profiles... button:
Ensure that you have an iOS device plugged in, then click the Next button when it appears:
Click New Profile and give it a unique name. For this example, the iOS profile is named Meraki Hotspot 2.0 Demo:
Now that a profile has been created, it must be configured with the appropriate Hotspot 2.0 network information:
Leave the SSID blank and change the Network Type to Passpoint:
Select the Accepted EAP Types for your configuration. In this example, we are using TTLS because we are interfacing with the Meraki Hosted 802.1X RADIUS server.
Enter the Username and Password for the user that was created earlier:
Under the Trust tab, enter radius.meraki.com as a Trusted Server Certificate Name.
Enter the Passpoint service provider as the Provider Display Name. Additionally, add the Hotspot 2.0 Domain Name as configured in Dashboard.
This example uses Meraki Product Management as the service provider name and meraki.local as the Domain.
Click Save on the main configuration dialog box. Check the box next to the newly created proflle and click Next to apply it to the device.
On the iOS device, follow the on-screen instructions to install the profile:
Ensure that the new profile is listed in the Profiles on the device. There may be multiple profiles on the device; in this example the device has two other profiles, including the Meraki MDM profile:
Ensure that there are no other preferred Wireless networks within range of the device. When the Hotspot 2.0 SSID is the only SSID within range, the iPhone will join the network automatically: