Create a Wi-Fi profile to connect devices to hidden, encrypted, or password-protected corporate networks. Wi-Fi profiles are useful for end users who need access to multiple networks or for configuring devices to connect automatically to the appropriate wireless network.

Looking to use certificate-based EAP authentication for VPN and Wi-Fi profiles? See the Knowledge Base article:

To configure a Wi-Fi payload:

  1. Navigate to Devices > Profiles > List View > Add and select Add Profile.

  2. Select Windows and then select Windows Desktop.
  3. Select Device Profile.
  4. Configure the profile General settings.

    These settings determine how the profile deploys and who receives it. For more information on General settings, see Add General Profile Settings.

  5. Select the Wi-Fi profile.
  6. Configure the General settings:

    Settings Descriptions
    Service Set Identifier

    Enter an identifier that is associated with the name (SSID) of the desired Wi-Fi network.

    The SSID cannot contain spaces.

    Hidden Network Enable if the network is not open to broadcast.
    Auto-Join Enable to set the device to join the network automatically.
    Security Type Use the drop-down menu to select the security type (for example, WPA2 Personal) for the Wi-Fi network.

    Use the drop-down menu to select the encryption type used.

    Displays based on the Security Type.


    Enter the password required to join the Wi-Fi network for networks with static passwords.

    Select the Show Characters check box to disable hidden characters within the text box.

    Displays based on the Security Type.

    Proxy Enable to configure proxy settings for the Wi-Fi connection.
    URL Enter the URL for the proxy.
    Port Enter the port for the proxy.

    Select the type of protocols to use:

    • Certificate
    • PEAP-MsChapv2
    • EAP-TTLS
    • Custom

    This section displays when the Security Type is set to WPA Enterprise or WPA2 Enterprise.

    Inner Identity

    Select the method of authentication through EAP-TTLS:

    • Username/Password
    • Certificate

    This section displays when the Protocols option is set to EAP-TTLS or PEAP-MsChapv2.

    Require Crypto Binding

    Enable to require cryptographic binding on both authentications.

    This limits man-in-the-middle attacks.

    Use Windows Log On Credentials

    Enable to use the Windows login credentials are the user name/password to authenticate.

    Displays when Username/Password is set as the Inner Identity.

    Identity Certificate

    Select an Identity Certificate, which you can configure using the Credentials payload. See Windows Desktop Credentials Profile for more information.

    Displays when Certificate is set as the Inner Identity.

    Trusted Certificates

    Select Add to add Trusted Certificates to the Wi-Fi profile.

    This section displays when the Security Type is set to WPA Enterprise or WPA2 Enterprise.

    Allow Trust Exceptions Enable to allow trust decisions to be made by the user through a dialog box.
  7. Select Save & Publish when you are finished to push the profile to devices.