Configuring a Wi-Fi profile allows devices to connect to corporate networks, even if they are hidden, encrypted, or password protected. This payload is useful to end users who travel and use their own unique wireless network or to end users in an office setting where they are able to automatically connect their devices to a wireless network on-site.


  1. Navigate to Resources > Profiles & Baselines > Profiles > Add. Select Apple iOS.
  2. Configure the profile's General settings.
  3. Select the Wi-Fi payload from the list.
  4. Configure Wi-Fi settings.
    Setting Description
    Service Set Identifier Enter the name of the network where the device connects.
    Hidden network Enter a connection to a network that is not open or broadcasting.
    Auto-Join Determine whether the device automatically connects to the network when starting the device. The device keeps an active connection until the device is restarted or a different connection is chosen manually.
    Security Type Select the type of access protocol to be used. Enter the Password or select the Protocols that apply to your Wi-Fi network.

    Choose protocols for network access.

    • This option appears when WiFi and Security Type is any of the Enterprise choices. This option also appears when Ethernet is selected.
    Wi-Fi Hotspot 2.0 Enable Wi-Fi Hotspot 2.0 functionality and is only available for iOS 7 and higher devices. Hotspot 2.0 is a type of public-access Wi-Fi that allows devices to identify and connect seamlessly to the best match access point. Carrier plans must support Hotspot 2.0 for it to function correctly.
    Domain Name Enter the domain name of the Passpoint service provider.
    Allow connecting to roaming partner Passpoint networks Enable roaming to partner Passpoint networks.
    Displayed Operator Name Enter the name of the Wi-Fi hotspot service provider.
    Roaming Consortium Organization ID Enter the roaming consortium organization identifiers.
    Network Access ID Enter the Network Access ID realm names.
    MCC/MNC Enter the Mobile Country Code/Mobile Network Configuration formatted as a 6-digit number.
    Authentication Configure Authentication settings that vary by protocol.
    User name Enter the username for the account.
    User Per-Connection Password Request the password during the connection and send with authentication.
    Password Enter the password for the connection.
    Identity Certificate Select the certificate for authentication.
    Outer Identity Select the external authentication method.
    TLS Minimum Version

    Select the minimum TLS version 1.0, 1.1, and 1.2. If no value is selected, the minimum TLS version defaults to 1.0.

    Note: and Maximum TLS versions can be configured only for TLS, ,TTLS, EAP-Fast, and PEAP protocol types.
    TLS Maximum Version Select the maximum TLS version 1.0, 1.1, and 1.2. If no value is selected, he maximum TLS version defaults to 1.2.
    Trusted Certificates These are the trusted server certificates for your Wi-Fi network.
    Trusted Server Certificate Names Enter the trusted server certificate names.
    Allow Trust Exceptions

    Allow end users to make trust decisions.

  5. Configure Proxy settings for either Manual or Auto proxy types.
  6. If you use a Cisco infrastructure, configure the QoS Marking Policy (iOS v11 and higher).


    Fastlane QoS Marking Select the marking setup that you require.
    Enable QoS Marking Select this option to choose apps for prioritized data allocations.
    Whitelist Apple Calling Select Whitelist Apple Calling to add Apple Wifi Calling to your QoS Whitelist.
    Whitelist Apps for QoS Marking Search for and add Apps to allocate prioritized data.
  7. (Optional) Configure Captivate Portal to bypass the portal.
  8. Select Save & Publish when you are finished to push the profile to devices.