Skip to content

Wi-Fi 802.1x Configuration

To enable the Enterprise Wi-Fi, the Wireless Security property in the Wireless tab has to be set to WPA2/WPA3-Enterprise. This feature is available only if the Wireless Mode is Station Mode. The following is a list of currently supported 802.1x authentication methods.

TTLS-MSCHAPv2

  1. Set up gateway Wi-Fi as described in the Wi-Fi configuration guide.
  2. Ensure Wireless Security is set to WPA2/WPA3-Enterprise Alt text
  3. select the 802.1x tab
  4. Set Enteprise EAP -> TTLS
  5. Set Inner Authentication -> MSCHAPV2
  6. Set Identity (Username)
  7. Set Password
  8. Press 'Apply'

The configuration should look like the following: Alt text

PEAP-MSCHAPv2

  1. Set up gateway Wi-Fi as described in the Wi-Fi configuration guide.
  2. Ensure Wireless Security is set to WPA2/WPA3-Enterprise Alt text
  3. select the 802.1x tab
  4. Set Enteprise EAP -> PEAP
  5. Set Inner Authentication -> MSCHAPV2
  6. Set Identity (Username)
  7. Set Password
  8. Press 'Apply'

The configuration should look like the following: Alt text

EAP-TLS

To connect via EAP-TLS you will need the following items in unencrypted PEM format:

  • Certificate Authority (CA) Certificate
  • Client Certificate + Private Key (PKCS8)

Enrolling secrets in the Keystore service.

  1. Navigate to Security under the System tab.
  2. Under the Keystore Configuration add a new keystore, and keep note of the name. Adding a new keystore
  3. After the Keystore is created, be sure to change the path to a persistent directory. Alt text
  4. Navigate to the Certificate List and create a new Trusted Certificate. Insert the PEM and Apply, keep note of the name. add certificate
  5. Now press add and create a new Key Pair. Insert the private key and the certificates in PEM format in the dialogue and press apply. Keep note of the name. Alt text

Wifi Setup

  1. Set up gateway Wi-Fi as described in the Wi-Fi configuration guide.
  2. Ensure Wireless Security is set to WPA2/WPA3-Enterprise. Alt text
  3. Select the 802.1x tab.
  4. Set Enteprise EAP -> TLS.
  5. Set Identity (Username).
  6. Select the Keystore Pid from the list of the available keystores in the framework.
  7. Select the Certificate Authority Certificate (CA-Cert) from the list of the available trusted certificated within the chosen keystore.
  8. Select the Client Private Key from the list of the available key pairs within the chosen keystore.

When completed the Wi-Fi configuration should look like the following: tls-configuration