Chapter 3 Wi-Fi 22
Join Wi-Fi
Users can set Apple devices to join available Wi-Fi networks automatically. Wi-Fi networks
that require login credentials or other information can be quickly accessed without opening
a separate browser session, from Wi-Fi settings, or within apps such as Mail. And low-power,
persistent Wi-Fi connectivity lets apps use Wi-Fi networks to deliver push notications. You can
congure settings for wireless network, security, proxy, and authentication, using conguration
proles or mobile device management (MDM).
To see how iOS decides which wireless network to auto-join, see the Apple Support article
How iOS decides which wireless network to auto-join.
WPA2 Enterprise
Apple devices support industry-standard wireless network protocols, including WPA2 Enterprise,
ensuring corporate wireless networks can be accessed securely. WPA2 Enterprise uses 128-bit AES
encryption, which assures users that their data remains protected.
With support for 802.1X, iOS devices can be integrated into a broad range of RADIUS
authentication environments. 802.1X wireless authentication protocols supported by iOS include
EAP-TLS, EAP-TTLS, EAP-FAST, EAP-SIM, IKEv2, PEAPv0, PEAPv1, and LEAP.ara.
Roaming
For roaming on large enterprise Wi-Fi networks, iOS supports 802.11k and 802.11r.
The trigger threshold is the minimum signal level a client requires to maintain the
current connection.
iOS devices monitor and maintain the current BSSID’s connection until the RSSI crosses the
-70 dBm threshold. Once crossed, iOS initiates a scan to nd roam candidate BSSIDs for the
current ESSID.
This information is important to consider when designing wireless cells and their expected signal
overlap. For example, if 5 GHz cells are designed with a -67 dBm overlap:
•
iOS uses -70 dBm as the trigger and will therefore remain connected to the current BSSID
longer than you expect.
•
Review how the cell overlap was measured. The antennas on a portable computer are much
larger and more powerful than a smartphone or tablet, so iOS devices see dierent cell
boundaries than expected. It is always best to measure using the target device.
802.11k allows your iOS device to quickly identify nearby access points (AP) that are available for
roaming. When the signal strength of the current AP weakens and your device needs to roam to
a new AP, it will already know which AP is the best to connect with.
802.11r streamlines the authentication process using a feature called Fast Basic Service Set
Transition (FT) when your iOS device roams from one AP to another on the same network.
FT allows iOS devices to associate with APs more quickly. Depending on your Wi-Fi hardware
vendor, FT can work with both preshared key (PSK) and 802.1X authentication methods.
Note: Not every Wi-Fi network hardware vendor supports 802.11k and 802.11r. Check with
the manufacturer of your Wi-Fi hardware (controllers and APs) to nd out if support is
available. When you’ve veried support for both standards, you need to enable 802.11k and FT
functionality. Setup methods vary so consult the current conguration documentation for your
Wi-Fi hardware for details.
100% resize factor
