SP Identification Tab

The hotspot SP identification tab displays hotspot properties for service provider identification and authentication.

To configure SP Identification for the hotspot:

  1. Configure a WLAN Services Hotspot. For more information, see To Configure a New Hotspot.
  2. Select the SP Identification tab.
    Click to expand in new window
    Service Provider Identification
    Graphics/Hotspot_SP_ID_Tab2.png
  3. Configure the following parameters:

    NAI Realm. The the NAI (Network Access Identification) Realms list is a FQDN of the service provider. This is a list of realms that can be successfully authenticated. Each realm may have up to 8 supported EAP methods. Click the plus sign to add realms and select the EAP Method. Then, click OK.

    Configure an NAI Realm list for each hotspot as follows:
    • Add all realms that can authenticate a mobile device‘s logon credentials or certificate credentials, including the realms of all roaming partners that are accessible from the hotspot AP. Include the realm of the home SP.
    • Add a realm for the PLMN ID. This is the cellular network identity based on public land mobile network (PLMN) information. See 3GPP Cellular Network Configuration
    • You can configure the EAP method list to support devices that do not know the EAP methods that are being used by a given service provider.

    If the device has been provisioned with the home service provider, the device does not need to use the EAP methods in the NAI Realm List. The mobile device knows the EAP method required to authenticate against its home service provider and automatically uses it.

    Note

    Note

    Keep your DNS server records up to date so that mobile devices can resolve the server domain names (FQDN).
    Click to expand in new window
    Realm Configuration
    Graphics/Realm_Configuration.png

    Mobile devices with a SIM or USIM credential, can obtain a realm from the hotspot NAI Realm list. While 3GPP credentials are usually used to access a hotspot, a targeted NAI home query is an efficient alternative approach. The device's connection manager compares the realm information in the list to the information that is stored on the device. The connection manager uses the mobile device‘s preconfigured user preferences and policy to make a decision between a hotspot AP or a non-hotspot AP, if both are available.

    Roaming Consortium.To configure authentication of mobile devices to the members of a roaming consortium, or to a particular SP that has a roaming consortium, add the appropriate IEEE-assigned Organizational Identifier (OI) here. Specify two identifiers unique to the organization that are part of the MAC address.

    Use roaming consortium authentication when you do not know all the authenticated realms. Using identifiers unique to the organization in the beacon is a battery efficient roaming method because there are no ANQP queries needed.

    3GPP Cellular Network. This is a list of cellular network IDs in the form of mobile country code, mobile network code (MCC, MNC). This list establishes whether an AP has a roaming arrangement with the 3GPP service providers. Click the plus sign to add mobile country code, mobile network code (MCC, MNC) values. Then, click OK.
    Click to expand in new window
    3GPP Cellular Network Configuration
    Graphics/3GPP_Cellular_Network.png
  4. Click Save to save the configuration.