Supporting 802.1x with Hotspot Network Extension

Hi there,


We're looking to improve iOS users' experience of connecting to public Wi-Fi.


iOS 10 introduced the "Security Recommendation" subtitle for all open hotspots — this appears confusing and possibly scary to many users though I can understand Apple's reasoning for adding it in.


The Network Extension API supports secured networks using the setPassword method on the NEHotspotNetwork class, but this would appear to only support WEP/WPA2 secured networks common in home and office environments.


Is there a way to support other authentication methods using 802.1x such as EAP/TTLS within the Network Extension API?


Thanks,


Adam

Replies

The Network Extension API supports secured networks using the setPassword method on the NEHotspotNetwork class, but this would appear to only support WEP/WPA2 secured networks common in home and office environments.

Correct.

Is there a way to support other authentication methods using 802.1x such as EAP/TTLS within the Network Extension API?

No. The main goạl of NEHotspotHelper is to give access to hotspots, that is, networks with no password (or a very simple password structure) that do their authentication via some higher-level protocol (typically HTTP[S]). It wasn’t designed to be a general Wi-Fi authentication architecture.

Having said that, if that’s what you want, feel free to file an enhancement request describing your requirements. Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi Quinn,


Our app (WiFire - App Store Best of 2016) uses NEHotspotHelper, and like the folks on this thread we need a way to provider username/password for 802.1x networks that use EAP-TTLS and require typically this information to be passed in Phase 2 auth.


We've filed an enhancement request # 30094723


It would be awesome if you could let me know when this is likely to get on the roadmap.


Thanks very much.

We've filed an enhancement request # 30094723

Thanks.

It would be awesome if you could let me know when this is likely to get on the roadmap.

Alas, I not allowed to talk about The Future™.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Thanks a lot, Quinn!


Just wanted to say that the reason we need this is because many public WiFi hotspots themselves are moving to an 802.1x authentication method that is tied to an app. WiFire needs to support these kinds of networks as well.