Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.16
  3. Administration
  4. Securing network connections
  5. Setting up work Wi-Fi networks for devices
  6. Wi-Fi profile settings
  7. Android: Wi-Fi profile settings

Android
Wi-Fi
 profile settings

Android
Wi-Fi
 profile setting
Description 
Associated proxy profile
This setting specifies the associated proxy profile that an 
Android
 devices use to connect to a proxy server when the device is connected to the 
Wi-Fi
 network.
Android
 8.0 and later devices with 
MDM controls
 or 
User privacy
 activations don't support 
Wi-Fi
 profiles with proxy settings. If a device with one of these activation types is upgraded to 
Android
 8.0, 
Wi-Fi
 profiles that have an associated proxy profile will be removed from the device.
BSSID
This setting specifies the MAC address of a wireless access point in the 
Wi-Fi
 network.
Primary DNS
This setting specifies the primary DNS server in dot-decimal notation (for example, 192.0.2.0).
This setting applies only to devices that use 
Samsung Knox
 when the IP address is statically assigned by the organization's network.
Secondary DNS
This setting specifies the secondary DNS server in dot-decimal notation (for example, 192.0.2.0).
This setting applies only to devices that use 
Samsung Knox
 when the IP address is statically assigned by the organization's network.
Security type
This setting specifies the type of security that the 
Wi-Fi
 network uses.
Possible values:
  • None
  • Personal
  • Enterprise
The default value is "None."
Personal security type
This setting specifies the type of personal security that the 
Wi-Fi
 network uses.
This setting is valid only if the "Security type" setting is set to "Personal."
Possible values:
  • None
  • WEP personal
  • WPA-Personal
    /
    WPA2-Personal
The default value is "None."
WEP key 
This setting specifies the WEP key for the 
Wi-Fi
 network. The WEP key must be 10 or 26 hexadecimal characters (0-9, A-F) or 5 or 13 alphanumeric characters (0-9, A-Z).
Examples of hexadecimal key values are ABCDEF0123 or ABCDEF0123456789ABCDEF0123. Examples of alphanumeric key values are abCD5 or abCDefGHijKL1.
This setting is valid only if the "Personal security type" setting is set to "WEP personal."
Preshared key
This setting specifies the preshared key for the 
Wi-Fi
 network.
This setting is valid only if the "Personal security type" setting is set to "
WPA-Personal
/
WPA2-Personal
."
Authentication protocol 
This setting specifies the EAP method that the 
Wi-Fi
 network uses.
This setting is valid only if the "Security type" setting is set to "Enterprise."
Possible values:
  • TLS
  • TTLS
  • PEAP
  • LEAP
The default value is "TLS."
LEAP is not supported by devices that use 
Samsung Knox
.
Inner authentication
This setting specifies the inner authentication method for use with TTLS.
This setting is valid only if the "Authentication protocol" setting is set to "TTLS."
Possible values:
  • None
  • PAP
  • CHAP
  • MS-CHAP
  • MS-CHAPv2
  • GTC
The default value is "MS-CHAPv2."
CHAP is not supported by devices that use 
Samsung Knox
.
Outer identity for TTLS
This setting specifies the outer identity for a user that is sent in clear text. You can specify an anonymous username to hide the user's real identity (for example, anonymous). The encrypted tunnel is used to send the real username to authenticate with the 
Wi-Fi
 network. If the outer identity includes the realm name to route the request, it must be the user's actual realm (for example, anonymous@example.com).
This setting is valid only if the "Authentication protocol" setting is set to "TTLS."
Outer identity for PEAP 
This setting specifies the outer identity for a user that is sent in clear text. You can specify an anonymous username to hide the user's real identity (for example, anonymous). The encrypted tunnel is used to send the real username to authenticate with the 
Wi-Fi
 network. If the outer identity includes the realm name to route the request, it must be the user's actual realm (for example, anonymous@example.com).
This setting is valid only if the "Authentication protocol" setting is set to "PEAP."
Username
This setting specifies the username that an 
Android
 device uses to authenticate with the 
Wi-Fi
 network. If the profile is for multiple users, you can specify the %UserName% variable.
This setting is valid only if the "Security type" setting is set to "Enterprise."
Use password included in 
Wi-Fi
 profile
This setting specifies whether the 
Wi-Fi
 profile includes the password for authentication.
This setting is valid only if the "Security type" setting is set to "Enterprise."
Password
This setting specifies the password that an 
Android
 device uses to authenticate with the 
Wi-Fi
 network.
This setting is valid only if the "Use password included in 
Wi-Fi
 profile" setting is selected.
Authentication type
This setting specifies the type of authentication that an 
Android
 device uses to connect to the 
Wi-Fi
 network.
This setting is valid only if the "Security type" setting is set to "Enterprise."
Possible values:
  • None
  • Shared certificate
  • SCEP
  • User credential
The default value is "None."
Type of certificate linking
This setting specifies the type of linking for the client certificate associated with the 
Wi-Fi
 profile.
This setting is valid only if the "Authentication type" setting is set to "Shared certificate."
Possible values:
  • Single reference
  • Variable injection
The default value is "Single reference."
Shared certificate profile 
This setting specifies the shared certificate profile with the client certificate that an 
Android
 device uses to authenticate with the 
Wi-Fi
 network.
This setting is valid only if the "Type of certificate linking" setting is set to "Single reference."
The shared certificate profile name must be less than 36 characters for devices that use a 
Knox Workspace
.
Associated SCEP profile
This setting specifies the associated SCEP profile that an 
Android
 device uses to obtain a client certificate to authenticate with the 
Wi-Fi
 network.
This setting is valid only if the "Authentication type" setting is set to "SCEP."
The SCEP profile name must be less than 36 characters for devices that use a 
Knox Workspace
.
Associated user credential profile
This setting specifies the associated user credential profile that an 
Android
 device uses to obtain a client certificate to authenticate with the 
Wi-Fi
 network.
This setting is valid only if the "Authentication type" setting is set to "User credential."
The user credential profile name must be less than 36 characters for devices that use a 
Knox Workspace
.
Client certificate name
This setting specifies the name of the client certificate that an 
Android
 device uses to authenticate with the 
Wi-Fi
 network.
This setting is valid only if the "Type of certificate linking" setting is set to "Variable injection."
Certificate common names expected from authentication server
This setting specifies the common names in the certificate that the authentication server sends to the device (for example, *.example.com).
This setting is valid only if the "Security type" setting is set to "Enterprise."
Type of certificate linking 
This setting specifies the type of linking for the trusted certificates associated with the 
Wi-Fi
 profile.
This setting is valid only if the "Security type" setting is set to "Enterprise."
Possible values:
  • Single reference
  • Variable injection
The default value is "Single reference."
CA certificate profile
This setting specifies the CA certificate profile with the trusted certificate that an 
Android
 device uses to establish trust with the 
Wi-Fi
 network.
This setting is valid only if the "Type of certificate linking" setting is set to "Single reference."
Trusted certificate names 
This setting specifies the names of the trusted certificates that an 
Android
 device uses to establish trust with the 
Wi-Fi
 network.
This setting is valid only if the "Type of certificate linking" setting is set to "Variable injection."