TIP OpenWiFi 2.0
TIP OpenWiFi devices implement support for both the air interface and systems interfaces necessary to support Passpoint® Release 2 and above. Once also termed Hotspot 2.0, IEEE 802.11u specified added air interface fields exposing Access Network Query Protocol interactions for clients to discovery Access Point capabilities.
Wi-Fi Alliance expanded ANQP to include Online Signup (OSU) concepts to leverage seamless onboarding and client security for Passpoint® networks. Following on from these efforts, Wireless Broadband Alliance has provided the necessary system interfaces for identity, security, mobile offload within a common federated operator solution known as OpenRoaming.
TIP OpenWiFi enables operators to deploy the full range of Passpoint® and OpenRoaming solutions.
Operator
Wi-Fi Infrastructure Operator
Access Network Provider (ANP) as defined by OpenRoaming
Venue
Deployed location of Wi-Fi service
Identity Provider
Subscriber authenticating service provider
Home Service Provider (HSP) as defined by OpenRoaming
Roaming Exchange
Operator and Identity Provider Authentication, Authorization, Accounting
ANQP
Access Network Query Protocol contains:
Domain
Venue Name
Venue Info
Operator Friendly Name
IP Type
WAN Metric
Connection Capability
Operating Class
Authentication Type
Service Providers List
GAS
Generic Advertisement Layer 2 Service for client query
Client query returns:
Organization Identifier / Service Provider Identity
Domain
Authentication
Roaming Consortium List
Network Access Identifier Realm (NAI)
3GPP Network Data
OSU
Online Signup - Advertised over ANQP contains:
OSU SSID
OSU URI
OSU Method
OSU Available Icons
OSU ESS (OSEN) SSID
OSU Description
OSEN
OSU Server Authenticated Layer 2 Encryption Network
TIP OpenWiFi 2.0
Passpoint® requires ANQP to supply three information elements from the Access Point.
Public Land Mobile Network Id is defined by 3GPP and comprised of two, three digit numbers to uniquely identify the Mobile Network Operator (MNO).
A Fully Qualified Domain Name (FQDN) is a realm representing the service provider of the Wi-Fi service. Non MNO operators are an example of 'realm-based' service advertisements. Examples include Cable MSOs, Enterprises or other on MNO providers. Authentication methods used with realm-based configuration are EAP-TLS and EAP-TTLS.
Organization Id or as defined by Wireless Broadband Alliance, Roaming Consortium Organization Id indicate the federated identity capable of authentication. Examples would be OpenRoaming, Eduroam and follow the Passpoint® EAP authentication methods.
TIP OpenWiFi 2.0
It is possible to configure all Passpoint attributes required for production deployment.
Capabilities for Hotspot 2.0 / Passpoint® include:
venue-name
venue-group
venue-type
venue-url
auth-type
domain-name
nai-realm
osen
anqp-domain
anqp-3gpp-cell-net
firendly-name
icons
The above configuration example mobile offload has been configured for two realms that will both have radius traffic sent as radius-proxy via the OpenWiFi Gateway to enable cloud native AAA support for any customer premises topology services are operating from.
TIP OpenWiFi 2.0
Passpoint® brings seamless, automatic and secure Wi-Fi connectivity using either pre-provisioned credentials or the SIM card in a mobile device. Passpoint provides simple, fast online sign-up and provisioning that is only required upon a user’s first visit to a Passpoint network. Once a Passpoint enabled device contains the Wi-Fi AP or network credentials, it will discover and securely connect when the user is nearby—without requiring additional user action. This makes staying connected while mobile infinitely easier, and because Passpoint employs enterprise-level security, users can feel confident their data is better protected.
Passpoint® also delivers more value to carriers, service providers, and IT managers of enterprise networks, enabling:
Mobile data offload
Wi-Fi networks for
Hospitality, venues and enterprise
Streamlined, enterprise-class device provisioning and credential management for enterprise and other private networks
Wi-Fi–based services such as Wi-Fi calling, and collaboration tools
Wi-Fi roaming agreements across carriers and service providers
Opportunities to engage users and extract additional value from the network
Passpoint® is already supported by most enterprise-class APs on the market today, and natively supported by major mobile operating systems including Android, iOS, macOS, and Windows 10. With active support from a wide ecosystem of device manufacturers, mobile operators, and service providers, Passpoint® benefits both users and Wi-Fi network providers