The Wifi settings provide connection parameters that enforce the use of the corporate wifi network on iOS devices.

Wifi payloads

MaaS360® supports standard wifi and VPN configurations in the MDM payload. When the MDM payload is pushed to iOS devices, device users do not need to configure passwords or manage certificates on the device. The MDM payload handles those configurations.

The following wifi payloads are used by MaaS360 in the MDM profile:

  • Personal: Open, WEP, WPA/WPA2, Any (general)
  • Enterprise: WEP, WPA/WPA2, Any (general)

Both wifi profiles include common fields such as SSID, user name (variables are accepted), password (for static passwords), and certificates (upload certificates to policy files before you configure the wifi profile).

Policy setting Description Supported devices
Disable MAC Address Randomization iOS 14 devices use a randomized Media Access Control (MAC) address for each wifi network (SSID). Use this setting to disable the randomization of MAC addresses and to send the actual MAC address while associating with the network.

If this setting is set to true, a privacy warning is displayed in the settings, indicating that the network has reduced privacy protection. If this setting is set to false (default), a random MAC address is sent to protect the privacy of the device and the user.

iOS 14+

Wifi features introduced in iOS 10

The Wifi policy provides settings for the following iOS 10 features:
  • Cisco QoS (quality of service) marking support: If the wifi network supports Cisco QoS Fast Lane, the administrator can specify how much network bandwidth is allowed for critical and non-critical apps. If these options are not specified, all apps on the network are labeled as Layer 2 (L2) and Layer 3 (L3). For more information about QoS marking, see the Apple or Cisco sites.
  • Captive wifi networks support: A device can bypass network detection to subscription or wifi hotspot networks, also known as captive networks when the device attempts to connect to a wifi network. If a captive network is detected, the device does not display a login prompt from Apple. Instead, the user must access a browser-based login page if they want to join the captive network.