This document contains "SmartDocs" capabilities. This will allow you to easily see only the content that is relevant to the Zebra device you are working with.
MX Features will be available on a device based on a combination of factors:
After identifying the version information for your device, simply select them in the SmartDocs bar. Any section that does not apply to your device will be greyed out. You can clear all settings by hitting the SmartDocs button. Clicking the back and next buttons on the SmartDocs bar will navigate to the sections that are relevant to your device.
The Wi-Fi Manager administers a device's Wi-Fi settings and network profiles for remembering and connecting to networks.
Note: The terms "enable" and "disable" in this CSP are equivalent to "turn on" and "turn off." Those terms in other CSPs refer to the feature's Usage setting, which is the ability of the device user to access the feature at all.
Specify the target OS of the device.
Parm Name: TargetOS
Option | Name | Description | Requires |
---|---|---|---|
2 | Android |
MX: 4.2+ |
Turn the Wi-Fi radio on or off.
Note: In order for settings to be applied, Wi-Fi must be turned on. If you do not specify WiFi Enable in the profile, you will get an error when attempting to apply certain settings if the device's Wi-Fi is not already turned on. For example, all of the Network Actions, which are described later in this document, will require that Wi-Fi is turned on. However, other settings, such as Sleep Policy and Network Notification, do not require Wi-Fi to be turned on.
As a best practice, it is recommended that this is turned on whenever setting another Wi-Fi parm that requires to be on, as it is not harmful to enable the Wi-Fi again if it is already on.
Note: In other CSPs, the terms "enable" and "disable" refer to whether or not the user will be allowed to turn the device on or off at all. However, in this CSP, "enable" and "disable" are equivalent to "turn on" and "turn off".
Parm Name: WiFiAction
Option | Name | Description | Requires |
---|---|---|---|
0 | Do not change | This value (or the absence of this parm from the XML) will not make any change to the whether the Wi-Fi radio is on or off. |
MX: 4.2+ |
enable | Enable | This value will cause the Wi-Fi radio to be turned on. |
MX: 4.2+ |
disable | Disable | This value will cause the Wi-Fi radio to be turned off. |
MX: 4.2+ |
Specifies the state of the Wi-Fi radio when the device suspends.
For Android devices, the device is suspended when the display turns off after idling for a certain amount of time. While the device is suspended, the device's software continues running in a lower power mode, meaning that the device itself is not turned off and software can run when the device is in this state. The amount of power consumption while in this state partially depends on what features are left on.
Parm Name: WifiSleepPolicy
Option | Name | Description | Requires |
---|---|---|---|
Do not change | This value (or the absence of this parm from the XML) will not make any change to the current sleep policy on the device. |
MX: 4.2+ |
|
Never Sleep | Never Sleep | This value will leave the Wi-Fi radio on while the device's display is turned off and Wi-Fi can continue to be used by any software that is running. Existing Wi-Fi connections will be maintained as if the device was not suspended. For example, emails will continue to come in. This behavior may be preferred in some situations. However, this could significantly increase the drain on the battery and reduce the battery life. |
MX: 4.2+ |
PluggedIn | Never Sleep When Plugged | This value will leave the Wi-Fi radio on while the display is turned off if the device is not running from battery power. |
MX: 4.2+ |
NeverOn | Always Sleep | This value turns the Wi-Fi radio off while the device's display is turned off. Existing Wi-Fi connections will be dropped and will need to be re-established, if needed, when the display (and Wi-Fi) are turned back on. Software that is running cannot use Wi-Fi while it is off. This can significantly increase the battery life if communications are not needed when the device is suspended. |
MX: 4.2+ |
By leaving this option unchecked, the country may be determined by the router or access point setting. To manually select the country, you should select the checkbox. When doing this a country drop-down will appear.
Parm Name: UseRegulatory
Option | Name | Description | Requires |
---|---|---|---|
true | true | Manually select the country. |
MX: 4.2+ |
false | false | Country determined by the router. |
MX: 4.2+ |
Specifies whether or not to notify the user when an unknown, open network comes in range. If this setting is turned on, the user will be asked if they want to join the network, which could be useful for personal or dual use devices which might want to use a public Wi-Fi connection at some point. However, turning these notifications on is not recommended for devices that are supposed to be used only on a single corporate Wi-Fi network since it might be harmful to offer a user the opportunity to connect to a rogue, non-secure network.
Parm Name: NetworkNotification
Option | Name | Description | Requires |
---|---|---|---|
Do not change | This value (or the absence of this parm from the XML) will not make any change to the current network notification setting. |
MX: 4.2+ |
|
true | Use network notification | This value will cause the user to be notified when an unknown, open network comes into range. |
MX: 4.2+ |
false | Do not use network notification | This value will cause the user to not be notified when an unknown, open network comes into range. |
MX: 4.2+ |
Sets the country to use for Wi-Fi regulatory setting.
When you choose 'AUTO' in the drop-down, 802.11d will be enabled. 802.11d is a mode where the device will listen for a country-specific beacon. It also will not transmit unless it can auto-detect the country, which can be beneficial because the device cannot transmit with a frequency that is inconsistent with the Wi-Fi infrastructure and is therefore less likely to violate country-specific regulations.
If a Wi-Fi infrastructure does not support, 802.11d, then the country that is used by this infrastructure will need to be selected so that the device can connect to it.
Shown if: The "Configure Country (Auto/Manual)" box is not checked
Parm Name: Country
Option | Name | Description | Requires |
---|---|---|---|
AUTO | AUTO (Use 802.11d) |
MX: 4.2+ |
|
DZ | Algeria |
MX: 4.2+ |
|
AI | Anguilla |
MX: 4.2+ |
|
AR | Argentina |
MX: 4.2+ |
|
AU | Australia |
MX: 4.2+ |
|
AT | Austria |
MX: 4.2+ |
|
BS | Bahamas |
MX: 4.2+ |
|
BH | Bahrain |
MX: 4.2+ |
|
BB | Barbados |
MX: 4.2+ |
|
BY | Belarus |
MX: 4.2+ |
|
BE | Belgium |
MX: 4.2+ |
|
BM | Bermuda |
MX: 4.2+ |
|
BO | Bolivia |
MX: 4.2+ |
|
BQ | Bonaire |
MX: 4.2+ |
|
BA | Bosnia and Herzegovina |
MX: 4.2+ |
|
BR | Brazil |
MX: 4.2+ |
|
BG | Bulgaria |
MX: 4.2+ |
|
CA | Canada |
MX: 4.2+ |
|
KY | Cayman Islands |
MX: 4.2+ |
|
CL | Chile |
MX: 4.2+ |
|
CN | China |
MX: 4.2+ |
|
CX | Christmas Island |
MX: 4.2+ |
|
CO | Columbia |
MX: 4.2+ |
|
CR | Costa Rica |
MX: 4.2+ |
|
HR | Croatia |
MX: 4.2+ |
|
CW | Curacao |
MX: 4.2+ |
|
CY | Cyprus |
MX: 4.2+ |
|
CZ | Czech Republic |
MX: 4.2+ |
|
DK | Denmark |
MX: 4.2+ |
|
DO | Dominican Republic |
MX: 4.2+ |
|
EC | Ecuador |
MX: 4.2+ |
|
EG | Egypt |
MX: 4.2+ |
|
SV | El Salvador |
MX: 4.2+ |
|
EE | Estonia |
MX: 4.2+ |
|
FK | Falkland Islands(Malvinas) |
MX: 4.2+ |
|
FI | Finland |
MX: 4.2+ |
|
FR | France |
MX: 4.2+ |
|
GF | French Guiana |
MX: 4.2+ |
|
DE | Germany |
MX: 4.2+ |
|
GR | Greece |
MX: 4.2+ |
|
GP | Guadelope |
MX: 4.2+ |
|
GU | Guam |
MX: 4.2+ |
|
GT | Guatemala |
MX: 4.2+ |
|
GY | Guyana |
MX: 4.2+ |
|
HT | Haiti |
MX: 4.2+ |
|
HN | Honduras |
MX: 4.2+ |
|
HK | Hong Kong |
MX: 4.2+ |
|
HU | Hungary |
MX: 4.2+ |
|
IS | Iceland |
MX: 4.2+ |
|
IN | India |
MX: 4.2+ |
|
ID | Indonesia |
MX: 4.2+ |
|
IE | Ireland |
MX: 4.2+ |
|
IL | Israel |
MX: 4.2+ |
|
IT | Italy |
MX: 4.2+ |
|
JM | Jamaica |
MX: 4.2+ |
|
JP | Japan |
MX: 4.2+ |
|
JO | Jordan |
MX: 4.2+ |
|
KZ | Kazakhstan |
MX: 4.2+ |
|
KE | Kenya |
MX: 4.2+ |
|
KR | Korea Republic |
MX: 4.2+ |
|
KW | Kuwait |
MX: 4.2+ |
|
LV | Latvia |
MX: 4.2+ |
|
LB | Lebanon |
MX: 4.2+ |
|
LI | Liechtenstein |
MX: 4.2+ |
|
LT | Lithuania |
MX: 4.2+ |
|
LU | Luxembourg |
MX: 4.2+ |
|
MK | Macedonia, Former Yugoslav Republic |
MX: 4.2+ |
|
MY | Malaysia |
MX: 4.2+ |
|
MT | Malta |
MX: 4.2+ |
|
MQ | Martinique |
MX: 4.2+ |
|
MX | Mexico |
MX: 4.2+ |
|
ME | Montenegro |
MX: 4.2+ |
|
MA | Morocco |
MX: 4.2+ |
|
AN | Netherlands, Antilles |
MX: 4.2+ |
|
NL | Netherlands |
MX: 4.2+ |
|
NZ | New Zealand |
MX: 4.2+ |
|
NI | Nicaragua |
MX: 4.2+ |
|
NG | Nigeria |
MX: 4.2+ |
|
NU | Niue |
MX: 4.2+ |
|
NF | Norfolk Islands |
MX: 4.2+ |
|
MP | Northern Marina Islands |
MX: 4.2+ |
|
NO | Norway |
MX: 4.2+ |
|
OM | Oman |
MX: 4.2+ |
|
PK | Pakistan |
MX: 4.2+ |
|
PA | Panama |
MX: 4.2+ |
|
PY | Paraguay |
MX: 4.2+ |
|
PE | Peru |
MX: 4.2+ |
|
PH | Philippines |
MX: 4.2+ |
|
PL | Poland |
MX: 4.2+ |
|
PT | Portugal |
MX: 4.2+ |
|
PR | Puerto Rico |
MX: 4.2+ |
|
QA | Qatar |
MX: 4.2+ |
|
RO | Romania |
MX: 4.2+ |
|
RU | Russian Federation |
MX: 4.2+ |
|
SX | St. Maarten |
MX: 4.2+ |
|
SA | Saudi Arabia |
MX: 4.2+ |
|
RS | Serbia |
MX: 4.2+ |
|
SG | Singapore |
MX: 4.2+ |
|
SK | Slovakia |
MX: 4.2+ |
|
SI | Slovenia |
MX: 4.2+ |
|
ZA | South Africa |
MX: 4.2+ |
|
ES | Spain |
MX: 4.2+ |
|
LK | Sri Lanka |
MX: 4.2+ |
|
SE | Sweden |
MX: 4.2+ |
|
CH | Switzerland |
MX: 4.2+ |
|
TW | Taiwan, Province of China |
MX: 4.2+ |
|
TH | Thailand |
MX: 4.2+ |
|
TT | Trinidad and Tobago |
MX: 4.2+ |
|
TN | Tunisia |
MX: 4.2+ |
|
TR | Turkey |
MX: 4.2+ |
|
UA | Ukraine |
MX: 4.2+ |
|
AE | United Arab Emirates |
MX: 4.2+ |
|
GB | United Kingdom |
MX: 4.2+ |
|
US | U.S.A. |
MX: 4.2+ |
|
UY | Uruguay |
MX: 4.2+ |
|
VE | Venezuela |
MX: 4.2+ |
|
VN | Vietnam |
MX: 4.2+ |
|
VG | Virgin Islands(British) |
MX: 4.2+ |
|
VI | Virgin Islands(US) |
MX: 4.2+ |
Specifies the 802.11 band(s) to use. The bands to use will usually be determined automatically through negotiation with the Wi-Fi infrastructure. However, in some cases, the Wi-Fi infrastructure may be shared amongst multiple uses, which may mean that it would be preferable to limit the devices to one band and leave the other bands for other purposes.
Parm Name: BandSelection
Option | Name | Description | Requires |
---|---|---|---|
Unchanged | This value (or the absence of this parm from the XML) will not make any change to the current selected band on the device. |
MX: 4.2+ |
|
2.4GHZ | 2.4GHZ | TThis value will enable 2.4GHz band. |
MX: 4.2+ |
5.0GHZ | 5.0GHZ | This value will enable 5.0GHz band. |
MX: 4.2+ |
Auto | Auto | This value will enable both bands and connect automatically to either. |
MX: 4.2+ |
Enable the specified channels in the 2.4GHz band. In most cases, if the 2.4GHZ band is allowed to be used, then the channels in this band that should be used can be determined automatically through negotiation with the Wi-Fi infrastructure. However, it may be beneficial to control the channels manually because different channels or sets of channels might be used for different uses. It may be preferable to limit the devices to only use certain channels so that other channels are left for other purposes.
Parm value input rules:
Shown if: The RF Band that is selected is either 2.4GHz or Auto
Parm Name: 2.4GHzChannels
Requires:
- MX: 4.2+
Enable the specified channels in the 5.0GHz band. In most cases, if the 5.0GHZ band is allowed to be used, then the channels in this band that should be used can be determined automatically through negotiation with the Wi-Fi infrastructure. However, it may be beneficial to control the channels manually because different channels or sets of channels might be used for different uses. It may be preferable to limit the devices to only use certain channels so that other channels are left for other purposes.
Parm value input rules:
Shown if: The RF Band that is selected is either 5.0GHz or Auto
Parm Name: 5.0GHzChannels
Requires:
- MX: 4.2+
Specify whether Diagnostic Options will be used. When turned on, Fusion Advanced Logging can also be turned on. This option can be used to collect additional information for troubleshooting but can impact the performance of a device.
Note: In most cases, this option should not be used except under the direction of Zebra support staff.
Parm Name: UseDiagnosticOptions
Option | Name | Description | Requires |
---|---|---|---|
true | true |
MX: 4.4+ |
|
false | false |
MX: 4.4+ |
Specify whether Fusion Advanced Logging will be used
Shown if: The "Specify Diagnostic Options" box is checked
Parm Name: FusionAdvancedLogging
Option | Name | Description | Requires |
---|---|---|---|
true | true |
MX: 4.4+ |
|
false | false |
MX: 4.4+ |
Specify whether Advanced Options will be used. In most cases, these options should not be used except under the direction of Zebra support staff.
Parm Name: UseAdvancedOptions
Option | Name | Description | Requires |
---|---|---|---|
true | true |
MX: 4.2+ |
|
false | false |
MX: 4.2+ |
This is used to manage the Wi-Fi network profiles on the device. A given device can have zero or more Wi-Fi network profiles defined, which are used to specify the information that is needed for the device to connect to a single Wi-Fi network. These profiles can each be enabled or disabled. An enabled Wi-Fi network profile can be used to connect to a network and a disabled profile cannot be used to connect to a network. At any given time, the device can be connected to at most one network using a corresponding Wi-Fi network profile. The potential network connections are controlled by which profiles are defined and enabled on the device. It is also possible to force a connection to the network associated with a specific Wi-Fi network profile.
Parm Name: NetworkAction
Option | Name | Description | Requires |
---|---|---|---|
Do nothing | This value (or the absence of this parm from the XML) will not cause any Network Actions to be performed. |
MX: 4.2+ |
|
add | Add a New Network | This value will add a new profile with the provided profile settings. For the options that will be presented when choosing to add a new network, please see the following "SSID" parm and the "Add a New Network Options" section below |
MX: 4.2+ |
Remove | Remove an Existing Network | This value will remove the a network profile based on the SSID |
MX: 4.2+ |
Connect | Connect to an Existing Network | This value will initiate a connection to the network based on the SSID |
MX: 4.2+ |
Disconnect | Disconnect from an Existing Network | This value will disconnect from a network based on the SSID |
MX: 4.2+ |
Enable | Enable an Existing Network | This value will enable a network profile based on the SSID |
MX: 4.2+ |
Disable | Disable an Existing Network | This value will disable a network profile based on the SSID |
MX: 4.2+ |
DisableAll | Disable All Existing Networks | This value will disable all network profiles |
MX: 4.2+ |
RemoveAll | Remove All Existing Networks | This value will remove all network profiles |
MX: 4.2+ |
This is the SSID name of the network, which is the primary mechanism used to identify a Wi-Fi network and is used to identify the Wi-Fi network profile to be acted on. Therefore, any Network Action that is used to affect a single profile need to specify the SSID to select the desired profile.
Parm value input rules:
Shown if: The Network Action is any option other than "Do Nothing", "Disable All Existing Networks", or "Remove All Existing Networks"
Parm Name: SSID
Requires:
- MX: 4.2+
This indicates that the network uses 802.1x Extensible Authentication Protocol (EAP) security. These networks use authentication to establish the entitlement of a device to join the network and then distribute necessary keys once this entitlement has been verified. Security information pertaining to the EAP type and authentication credentials to be used will need to be supplied to configure these networks.
Shown if: The Network Action is "Add a New Network"
Parm Name: NetworkAction
Option | Name | Description | Requires |
---|---|---|---|
0 | Open | An open network indicates that the network uses no security. These kinds of networks are generally not advised to be used for transmitting sensitive data unless other protection mechanisms are used, such as VPNs, data encryption, etc. No additional security information will need to be supplied to configure these networks. |
MX: 4.2+ |
1 | Personal | This indicates that the network uses basic security. A Pre-Shared Key (PSK) or Wired Equivalency Privacy (WEP) key, which is known to both the device and the Wi-Fi infrastructure, is used to encrypt data. These networks are more secure than open networks, but may be compromised if the keys are not handled securely and/or are not changed periodically. Security information pertaining to the required key will need to be supplied to configure these networks. |
MX: 4.2+ |
2 | Enterprise | This value will remove the a network profile based on the SSID |
MX: 4.2+ |
When the selected Security Mode is "Personal" or "Enterprise", the WPA Mode must be specified to determine what sort of key will then be used.
Note: WEP is not supported with a Enterprise Security Mode. It is only supported using Personal Security Mode.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" or "Enterprise"
Parm Name: WPAMode
Option | Name | Description | Requires |
---|---|---|---|
1 | WPA | This indicates that the network requires encryption using the Wi-Fi Protected Access (WPA) standard. WPA only performs encryption using the Temporal Key Integrity Protocol. A TKIP-compatible key will therefore need to be specified. |
MX: 4.2+ |
2 | WPA2 | This indicates that the network requires encryption using the Wi-Fi Protected Access version 2 (WPA2) standard. WPA2 supports encryption using either the Temporal Key Integrity Protocol (TKIP) for backward compatibility with WPA, or the more secure Advanced Encryption Standard (AES) algorithm. A decision about whether to use TKIP or AES (or auto-select) will need to be made and then a TKIP or AES-compatible key will need to be specified. |
MX: 4.2+ |
3 | WPA/WPA2 | This indicates that the network supports both the Wi-Fi Protected Access (WPA) standard and the Wi-Fi Protected Access version 2 (WPA2) standard. This is essentially the same effect as selecting WPA2 since WPA2 supports backward compatibility with WPA. |
MX: 4.2+ |
4 | WEP | This indicates that the network requires encryption using the older, and less secure, Wired Equivalency Privacy (WEP) standard. A decision about the WEP key size to use will need to be made and then a WEP key of the selected size will need to be specified. |
MX: 4.2+ |
This is the Authentication Mode used by the network. When a Security Mode of "Enterprise" is selected, an Authentication Mode will need to be specified to determine how authentication will be performed as part of the 802.1x EAP type used by the network.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise"
Parm Name: Authentication
Option | Name | Description | Requires |
---|---|---|---|
1 | EAP-TLS | This indicates that the network requires authentication using the 802.1x Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) standard (RFC 5216). EAP-TLS requires a device identity to be specified and requires that a client certificate be specified to prove the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
13 | EAP-FAST-GTC | This indicates that the network requires authentication using a token generated using a Generic Token Card (GTC) within an anonymous TLS tunnel established using the 802.1x Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) standard (RFC 5422). EAP-FAST-GTC requires a device identity to be specified and requires that a token value (typically obtained from a physical token device) be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
11 | WPA/WPA2 | This indicates that the network requires authentication using the Microsoft Challenge Authentication Protocol Version 2 (MSCHAPV2) within an anonymous TLS tunnel established using the 802.1x Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling (EAP-FAST) standard (RFC 5422). EAP-FAST-MSCHAPV2 requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
8 | EAP-TTLS-PAP | This indicates that the network requires authentication using the Password Authentication Protocol (PAP) within a secure TLS tunnel established using the 802.1x Extensible Authentication Protocol - Tunneled Transport Layer Security (EAP-TTLS) standard (RFC 5281). EAP-TTLS-PAP requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
6 | EAP-TTLS-MSCHAP | This indicates that the network requires authentication using the Microsoft Challenge Authentication Protocol (MSCHAP) within a secure TLS tunnel established using the 802.1x Extensible Authentication Protocol - Tunneled Transport Layer Security (EAP-TTLS) standard (RFC 5281). EAP-TTLS-MSCHAP requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
7 | EAP-TTLS-MSCHAPV2 | This indicates that the network requires authentication using the Microsoft Challenge Authentication Protocol Version 2 (MSCHAPV2) within a secure TLS tunnel established using the 802.1x Extensible Authentication Protocol - Tunneled Transport Layer Security (EAP-TTLS) standard (RFC 5281). EAP-TTLS-MSCHAPV2 requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
4 | LEAP | This indicates that the network requires authentication using the Lightweight Extensible Authentication Protocol (LEAP) defined by Cisco. LEAP uses a modified version of MSCHAP without a secure tunnel and hence can be easily compromised. LEAP requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. Unlike standard EAP modes, LEAP does not support an optional certificate to help verify the identity of the authentication server. |
MX: 4.2+ |
2 | PEAP-MSCHAPV2 | This indicates that the network requires authentication using the Microsoft Challenge Authentication Protocol Version 2 (MSCHAPV2) within a secure TLS tunnel established using the Protected Extensible Authentication Protocol, (PEAP) defined by Cisco Systems, Microsoft, and RSA Security. PEAP-MSCHAPV2 requires a device identity to be specified and requires that a password be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
10 | PEAP-GTC | This indicates that the network requires authentication using a token generated using a Generic Token Card (GTC) within a secure TLS tunnel established using the Protected Extensible Authentication Protocol, (PEAP) defined by Cisco Systems, Microsoft, and RSA Security. PEAP-GTC requires a device identity to be specified and requires that a token value (typically obtained from a physical token device) be specified to prove the authenticity of that device identity. An optional client certificate may also be specified to verify the authenticity of the device identity. In all EAP modes, an optional certificate may be specified to help verify the identity of the authentication server. |
MX: 4.2+ |
14 | PEAP-NONE |
MX: 5.0+ |
Identity is used only when Authentication is used, which also means that this is only used when the Security Mode is "Enterprise".
This parm is used by the device to specify to the Authentication Server the Identity that it wishes to authenticate as. The Identity is synonymous with "user name" in many cases. However, different Authentication Servers can be configured to require different types of Identity, such as email addresses, device unique ID, etc.
The Identity is used as a way of getting accepted by the Authentication Server so that you can receive the encryption key that is needed to operate on the network. Once you are authenticated, the Identity does not have any further meaning and is not used to identify the device on the network.
Specifying an empty (length of zero) value (or the absence of this parm from the XML) will cause the Identity will not be set.
Shown if: The Network Action is "Add a New Network" and the Authentication is "PEAP-NONE"
Parm Name: Identity
Requires:
- MX: 4.2+
Used to specify an Anonymous Identity for systems that support separate authentication outside of a secure tunnel.
When using an EAP type that has a secure tunnel over which authentication credentials can be delivered, it is sometimes necessary to specify an Identity outside the protections of the tunnel. In these cases, an Anonymous Identity can be sent so as not to disclose the actual Identity, password or other verifying credentials. A separate Anonymous Identity can be used only if the Authentication Server is set up to support it.
If no Anonymous Identity is specified, then the actual Identity will be sent outside the tunnel, if required. This may still be secure since the password and/or other verifying credentials are always sent inside the tunnel (in modes that use a tunnel for secure credential delivery). Using the actual Identity outside the tunnel would therefore risk disclosure of only part of the information needed to authenticate.
Parm value input rules:
Note: Specifying an empty (length of zero) value (or the absence of this parm from the XML) will prevent the Anonymous Identity from being set.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise" and the Authentication is "PEAP-MSCHAPV2" or "EAP-TTLS-MSCHAP" or "EAP-TTLS-MSCHAPV2" or "EAP-TTLS-PAP" or "PEAP-GTC" or "EAP-FAST-MSCHAPV2" or "EAP-FAST-GTC" or "PEAP-NONE"
Parm Name: AnonymousIdentity
Requires:
- MX: 4.2+
Controls whether the Password will be stored as encrypted or clear text. Since the Password must be embedded within the XML, it is often desirable to encrypt the Password to prevent its extraction and exploitation in case the XML is intercepted.
A Password is used when the Security Mode is set to "Enterprise." All authentication types require a Password except EAP-TLS, which uses a client certificate instead. The Identity and Password combine to form an authentication credential that provides access to a network.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise" and the Authentication is "PEAP-MSCHAPV2" or "LEAP" or "EAP-TTLS-MSCHAP" or "EAP-TTLS-MSCHAPV2" or "EAP-TTLS-PAP" or "PEAP-GTC" or "EAP-FAST-MSCHAPV2" or "EAP-FAST-GTC" or "PEAP-NONE"
Parm Name: ProtectPassword
Requires:
- MX: 4.2+
Used to specify a Password to be used to connect to a network. This parameter name will change according to the value of ProtectPassword:
If ProtectPassword is false:
If Protect Password is true:
Parm value input rules:
Note: The encryption process for this parameter value is currently undocumented, and the key required to encrypt is unpublished. Since there is currently no way to store an encrypted, server-supplied password within an XML file, MDM systems cannot use an encrypted password.
Parm Name: PasswordClear, PasswordEncrypted
Requires:
- MX: 4.2+
Optional parameter that allows the name of a certificate alias to be used to verify the server.
Parm value input rules:
Notes:
When Security Mode is "Enterprise," the device will not need to authenticate to an Authentication Server using the defined Authentication type. This will involve sending potentially sensitive authentication credentials to the Authentication Server. Zebra does not recommended this unless the authenticity of the Authentication Server can be verified, for example, ensuring it is not attempting to carry out a "man in the middle" attack.
The device contacts and challenges the Authentication Server to assert and prove its Identity through the use of a server certificate. The device must be able to establish the validity of that certificate and must trust the chain of authority of the issuer of that certificate. This would all occur whether or not a Server Certificate Name is specified.
By default, a certificate asserted by an Authentication Server will be trusted if it can be verified to have been validly issued by any trusted certificate authority. If a Server Certificate Name is supplied, then the certificate asserted by an Authentication Server will be trusted only if it is verified to have been validly issued by that specific trusted certificate authority. This increases the security by preventing the use of certificates issued by authorities that are not trusted to issue certificates to authentication servers.
Specifying an empty (length of zero) value (or the absence of this parm from the XML) will cause the Optional Server Certificate to not be set.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise" and the Authentication is "EAP-TLS" or "PEAP-MSCHAPV2" or "EAP-TTLS-MSCHAP" or "EAP-FAST-MSCHAPV2" or "EAP-TTLS-PAP" or "PEAP-GTC" or "EAP-FAST-MSCHAPV2" or "EAP-FAST-GTC" or "PEAP-NONE"
Parm Name: OptionalServerCertificate
Requires:
- MX: 4.2+
The name of the certificate alias that should be used to join the network (Mandatory). When Authenticating using EAP-TLS, a client certificate is used instead of a Password. Consequently, when Authentication is EAP-TLS, a client certificate must be specified and a Password must not be specified.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise" and the Authentication is "EAP-TLS"
Parm Name: MandatoryClientCertificate
Requires:
- MX: 4.2+
Optional parameter that allows the name of a client certificate alias to be used to join a network. When Authenticating with EAP types other than EAP-TLS (which would not require a client certificate) a client is still allowed. If used, the client certificate will be used to authenticate the device to the authentication server as part of the establishment of the secure tunnel over which further authentication credentials will be delivered. This means that the client certificate does not need to be unique, even if the authentication credentials are. The use of a client certificate can introduce an additional level of protection by requiring a device to possess a valid client certificate as well as valid authentication credentials. The client certificate serves as a first-pass filter.
Parm value input rules:
Note: Specifying an empty (length of zero) value (or the absence of this parm from the XML) will prevent an Optional Server Certificate from being set.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Enterprise" the Authentication is "PEAP-MSCHAPV2" or "EAP-TTLS-MSCHAP" or "EAP-TTLS-MSCHAPV2" or "EAP-TTLS-PAP" or "PEAP-GTC" or "EAP-FAST-MSCHAPV2" or "EAP-FAST-GTC" or "PEAP-NONE"
Parm Name: OptionalClientCertificate
Requires:
- MX: 4.2+
Type of encryption used by the network. The values that can be selected for Encryption Type will vary based on the selections made for Security Mode and WPA Mode. But a selection must always be made for Encryption Type whenever Security Mode is not "Open" (indicating no encryption).
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" or "Enterprise" and the WPA Mode is WPA
Parm Name: EncryptionWPA
Option | Name | Description | Requires |
---|---|---|---|
0 | Default | This value (or the absence of this parm from the XML) will not make any change to the encryption type that is currently used on the device. |
MX: 4.2+ |
1 | TKIP | This indicates that the network requires encryption to be performed using the Temporal Key Integrity Protocol (TKIP) standard with a per-packet key length of 128 bits. |
MX: 4.2+ |
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" or "Enterprise" and the WPA Mode is WPA2 or WPA/WPA2
Parm Name: EncryptionWPA2
Option | Name | Description | Requires |
---|---|---|---|
0 | Default | This value (or the absence of this parm from the XML) will not make any change to the encryption type that is currently used on the device. |
MX: 4.2+ |
1 | AES-CCMP | This indicates that the network requires encryption to be performed using the Advanced Encryption Standard - Counter mode Cipher block chaining Message authentication code Protocol (AES-CCMP) standard, wherein the AES block cipher is used with a per-packet key length of 128 bits. |
MX: 4.2+ |
2 | TKIP | This indicates that the network requires encryption to be performed using the Temporal Key Integrity Protocol (TKIP) standard with a per-packet key length of 128 bits. |
MX: 4.2+ |
3 | AES-CCMP/TKIP | This indicates that the network allows the use of either the AES-CCMP standard or the TKIP encryption standard and the proper encryption type to use can be automatically determined by negotiation with the Wi-Fi infrastructure. |
MX: 4.2+ |
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" or "Enterprise" and the WPA Mode is WEP
Parm Name: EncryptionWEP
Option | Name | Description | Requires |
---|---|---|---|
1 | WEP-40 | This indicates that the network requires encryption to be performed using the Wireless Equivalency Privacy (WEP) standard with a key size of 40 bits. |
MX: 4.2+ |
2 | WEP-104 | This indicates that the network requires encryption to be performed using the Wireless Equivalency Privacy (WEP) standard with a key size of 104 bits. |
MX: 4.2+ |
Specify the type of encryption key to be used by the network. This key is only specified when the Security Mode is "Personal" since the "Open" Security Mode does not use encryption and the "Enterprise" Security Mode distributes keys automatically following Authentication.
An encryption key can be specified using one of two methods:
The method that is used usually depends on the configuration of the Wi-Fi infrastructure that implements the network. This is because the key to be used must be known to both the Wi-Fi infrastructure and the client. Therefore, both must use a common method to specify that key.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal"
Parm Name: KeyType
Option | Name | Description | Requires |
---|---|---|---|
HexKey | Hex Key | This indicates that the actual key used by the network to perform encryption will be specified. |
MX: 4.2+ |
Passphrase | Passphrase | This indicates that a passphrase will be specified from which the actual key used by the network to perform encryption can be derived. |
MX: 4.2+ |
This enables encryption of the Key.
A Key, or the Passphrase used to generate a Key, is generally considered sensitive information since possession of the key for a network grants access to that network. Since the Key or Passphrase must be embedded within the XML, it is often desirable to encrypt the Key or Passphrase so it cannot be extracted and exploited if the XML is intercepted. The WPA Mode and the Key Type, which were previously specified, will determine what type of Key or Passphrase will need to be used. The value selected for the ProtectKey parm will deterime whether the Key or Passphrase will be specified in clear, unencrypted text or encrypted form.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal"
Parm Name: KeyType
Requires:
- MX: 4.2+
Controls whether the Key will be encrypted. When the Key Type is Passphrase, then the specified Passphrase will be used to generate the Key. The required Passphrase will vary depending on the WPA Mode specified (WEP or WPA Passphrase).
Note: Currently, the parm value encryption process is not documented and the key that is needed to encrypt is not published. Therefore, an MDM cannot currently use encrypted Keys or Passphrases since there is no way to store an encrypted, server-supplied password in XML file.
If WEP is selected and Protect Key is false:
If WEP is selected and Protect Key is true:
If WEP is not selected and Protect Key is false:
If WEP is not selected and Protect Key is true:
Parm Name: PassphraseWEPClear, PassphraseWEPEncrypted, PassphraseWPAClear, PassphraseWPAEncrypted
Requires:
- MX: 4.2+
When Key Type is Hex Key, then a Key, which is expressed as a sequence of hexadecimal characters, needs to be specified. The type of Key required will vary based on the WPA Mode and Encryption Type specified, since it will need to be either a WEP 40 bit Key, a WEP 104 bit Key, or a 256 bit TKIP/AES-CCMP Key.
Note: Currently, the parm value encryption process is not documented and the key that is needed to encrypt is not published. Therefore, an MDM cannot currently use encrypted Keys or Passphrases since there is no way to store an encrypted, server-supplied password in an XML.
If WEP is not selected and Protect Key is false:
If WEP is not selected and Protect Key is true:
If WEP is selected, the encryption type is WEP-40, and Protect Key is false:
If WEP is selected, the encryption type is WEP-40, and Protect Key is true:
If WEP is selected, the encryption type is WEP-104, and Protect Key is false:
If WEP is selected, the encryption type is WEP-104, and Protect Key is true:
Parm Name: HexKeyWEPClear, HexKeyWEPEncrypted, HexKeyWPAClear, HexKeyWPAEncrypted
Requires:
- MX: 4.2+
Some Wi-Fi infrastructure that implements a network using WEP encryption may support multiple WEP keys and a WEP index to indicate which key to use at any given time.
Note: Android does not currently support multiple WEP keys per network. Therefore, only the first WEP key (
wep[0]
) is supported.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" and the WPA Mode is "WEP"
Parm Name: WepKeyIndex
Option | Name | Description | Requires |
---|---|---|---|
1 | wep[0] |
MX: + |
|
2 | wep[1] |
MX: + |
|
3 | wep[2] |
MX: + |
|
4 | wep[3] |
MX: + |
When this parm is selected, DHCP will be used. When not selected, Static IP address is used.
Most modern networks use DHCP to automatically assign IP Addresses to devices when they join the network. If DHCP is used, then all requisite IP Address information will be obtained automatically and no additional information will need to be provided.
If DHCP cannot be used for a particular network, then all IP Address information that is needed to operate on that network will need to be specified. None of the following IP Address information parms can be left blank, but they may not all require meaningful values, depending on the network.
Shown if: The Network Action is "Add a New Network" and the Security Mode is "Personal" and the WPA Mode is "WEP"
Parm Name: UseDHCP
Requires:
- MX: 4.2+
Provide the static IP address to be assigned to the device on this network.
When not using DHCP, a valid IP Address for the device to use on the network must be specified and that IP Address must not be assigned to any other device on the same network.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and the "Use DHCP" box is not checked
Parm Name: IpAddress
Requires:
- MX: 4.2+
Provide the IP address of the first gateway to the network.
When not using DHCP, a valid Gateway IP Address may or may not be required. If there is a Gateway that can route traffic out of the current network, then the IP Address of that Gateway should be specified if the device will need to send traffic outside that network. If the network is essentially self-contained, then it may not be important what value is specified for this parm.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and the "Use DHCP" box is not checked
Parm Name: IpGateway1
Requires:
- MX: 4.2+
Provide the subnet mask to be used on the network.
When not using DHCP, a subnet mask must be specified that is consistent with the network and is consistent with the IP Address assigned to the device for use on that network.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and the "Use DHCP" box is not checked
Parm Name: IpMask
Requires:
- MX: 4.2+
Provide the IP address of the DNS server.
When not using DHCP, a valid DNS Server IP Address may or may not be required. If there is a DNS Server that can resolve network names to IP Addresses on the current network, then the IP Address of that server should be specified if the device will need to resolve names for that network. If name resolution is not required, then it may not be important what value is specified for this parm.
Parm value input rules IpDns1:
Parm value input rules IpDns2:
Shown if: The Network Action is "Add a New Network" and the "Use DHCP" box is not checked
Parm Name: IpDns1, IpDns2
Requires:
- MX: 4.2+
When selected, a Proxy is used for network connections. You can either manually configure the proxy settings or select the location of a PAC file for automatic configuration. A proxy is a an intermediary service that routes HTTP requests and responses between clients on a device and another network (typically the internet or an intranet). When there is a proxy between the Wi-Fi network and some outer network, then HTTP-based applications, such as a Web Browser, may need to negotiate with that proxy to access the services of that outer network.
Note: In MX 5.0, the parm data type changed from a Boolean to a value selected from the UseProxy list. Please check the list above.
Parm Name: UseProxy
Option | Name | Description | Requires |
---|---|---|---|
0 | None | Since MX 5.0 the use of a code over a boolean value was implemented. This value was unaffected. |
MX: 5.0+ |
1 | Manual | Since MX 5.0 the use of a code over a boolean was implemented. This value indicates a Manual Proxy. |
MX: 5.0+ |
3 | Proxy Auto-Config | Automatically use a proxy. This value was instroduced in MX 5.0. |
MX: 5.0+ |
Provide the Host Name or IP Address of the computer on which the proxy is running. Host Name can be used only if the network provides suitable name resolution. Otherwise, an IP Address would need to be provided.
Since different Wi-Fi networks may have different proxies connecting them to different outer networks, proxy information, if needed, must be configured for each network.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and "Use Proxy" is set to manual.
Parm Name: ProxyHostName
Requires:
- MX: 4.2+
Provide the port number of the proxy server on the computer on which the proxy is running on which the proxy is listening.
Shown if: The Network Action is "Add a New Network" and "Use Proxy" is set to manual.
Parm Name: ProxyPort
Requires:
- MX: 4.2+
Once a proxy is configured for a given network, all HTTP traffic will generally be routed to the outer network via that proxy.
In some cases, it may be desirable to avoid routing selected Host Names or IP Addresses through the proxy. For example, you might want to access a local Web Server. This can be accomplished by listing the Host Names or IP Addresses for which the Proxy should be bypassed. To specify multiple Host Names or IP Addresses, separate them with commas.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and "Use Proxy" is set to manual.
Parm Name: BypassProxy
Requires:
- MX: 4.2+
Provide the Host Name or IP Address of the location of where the proxy PAC file is located. This can be used only if the network provides suitable name resolution. Otherwise, an IP Address would need to be provided.
Since different Wi-Fi networks may have different proxies connecting them to different outer networks, proxy information, if needed, must be configured for each network.
Parm value input rules:
Shown if: The Network Action is "Add a New Network" and "Use Proxy" is set to Proxy Auto-Config.
Parm Name: PROXYPAC
Requires:
- MX: 5.0+
Use of Wi-Fi Advanced Options requires the following:
WARNING: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Used to enable/disable AutoTimeConfig feature, a Zebra-specific feature that updates the device timestamp based on Zebra IE in the 802.11 beacon. Not supported on TC70 QC GA1/GA2 running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: AutoTimeConfig
Requires:
- MX: 4.2+
Used to enable/disable Hyper Fast Secure Roam (HFSR), Zebra's fast roam algorithm. Not supported on TC70 QC GA1/GA2, TC75 GA and TC55 GA devices running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: HFSR
Requires:
- MX: 4.2+
Controls the Fast Transition roam algorithm (802.11r), which improves on IEEE 802.11r Over-the-DS fast roaming. When used in conjunction with Zebra wireless LAN infrastructure, the device will achieve more reliable and consistent fast roaming. Enabled by default.
Not supported on TC70 QC GA1 devices running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: FT
Requires:
- MX: 4.2+
Used to enable/disable the CCX roam algorithm (CCKM).
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: CCKM
Requires:
- MX: 4.2+
Used to enables/disable the Fast Transition Resource Request (802.11r). Not supported on TC70 QC GA1/GA2, TC75 GA or TC55 GA devices running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: FTRIC
Requires:
- MX: 4.2+
Used to enable/disable Opportunistic Key Caching (OKC).
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: OKC
Requires:
- MX: 4.2+
Used to enable/disable PMKID Caching. If PMKID is enabled, OKC must be disabled for PMKID caching to operate.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: PMKID
Requires:
- MX: 4.2+
Used to configure the WLAN radio Power Save Mode from the settings table below. The default "Fast Power Save" value must be used for the "Power Save" parameter; the "Do not change" value will result in failure.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: PowerSave
Option | Name | Description | Requires |
---|---|---|---|
0 | Do not change |
MX: 4.2+ |
|
1 | Always Active |
MX: 4.2+ |
|
2 | Fast Power Save (Deprecated) |
MX: 4.2+ |
|
3 | Max Power Save (Deprecated) |
MX: 4.2+ |
|
4 | WMM-PS |
MX: 4.4+ |
|
5 | Null Data Power Save |
MX: 4.4+ |
|
6 | PS-POLL |
MX: 4.4+ |
Used to enable/disable 802.1x Pre-Authentication. Not supported on TC70 QC GA1/GA2 or TC75 GA devices running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: PreAuth
Requires:
- MX: 4.2+
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
This option is to configure different WLAN Power Save Modes of Radio.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: WLANPowerSave
Option | Name | Description | Requires |
---|---|---|---|
0 | WMM-PS |
MX: 4.3+ |
|
1 | Null Data Power Save |
MX: 4.3+ |
|
2 | PS-POLL |
MX: 4.3+ |
|
3 | Do not change |
MX: 4.3+ |
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Start or Stop advanced Wi-Fi logging.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: AdvancedLogging
Requires:
- MX: 4.2+
Used to enable/disable FIPS data in motion supported in WLAN. WLAN FIPS 140-2, level 1 compliance. Not supported on TC70 QC GA1/GA2, TC75 GA or TC55 GA devices running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: FIPS
Requires:
- MX: 4.2+
Used to enable/disable read-only mode for Wi-Fi settings according to the values in the table below. Not supported on TC70 QC GA1/GA2 running Android KitKat.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: PowerSave
Option | Name | Description | Requires |
---|---|---|---|
0 | Do not change |
MX: + |
|
1 | Disable Restricted WLAN Settings UI |
MX: + |
|
2 | Enable Restricted WLAN Settings UI |
MX: + |
Used to enable/disable Radio Resource Management, which measures transmit power, data rates and other wireless characteristics in an effort to optimize communication efficiency. Not supported on TC70 QC GA1/GA2 running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: 802.11K
Requires:
- MX: 4.3+
Used to specify the Management Frame Protection Mode from the values in the table below. Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: 802.11w
Option | Name | Description | Requires |
---|---|---|---|
0 | No MFP |
MX: 4.3+ |
|
1 | Capable |
MX: 4.3+ |
|
2 | Mandatory |
MX: 4.3+ |
|
3 | Do not change |
MX: 4.3+ |
Used to specify the preferred Wi-Fi band. Not supported on MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: BandPreference
Option | Name | Description | Requires |
---|---|---|---|
0 | No Preference |
MX: 4.3+ |
|
1 | Prefer 2.4GHz |
MX: 4.3+ |
|
2 | Prefer 5.0GHz |
MX: 4.3+ |
|
3 | Do not change |
MX: 4.3+ |
Used to enable/disable Fast Transition over the Distribution System (FTOverTheDS). Enabled by default. Also known as 802.11r Over-the-DS, this fast roam standard reduces the number frames exchanged when the device roams from one AP to another if the infrastructure supports it. Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: FTOverTheDS
Requires:
- MX: 4.3+
Used to enable/disable ScanAssist. This feature improves roaming on Zebra devices by allowing the device to monitor neighboring access points to retrieve roam-related information from the Zebra wireless LAN infrastructure without doing scans. Enabled by default.
Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: ScanAssist
Requires:
- MX: 4.3+
Used to enable/disable the AggregatedFT feature. Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: AggregatedFT
Requires:
- MX: 4.3+
Used to enable/disable Coverage Hole Detection, which reports gaps in signal coverage to the Zebra wireless LAN infrastructure. Enabled by default. Network administrators can detect and mitigate coverage gaps present in the network for greater reliability. Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: CHD
Requires:
- MX: 4.3+
Specify whether to enable subnet roaming. Not supported on TC70 QC GA1/GA2, TC75 GA, or TC55 GA devices running Android KitKat, or MPA3 RevB-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: SubNetRoam
Requires:
- MX: 4.4+
Used to enable/disable WAN Country, which obtains country information from the WAN Interface (GSM/CDMA base station) and applies regulatory rules based on the Country Code received. Supported only on WAN based devices. Not supported on TC70 QC GA1/GA2 running Android KitKat, or MPA3 RevB- or RevC-based devices running Android Jelly Bean.
Important: Wi-Fi Advanced Options should be used only under the guidance of Zebra Support. Do not use these features unless told to do so by qualified personnel; altering advanced settings can result in undesirable results.
Shown if: The "Specify Advanced Options" box is enabled.
Parm Name: WANCountry
Requires:
- MX: 4.3+
Note: This must be done for a new device before you can install certificates.
Without a password:
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="4"/>
</characteristic>
</wap-provisioningdoc>
With a password:
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="4"/>
<characteristic type="keystore-details">
<parm name="KeystorePassword" value="password"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="2"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName1"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="1"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName2"/>
<parm name="CertType" value="5"/>
<parm name="CertMethod" value="2"/>
<parm name="CertFileCA" value="/path/to/cert.pem"/>
<parm name="CertAdjustClock" value="false"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="1"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName2"/>
<parm name="CertType" value="6"/>
<parm name="CertMethod" value="2"/>
<parm name="CertFileClient" value="/path/to/cert.pem"/>
<parm name="CertAdjustClock" value="false"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="1"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName2"/>
<parm name="CertType" value="8"/>
<parm name="CertMethod" value="2"/>
<parm name="CertFileClient" value="/path/to/cert.pem"/>
<parm name="CertAdjustClock" value="false"/>
<parm name="PrivateKeyPassword" value="pass"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="1"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName2"/>
<parm name="CertType" value="9"/>
<parm name="CertMethod" value="2"/>
<parm name="CertFileClient" value="/path/to/cert.pem"/>
<parm name="CertAdjustClock" value="false"/>
<parm name="PrivateKeyPassword" value="pass"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="CertMgr" version="4.2" >
<parm name="CertAction" value="1"/>
<characteristic type="cert-details">
<parm name="CertAlias" value="certName2"/>
<parm name="CertType" value="9"/>
<parm name="CertMethod" value="10"/>
<parm name="CertFileClient" value="/path/to/cert.pem"/>
<parm name="CertAdjustClock" value="false"/>
<parm name="PrivateKeyPassword" value="pass"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="1"/>
<characteristic type="Regulatory">
<parm name="Country" value="US"/>
</characteristic>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="1"/>
<characteristic type="Regulatory">
<parm name="Country" value="AUTO"/>
</characteristic>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<characteristic type="Radio">
<parm name="BandSelection" value="2.4GHz"/>
<characteristic type="ChannelSelection">
<parm name="2.4GHzChannels" value="1"/>
</characteristic>
</characteristic>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<characteristic type="Radio">
<parm name="BandSelection" value="5.0GHz"/>
<characteristic type="ChannelSelection">
<parm name="5.0GHzChannels" value="36"/>
</characteristic>
</characteristic>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<characteristic type="Radio">
<parm name="BandSelection" value="Auto"/>
<characteristic type="ChannelSelection">
<parm name="2.4GHzChannels" value="1"/>
<parm name="5.0GHzChannels" value="36"/>
</characteristic>
</characteristic>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="0"/>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="1"/>
<parm name="WPAMode" value="1"/>
<characteristic type="key-details">
<parm name="KeyType" value="Passphrase"/>
<parm name="ProtectKey" value="0"/>
<parm name="PassphraseWPAClear" value="KsdU6X3u"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="1"/>
<parm name="WPAMode" value="1"/>
<characteristic type="auth-details">
<characteristic type="encryption-details">
<parm name="EncryptionWPA" value="1"/>
</characteristic>
</characteristic>
<characteristic type="key-details">
<parm name="KeyType" value="Passphrase"/>
<parm name="ProtectKey" value="0"/>
<parm name="PassphraseWPAClear" value="KsdU6X3u"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="1"/>
<parm name="WPAMode" value="2"/>
<characteristic type="key-details">
<parm name="KeyType" value="Passphrase"/>
<parm name="ProtectKey" value="0"/>
<parm name="PassphraseWPAClear" value="KsdU6X3u"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="1"/>
<parm name="WPAMode" value="3"/>
<characteristic type="key-details">
<parm name="KeyType" value="Passphrase"/>
<parm name="ProtectKey" value="0"/>
<parm name="PassphraseWPAClear" value="KsdU6X3u"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="1"/>
<parm name="WPAMode" value="4"/>
<characteristic type="auth-details">
<characteristic type="encryption-details">
<parm name="EncryptionWEP" value="1"/>
</characteristic>
</characteristic>
<characteristic type="key-details">
<parm name="KeyType" value="Passphrase"/>
<parm name="ProtectKey" value="0"/>
<parm name="PassphraseWEPClear" value="KsdU6X3u"/>
<parm name="WepKeyIndex" value="1"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="2"/>
<parm name="WPAMode" value="1"/>
<parm name="Authentication" value="1"/>
<characteristic type="auth-details">
<parm name="OptionalServerCertificate" value="serverCertName"/>
<parm name="MandatoryClientCertificate" value="clientCertName"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="2"/>
<parm name="WPAMode" value="2"/>
<parm name="Authentication" value="1"/>
<characteristic type="auth-details">
<parm name="OptionalServerCertificate" value="serverCertName"/>
<parm name="MandatoryClientCertificate" value="clientCertName"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="2"/>
<parm name="WPAMode" value="3"/>
<parm name="Authentication" value="1"/>
<characteristic type="auth-details">
<parm name="OptionalServerCertificate" value="serverCertName"/>
<parm name="MandatoryClientCertificate" value="clientCertName"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>
<wap-provisioningdoc>
<characteristic type="Wi-Fi" version="4.4" >
<parm name="UseRegulatory" value="0"/>
<parm name="UseDiagnosticOptions" value="0"/>
<parm name="UseAdvancedOptions" value="0"/>
<parm name="NetworkAction" value="Add"/>
<characteristic type="network-profile">
<parm name="SSID" value="Zebra"/>
<parm name="SecurityMode" value="2"/>
<parm name="WPAMode" value="4"/>
<parm name="Authentication" value="1"/>
<characteristic type="auth-details">
<characteristic type="encryption-details">
<parm name="EncryptionWEP" value="1"/>
</characteristic>
<parm name="OptionalServerCertificate" value="serverCertName"/>
<parm name="MandatoryClientCertificate" value="clientCertName"/>
</characteristic>
<parm name="UseDHCP" value="1"/>
<parm name="UseProxy" value="0"/>
</characteristic>
</characteristic>
</wap-provisioningdoc>