How Apple devices join Wi-Fi networks
Users can configure their Apple devices to join available Wi-Fi networks automatically. For Wi-Fi networks that require login credentials or other information, users can quickly access Wi-Fi settings and enter the credentials or use a configuration profile that contains the network name and login credentials. Any app on the device can access the networks seamlessly. With low power, persistent Wi-Fi connectivity, apps can use Wi-Fi networks to deliver push notifications. For example, by using configuration profiles that are pushed to a device through a mobile device management (MDM) solution, you can configure settings for wireless networks, security, proxy, Cisco Fastlane, app approval, and authentication.
iOS and iPadOS support a default VoIP service configuration as an option. This option defines the default app for audio calls for Contacts, Microsoft Exchange ActiveSync, Google, and LDAP payloads. For example, if Cisco Spark is defined as the default calling app for Exchange contacts, then any call from the user to another work contact defaults to using Cisco Spark unless the user decided to change the default app.
Authentication and encryption support
Apple devices support various authentication and encryption methods, including WPA, WPA2 Personal, WPA2 Enterprise, WPA3 Personal, and WPA3 Enterprise standards. With support for 802.1X, Apple devices can be integrated into a broad range of RADIUS authentication environments. Apple devices support 802.1X authentication protocols, including:
EAP-SIM (carrier only)
PEAPv0 (EAP-MSCHAPv2, the most common form of PEAP)
PEAPv1 (EAP-GTC, less common and created by Cisco)
The macOS Setup Assistant supports 802.1X authentication with user name and password credentials using TTLS or PEAP.
For more information, see the Apple Support article How iOS decides which wireless network to auto-join.
iOS 13 and iPadOS 13.1, or later, support WPA3 Enterprise 192-bit security—using Commercial National Security Algorithm (CNSA) Suite B algorithms —on all iPhone 11 models and iPad (7th generation), or later. Consult your wireless network solution provider for details on necessary access point hardware, controller hardware, and controller code versions to deploy WPA3 Enterprise.
Opportunistic Wireless Encryption
iOS 16, iPadOS 16.1, and macOS 13, or later, support a way to secure open Wi-Fi networks, using the standard Opportunistic Wireless Encryption. This standard is supported on the following devices:
iPhone and iPad models:
iPhone SE (3rd generation or later)
iPhone 12 models or later
iPad mini (6th generation or later)
iPad Air (4th generation or later)
iPad Pro 11-inch (3rd generation or later)
iPad Pro 12-inch (5th generation or later)
Mac models with the M1 series chip:
Mac Studio (2022)
MacBook Pro (14-inch, 2021)
MacBook Pro (16-inch, 2021)
Mac models with the M2 series chip:
MacBook Air (15-inch, M2, 2023)
MacBook Pro (14-inch, 2023)
MacBook Pro (16-inch, 2023)
Mac mini (2023)
Mac Studio (2023)
MacBook Air (M2, 2022)
Important: Apple devices must have access to your wireless network and internet services for setup and configuration. You may need to configure your web proxy or firewall ports to allow all network traffic from Apple devices to the Apple network 18.104.22.168/8. If Apple devices are still unable to access Apple activation servers, iCloud, or the App Store, see the Apple Support articles If your Apple devices aren’t getting Apple push notifications, macOS wireless roaming for enterprise customers, and Use Apple products on enterprise networks.