Microsoft Intune 中 iOS 裝置的 Wi-Fi 設定Wi-Fi settings for iOS devices in Microsoft Intune

適用對象:Azure 入口網站的 IntuneApplies to: Intune in the Azure portal
您需要傳統入口網站的 Intune 相關文件嗎?Looking for documentation about Intune in the classic portal? 請移至這裡Go here.

適用於基本設定檔與企業設定檔的 Wi-Fi 設定Wi-Fi settings for basic and enterprise profiles

  • 網路名稱 - 輸入此 Wi-Fi 連線的名稱。Network name - Enter a name for this Wi-Fi connection. 這是使用者瀏覽裝置上的可用連線清單時所見到的名稱。This is the name that users will see when they browse the list of available connections on their device.
  • SSID - 簡短的服務組識別元。SSID - Short for service set identifier. 這是裝置要連線之無線網路的實際名稱。This is the real name of the wireless network that devices will connect to. 但當使用者選擇此連線時,只會看到您所建立的上列網路名稱。However, users only see the network name you created above when they choose the connection.
  • 自動連線 - 當裝置進入此網路的範圍內時自動連線。Connect automatically - Makes the device connect whenever it is in the range of this network.
  • 隱藏的網路 - 禁止此網路顯示在裝置的可用網路清單中。Hidden network - Prevents this network from being shown in the list of available networks on the device.
  • Proxy 設定 - 選擇下列其中一項︰Proxy settings - Choose from:
    • - 不設定任何 Proxy 設定。None - No proxy settings will be configured.
    • 手動 - 輸入 Proxy 伺服器位址 (IP 位址),以及其所關聯的連接埠號碼Manual - Enter the Proxy server address (as an IP address), and it's associated Port number.
    • 自動 - 使用檔案設定 Proxy 伺服器。Automatic - Use a file to configure the proxy server. 輸入包含設定檔的 Proxy 伺服器 URL (例如http://proxy.contoso.com)。Enter the Proxy server URL (for example http://proxy.contoso.com) which contains the configuration file.

僅適用於基本設定檔的 Wi-Fi 設定Wi-Fi settings for basic profiles only

  • 安全性類型 - 選取向 Wi-Fi 網路驗證時所要使用的安全性通訊協定︰Security type - Select the security protocol to use to authenticate to the Wi-Fi network from:
    • 開放 (無驗證) - 只在網路不安全時才使用此選項。Open (no authentication) - Only use this option if the network is unsecured.
    • WPA/WPA2 - 個人WPA/WPA2 - Personal
    • 4WEP

僅適用於企業設定檔的 Wi-Fi 設定Wi-Fi settings for enterprise profiles only

  • EAP 類型 - 選擇可延伸驗證通訊協定 (EAP) 類型,以驗證下列類型的安全無線連線:EAP type - Choose the Extensible Authentication Protocol (EAP) type used to authenticate secured wireless connections from:
    • EAP-FASTEAP-FAST
    • EAP-SIMEAP-SIM
    • EAP-TLSEAP-TLS
    • EAP-TTLSEAP-TTLS
    • LEAPLEAP
    • PEAPPEAP

當您選擇 EAP 類型的其他選項Further options when you choose an EAP type

設定名稱Setting name 詳細資訊More information 使用時機Use when
受保護的存取認證 (PAC) 設定Protected Access Credential (PAC) Settings 請選取此項目,以使用受保護的存取認證,用來建立用戶端與驗證伺服器之間已驗證的通道。Select to use protected access credentials to establish an authenticated tunnel between the client and the authentication server. 選取下列其中一項︰Select one of:
- 使用 PAC - 若已有 PAC 檔案,即使用現有的 PAC 檔案。- Use PAC - Use an existing PAC file is used if present.
- 使用及佈建 PAC - 將 PAC 檔案佈建到您的裝置。- Use and Provision PAC - Provision the PAC file to your devices.
- 匿名使用及佈建 PAC - 將 PAC 檔案佈建到您的裝置,並確定已佈建 PAC 檔案,所以無須驗證伺服器。- Use and Provision PAC Anonymously - Provision the PAC file to your devices and ensure that the PAC file is provisioned without authenticating the server.
EAP 類型是 EAP-FASTEAP type is EAP-FAST

伺服器信任Server Trust

設定名稱Setting name 詳細資訊More information 使用時機Use when
憑證伺服器名稱Certificate server names 指定您信任之憑證授權單位 (CA) 核發行的憑證中所用的一或多個通用名稱。Specify one or more common names used in the certificates issued by your trusted certificate authority (CA). 如有提供此資訊,可以略過連線到此 Wi-fi 網路時,使用者裝置上顯示的動態信任對話方塊。If you provide this information, you can bypass the dynamic trust dialog that is displayed on end users devices when they connect to this Wi-Fi network. EAP 類型是 EAP-TLSEAP-TTLSPEAPEAP type is EAP-TLS, EAP-TTLS, or PEAP.
伺服器驗證時使用的根憑證Root certificate for server validation 選擇信任的根憑證設定檔來驗證連線。Choose the trusted root certificate profile used to authenticate the connection. EAP 類型是 EAP-TLSEAP-TTLSPEAPEAP type is EAP-TLS, EAP-TTLS, or PEAP
識別隱私權 (外部識別)Identity privacy (outer identity) 指定在回應 EAP 識別要求時傳送的文字。Specify the text sent in response to an EAP identity request. 此文字可以是任何值。This text can be any value. 在驗證期間,一開始會先傳送此匿名識別,隨後以安全通道傳送真正的識別。During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel. EAP 類型是 PEAPEAP type is PEAP

用戶端驗證Client Authentication

設定名稱Setting name 詳細資訊More information 使用時機Use when
用戶端驗證時使用的用戶端憑證 (識別憑證)Client certificate for client authentication (Identity certificate) 選擇 SCEP 或 PKCS 憑證設定檔,以驗證連線。Choose the SCEP or PKCS certificate profile used to authenticate the connection. EAP 類型是 EAP-TLSEAP type is EAP-TLS
驗證方法Authentication method 選取連線的驗證方法:Select the authentication method for the connection:
- 憑證 - 選取 SCEP 或 PKCS 用戶端憑證作為提供給伺服器的身分識別憑證。- Certificates to select the SCEP or PKCS the client certificate that is the identity certificate presented to the server.

- 使用者名稱及密碼 - 指定不同的驗證方式。- Username and Password to specify a different method for authentication.

若選取 [使用者名稱及密碼],請設定︰If you selected Username and Password, configure:

- 非 EAP 方法 (內部識別),然後再選取驗證連線的方式︰- Non-EAP method (inner identity), then select how you will authenticate the connection from:
- - None
- 未加密的密碼 (PAP)- Unencrypted password (PAP)
- Challenge Handshake 驗證通訊協定 (CHAP)- Challenge Handshake Authentication Protocol (CHAP)
- Microsoft CHAP (MS-CHAP)- Microsoft CHAP (MS-CHAP)
- Microsoft CHAP 第 2 版 (MS-CHAP v2)- Microsoft CHAP Version 2 (MS-CHAP v2)
可用的選項取決於您所選取的 EAP 類型。The available options depend on the EAP type you selected.

and

- 識別隱私權 (外部識別) - 指定回應 EAP 識別要求時所要傳送的文字。- Identity privacy (outer identity) - Specify the text sent in response to an EAP identity request. 此文字可以是任何值。This text can be any value. 在驗證期間,一開始會先傳送此匿名識別,隨後以安全通道傳送真正的識別。During authentication, this anonymous identity is initially sent, and then followed by the real identification sent in a secure tunnel.
EAP 類型是 EAP-TTLSEAP type is **EAP-TTLS* or *