Hotspot 2.0 (802.11u) with hostapd/wpa_supplicant

Scott Armitage s.p.armitage at
Tue Feb 11 03:29:30 EST 2014

On 10 Feb 2014, at 22:54, James Wood <james.wood at> wrote:

> Hi All
> I’m hoping you can help me with my testing of Hotspot 2.0 for some proof of concept trials.
> I have looked at the hostapd.conf examples and everything seems to make sense but I am wondering what the basic configuration options required are in order for a client device that supports Hotspot 2.0 to connect to the service.
> We traditionally use an open network with a captive portal authentication page, and are looking to take advantage of Hotspot 2.0 whilst still requiring the user to be redirected to our captive portal/login page.
> Am I right in thinking the below should suffice? Am I missing anything, or is any of this not required? Also, where does wpa_supplication fit in?
> Appreciate this is vague at this stage as I’m at the initial stage of seeing if this can work for us.
> interworking=1
> access_network_type=3
> internet=1
> asra=1
> esr=1
> uesa=1
> roaming_consortium=2233445566
> venue_name=eng:My venue
> network_auth_type=02
> ipv4_type=3
> hs20=1
> hs20_oper_friendly_name=eng:FreeWiFi
> Finally, a generic question (I’ve been reading up about Hostspot 2.0 in general but still not perfectly clear) is that how does authentication (ie EAP-TTLS) take place before the user even connects to the AP and we authenticate them via the captive portal page?

HS 2.0 only works on WPA2 Enterprise networks which use EAP authentication.  You don’t have to use EAP-TTLS you could use any EAP Method (PEAP, EAP-TLS, EAP-PWD, EAP-SIM etc.).  

Get your network EAP authenticating first, then look at the HS2.0 settings.  



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the HostAP mailing list