Create an Android WiFi Restrictions Policy

The Android WiFi Restrictions Policy lets you configure restrictions for WiFi network communication on managed Android devices. If you want to configure a new WiFi policy, instead use the Android WiFi Configuration Policy. This policy works for devices running Android 6.0 and later.

Prerequisites:

To create an Android WiFi Restrictions policy:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to DEVICE MANAGEMENT > Policy Management.
  3. In the All tab, click (+).
  4. On the New Policy panel, select the Android tab.
  5. Select the WiFi Restrictions policy from the list, then click configure.
  6. On the New Policy panel, optionally enter a new name for the policy, or keep the default. Policy names must be unique.
  7. For Policy Notes, enter details like when you created the policy, where you tested it, and where you deployed it.
  8. Under Settings, complete these fields:
    1. WiFi State - Choose whether the WiFi is on or off as a state and if the user can change the state. This setting is supported on company-owned devices running Android 13 and later.
      • User Choice (default)
      • Enabled
      • Disabled
    2. Minimum WiFi Security Level - Define the minimum WiFi security level required for the user to connect to WiFi networks. This setting is supported on fully managed and company-owned devices running Android 13 and later.
      • Open Network (default)
      • Personal Network
      • Enterprise EAP Network
      • Enterprise 192-bit Network
    3. Configure WiFi - Control the user's WiFi configuration privileges. Based on the option set, the user will have either full, limited, no control over configuring WiFi networks.
      • Allow User To Configure WiFi (default)
      • Disallow Adding New WiFi Configurations
      • Disallow User To Configure WiFi
    4. WiFi Direct Settings - This setting is supported on company-owned devices running Android 13 and later.
      • Allow WiFi Direct (default)
      • Disable WiFi Direct
    5. WiFi SSID Policy - Restrict WiFi SSIDs the device can connect to using either a deny list or an allow list. Note that this does not affect which networks can be configured on the device. This setting is supported on company-owned devices running Android 13 and later.
      • Denylist (default)
      • Allowlist
    6. WiFi SSIDs - Add one or more SSIDs to either the deny or allow list selected in the WiFi SSID Policy above.
    7. (Optional) WiFi Roaming Policy - Add one or more SSIDs and set a Roaming Mode policy for each:
      • Default Roaming
      • Aggressive Roaming
      • Roaming Disabled
    8. Select Allow Network Escape Hatch to enable access to a network escape hatch so users can temporarily connect to a network in order to refresh the device policy. This occurs if a network connection can’t be made when the user boots the device.

Note:

After applying the policy, the temporary network will be forgotten and the device will continue to boot.

  1. (Optional) Select the Device Groups tab. Select one or more device groups where you will apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.
  2. (Optional) Select the Devices tab. Select one or more devices where you will apply this policy.

Tip:

For this policy to take effect, you must specify a device or a device group.

  1. Click save.
Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case