Select the OS you want to configure. In this case we will select Windows, but the setup is similar for other OS.
Click on Configuration Profiles.
Click on the “Create” Button at the top of the list.
Select “Windows 10 and later” as the platform.
Select “Templates” as the profile type.
Select “Wi-Fi” as the template.
Click on “Create” at the bottom of the page.
Fill in the “Name” and “Description” fields.
Click on “Next”.
Select “Enterprise” as the Wi-FI type.
Fill in the SSID of your Wi-Fi network (Case sensitive).
Enter the connection name (This is a friendly name for your users).
Select your connection preferences (if you want it to automatically connect when in range, etc.).
Select the authentication mode as user.
Select if you want want to cache the user credentials.
Set the authentication period (how long before the authentication fails) to 60 seconds.
Set the authentication retry delay to how many seconds you want to wait before retrying the authentication.
Set the number of maximum authentication attempts.
Set Single Sign-On to “Disable”.
Leave “Enable pairwise master key (PMK) caching” set as “No”.
Set the EAP type to “EAP-TTLS”.
Set the server Root Certificate Name Issuing Certificate that you used to create your RADIUS Server certificate
If you used the EZRADIUS Automatically generated certificate you can download it from your EZRADIUS Authentication Policy and Upload it as a trusted CA in Intune.
Set “Username and Password” as the Authentication Method.
Set Unencrypted Password (PAP) as the Inner Authentication Method (Don’t worry the password is encrypted by the EAP-TTLS tunnel, it is not sent unencrypted over the air).
Click on “Next”.
Select the users, groups or devices you want to deploy this profile to.