# Android ## Configuration steps 1. Log in to [Microsoft Intune](https://intune.microsoft.com/) 2. Navigate to **Devices** and subsequently **Configuration profiles** 3. Then click **Create > New policy** 4. As **Platform** select your Android device type 5. Search the **Profile type** templates for **Wi-Fi** and select it 6. Click **Create** and provide a descriptive name and optional **Description** 7. As **Wi-Fi type** select **Enterprise** 8. Enter your **SSID** 9. As **EAP type** choose **EAP - TLS** 10. Next, as **Radius server name** add the * **Subject Alternative Name (SAN)** of your *active* RADIUS [**Server Certificate**](https://docs.radiusaas.com/admin-portal/settings/settings-server#server-certificates) . This property can be found by expanding the active server certificate and copying the relevant value.

11\. For the **Root certificates for server validation** select the Trusted certificate profile you have previously created for the RADIUS Server Certificate. 12\. Under **Client Authentication** select **Certificates** as **Authentication method** 13\. Finally, under **Certificates** select the SCEP profile you would like to use for authentication. All other settings can be configured according to your own needs and preferences. {% hint style="info" %} Some Android kiosk devices require a value for **Identity privacy (outer identity)**. Please consider this when you are having issues authenticating against the WiFi network with such devices. {% endhint %} ![](https://1222554226-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSWU1DQ4UGkqER7uGNUOm%2Fuploads%2FTilY5Sqamt8u8GhSb8Sv%2F2024-06-03_21h31_46.png?alt=media\&token=df601531-cdaa-44a1-982a-4384b20e004b) ## Common configuration issues See [Troubleshooting](https://docs.radiusaas.com/other/troubleshooting#intune-configuration-issues).