The Hotspot 2.0 specification recommends the following general settings for the 802.11u operator:
- WPA2-Enterprise Security (802.1X) enabled
- Authentication using EAP with the corresponding variant:
- EAP-SIM/EAP-AKA for authentication with SIM / USIM card
- EAP-TLS for authentication with a digital certificate
- EAP-TTLS for authentication with a username and password
- Enabled and properly configured ARP proxy
- Disabled multicasts and broadcast in cellular networks
- Non-approved data traffic between the cellular network devices (Layer 2 traffic inspection and filtering). The corresponding settings can be found in LANconfig under .
- Enabled and implemented firewall on the access router, which provides Internet access
