You can add Wi-Fi networks to Chrome OS devices at any time. We recommend using the Google Admin console to create Wi-Fi profiles and then apply them to devices during the enrollment process. Any updates you make later to the Wi-Fi profiles are automatically pushed to devices.
Add a Wi-Fi network
On a computer other than the Chrome OS device you're setting up:
From the Admin console Home page, go to Devices.
- Click Networks Wi-Fi.
- To apply the setting to all devices, leave the top organizational unit selected. Otherwise, select a child organizational unit.
- Click Add Wi-Fi.
- Under Platform access, select Chromebooks (by device).
- Enter the details for your organization’s Wi-Fi network and set it to Automatically connect.
- Confirm that the Wi-Fi configuration options are correct and click Save.
Tip: In particular, pay attention to the SSID and passphrase, both are case-sensitive.
For more information about adding a Wi-Fi network, see Add a Wi-Fi configuration.
- Connect to an open or unfiltered network temporarily while you set up your devices. You can remove this network from the list of preferred networks later by following the instructions to forget a network at Manage Wi-Fi networks.
- Apply Wi-Fi networks by device instead of by user. This ensures that devices can access your Wi-Fi network at the sign-in screen.
- Test your network with a single Chrome device before enrolling a large number of devices.
- If you have different networks for different organizational units, make sure you select the correct organization when you add a Wi-Fi network . For information about setting up organizational units in your Admin console, see Add an organizational unit.
Advanced setup802.1x deployment
Chrome devices support 802.1x authentication via certificates that are installed for each user on the device. Device-level 802.1x certificates are not supported. You need to be on the network to download the certificate for each user. Therefore, you should set up an open WPA/WPA2-PSK network, or use USB-to-Ethernet adapters to load the certificates on the device.
For more information, see Manage client certificates on Chrome devices.
Organizations with network-filtering devices doing Transport Layer Security (TLS) inspection (also known as SSL inspection) generally require a custom root certificate. The certificate is added to the Authorities tab in chrome://settings/Certificates. While this custom certificate works for most user-driven web requests, some system-level requests don’t use the certificate. In these cases, you shouldn't rely on it to protect the user from certain kinds of security risks.
Instead, install a custom root certificate for all users who sign in to your organization’s enrolled Chrome devices.
For more information, see Set up TLS (or SSL) inspection on Chrome devices.