GET IN TOUCH

hello@expandreality.io

Learn more about adding virtual private networks (VPNs) and Wi-Fi networks to Admin Centre. Plus, how to add and apply certificates, and information on networking requirements for Meta Quest for Business.

Networks

Add and manage a Virtual private network (VPN) for Meta Quest Devices

Add a VPN for Meta Quest Devices in Admin Centre

  1. Click Devices in the left menu of Admin Centre.
  2. Click Networks in the left menu.
  3. Click Create network in the top right.
  4. Select Virtual Private Network (VPN) and click Continue.
  5. Choose your VPN provider.
  6. Enter a name for the network (optional: add a description) and click Continue.
  7. Add an accessible domain name or IP address for the network.
  8. Choose Password or Certificate for authentication:
    • If Certificate, select a certificate from your library. (Learn how to add a certificate.)
  9. Optionally, customise the VPN with configuration parameters and unique identifiers.
  10. Click Confirm.

Edit or Delete a VPN in Admin Centre

  1. Click Devices in the left menu.
  2. Click Networks in the left menu.
  3. Click the three dots next to the VPN you want to edit or delete.
  4. Select Edit network or Delete network.
    • If Edit network, make changes and click Confirm.
    • If Delete network, review and click Delete.

Apply a VPN to Meta Quest Devices

After creating a VPN in Admin Centre, apply it to your Meta Quest devices.

Add and manage a Wi-Fi network for Meta Quest devices

Add a Wi-Fi Network for Meta Quest Devices in Admin Centre

  1. Click Devices in the left menu of Admin Centre.
  2. Click Networks in the left menu.
  3. Click Create network in the top right.
  4. Select Wi-Fi and click Continue.
  5. Enter the SSID (network name). Optionally, add a display name for Admin Centre.
  6. Choose whether to disable MAC address randomisation. (Disabling this keeps the device’s MAC address constant when connecting to Wi-Fi.)
  7. Select a security option:
    • WPA2: Enter the SSID and password required for the Quest device to connect.
    • WPA2 Enterprise (EAP-TLS): Enter the SSID, a trust certificate (CA certificate), and an optional authentication certificate for the device. (Learn how to add a certificate.)
    • WPA2 Enterprise (EAP-PEAP): Enter the SSID, a trust certificate, password, and the identity of the person connecting (e.g., email address). Optionally, add an anonymous identity.
  8. Click Confirm.

Edit or Delete a Wi-Fi Network in Admin Centre

  1. Click Devices in the left menu.
  2. Click Networks in the left menu.
  3. Click the three dots next to the Wi-Fi network you want to edit or delete.
  4. Select Edit network or Delete network:
    • Edit network: Make your changes and click Confirm.
    • Delete network: Review and click Delete.

Apply a Wi-Fi Network to Meta Quest Devices

 

Apply VPNs or Wi-Fi network for Meta Quest devices

Apply a Network to a Device Profile

  1. Click Devices in the left menu of Admin Centre.
  2. Click Device profiles in the left menu.
  3. Select the device profile you want to apply a network to.
  4. Click the Networks tab.
  5. Click Manage networks.
  6. Enter the names of the VPN or Wi-Fi networks you want to apply. Select them from the drop-down menu.
  7. Click Confirm.

Apply a Network to an Individual Meta Quest Device

  1. Click Devices in the left menu of Admin Centre.
  2. Find and select the device you want to apply a network to. (Networks can only be applied to devices configured independently.)
  3. Click the Networks tab.
  4. Click Manage networks.
  5. Enter the names of the VPN or Wi-Fi networks you want to apply. Select them from the drop-down menu.
  6. Click Confirm.

Certificates

Add and manage a certificate to apply to Meta Quest Devices

To apply a VPN or Wi-Fi network to your organisation's Meta Quest devices using certificate-based authentication, you need to add a certificate to Meta Admin Centre. 

You can choose one of two methods for distributing certificates to devices:

- Single File (Static): Upload a single certificate file for use with your network.
- SCEP (Dynamic): Allows devices to request and receive authentication certificates from a certificate authority (CA) in real-time.

Apply a certificate to a network in admin centre

To apply a certificate to a VPN or Wi-Fi network in Admin Centre, follow these steps:

  1. Click Devices in the left menu of Admin Centre.
  2. Click Networks in the left menu.
  3. Find the network you want to modify, then click Edit network next to it.
  4. If applying a certificate to a Wi-Fi network, select WPA2 Enterprise (EAP-TLS) or WPA2 Enterprise (EAP-PEAP). For a VPN network, select Certificate.
  5. Choose the certificate from your library.
  6. Enter any additional required information if needed.
  7. Click Confirm.

You can also apply a certificate to networks that currently use a password for authentication.

Apply a certificate to Meta Quest devices 

Apply a Certificate to a Device Profile

  1. Click Devices in the left menu of Admin Centre.
  2. Click Device profiles in the left menu.
  3. Select the device profile you want to update.
  4. Click the Certificates tab.
  5. Click Manage certificates.
  6. Enter the name of the certificate(s) you want to apply. Select the certificates from the drop-down menu.
    • Note: Certificates must be added to Meta Admin Centre before you can apply them.
  7. Click Confirm.

Apply a Certificate to an Individual Meta Quest Device

  1. Click Devices in the left menu of Admin Centre.
  2. Locate and select the device you want to update.
    • Note: Certificates can only be applied to devices configured independently.
  3. Click the Certificates tab.
  4. Click Manage certificates.
  5. Enter the name of the certificate(s) you want to apply. Select the certificates from the drop-down menu.
  6. Click Confirm.

Networking requirements

Networking requirements for devices enrolled onto meta Quest for Business

To ensure Meta Quest headsets and other devices (like desktops and mobile phones) can connect to Meta Quest for Business, make sure your company networks have the following domains, ports, and IP ranges unblocked and enabled:

Required Domains and Ports

Unblock and enable traffic to the following domains and ports:

  • meta.com: Ports 80 and 443
  • oculus.com: Ports 80 and 443
  • facebook.com: Ports 80 and 443
  • fbcdn.net: Ports 80 and 443
  • scontent.oculuscdn.com: Ports 80 and 443

Additional App-Specific URLs

You may need to add specific URLs provided by app developers to your network allowlist to ensure all necessary endpoints are reachable.

Additional Port Requirements

In addition to ports 80 and 443, consider unblocking the following TCP and UDP ports for device communication within your organization:

  • TCP Ports: 3478, 3479, 8080
  • UDP Ports: 40003, 40005, 40007, 40008
  • Recommended Range: 50000-59999

IP Ranges

To keep IP addresses up-to-date for Meta Quest for Business, use Facebook's autonomous system (AS) number AS32934. Run the following command to retrieve the current IP addresses: whois -h whois.radb.net -- '-i origin AS32934'

This command provides the latest IPv4 and IPv6 subnets. Run this command at least once a month to ensure accuracy.

Note: Allowlisting by IP address is not supported due to frequent changes in IP addresses.

Contact Us

Connect global teams. Collaborate with remote experts. Streamline processes and unlock cost savings with industry-ready extended reality technology.

Industries
Contact Info

hello@expandreality.io

Gemini Business Park

Sheepscar Way

Leeds

LS7 3JB

Terms and Conditions

© 2024 

All Rights Reserved | Expand Reality

Returns Policy