Import your RadSec server CA certificate to your org.
Navigate to Organization > Admin > Settings. Add below CA certificate as trusted RadSec certificate and click Save.
Create an OpenRoaming enabled WLAN
You can create a WLAN either at a site level via Site > WLANs or via template at Organization > Wireless > WLAN Templates. Click on Add WLAN.
Select Security as WPA2 or WPA3 Enterprise, configure SSID name (SSID name does not matter):
Scroll down and enable Hotspot2.0 and select all OpenRoaming operators from the list (OpenRoaming-Settlement-Free, OpenRoaming-Settled, OpenRoaming-Legacy). Then move to Authentication Servers section, select RadSec from the dropdown, configure Server Name as to match your RadSec Proxy server name present in the server certificate, add server IP address(es) and set RadSec port 2083. Then click Save.
Provision your client devices
By default, Google Pixel phones, as well as Samsung phones have native capability to support OpenRoaming out of the box using either Samsung or Google account as user identity. For iOS and other platorms, there many options out there that provide OpenRoaming identity for either testing or production use in public venues. Follow the link below to find out more: