> With non-web devices, it's becoming more common to have > 802.1x as a second authentication option, beyond the splash > page. (indeed, just yesterday I got word that my employer is > transitioning to this, and this is how many, if not most, > European universities work).
Speaking for my own customers (UK education), and what I know about other European universities, EAP is invariably the primary mode of authentication. Web-based authentication, if offered, typically provides access to a more tightly controlled network (and often one which uses different backhaul from the primary Campus connection). In any event, I would encourage you to consider a solution that avoids the use of EAP. EAP makes most sense where you have non-trivial policies to enforce. I don't think that's the case here. If you all need is some very limited connectivity, something like (for example) a well-known SSID that only forwarded to a well-known address would probably be acceptable to our customers. josh. JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
