We have 4 SSIDs for our residential hall areas (groupings of several
dorms), these are all secured with a PSK that is given out to the residents
of those particular dorms. The hope is to eventually move to
WPA2-Enterprise authing against AD, but Windows's ridiculous
(must..repress...rage) policy of not trusting CAs makes this problematic.
We have an unsecured network for academic buildings/everywhere else, for
students/staff/faculty. I am currently in the midst of creating a hidden
WPA2-Enterprise network that we're going to use for institutional devices
and use client certs we push out over AD. This won't use PF, though, but
will use Freeradius.
In the same locations we have our unsecured network, we have a PSK secured
network for guests with PF self-registration that is isolated from our
other networks. And finally, in our library, we have an unsecured public
network that is identical to our guest network, but with no encryption.
Our migration to PF and more secure networks (we were previously using a
home-grown captive portal system and no encryption) has been complicated
and slow, but we're making good progress. If you want more details, just
let me know. We've had many, many, many meetings and discussions about
campus wifi, byod, etc, and I'm happy to share what we've learned and the
problems we've encountered.
On Tue, Nov 5, 2013 at 11:30 AM, Max McGrath <[email protected]> wrote:
> Just throwing this out as a general question to PF users.
>
> We have two; a secure SSID and an open SSID. Only users with college
> credentials can login to the secure SSID. Anybody (guests or people with
> credentials) can login to the open SSID. Then you get thrown to a VLAN
> depending on SSID and role.
>
> Are others offering an SSID for faculty, an SSID for staff, an SSID for
> students and an SSID for guests? Or something completely different?
>
> Ultimately, I want to force everyone with credentials to use a secure
> SSID, but I'm seeing about a 50% success rate from Windows machines when
> attempting to connect to a secure SSID.
>
> Just curious...
> --
> Max McGrath
> Network Administrator
> Carthage College
> 262-552-5512
> [email protected]
>
>
> ------------------------------------------------------------------------------
> November Webinars for C, C++, Fortran Developers
> Accelerate application performance with scalable programming models.
> Explore
> techniques for threading, error checking, porting, and tuning. Get the most
> from the latest Intel processors and coprocessors. See abstracts and
> register
> http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
Fletcher Haynes <[email protected]>
Systems Administrator/Network Services Consultant
Willamette Integrated Technology Services
Willamette University, Salem, OR
Phone: 503.370.6016
------------------------------------------------------------------------------
November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
