I’d pay a fair price for an easily administered solution that lets us roll out
PPSK in the dorms and deploy broadcast/multicast domains scoped to specific
users.
We run eduroam and a completely open guest SSID. The open SSID has no captive
portal, no click through terms of services, and no rest
Just a clarification. Android 10 generates a MAC address per ESSID for the
lifetime of the OS instance. It does not change daily.
From: The EDUCAUSE Wireless Issues Community Group Listserv
on behalf of Felix Windt
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv
Date: Friday
https://community.arubanetworks.com/t5/Wireless-Access/Android-Q-Randomized-MAC-Address-System-Default/td-p/526263
Trent Hurt
University of Louisville
From: The EDUCAUSE Wireless Issues Community Group Listserv
on behalf of Cappalli, Tim (Aruba
Security)
S
“We run eduroam and a completely open guest SSID. The open SSID has no captive
portal, no click through terms of services, and no restrictions on Internet
access for content or speed.”
I’m jealous Felix. I made a strong push for this approach, but General Counsel
stopped it. FWIW, I think the
We try to steer eduroam capable devices off our guest network by blocking the
ranges from authenticating to the main services portal. If students are trying
to do work, I hope they aren’t reduced to a PS4 web browser.
Thanks,
Joseph B.
From: The EDUCAUSE Wireless Issues Community Group Listser
Has anyone got the eduroam CAT working with EAP-TLS?
Couldn’t find a good way for loading the certificates.
May have missed the documentation for that portion.
From: The EDUCAUSE Wireless Issues Community Group Listserv
On Behalf Of Enfield, Chuck
Sent: Friday, September 13, 2019 8:42 AM
To: WI
We also run a completely open SSID. There is a captive portal, but it's at
the gateway rather than the wireless controller, so the same mechanism can
also handle wired connections, and it's only used for enforcement. New
visitors can get on the network without seeing the captive page.
*> to get t
The problem with out of band notifications is that you don’t know who is on an
unauthenticated network. Certainly it’s more than just students.
I’m not suggesting you should change to captive portal. While the statute is
reasonably clear on how to qualify for the protections, it’s unclear how
Thanks for the advice and help. We have tried importing the Root cert for WiFi
with no luck. However we did find something interesting using packet captures.
For AOS 6, during the DHCP negotiation, we found that both the discover and
request messages from the S8 are received by the DHCP server b
“Their rationale is that to get the protections afforded to ISP’s under DMCA we
need to inform users that they’re not allowed to share copyrighted materials
and that their connection will be blocked if they do. For account holders we
make them agree to these terms and more when they activate th
I won't argue for or against TLS or for other methods without understanding the
context and use case… What fits the risk/benefit/cost profile for a particular
community or subset? Observationally, eduroam reports show only 5% of visitors
to our university utilizing TLS.
We labbed up the MITM
11 matches
Mail list logo