Hi,
How are people handling accounting records for your 802.1X wireless
networks with regard to TTLS and outer identity?
I found a discussion about this in 2006 (subject "802.1X accounting,
PEAP outer identity"). Back then the problem was acknowledged but not
resolved.
We use Radiator and PAP/EAP-TTLS. For Windows users we are offering
SecureW2.
If the outer identity were manually configured with the user's real ID
then we'd have accurate records. The problem occurs because people can
configure anything they want in the Outer Identity field (called Roaming
Identity in Windows). Leaving it blank is interpreted differently by
different supplicants (MacOS uses the inner identity, SecureW2 uses
"anonymous", etc..).
Has anyone found a way to map the outer identity to the inner identity
so that we can track users accurately as they roam?
Thanks,
Mike
*******************************
Michael Dickson
Network Analyst
University of Massachusetts
*******************************
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
