Robert, You are, of course, allowed to deactivate users that are reported for abuse. This is your institution's network!
Philippe On Nov 13, 2012, at 10:12 AM, "Colantuoni, Robert" <[email protected]<mailto:[email protected]>> wrote: OK – one more question – We currently handling security reports regarding abuse on our wireless network by looking up the IP/User and then pushing the user account into a “deact” group and filtering for that on the radius server. This cuts off the users network access without affecting their ability to check email and it can be automated on the operational side. Has anyone instituted a filter on their Eduroam realm that could disable user accounts if they are reported for abuse? What is the policy on this – can we do that? ----------------------------------- Robert G Colantuoni Senior Programmer Analyst CIT - Network and Classroom Services SUNY Buffalo [email protected]<mailto:[email protected]> 716.645.3552 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]<mailto:[email protected]>]On Behalf Of Hanset, Philippe C Sent: Tuesday, November 13, 2012 10:02 AM To: [email protected]<mailto:[email protected]> Subject: Re: [WIRELESS-LAN] Eduroam technical questions Lee, eduroam is EAP agnostic. All that the roaming does is pass the initial SSL/TLS tunnel to the home institution. Then in the tunnel, exchanges occur between your device and your home institution So, as long as your institution does a tunneled EAP, your are done. The visited institution has nothing to do with oyur EAP -method. EAP-TTLS, PEAP, EAP-TLS ... all tunneled will work Philippe On Nov 13, 2012, at 9:52 AM, Lee H Badman <[email protected]<mailto:[email protected]>> wrote: I have read through the most recent docs, not quite grasping: - If we use MS-CHAPv2 w PEAP on our campus, and that's all we want to use, does that exclude us from Eduroam? - If not, what happens when I roam to another campus that uses TLS, or visa versa? The goal is autoconnection, with no reconfig, but is everyone on Eduroam really and truly using the same EAP with no need to reconfigure as you roam campus to campus? Sorry to be thick, I realize a lot of time went in to the documents. Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found athttp://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found athttp://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
