Same here at 'Deis. A Brandeis user connecting to eduroam is treated exactly the same as they would be if they were connecting to our legacy branded secure network. We are using a lot of role-based magic from AD and enterprise LDAP.
Also, there are some tweaks you can do in RADIUS to allow non-user devices to connect to eduroam with an "@fqdn" account (as long as they aren't expected to leave campus: Cisco wireless phones, wireless printers, ticket readers, etc) Tim Cappalli, Network Engineer LTS | Brandeis University x67149 | (617) 701-7149 [email protected] -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Julian Y Koh Sent: Sunday, November 03, 2013 9:58 PM To: [email protected] Subject: Re: [WIRELESS-LAN] Eduroam rollout- one more time On Nov 1, 2013, at 11:34 , Lee H Badman <[email protected]> wrote: > > Go the easy path, and push it the Eduroam SSID everywhere, as an additional WLAN, and live with the fact that it won’t get a lot of use in most places and puts management traffic in the air that isn’t generally going to be used. This is what we did at NU. We do some role-based stuff on the back end such that if an NU person connects to eduroam, they get the same IP addressing and setup as if they use our regular 802.1X SSID. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
