On Mar 10, 2014, at 1:03 PM, Danny Eaton <[email protected]> wrote:
> That setup is similar to what we're doing - if any of our @rice.edu users > join the eduroam, we then assign them in either the 'staff/faculty' or > 'student' role/VLAN group which maps to a specific MPLS/VPN. If someone > from @*.edu joins, they get assigned to our 'visitor' role/VLAN group which > also maps to our visitor MPLS/VPN. Danny, @rice.edu gets assigned to specific VLANs @*.edu gets assigned to visitor VLANs What about @other-R&E-domains (.ac.it, .nih.gov, nyser.net,...)? Are you really selecting on @*.edu, or you are passing all others to the visitor VLAN? Thanks, Philippe www.eduroam.us > > We've been considering this problem as part of our eduroam deployment (we're > still in the configuring and testing stage, no services offered yet), and we > decided one of our goals would be that instead of trying to force students > to pick the right one, that we would instead configure the network side so > that our users didn't have to care. > > Remember that the identity provided for eduroam has the university name as > the realm. Our plan is to take any users that identify with our realm of > wpi..edu to the eduroam SSID, and send back a RADIUS attribute that drops > them on the same VLAN as our primary university SSID. (In our case we're > also keying off of the client MAC address and correlating with our IPAM > registration database, but that's an optional extra step.) That way any of > our users can connect to either the university SSID or eduroam and get > exactly the same connectivity, while any external eduroam guests get dropped > onto our guest VLAN. > > Simple, clean, and completely transparent to our users. > > Frank Sweetser fs at wpi.edu | For every problem, there is a solution > that > Manager of Network Operations | is simple, elegant, and wrong. > Worcester Polytechnic Institute | - HL Mencken > > On 03/10/2014 11:51 AM, Linchuan Yang wrote: >> Dear All >> >> Good morning. We noticed that most our iphone clients connect to the > "eduroam" >> SSID automatically when they step into the campus (not our normal SSID >> for students, faculty, and staff). And the encryption and security >> settings are same between these two SSIDs. These clients have to >> manually change the wireless configuration on the iphones, and they can > connect to our normal SSID. >> >> We are using Cisco WLCs, and other devices (e.g. laptops, Android, >> etc.) do not have this problem. >> >> Do you have the similar issue with your wireless network? Is there any >> connection strategies of iphone? >> >> Thank you, and have a nice day. >> >> Yours, >> >> Linchuan Yang (Antony) >> >> Wireless Networking Analyst >> Network Assessment and Integration, >> IITS-Concordia University >> Tel: (514)848-2424 ext. 7664 >> >> ********** Participation and subscription information for this >> EDUCAUSE Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > !DSPAM:911,531de9ef44331645698605! > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
