You are correct, my apologies. @rice.edu goes to 'staff' or 'student', @*.* goes to visitor.
> That setup is similar to what we're doing - if any of our @rice.edu > users join the eduroam, we then assign them in either the > 'staff/faculty' or 'student' role/VLAN group which maps to a specific > MPLS/VPN. If someone from @*.edu joins, they get assigned to our > 'visitor' role/VLAN group which also maps to our visitor MPLS/VPN. Danny, @rice.edu gets assigned to specific VLANs @*.edu gets assigned to visitor VLANs What about @other-R&E-domains (.ac.it, .nih.gov, nyser.net,...)? Are you really selecting on @*.edu, or you are passing all others to the visitor VLAN? Thanks, Philippe www.eduroam.us > > We've been considering this problem as part of our eduroam deployment > (we're still in the configuring and testing stage, no services offered > yet), and we decided one of our goals would be that instead of trying > to force students to pick the right one, that we would instead > configure the network side so that our users didn't have to care. > > Remember that the identity provided for eduroam has the university > name as the realm. Our plan is to take any users that identify with > our realm of wpi..edu to the eduroam SSID, and send back a RADIUS > attribute that drops them on the same VLAN as our primary university > SSID. (In our case we're also keying off of the client MAC address > and correlating with our IPAM registration database, but that's an > optional extra step.) That way any of our users can connect to either > the university SSID or eduroam and get exactly the same connectivity, > while any external eduroam guests get dropped onto our guest VLAN. > > Simple, clean, and completely transparent to our users. > > Frank Sweetser fs at wpi.edu | For every problem, there is a solution > that > Manager of Network Operations | is simple, elegant, and wrong. > Worcester Polytechnic Institute | - HL Mencken > > On 03/10/2014 11:51 AM, Linchuan Yang wrote: >> Dear All >> >> Good morning. We noticed that most our iphone clients connect to the > "eduroam" >> SSID automatically when they step into the campus (not our normal >> SSID for students, faculty, and staff). And the encryption and >> security settings are same between these two SSIDs. These clients >> have to manually change the wireless configuration on the iphones, >> and they can > connect to our normal SSID. >> >> We are using Cisco WLCs, and other devices (e.g. laptops, Android, >> etc.) do not have this problem. >> >> Do you have the similar issue with your wireless network? Is there >> any connection strategies of iphone? >> >> Thank you, and have a nice day. >> >> Yours, >> >> Linchuan Yang (Antony) >> >> Wireless Networking Analyst >> Network Assessment and Integration, >> IITS-Concordia University >> Tel: (514)848-2424 ext. 7664 >> >> ********** Participation and subscription information for this >> EDUCAUSE Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> > > ********** > Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at http://www.educause.edu/groups/. > > > > ********** > Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. !DSPAM:911,531e06ee44331756218522! ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
