EAP Session resumption && reply attributes
James J J Hooper
jjj.hooper at bristol.ac.uk
Sun Jan 17 22:49:38 CET 2010
On 17/01/2010 20:22, Alan Buxey wrote:
> Hi,
>
>> One thing to remember, is for *your* users roaming at other universities
>> to remember to remove the reply:User-Name attribute to protect the
>> guilty. :)
>
> the best thing to do for this is to create a new virtual server - eg 'eduroam' -
> which is identical to your normal stuff EXCEPT that it doesnt return VLANs etc.
> just ensure that this virtual server is only called when a request comes from
> the national proxies (or perhaps, just not one of your own NAS - eg properly
> assign your own NAS to their own internal virtual server) - et voila...you
> cannot accidentally mess up remote connections etc
yep - that's what we are already doing for eduroam ;-)
-James
More information about the Freeradius-Users
mailing list