...
Prior to the university having any involvement with Eduroam, our wireless environment consisted of:
- Approximately Approximately fifty Cisco Aironet 1200 access points located over three campuses. No No wireless controller / mesh etc.
- Open Open access network with IPSec VPN connection required to access resources.
- Authentication back Authentication back end for dialup and VPN was Freeradius:
- Active Active Directory user database
- Freeradius Freeradius perl modules used for authorisation and some authentication whereby the the module interacts with a mysql database. This mechanism provided us with a a lot of flexibility.
Consideration
...
- We found ourselves well placed to do this due to our pre-existing Freeradius & Cisco infrastructure and the success others had reported with the the same setup.
- Implementation was not seen high priority, so the implementation would not be prioritised prioritised over other projects.
- We found found the documentation available on the Eduroam web site very useful - as a lot lot of it reflected our environment (Cisco Aironet APs & Freeradius).
- At At the end of 2005, we did some preliminary testing with multiple radius radius servers configured to proxy requests to one another and consulted with Chris Myers from Grangenet to get an idea of what was necessary to proceed.
...
It makes a lot of sense to have a single SSID carrying all traffic and to have users assigned to a vlan by our radius server. For this to happen, it will be implemented as part of a larger wireless expansion in the near future.