Here at Rice since we began offering campus wide Wi-Fi, we have had a "Visitor" SSID that uses a captive web-portal that displays our Acceptable Use Policy and an accept button. The goal 10 years ago was to make it as easy as Wi-Fi at a hotel, etc. This visitor SSID maps to a Visitor VRF, and is restricted in that it cannot use on campus resources (except DNS and DHCP) - we treat it as if you're connecting via AT&T, Comcast, TWC, etc. among other restrictions. In the event we have someone do something wrong, we black hole that MAC address - if we cannot identify them someway else.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ashfield, Matt (NBCC) Sent: Thursday, February 20, 2014 11:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] open guest access? Hello, I'm just wondering what people are doing in terms of guest access authentication. We are currently doing web-portal auth with guest accounts, but with the advent of free wifi all over the place, I'm wondering why we are forcing our guests to authenticate if we are only offering "internet" services to them? Obviously, authentication is great for tracking down users during incidents, but I'm wondering what the legal obligation is, particularly for those of us in Canada? Why can Tim Horton's do it, but not us? Any info/advice is appreciated. Thanks Matt Ashfield NBCC !DSPAM:911,53063f3f303731537788910! ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.