> Liberty University | Training Champions for Christ since 1971
> >
> > -Original Message-
> > From: Arran Cudbard-Bell [mailto:a.cudba...@freeradius.org]
> > Sent: Friday, November 29, 2013 2:25 PM
> > Subject: Re: 802.1x vs web-portal
> >
> > On 1
n Cudbard-Bell [mailto:a.cudba...@freeradius.org]
> Sent: Friday, November 29, 2013 2:25 PM
> Subject: Re: 802.1x vs web-portal
>
> On 19 Nov 2013, at 21:00, Ken LeCompte wrote:
>
>> One major consideration is that the use of https for more and more webpages
>> is res
Services
(434) 592-4229
Liberty University | Training Champions for Christ since 1971
-Original Message-
From: Arran Cudbard-Bell [mailto:a.cudba...@freeradius.org]
Sent: Friday, November 29, 2013 2:25 PM
Subject: Re: 802.1x vs web-portal
On 19 Nov 2013, at 21:00, Ken LeCompte wrote
On 19 Nov 2013, at 21:00, Ken LeCompte wrote:
> One major consideration is that the use of https for more and more webpages
> is resulting in more confused users not getting redirected to captive portal
> login pages.
A workaround for some devices would be to to add a WISPr responder to the
p
TSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
My problem with these approaches is their proprietary nature. I wonder how
this has been addressed/discussed in the IEEE groups...
Ryan H Turner
Senior Network Engineer
The Univers
EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Turner, Ryan H
>> Sent: Wednesday, November 20, 2013 3:16 PM
>> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
--Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Turner, Ryan H
> Sent: Wednesday, November 20, 2013 3:16 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] 802.1x
PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
My problem with these approaches is their proprietary nature. I wonder how
this has been addressed/discussed in the IEEE groups...
Ryan H Turner
Senior Network Engineer
The University of North Carolina at C
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis, Bruce
Sent: Wednesday, November 20, 2013 3:05 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
On Nov
ERV.EDUCAUSE.EDU] on behalf of Coehoorn, Joel
> [jcoeho...@york.edu]
> Sent: Wednesday, November 20, 2013 9:24 AM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
>
> What I really want to provide is an HTTPS-like experience for my users
&
AUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
What I really want to provide is an HTTPS-like experience for my users
that just works: an SSL layer that doesn't care who you are, but still provides
meaningful encryption for the last 50 meters where your traffic is moving
through
te:
> Isn't that really a client supplicant issue though? You can send back a
> reason for authfailure, and then the client could prompt for a replacement
> password.
>
> --
> ian
> -Original Message-
> From: Fleming, Tony
> Sent: 20-11-2013, 14:22
> T
@LISTSERV.EDUCAUSE.EDU] on behalf of Coehoorn, Joel
[jcoeho...@york.edu]
Sent: Wednesday, November 20, 2013 9:24 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
What I really want to provide is an HTTPS-like experience for my users
that just works: an SSL layer that
a replacement
> password.
>
> --
> ian
> -Original Message-----
> From: Fleming, Tony
> Sent: 20-11-2013, 14:22
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
>
> I can tell you we use dot1x here with AD crede
t: Re: [WIRELESS-LAN] 802.1x vs web-portal
I can tell you we use dot1x here with AD credentials and it doesn't lend itself
to a good end-user experience. Our security policy requires password expiration
after 60 days. When a student's password expires we see an increase of wireless
rel
, 2013 9:22 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
I can tell you we use dot1x here with AD credentials and it doesn't lend itself
to a good end-user experience. Our security policy requires password expiration
after 60 days. When a stud
1:30 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
List seems to sum it up pretty well.
I think user wise dot1x is better ... "once setup". So while it may be more
of a pain to configure for some users, once configured the experience is much
be
ssage-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hanset, Philippe C
Sent: Wednesday, 20 November 2013 9:56 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
from the top of m
We use 802.1x to do machine auth on equipment that we own and that is in
the domain. We use Group Policy to push all of the settings. We have auth
type set to 'user or computer' once the user logs on it flips to user
auth. Its really cool because NAC will give the computer a 'Computer'
policy wh
from the top of my head...
###What's bad for the user:
-Captive portal: no encryption over the air, pesky re-authentication and
timeouts, no authentication of the infrastructure
(yes, when you accept that SSL Cert from RADIUS you actually authenticate the
infrastructure)
-802.1X: finicky supp
USE Wireless Issues Constituent Group Listserv
> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ken LeCompte
> Sent: Tuesday, November 19, 2013 4:00 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
>
> One major conside
On Nov 19, 2013, at 15:05 , Peter P Morrissey
wrote:
>
> Can anyone name an application that does not have strong encryption?
"Does not have strong encryption" != "Strong encryption is in use by default"
DNS springs to mind.
Heck, just leave tcpdump running when you wake a machine up from s
On 11/19/2013 4:05 PM, Peter P Morrissey wrote:
> Can anyone name an application that does not have strong encryption?
>
> I'm not arguing against 802.1x, because it works very well for us as users
> don't have to authenticate constantly on a portal, and we seem to do a very
> good job getting th
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
One major consideration is that the use of https for more and more webpages is
resulting in more confused users not getting redirected to captive portal login
pages. There is also the more obvious issue that client
UCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.1x vs web-portal
One major consideration is that the use of https for more and more webpages is
resulting in more confused users not getting redirected to captive portal login
pages. There is also the more obvious issue that client data is not encrypted
ov
One major consideration is that the use of https for more and more webpages is
resulting in more confused users not getting redirected to captive portal login
pages. There is also the more obvious issue that client data is not encrypted
over the air, although you could argue that more and more a
-LAN] 802.1x vs web-portal
Just wondering what people's thoughts are here regarding using the Web Portal
authentication vs 802.1x auth in your wifi networks. Obviously one big "pro"
for 802.1x is dynamic vlan assignment based on the users's credentials, but
certainly for web-por
Just wondering what people's thoughts are here regarding using the Web Portal
authentication vs 802.1x auth in your wifi networks. Obviously one big "pro"
for 802.1x is dynamic vlan assignment based on the users's credentials, but
certainly for web-portal the big "pro" is simplicity for the user
28 matches
Mail list logo