<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
"move closer" is just the message the wifi client is printing out - a very user-unfriendly message for forgetting to enter your domain. The problem is that our regular WiFi requires just a netid (no domain) and Eduroam requires the domain and it's a common
configuration mixup for our users. I think a good solution going forward would be to support the domain in regular Wifi (while also supporting just the netid for current configurations) and then advertise that in our documentation.</div>
<div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div id="Signature">
<div>
<div></div>
<div id="divtagdefaultwrapper" style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif">
<div style="font-family:Tahoma; font-size:13px">---
<div><span id="ms-rterangepaste-start"></span><span style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">Roberto Ullfig - rullfig@uic.edu</span><br style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">
<span style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">Systems Administrator</span><br style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">
<span style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">Enterprise Applications & Services | Technology Solutions</span><br style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">
<span style="font-family:arial,helvetica,sans-serif; font-size:13px; line-height:16.003px">University of Illinois - Chicago</span>
<div><span id="ms-rterangepaste-end"></span></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> radiator <radiator-bounces@lists.open.com.au> on behalf of Heikki Vatiainen <hvn@open.com.au><br>
<b>Sent:</b> Friday, July 23, 2021 10:41 AM<br>
<b>To:</b> radiator@lists.open.com.au <radiator@lists.open.com.au><br>
<b>Subject:</b> Re: [RADIATOR] we're sending empty realms to eduroam tlrs servers</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">On 23.7.2021 18.03, Ullfig, Roberto Alfredo wrote:<br>
> Can we specify the error message to return to the user with:<br>
> <br>
> RejectReason you must specify your domain...<br>
> <br>
> or must that be done on the wireless controller?<br>
<br>
I think the wireless controller would need to take Reply-Message <br>
attribute contents from Access-Reject and somehow send it to the <br>
wireless client.<br>
<br>
I'm not completely sure, but I don't think it's possible. The EAP <br>
messaging that goes over the wireless hop isn't capable to do it, I'd say.<br>
<br>
One option might be to create a Handler for realmless users that <br>
authenticates them and then drops them to a VLAN which is a walled <br>
garden. There they would always be redirected to a web page with <br>
information about what they should do to get full access. It might be a <br>
bit heave solution though.<br>
<br>
> Currently when a user fails to enter their domain the error message they <br>
> get says to "move closer".<br>
<br>
Is that something you generate locally or does it come from somewhere <br>
else, such as, eduroam?<br>
<br>
Thanks,<br>
Heikki<br>
<br>
> ---<br>
> Roberto Ullfig - rullfig@uic.edu<br>
> Systems Administrator<br>
> Enterprise Applications & Services | Technology Solutions<br>
> University of Illinois - Chicago<br>
> ------------------------------------------------------------------------<br>
> *From:* radiator <radiator-bounces@lists.open.com.au> on behalf of <br>
> Heikki Vatiainen <hvn@open.com.au><br>
> *Sent:* Wednesday, July 14, 2021 12:05 PM<br>
> *To:* radiator@lists.open.com.au <radiator@lists.open.com.au><br>
> *Subject:* Re: [RADIATOR] we're sending empty realms to eduroam tlrs <br>
> servers<br>
> <br>
> <br>
> On 13.7.2021 22.38, Ullfig, Roberto Alfredo wrote:<br>
>> So I noticed a doc here for handling empty realms:<br>
>> <br>
>> <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.geant.org%2Fpages%2Fviewpage.action%3FpageId%3D121346324&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RNp0yd6TCOW%2Fbrz6V2Gai1Z8UEMiYi0RZTN82HXjNdc%3D&reserved=0">
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.geant.org%2Fpages%2Fviewpage.action%3FpageId%3D121346324&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RNp0yd6TCOW%2Fbrz6V2Gai1Z8UEMiYi0RZTN82HXjNdc%3D&reserved=0</a>
<br>
> <<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.geant.org%2Fpages%2Fviewpage.action%3FpageId%3D121346324&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RNp0yd6TCOW%2Fbrz6V2Gai1Z8UEMiYi0RZTN82HXjNdc%3D&reserved=0">https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.geant.org%2Fpages%2Fviewpage.action%3FpageId%3D121346324&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RNp0yd6TCOW%2Fbrz6V2Gai1Z8UEMiYi0RZTN82HXjNdc%3D&reserved=0</a>>
<br>
> <br>
>> <br>
>> Are the Handlers executed in order from top to bottom?<br>
> <br>
> Yes. The handler order, Handler check items, '...' in <Handler ...>, and<br>
> Handler - Realm relationship is discussed in more detail here:<br>
> <br>
> <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffiles.radiatorsoftware.com%2Fradiator%2Fref%2FHandler.html&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7PeV5r7PeUvK4gsVkv90LQyC9JtQmAKyNBbfpXw9JSQ%3D&reserved=0">
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffiles.radiatorsoftware.com%2Fradiator%2Fref%2FHandler.html&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7PeV5r7PeUvK4gsVkv90LQyC9JtQmAKyNBbfpXw9JSQ%3D&reserved=0</a>
<br>
> <<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffiles.radiatorsoftware.com%2Fradiator%2Fref%2FHandler.html&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7PeV5r7PeUvK4gsVkv90LQyC9JtQmAKyNBbfpXw9JSQ%3D&reserved=0">https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffiles.radiatorsoftware.com%2Fradiator%2Fref%2FHandler.html&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7PeV5r7PeUvK4gsVkv90LQyC9JtQmAKyNBbfpXw9JSQ%3D&reserved=0</a>><br>
> <br>
> Thanks,<br>
> Heikki<br>
> <br>
> -- <br>
> Heikki Vatiainen <hvn@open.com.au><br>
> <br>
> Radiator: the most portable, flexible and configurable RADIUS server<br>
> anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,<br>
> EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,<br>
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.<br>
> _______________________________________________<br>
> radiator mailing list<br>
> radiator@lists.open.com.au<br>
> <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=dp4a19ZL9cZ4h2L23R%2BOKSu4AGR6QPf%2FudEomA6Vok8%3D&reserved=0">
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=dp4a19ZL9cZ4h2L23R%2BOKSu4AGR6QPf%2FudEomA6Vok8%3D&reserved=0</a>
<br>
> <<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=dp4a19ZL9cZ4h2L23R%2BOKSu4AGR6QPf%2FudEomA6Vok8%3D&reserved=0">https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C729062472404475be16308d946e9cede%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637618792275449703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=dp4a19ZL9cZ4h2L23R%2BOKSu4AGR6QPf%2FudEomA6Vok8%3D&reserved=0</a>><br>
> <br>
> _______________________________________________<br>
> radiator mailing list<br>
> radiator@lists.open.com.au<br>
> <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C8131db3bc1fa4b65f06c08d94df08e78%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637626517841023119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=84yoWdoCNRqG11z3xpzesjgTgHCRruX8dDnvO1ybEWw%3D&reserved=0">
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C8131db3bc1fa4b65f06c08d94df08e78%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637626517841023119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=84yoWdoCNRqG11z3xpzesjgTgHCRruX8dDnvO1ybEWw%3D&reserved=0</a><br>
> <br>
<br>
-- <br>
Heikki Vatiainen <hvn@open.com.au><br>
<br>
Radiator: the most portable, flexible and configurable RADIUS server<br>
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,<br>
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,<br>
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.<br>
_______________________________________________<br>
radiator mailing list<br>
radiator@lists.open.com.au<br>
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C8131db3bc1fa4b65f06c08d94df08e78%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637626517841023119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=84yoWdoCNRqG11z3xpzesjgTgHCRruX8dDnvO1ybEWw%3D&reserved=0">https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.open.com.au%2Fmailman%2Flistinfo%2Fradiator&data=04%7C01%7Crullfig%40uic.edu%7C8131db3bc1fa4b65f06c08d94df08e78%7Ce202cd477a564baa99e3e3b71a7c77dd%7C0%7C0%7C637626517841023119%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=84yoWdoCNRqG11z3xpzesjgTgHCRruX8dDnvO1ybEWw%3D&reserved=0</a><br>
</div>
</span></font></div>
</body>
</html>