Chapter 12
Pop quiz – roaming and proxying
- Yes, configuring roaming between RADIUS servers is not dependent on certain RADIUS server software. If the server software sticks to the standards in the RFC it should work easily.
- No, you can inform the visitor from
your-org.comthat he should be able to simply connect using the profile for theorg.comSSID without making any changes. The EAP requests toyour-org.comwill simply be proxied to the RADIUS server atyour-org.com. - The Dynamic VLAN assignment is most likely done through a RADIUS server that returns specific AVPs to specify the VLAN a user should be in. The administrator of the RADIUS server at
your-org.comhas probably neglected to assign a default VLAN to visitors frommy-org.com. - They most likely configured the special
DEFAULTrealm to forward requests from unknown realms to the RADIUS server atmy-org.cominstead of creating a dedicated realm formy-org.com.
