Skip to Content.

cat-users - Re: [[cat-users]] Cat Tool now not authenticating users

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive


Re: [[cat-users]] Cat Tool now not authenticating users


Chronological Thread 
    < Chronological >      < Thread >
  • From: Stefan Winter <stefan.winter AT restena.lu>
  • To: Chris Nelson <cnelson AT ceg-uk.com>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
  • Subject: Re: [[cat-users]] Cat Tool now not authenticating users
  • Date: Mon, 4 Apr 2016 14:53:11 -0300
  • Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66
Hi,

Hopefully you can help with this.
We did have eduroam working with android and ios devices but now it seems that when requests are coming through, something has changed and the requests are failing.
Looking at our set up we have the cn of the authentication server set as CBBH-DC-02.ceg.local
The current car cert file is still current but authentication requests are failing.

They hit our reverse proxy and this forwards onto the actual authenticating server.

We have a user (gchallis) who hasn’t recreated the ssid profile on his android device which works, but since there were changes to the cat tool everyone else with mobile devices that tries to set up eduroam on a new device, fails.

Any help with this would be great.


The configuration profiles pin both the server name and the issuing CA. If you have changed any one of the two, devices which are correctly configured will cease to connect.

We certainly didn't make any changes to CAT recently. So if there is now a mismatch between the CAT-side settings and what your RADIUS server produces during the authentication, then I'm inclined to think that either someone changed the CAT config for your institution, or someone has modified the RADIUS server.

Your last sentence seems to imply that you/someone made CAT-side changes. If it worked before but doesn't any more, maybe you shouldn't have made those changes ;-)

Greetings,

Stefan Winter


Cheers,
Chris

____________________________________________________________

This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you have received this e-mail in error please notify the
originator of the message. 

Any views expressed in this message are those of the individual
sender, except where the sender specifies and with authority,
states them to be the views of Cambridge Education Group.

Scanning of this message and addition of this footer is performed
by Sophos E-mail Filter appliance in conjunction with 
virus detection software.
CT
To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature


Archive powered by MHonArc 2.6.19.

Top of Page