The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Martin Pauly <pauly AT hrz.uni-marburg.de>]

Hi,

On 15.10.21 17:02, Tony Skalski wrote:
> Because we had a small window to make the change (~2 months) we used 
> another method. I took the opportunity to add the anonymous outer 
> identity to our new config and used the absence of said identity to 
> proxy the requests (from clients with the old config) to our old 
> RADIUS servers.

Isn't this exactly the same procedure as the one described by Jan-Frederik?
Except you had to implement the fork in RADIUS processing somewhere outside
the terminating RADIUS perhaps (NPS perhaps being not as flexible as 
Freeradius here).

The approach with two CA/Names living in parallel for some time sounds much 
cleaner, though.
If geteduroam can handle this on all platforms it supports, it will really 
ease this kind
of migration.

Greetings, Martin

--
  Dr. Martin Pauly     Phone:  +49-6421-28-23527
  HRZ Univ. Marburg    Fax:    +49-6421-28-26994
  Hans-Meerwein-Str.   E-Mail: pauly AT HRZ.Uni-Marburg.DE
  D-35032 Marburg

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature