The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Óscar Remírez de Ganuza Satrústegui <oscarrdg AT unav.edu>]

Good morning,

Very interesting development, indeed. Thank you very much for the information.

Out of curiosity, which captive-portal are you referring to that is going to support this standard?

Aruba Clearpass next major version is going to be 6.11, but I could not find any information of planned support of this capport API anywhere.

Does anyone know any other captive portal implementation that support this new standard?

Thank you very much again.

Regards,

On Mon, Jul 18, 2022 at 3:11 PM "Johnson, Christopher" <cat-users AT lists.geant.org> wrote:

Something to keep your eye on. User experience has a chance of improving in the future with the adoption of the new Captive Portal Standards (RFC8910 and RFC8908) – where captive portal is communicate through DHCP Option 114 – and Captive Portal status is communicated to the Client via API Server. Currently support by iOS 14, macOS, and Android 12. It definitely is showing promise is minor testing was able to do with Android. We’ve heard that our captive-portal/radius server will support the new standard in 6.11. OpenNDS currently support this - https://github.com/openNDS/openNDS [Open CPI].

 

Android 11/12 - developer.android.com/about/versions/11/features/...
iOS 14+ - developer.apple.com/news/?id=q78sq5rv

 

https://capport.net/

https://datatracker.ietf.org/doc/html/rfc8910

https://datatracker.ietf.org/doc/html/rfc8908

 

From: cat-users-request AT lists.geant.org <cat-users-request AT lists.geant.org> On Behalf Of Eleanor Coultish
Sent: Friday, July 15, 2022 10:34 AM
To: cat-users AT lists.geant.org
Subject: [[cat-users]] Onboarding/setup ssid

 

This message originated from outside of the Illinois State University email system. Learn why this is important

Hi,

 

Apologies for cross posting with one of the Jisc groups but I thought people on here might have some additional feedback. I'm looking at improving the user experience of our onboarding/setup ssid and have hit a few issues so I was wondering how other institutions implement this.

 

I envisaged a user would connect to our setup ssid which most devices automatically detect as a captive portal and redirect the user to a 'sign-in' setup page. This page is an information page of how to connect with a link to the eduroam cat tool so that users can configure their devices to connect to eduroam. The ssid has an allow/white list to various websites to give users access to the tools required to configure their devices. These are the problems I've hit so far with this:

Apple:
Apple devices check for connectivity to captive.apple.com and when they can't reach that they fire up the CNA (Captive Network Assistant). This doesn't have full browser capability and doesn't allow a user to download the mobile config file that's required to configure their device. Has anyone found a way around this? The only solution I've found is that I can bypass CNA on the captive portal (Aruba) which means the user has to open a web browser the navigate to the setup page.

 

Android:

To enable download of the geteduroam app from Google Play I have to whitelist www.google.com. With that url in the whitelist Android thinks it has Internet access so doesn't redirect to the captive portal to display the 'sign-in' setup page. Again the user would have to open a web browser and browse to the setup page.

 

My thinking was that the automatic redirect was a better user experience. Am I fighting a losing battle trying to use the automatic detection of the captive portal to direct users to a setup page for onboarding? Should I just whitelist the url's that detect this and recommend going through the browser? I'm interested in how other institutions have this set up and what the user experience is?

 

Thanks,

Eleanor Coultish
Network Operations Manager

 

IT Services

Directorate of Technology, Estates and Facilities
University of York | Heslington | York | YO10 5DD
+ 44 (0)1904 328467

EMAIL DISCLAIMER http://www.york.ac.uk/docs/disclaimer/email.htm

To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users

To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users

--

---

Oscar Remírez de Ganuza Satrústegui
Technology and IT Operations
IT Services

T: +34 948425600 x803130
oscarrdg AT unav.es

---

Este mensaje puede contener información confidencial. Si usted no es el destinatario o lo ha recibido por error, por favor, bórrelo de sus sistemas y comuníquelo a la mayor brevedad al remitente. Los datos personales incluidos en los correos electrónicos que intercambie con el personal de la Universidad de Navarra podrán ser almacenados en la libreta de direcciones de su interlocutor y/o en los servidores de la Universidad durante el tiempo fijado en su política interna de conservación de información. La Universidad de Navarra gestiona dichos datos con fines meramente operativos, para permitir el contacto por email entre sus trabajadores/colaboradores y terceros. Puede consultar la Política de Privacidad de la Universidad de Navarra en la dirección: https://www.unav.edu/aviso-legal

 

This email message may contain confidential information. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments.  The personal information included in email messages exchanged with employees of the University of Navarra may be stored in the database of your interlocutor and/or the servers of the University for the time-period stipulated by its internal information storage policy. The University stores such data for purely administrative purposes, to facilitate e-mail contact between its employees and third parties. The University of Navarra Privacy Policy may be accessed at https://www.unav.edu/aviso-legal      

 

Antes de imprimir este mensaje o sus documentos anexos, asegúrese de que es necesario. Proteger el medio ambiente está en nuestras manos.
Before printing this e-mail or attachments, be sure it is necessary. It is in our hands to protect the environment.