Richard Grainger wrote:> On Fri, Feb 23, 2018 at 11:22 AM, hw <hw at gc-24.de> wrote:
>
>> As a customer visting a store, would you go to the lengths of
configuring
>> your
>> cell phone (or other wireless device) to authenticate with a RADIUS
server
>> in
>> order to gain internet access through the wirless network of the store?
>>
>> From what I?m being told, everyone already has internet access with
their
>> cell
>> phones from their phone service provider and is apparently happy with
that
>> even though the amount of data they can transmit is ridiculously low.
So
>> why
>> would anyone do any configuring and have to worry about protecting ther
>> privacy
>> when and for using the wireless network of a shop they?re visting?
>>
>> I have no idea what the lengths of configuring might be other than that
>> anything
>> you try to do with a cell phone or a tablet is so extremely painful or
>> outright
>> impossible that I only touch them when I get paid for it. Perhaps
RADIUS
>> authentication is easy with such devices.
>
> Corporate mobile devices are typically configured using MDM to already
> have the company 802.1x profile so they "just work" on the
corporate
> WiFi.
MDM? I?ve never heared that before; might be worthwhile to look into.
> Guest mobile devices will connect to another SSID, which
> usually only allows access to the internet (sometimes after agreeing
> to a AUP via a captive web portal).
Yes, that?s one of the ideas. Another idea is to allow unregistered
customers access for a limited amount of time and allowing registered
customers (like regular customers having a customer card) an unlimited
amount of time. I have no idea yet how I would limit the time.
That requires some way to distinguish between customers, and it means
that distinguishing between devices is not sufficient for registered
customers.