Allow Domain in RADIUS requests
Presently, computer / user name must be stripped of domain in any context. This complicates things like group policy deployed VPN which would otherwise work perfectly with zero touch using Windows' built-in AD-based SSO mechanisms. All those built-in mechanisms (cert or password) include the domain name with no way to strip it at runtime.
Working on implementing a multi-department VPN + WiFi solution that splits the authentication back-end based on user or computers' domain. This works perfectly with a simple regex for WiFi (UBNT) already, but for Watchguard VPN the front-end RADIUS server has to be individually told every user it should forward over to that department's RADIUS server, instead of just looking at the domain.