RE: Cisco Prime Infraestructure 2.1 available
tl:dr It means that it's time to move to Aruba :D Bruce Osborne Network Engineer - Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Thursday, April 24, 2014 8:26 AM Subject: Re: Cisco Prime Infraestructure 2.1 available I'm a literate man, and for the life of me I can't make sense of . Prime Infrastructure 2.1 does not support any features that are introduced in Cisco WLC Releases 7.5.102.0 and 7.6.100.0 except the new access point platforms and the new mobility feature. -Lee Badman -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Francisco J. Medina Jimenez Sent: Thursday, April 24, 2014 7:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco Prime Infraestructure 2.1 available Hi, 1) Features supported: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1/release/notes/cpi_rn.html#pgfId-76626 Prime Infrastructure 2.1 enables you to manage Cisco WLC Releases 7.5.102.0 and 7.6.100.0 with the features of Cisco WLC 7.4.121.0 and earlier releases. Prime Infrastructure 2.1 does not support any features that are introduced in Cisco WLC Releases 7.5.102.0 and 7.6.100.0 except the new access point platforms and the new mobility feature. Prime Infrastructure 2.1 supports the following access points: 3700I/E,3700P,Cisco AP3600 with 802.11ac,702 I,1530I/E, 3600P 2) Upgrade path: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1/quickstart/guide/cpi_qsg.html#pgfId-56675 You can upgrade the following Cisco Prime Infrastructure (and predecessor) products to Cisco Prime Infrastructure 2.1: Cisco Prime Infrastructure 2.0.0.0.294, Cisco Prime Infrastructure 1.3.0.20 There is no upgrade path from version 1.4.x to version 2.1 at present. Regards. Fran. -- Francisco J. Medina Jiménez Universidad de Granada Centro de Informática y Redes de Comunicaciones Campus Fuentenueva. Edificio Mecenas 18071 - Granada - Spain ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: educating users about getting onto .1X
Here is our technical solution used in addition to communication. Our open SSID serves 2 purposes and is protected by a custom captive portal (DNS destination IP Address restricted) that presents 2 options. The first option directs the user to CloudPath Xpressconnect to onboard to our 802.1X SSID. The second option allows them to register a mac address and is designed for non-802.1X devices such as game consoles. Registered devices bypass the portal page, but we block our internal website Blackboard. No non-802.1X device needs that access. Users who try to access these denied sites get a portal page redirecting them to CloudPath XpressConnect to onboard to the Secure SSID. We have used this process for a couple of years without major issues. Bruce Osborne Network Engineer - Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Michael Dickson [mailto:mdick...@nic.umass.edu] Sent: Thursday, April 24, 2014 1:12 PM Subject: educating users about getting onto .1X Hi all, How are people spreading the word to their user community that they need to go to the onboarding SSID first to configure for the .1X SSID? A small but significant percentage of our users are not doing this inuitively. They are connecting to the .1X SSID first, perhaps because it contains the word SECURE in the SSID. Because most devices lack the basic ingredients for EAP-TTLS they never successfully authenticate. At that point they either give up and connect to our open SSID permanently or they go to the Help Desk who (surpise!) tells them they need to run the configuration utility by going first to the onboarding SSID. I realize this may be more of a communications problem than a technical one but I'd be interested to hear what folks are doing to steer their users to go to this SSID first to configure for that SSID. Thanks, Mike Michael Dickson Network Analyst Office of Information Technologies University of Massachusetts Amherst Voice 413.545.9639 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco Prime Infraestructure 2.1 available
I would go to Curaçao myself ;-) and Bonaire has great diving! (hint: ABC... Dutch Caribbean...though only Bonaire is a municipality of the Netherlands) Philippe Hanset www.eduroam.us On Apr 25, 2014, at 9:02 AM, Osborne, Bruce W (Network Services) bosbo...@liberty.edu wrote: tl:dr It means that it's time to move to Aruba :D Bruce Osborne Network Engineer - Wireless Team IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Thursday, April 24, 2014 8:26 AM Subject: Re: Cisco Prime Infraestructure 2.1 available I'm a literate man, and for the life of me I can't make sense of . Prime Infrastructure 2.1 does not support any features that are introduced in Cisco WLC Releases 7.5.102.0 and 7.6.100.0 except the new access point platforms and the new mobility feature. -Lee Badman -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Francisco J. Medina Jimenez Sent: Thursday, April 24, 2014 7:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco Prime Infraestructure 2.1 available Hi, 1) Features supported: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1/release/notes/cpi_rn.html#pgfId-76626 Prime Infrastructure 2.1 enables you to manage Cisco WLC Releases 7.5.102.0 and 7.6.100.0 with the features of Cisco WLC 7.4.121.0 and earlier releases. Prime Infrastructure 2.1 does not support any features that are introduced in Cisco WLC Releases 7.5.102.0 and 7.6.100.0 except the new access point platforms and the new mobility feature. Prime Infrastructure 2.1 supports the following access points: 3700I/E,3700P,Cisco AP3600 with 802.11ac,702 I,1530I/E, 3600P 2) Upgrade path: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1/quickstart/guide/cpi_qsg.html#pgfId-56675 You can upgrade the following Cisco Prime Infrastructure (and predecessor) products to Cisco Prime Infrastructure 2.1: Cisco Prime Infrastructure 2.0.0.0.294, Cisco Prime Infrastructure 1.3.0.20 There is no upgrade path from version 1.4.x to version 2.1 at present. Regards. Fran. -- Francisco J. Medina Jiménez Universidad de Granada Centro de Informática y Redes de Comunicaciones Campus Fuentenueva. Edificio Mecenas 18071 - Granada - Spain ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] 802.1X and Heartbleed...
On 15 Apr 2014, at 21:55, Jason Watts jwa...@pratt.edu wrote: Thanks for the clarification. FreeRADIUS 2.2.5 and 3.0.3 will contain heartbleed attack detection code which will not only prevent an attack, but also produce explicit log output indicating it was attempted. It has been confirmed that versions 2.2.5 and 3.0.3 are vulnerable when linked against a vulnerable version of libssl. Note: Even when updating to FreeRADIUS 2.2.5 and 3.0.3 if client libraries are linked against a vulnerable version of libssl, the server will be vulnerable to attack from compromised LDAP/SQL/HTTP servers if TLS is used to secure the connection. Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. signature.asc Description: Message signed with OpenPGP using GPGMail
Disabled 2.4 Radios not staying disabled
Anyone else seeing this? Cisco Wism2's ver. 7.6.100.10 (though I believe it affects all 7.6) When I disable radios config 802.11b disable ap_name the radios turn themselves back on after a config ap reset or power outage, changing AP Group's etc. Basically, when the AP reboots, the radio re-enables itself. TAC case pending. Mike Albano ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.