RE: [WIRELESS-LAN] protecting AP's in a gym?
Our approach was pretty simple – we installed clock protection cages around the APs. They are metal wire and inexpensive. Thanks, Chris Adams University of North Georgia From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Tim Tyler Sent: Thursday, January 28, 2021 11:21 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] protecting AP's in a gym? CAUTION: External Sender – if suspicious, forward to s...@ung.edu<mailto:s...@ung.edu>. Wireless managers, We have some Aruba 325 AP’s in a gym and I am wondering what some of you use to protect them from physical damage such as a softball ball, etc? Do you use some sort of a cage? If so what? If it uses metal, does it interfere with your signal strength? Tim Tyler Network Engineer Beloit College ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=RVN9XuqbMcZFQ8wrTUN7VuWwqn-XIs_LCT8ZalGRzyg=Rgo-yrdb58YPv_yr9yMUn4Sx8LDKpCQNYhw82Hjb610=> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
RE: [WIRELESS-LAN] Wall plate APs and shared wall plates?
We’ve done the exact same thing for locations we’ve added hospitality WAPs to that had multiple data ports and coax. Cheap and easy. Thanks, Chris Adams, M.S., CISSP Associate CIO, Network & Telecom Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv On Behalf Of Stacey Frye Sent: Thursday, August 30, 2018 11:07 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wall plate APs and shared wall plates? We use HP and Aruba's hospitality APs (HP-417s and Aruba's 303H) in a couple of our dorms. We bought Legrand Wiremold receptacle boxes that we install directly next to the network/coax faceplates. We then install the AP's mount directly on this box. We use small 1ft cables to connect the AP to the network jack. It works pretty well for us and is a whole lot cheaper than having new wiring completed in these dorms as well as re-doing the faceplates. If it is done right, it looks pretty professional as well. Here<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.homedepot.com_p_Legrand-2D500-2Dand-2D700-2DSeries-2DShallow-2DSwitch-2Dand-2DReceptacle-2DBox-2DV5748S_202523810=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=rU4sd5s_gSlnX5DVoFGYKBvQ-Nf5fKXo60Ir3TGcHDQ=> is a link to the type of receptacle boxes we purchased for this project. Respectfully, Stacey Frye Network Administrator Office of Information Technology Services (ITS) [Image removed by sender.] Riverdale, NY 10471 Phone: 718-862-7499 sfry...@manhattan.edu<mailto:name.n...@manhattan.edu> www.manhattan.edu<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.manhattan.edu_=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=hecIiXZro3cOY_DhoLkDW4v9ZLjRrdg7WnvAbGVE_lc=> On Thu, Aug 30, 2018 at 10:56 AM Hales, David mailto:dha...@tntech.edu>> wrote: We’re looking at retrofitting a dorm for per room WAPs using some wall plate installed APs. The issue we’re looking at is that the current drop in each room has a network port and a cable TV port in a shared faceplate. Does anyone have a favorite workaround or product to get the F connector out around the wall plate WAP? Possibly a box extension with side ports or something along those lines? David Hales Network Systems Administrator Information Technology Services 1010 N. Peachtree Clement Hall 117 Cookeville, TN 38505 P 931-372-3983 F 931-372-6130 E dha...@tntech.edu<mailto:dha...@tntech.edu> www.tntech.edu/its<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.tntech.edu_its=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=rZdN9FZjH1UHMn5LMsGm0DdhpqIMCItcAfXRyIc25BM=> [Tennessee Tech Logo]<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.tntech.edu_=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=35s03KheaRgUhqO5orpgjBfCcJVhAM0ZelYAAxds5jg=> [TTU Facebook] <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_tennesseetech_=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=OumYeHhJ6_Oo9fDst5Pl4h0J7tZ9zt8XN-s3Qd-5v4A=> [TTU Twitter] <https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_tennesseetech=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=a9SvSGXFuTh3MyPGOisSjoZSzBzms8t77u1ztxupR_8=> [TTU Instagram] <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.instagram.com_tntechuniversity_=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=M2SMETlI0rPLourrZTQ-mdCcXAayTb3icwX8eG4C5nQ=> [TTU Youtube] <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_user_ttunews=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=uxltfVteuN5cMZF2tfdo_IZIIyj2boIWMoJu0VMLTD4=> [TTU Pintrest] <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.pinterest.com_tennesseetech_=DwMFaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=GmsAQWgJdORFS3oIAHVgiBkKhoRNWgvN0PgJ7kJsYqM=Kb_CuhDWutRmJuEOF-4Jt9-ThnoW45m__9JUubXcgjM=> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_discuss=DwMFaQ=FbBevciw
RE: Wireless Only in Student Housing?
1. We still offer wired/wireless, although we don’t install 1 port per pillow any more but rather 1 port per room to cut costs. We generally colocate the drops with coax. 2. Fewer ports has translated to lower cost of LV and switches. Hospitality WAPs seem to be a good compromise to keep LV station cables down while still providing ports. My preference is still to put WAPs overhead to avoid damage but hospitality WAPs have worked well in retrofits. 3. Catering to the “lowest common denominator” – AKA random devices that don’t play well with 802.1x and providing a fallback if there is a wireless experience issue. Our gaming students seem to appreciate throwing their console on the wired LAN for performance. The wired ports do tend to be abused more frequently in terms of rogue WAPs being installed. If I were to build an all-wireless dorm today, I’d still get some sort of conduit and boxes from the hallways into the rooms for future expansion. We’ve learned many lessons from old dorms not built for expansion. I wouldn’t be surprised if many years down the road FTTDR (dorm room) is a need. Thanks, Chris Adams, M.S., CISSP Associate CIO, Network & Telecom Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv On Behalf Of Edward Fishman Sent: Tuesday, August 28, 2018 11:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Only in Student Housing? Hello. I have been following this thread with great interest as we have a new student housing project in the works. My questions are: 1. Who was involved in the decision to go all wireless (or not) on your campus? 2. Were cost savings involved in the overall decision, if there were cost savings, considering the potential need for a greater density of APs? 3. From where was the greatest push-back not to go all-wireless? Conversely, who were the biggest fans of moving in the all-wireless direction? Thanks Edward M. Fishman Director of Networking and Systems Administration Division of Information Technology Stevens Institute of Technology 1 Castle Point on Hudson Samuel C. Williams Library - Lower Level Hoboken, NJ 07030 T 201-216-5147 | C 917-817-4088 http://www.stevens.edu<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.stevens.edu_=DwMGaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=9tfLFHuZdZgw2rEqojJaabE2Gi9WaL7XMGEdzUjl2ho=9p1gsb5Jvllvb6axdNJN1bz9SjAzOib4KeypqIlYwFk=> edward.fish...@stevens.edu<mailto:edward.fish...@stevens.edu> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_discuss=DwMGaQ=FbBevciwIvGuzsJQdDnze9uCWRSXekJosRCbxNiCfPE=2xyWjaGAJiQBS60SNfJGVrkSN3JvZBCiAkWZBLNrNQA=9tfLFHuZdZgw2rEqojJaabE2Gi9WaL7XMGEdzUjl2ho=DnWRtiY4zeeICz-xioxiLLADto3vHKYoIvMvfJ3VJmw=>. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Wireless Only in Student Housing?
This raises an interesting point, somewhat tangential to the original conversation. How do you determine & maintain a list of “supported” residential network devices? If someone brings in a later gen PS4 and has connectivity issues, will your staff lay hands on the device to resolve the connectivity concern? Or is the approach just to say that the devices has been known to be compatible in the past and verify that the network is working properly? We’ve had more tickets about ROKU TVs this fall than any other quantity of incidents, and trying to find a happy medium of providing connectivity VS supporting every device under the sun has been a point of controversy. Thanks, Chris Adams, M.S., CISSP Associate CIO, Network & Telecom Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv On Behalf Of Osborne, Bruce W (Network Operations) Sent: Monday, August 27, 2018 9:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Only in Student Housing? When we initially went from wired/wireless to wireless + port request, we initially pulled out $1million worth of switches to be reused in other projects. We have since moved to wireless only. In some cases of clients with poor NICs we provide temporary USB based loaner NICs. We have a list of supported wireless solutions for desktop systems. For gaming systems these days almost all can use wireless if the system if properly designed. This year we have dropped official support for the 1st Gen 2.4 only PS4 due to misbehaving wireless. Bruce Osborne Senior Network Engineer Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Enfield, Chuck [mailto:cae...@psu.edu] Sent: Friday, August 24, 2018 2:52 PM Subject: Re: Wireless Only in Student Housing? I don’t want to hijack Dan’s thread, but I wouldn’t mind adding to it if he doesn’t mind. I know from previous threads that lots of schools have gone Wi-Fi-only, and issues are minimal. But, as an institution that has both wired and wireless enabled throughout the residence halls, about 15% of our residents still plug in. It was easy for us to do both because we were really late to provide Wi-Fi, so our legacy wired network is still serviceable. At some point in the next couple years we’ll have to decide whether or not to replace it. That requires an assessment of the value proposition. 15% use seems to suggest that there’s still significant value in providing wired connectivity, but I’m not sure it satisfactorily answers the question. It’s safe to assume that some users really want that wired connection for good reasons, and other users who prefer a wired connection if it’s available, but really wouldn’t miss it if it wasn’t. It’s to determine how many each make up that 15%. I’m curious to hear from institutions that provide wired connections upon request. If you do that, how many get requested? Is it free, or is there a charge? If a charge, how much? …and anything else illuminating you can no-doubt contribute. Thanks, Chuck From: The EDUCAUSE Wireless Issues Constituent Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Entwistle, Bruce Sent: Friday, August 24, 2018 2:16 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless Only in Student Housing? Last year we converted our first residence hall to wireless only and there were minimal challenges. You could consider installing the small hospitality APs in the rooms and then there would be wired ports available if necessary. Bruce Entwistle Network Manager University of Redlands From: The EDUCAUSE Wireless Issues Constituent Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> On Behalf Of Daniel Wurst Sent: Friday, August 24, 2018 11:12 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Wireless Only in Student Housing? Hi All, We are looking into building a new student housing building and are considering going Wifi only for network connectivity. We were wondering if anyone else has gone the route of only allowing network connectivity via wireless. If so, can you share your experience, lessons learned, and advice. Thank you, Dan -- Daniel Wurst Network Engineer Denison University wur...@denison.edu<mailto:wur...@denison.edu> 740-587-6229 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://urldefense.proofpoint.com/v2/url?u=https-3A__na01.safelinks.protection.outlook.com_-3Furl-3Dhttp-253A-252F-252Fwww.educause.edu-252Fdiscuss-26data-3D02-257C01-257Ccae104-2540psu.edu-257C29aa1f2f55434c294dbe08d609edbf3e-257C7cf48d453ddb4389a9c1c115526eb52e-2
RE: [WIRELESS-LAN] Wireless Options
We use Aerohive, we are approaching ~1,900 WAPs across 5 campuses. 2) Our experience with the product has overall been good, we’ve seen good hardware options available and have seen continuous improvement in the management system. The newer system fixes many of our issues with the legacy classic management system such as log retention periods. PPSK has worked very well in our dorms and for IOT devices that don’t play well with dot1x. We love the AP250 with the first radio being SDR, having 2x 5ghz radios on the same WAP has been very beneficial to us. 3) Aerohive has somewhat recently fixed my 2 biggest areas of grief: they now offer a wall plate hospitality WAP which has made some of our dorms much more tenable to upgrade. Additionally, log retention for reporting is improved with NG, we used to only get 3-5 days within hivemanager itself. 5) No fault of Aerohive, but on some 802.3af WAPs, our switches (Aruba/HPE) were allocating the max wattage rather than actual or requested wattage which caused some challenges with power budgeting. This has been circumvented with an obscure CLI command. Cloud-style management rather than controller has been a big key. We ended up adding 4 additional campuses to our original deployment without having to be concerned about rolling extra controller hardware or failover licensing. Only the cost of the WAP hardware and it’s support. We run all of our WAPs on a on-premise VM but since it isn’t required for their operation, we have been able to do mid-day fixes and upgrades without disrupting connectivity. Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of John Rodkey Sent: Thursday, May 17, 2018 2:10 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Wireless Options Our college - about 40 buildings, 1200 students, 3500 wireless clients per day, currently 310 WAPs - is considering a major upgrade in WAPs, replacing a number that are 9 years old and no longer supported. We could replace with the latest model of our existing vendor, but want to consider all the feasible alternatives. We have a hard requirement that the controller be cloud-based, the system deal well with Mac clients, understand VLANs and an enterprise quality network, and have a rich set of configuration, logging, monitoring, and troubleshooting tools for dealing both with clients and access points. Responsive support is also required, and unsurprisingly total system cost is a significant issue. 3 vendors come to mind: Meraki, Ubiquiti, and Aerohive. Questions: 1) do other vendors come to mind that play well in this space? 2) what are your positive experiences with any of the above? 3) what are your negative experiences? 4) have you recently gone through this analysis, and if so, what were your conclusions? 5) what issues have you experienced with PoE capacity requirements with these devices? John Rodkey Director of Servers and Networks Westmont College ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Detection Methodology for Bluetooth Credit Card Skmmers ?
This app comes or similar to mind, I do not have any experience with it though. https://play.google.com/store/apps/details?id=skimmerscammer.skimmerscammer=en Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M Sent: Monday, February 19, 2018 2:21 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Detection Methodology for Bluetooth Credit Card Skmmers ? To comply with PCI requirements, I’ve been asked to find a way to detect Bluetooth devices that maybe being used by CC skimmers to steal card numbers and PIN’s. There are a lot of retail locations on campus, so some sort of automatic method would be preferable to walking around after hours with a spectrum analyzer. Thanks! -Neil -- Neil Johnson Network Architect The University of Iowa 319 384-0938 neil-john...@uiowa.edu<mailto:neil-john...@uiowa.edu> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: Apple Home Pod
We had our first ticket come in today requesting connectivity assistance in a dorm for Home Pod. According to the info provided to me, it sounds like the device doesn't play well if the source device and the pod are not on the same SSID and the home pod doesn't appear to support 802.1x. For example, if you want to have a iPhone on a dot1x SSID and the Home Pod on a PSK SSID, even if they are in the same VLAN, the set up will fail. This is causing some issues as we only provide PSKs for media/non-dot1x devices and require students with dot1x devices to use their credentials. Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Michael Dickson Sent: Monday, February 12, 2018 3:40 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Apple Home Pod Hi all, Wondering if anyone has had time in front of the new Apple Home Pod. According to the Apple support site "HomePod doesn't support public or subscription networks with sign-in requirements or enterprise-style deployments." This is not terribly surprising. What I'm really wondering is how useful is this device in an enterprise environment where L2 protocols are not allowed? The Amazon Echo family of products has 8 out of 9 feature categories supported by L3-only connectivity (only home automation is prevented). Is L2 protocol discovery totally necessary for Apple Home Pod? Thanks in advance, Mike Michael Dickson Network Engineer Information Technology University of Massachusetts Amherst 413-545-9639 michael.dick...@umass.edu PGP: 0x16777D39 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Wireless Door Locks?
Chuck, I think one of the biggest considerations for Wi-Fi locks is having a SLA or MOU for how network operations & maintenance would interact with the party responsible for the locks. The main justification for using Wi-Fi locks (that I’ve heard, anyway) is the reduced cost of bringing the doors “online.” Rather than cabling to each door, the onus for connectivity becomes an IT and Networking responsibility. With true out-of-band doors, if the wireless or network is down or under maintenance, no one’s access is affected. In the end, leveraging the wireless network to support these locks adds value to the network, but may add complexity to how it’s maintained. Most of this can be mitigated by cached credentials, etc, but is something to consider. Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield Sent: Monday, November 6, 2017 9:47 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless Door Locks? Hi Greg, Locks tend to have a very low network duty-cycle, so interference between the 802.15.4 network and 2.4GHz Wi-Fi will be minimal. That said, it may be worth considering Wi-Fi locks instead. That will ensure that they play well with other Wi-Fi devices and will spare the institution the cost of installing and managing a separate network for locks. On the down side of using Wi-Fi locks, the refresh cycle for Wi-Fi is shorter than for locks. If you have a bunch of locks reliant on outdated features it could hamper Wi-Fi performance down the road. The refresh cycle would have to be discussed with your facilities management, and/or security people. To the group, can you think of any other advantages/disadvantages of putting the locks on Wi-Fi? Chuck From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Monday, November 6, 2017 9:09 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Wireless Door Locks? It’s not what you’re asking, but we are using ASSA-ABLOY .11n locks. Fairly easy to support. Lee Badman (mobile) On Nov 6, 2017, at 8:32 AM, Gregory Fuller <gregory.ful...@oswego.edu<mailto:gregory.ful...@oswego.edu>> wrote: Haven't seen any recent discussion here about wireless door locks. Our physical access team is looking to install some wireless door locks in an administrative building. I can see it growing past this building pretty rapidly and want to make sure they aren't putting in something that is going to cause us headaches. They are looking to install Aperio "HUB's" as they call them: https://vo-general.s3.amazonaws.com/53aee5c6-9690-4c74-a82a-09f1d0f1ec68/d0vBYdO5QWWKURZqvp0w_AA%20Aperio%20Family%20Brochure.pdf?AWSAccessKeyId=AKIAJ3YBR5GY2XF7YLGQ=1582662909=inline%3B%20filename%3DAA%20Aperio%20Family%20Brochure.pdf=application%2Fpdf=920fJFxmRxXi9vkJ7zrIVHZao9o%3D This appears to be using some variant of 802.15.4, which has the ability to run between our 802.11g/n 2.4Ghz channels, but will cause co-channel interference. I'm a bit concerned that there will be some impact to our 2.4Ghz clients (we have a ton of them out there still). Anyone else out there have these or something similar and can speak for how they work and if there are any issues in your environment? --greg Gregory A. Fuller - CCNP R, CCNP Security, CCNA Wireless Network Manager State University of New York at Oswego Phone: (315) 312-5750 http://www.oswego.edu/~gfuller _ Campus Technology Services will never ask you to email us sensitive personal information such as a password. Please contact us if you are unsure if an email is genuine. (h...@oswego.edu<mailto:h...@oswego.edu>) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Portable Power for Mesh APs
It looks like this is for temporary use, but what kind of runtimes are you getting from this unit with a WAP attached? Thanks, Chris Adams From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of James Helzerman Sent: Saturday, October 7, 2017 10:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Portable Power for Mesh APs Either or. Looking to see if anyone else has done this type of thing. I was trying to find alternatives that are either cheaper or have a multi-purpose ability so its not a one time use. We use this for site surveys but is about $250 each and is only useful for PoE. It works very well and is nice to have the ethernet port pass through, unfortunately surveys or temp installations are its only useful purpose for me. For the temp event I would need 10-15 units. https://www.bhphotovideo.com/c/product/1220949-REG/veracity_vad_psp_pointsource_plus_battery_powered.html -Jimmy On Sat, Oct 7, 2017 at 9:59 PM, GT Hill <g...@gthill.com<mailto:g...@gthill.com>> wrote: Are you looking for a complete solution or a less expensive DIY? GT From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of James Helzerman <jarh...@umich.edu<mailto:jarh...@umich.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Saturday, October 7, 2017 at 8:20 PM To: <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: [WIRELESS-LAN] Portable Power for Mesh APs Hi. Is anyone using portable power for temporary Mesh APs? If so what model device are you using? Ie portable jump starter with AC outlets, portable battery pack with 802.3at power, etc. We have an event coming up and are looking at different ways to provide power to access points for 6 hours that will connect via Mesh. Some locations will have multiple access points so a single power source that has multiple outlets / connections would be ideal. Thanks, -Jimmy -- James Helzerman Wireless Network Engineer University of Michigan - ITS Phone: 734-615-9541 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. -- James Helzerman Wireless Network Engineer University of Michigan - ITS Phone: 734-615-9541 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] New Crazy Wireless Devices
What challenges have you experienced with the Nintendo Switch? Dot1x support? Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Carlton, Rick Sent: Wednesday, August 2, 2017 10:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] New Crazy Wireless Devices One of the more challenging devices so far is the Nintendo Switch. Rick From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Paul Reimer Sent: Wednesday, August 2, 2017 9:19 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] New Crazy Wireless Devices We've gotten a request about wifi enabled wall outlets in residence halls for controlling connected appliances and metering power usage. -Paul Reimer From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Peter P Morrissey Sent: Wednesday, August 2, 2017 9:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] New Crazy Wireless Devices "The most interesting new device to show up so far as been a Ring Doorbell system. " Never would of thought of that one! I guess knocking is just so 2008. Pete From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Michael Davis Sent: Tuesday, August 1, 2017 8:14 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] New Crazy Wireless Devices We're just starting to see some of the early groups start showing up on campus. The early trends seem to be Amazon Echo/Dots and Google Home systems, among the ever growing trend of Smart TVs. The most interesting new device to show up so far as been a Ring Doorbell system. thanks mike On 7/31/17 4:39 PM, Peter P Morrissey wrote: Wondering if anyone has noticed any new trends in popular wireless devices that we might expect returning students to want to connect in their residences when they return? Not being a gamer, this one was new to me. It apparently streams games on running on your laptop to your TV over a WiFi connection and also provides input for controllers. Seems like something that could use up a bit of bandwidth. The good news is that it appears to support 11ac. http://store.steampowered.com/app/353380/Steam_Link/<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fstore.steampowered.com%2Fapp%2F353380%2FSteam_Link%2F=02%7C01%7Crick.carlton%40VANDERBILT.EDU%7Cf88d6ff9075e464922d108d4d9b16622%7Cba5a7f39e3be4ab3b45067fa80faecad%7C0%7C0%7C63637280951976=LiJvxkaPHDm1xZdR0d6PlD8NbgEEVLKz7lQnwcmBjK8%3D=0> Pete Morrissey ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fdiscuss=02%7C01%7Crick.carlton%40VANDERBILT.EDU%7Cf88d6ff9075e464922d108d4d9b16622%7Cba5a7f39e3be4ab3b45067fa80faecad%7C0%7C0%7C63637280951976=W8G%2Fr%2BHhny0Z%2B7nh4Rx8URTe3wC8CtVzUSE30JjHPtc%3D=0>. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fdiscuss=02%7C01%7Crick.carlton%40VANDERBILT.EDU%7Cf88d6ff9075e464922d108d4d9b16622%7Cba5a7f39e3be4ab3b45067fa80faecad%7C0%7C0%7C63637280951976=W8G%2Fr%2BHhny0Z%2B7nh4Rx8URTe3wC8CtVzUSE30JjHPtc%3D=0>. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fdiscuss=02%7C01%7Crick.carlton%40VANDERBILT.EDU%7Cf88d6ff9075e464922d108d4d9b16622%7Cba5a7f39e3be4ab3b45067fa80faecad%7C0%7C0%7C63637280951976=W8G%2Fr%2BHhny0Z%2B7nh4Rx8URTe3wC8CtVzUSE30JjHPtc%3D=0>. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2Fdiscuss=02%7C01%7Crick.carlton%40VANDERBILT.EDU%7Cf88d6ff9075e464922d108d4d9b16622%7Cba5a7f39e3be4ab3b45067fa80faecad%7C0%7C0%7C63637280951976=W8G%2Fr%2BHhny0Z%2B7nh4Rx8URTe3wC8CtVzUSE30JjHPtc%3D=0>. ** Participation and subscription information for this EDUCAUSE Constituent Gr
RE: [WIRELESS-LAN] Backup power
Sandra, We are also an APC customer, but it looks like our parts differ a bit from others. We use the SMX1500RM2UNC model on our MDF/IDF locations. With the SMX series, X is for extended runtime and allow for additional battery packs to be added for more runtime. This part number also is a combo that comes with the network management card and costs less than piecing the APC + NMC together individually. Most of our SMX1500RM2UNC are paired with at least 1 additional battery pack, APC PN# SMX48RMBP2U. I’ve attached a runtime graph to show how the additional packs improve runtime. We use APC struxureware to not only monitor the units, but also to report on them as well as template their configurations. Configuring a few hundred NMC cards is tedious at best without the ability to template. Thanks, Chris Adams, CISSP Assistant CIO, Network & Telecom Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sandra Bury Sent: Thursday, July 20, 2017 11:02 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Backup power Good morning - I would be interested to know how many of you include UPS purchases for switches in each network closet in your campus deployments. If you do not build in backup power, do you put your switches on a maintenance contract, or do you pay to replace them when they fail outside of warranty? Thanks very much. Sandy Sandra H. Bury Executive Director, Computing Services Information Resources and Technology Bradley University 309-677-2808 sa...@bradley.edu <mailto:sa...@bradley.edu> <https://www.bradley.edu/global/images/emailsig_wordmark.gif> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. smime.p7s Description: S/MIME cryptographic signature
RE: Dynamic vs Static Channel Plans
Todd, The question of DFS is an interesting one. Per the DFS specification, devices certified to use DFS spectrum must be able to actively detect and avoid the use of DFS frequencies used by radar. With the use of WAPs that are approved by the FCC for use within DFS spectrum, there is an assumption that devices are certified to detect and avoid frequencies in which radar is detected. For me, the choice to use or not use DFS channels was more a consideration of maximum client 5Ghz adoption, rather than concern about potential radar conflicts in our areas - the WAPs should detect and handle this themselves. Any more, most clients can use the full gamut of 5Ghz channels. As we approach the actual usage of wider channel widths, we should let the choice to use DFS be a decision based on RF coverage overlap and RF spectrum your deployment needs. Here's a fun IEEE whitepaper on DFS and the metrics used by WAPs to detect radar usage in their proximity: https://mentor.ieee.org/802.11/dcn/09/11-09-1217-00-0reg-dfs-criteria-whitep aper.pdf Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Smith, Todd Sent: Tuesday, May 30, 2017 8:32 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Dynamic vs Static Channel Plans In my efforts to continuous improve the wireless experience here; I occasionally like to revisit some of my assumptions to see if they are still valid. What is the current consensus around channel plans for both 2.4 GHz and 5 GHz ranges? Do organizations plan a static channel plan for potentially thousands of access points or have the channel selection algorithms matured enough to be truly useful now? If you use static channel plans, are there tools that you use to build those plans? Do they handle 3 dimensions or are you mapping the channels across an 2D floor? If you use dynamic channel plans, are there tools that you use to build those plans? What parameters or metrics are being used to select a channel? Is the issue of 2.4 GHz radios constantly changing channels still a valid concern? If you are using 5 GHz DFS channels, do you have any concerns about clients not being able to hear those channels and having "dead spots". Thanks for the input! Todd Smith Charleston Area Medical Center == CONFIDENTIALITY NOTICE: The information contained in this message may be privileged and confidential. If this e-mail contains protected health information, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited, except as permitted by law. If you have received this communication in error, please notify the sender immediately by replying to this message and deleting it from your computer. Thank you ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. smime.p7s Description: S/MIME cryptographic signature
RE: [WIRELESS-LAN] Dorm Wireless Authentication
We handle our non-802.1x dorm devices using Aerohive's PPSK implementation. We allow 1 device per key and drop them in a VLAN that is not enforced by our NAC. PPSK are handed our by our ITSD and the keys automatically roll each calendar year. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 28, 2017 11:49 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication +1 for PPSK. Hopefully it's an effective implementation on Cisco's part. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler Sent: Tuesday, March 28, 2017 11:43 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication I'm moving toward this too, although I'm going the PPSK route (once Cisco gets it out of beta). In my opinion it just doesn't make sense to push more restrictive methods on residential/students. It's just a huge hassle they have to endure for 4 years and then they'll never deal with it again. Jeff From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 28, 2017 7:18 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication Absolutely no device restrictions. No preshare. Get on and go. But zero campus access, that requires using the authenticated network. Lee Badman | Network Architect Adjunct Instructor | CWNE #200 Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu<mailto:lhbad...@syr.edu> w its.syr.edu SYRACUSE UNIVERSITY syr.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter Sent: Tuesday, March 28, 2017 10:04 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication Is it restricted to only "gadgets and games", or is it used for laptops as well? A majority of the services our students use are Internet facing also, so Internet-only access would still give them access to the services they need. I assume there is an authenticated SSID also? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/> [http://www.austincollege.edu/images/AusColl_Logo_Email.gif] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, March 28, 2017 8:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Dorm Wireless Authentication After kicking tires on leading classification engines and weighing solution dollars and support costs, we opted to pilot a wide open "gadget and games" SSID in the dorms that only have Internet access for all the oddballs. With almost a full year in, it's been very well used and received and we've been able to answer all of our own security questions that anyone would be contemplating. I think we'll be moving forward with this model. Lee Badman (mobile) On Mar 28, 2017, at 7:48 AM, Osborne, Bruce W (Network Operations) <bosbo...@liberty.edu<mailto:bosbo...@liberty.edu>> wrote: Here is another vote for ClearPass with Aruba wireless. When an Apple TV is registered, it is also registered as an AirGroup personal device so the owner's 802.1X Apple device can use AirPlay to display content on the device. We also use Aruba's Dynamic Multicast Optimization to provide multicast IPTV over wireless. Bruce Osborne Senior Network Engineer Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Robert Spellman [mailto:rsp...@bates.edu] Sent: Monday, March 27, 2017 9:33 AM Subject: Re: Dorm Wireless Authentication We use Aruba Clearpass, and have two SSID's on campus, one which is 802.1X, and the other open, doing MAC based authentication. Clearpass allows users to register their own devices for MAC authentication by logging into the Clearpass guest portal. Students can register devices for a year, while guests can register devices for 2 days. Rob Robert Spellman Bates College Information and Library Services On Mon, Mar 27, 2017 at 9:16 AM, Chris Brezil <brez...
RE: Disney's Free Wi-Fi
I am impressed that a networking professional had a vacation long and quiet enough to enjoy an amusement park. Well done, Hector! Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 2, 2017 4:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Disney's Free Wi-Fi I just came back from a trip to Disney World and I was blown away about the availability of their Wi-Fi network. It covers all the Disney Hotels, parks (I believe with the exception of the water parks) and the Disney Springs district. From the MAC address of a couple of WAPs, it appears they use Aruba. The coverage is impressive, and the connectivity is good; although reliability is decent, but I can forgive them knowing what a humongous task it takes to deploy such a massive network. Does anybody know any more details about how this network was deployed? I looked and looked for places where I could see WAPs but didn't see a thing. However they did it, it is impressive. Oh BTW, I did enjoy the park too. :) Hector Rios Louisiana State University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
RE: [WIRELESS-LAN] Design question
I would discourage the use of estimating by square footage alone. For planning preferences, in high density areas (classroom buildings, auditoriums) we usually shoot for 1 AP for every 30 seats capacity according to fire marshal's capacities. This has proven to be exponentially more accurate to actual needs than estimating by sq footage or even predictive planning. For less dense areas, as much as I dislike predictive maps, we usually use them + a buffer quantity to estimate. Public access areas where actual user density will be less can be accounted for as well. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Schuette, David Sent: Tuesday, January 10, 2017 1:48 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Design question For budgetary planning and rough expectation for number of APs to install. We are currently looking to start upgrading our buildings to AC wave 2, and was wondering for high density what figure you use to calculate for number of AP's to building rough square footage. I have been told by Aerohive to use 3000 SQ FT per AP. So in one of my buildings with 128,132 SQ FT; I would need roughly 43 access points to provide good coverage. I am in a campus which is shared with other institutions, they use Cisco and have informed me they use 2500 SQFT, which would be 52 units. Thoughts? What do you use? Thanks David David Schuette Network-Data Security Manager Information Technology Services METROPOLITAN STATE UNIVERSITY OF DENVER Campus Box 96, P.O. Box 173362 | Denver, CO 80217-3362 Tel 303-556-4639 | Fax 303-556-2548 www.msudenver.edu . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Large Wireless Deployment Addressing
All, I wanted to poll the group and see what strategies you are using at your Universities for client addressing on large wireless networks. We are revisiting how we address and segment our wireless LAN largely due to the need to accommodate large events and sports arenas. We have operated with buildings in various wireless "zones" with a VLAN/subnet per zone. Going forward some of our larger event spaces will need to support 3000+ clients in the same building. What has the approach been for handling address allocations at your institutions? Most research I've found suggests either using VLAN pooling or very large subnets with client isolation. These won't easily work for us, at least in academic areas, as we have many faculty using airplay, doceri, and other client to client applications. Going with large subnets per building may cause a lot of broadcast traffic volume issues and potential roaming issues between buildings (sticky clients?). If it helps, we are an Aerohive shop and using Windows Server 2012 DHCP in HA configuration. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: Microsoft NPS as RADIUS for 802.1X Wi-Fi?
Edward, Take a look and see if the BlueCoats can receive RADIUS accounting messages. I've been able to perform EAP-PEAP client identification with Fortigate units by forwarding accounting radius messages from NPS to the firewalls. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Edward Ip Sent: Friday, November 18, 2016 10:46 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi? Very true. I should have explained it a bit better, my bad. Let me give it a second try. Bluecoat has a plugin (BCAAA) installed on the AD domain servers that allows it to retrieve a user id details from our AD Domain for IP addresses generating requests to applications and web servers (this works well for wired domain clients) which then allows Bluecoat to apply the relevant policies to the traffic. Since we are using the Microsoft NPS for radius authentication on wireless clients, Bluecoat is not able to retrieve that information from our wireless clients as it isn't on the domain. Bluecoat does not current have a plugin or api to query the Aruba controllers for the same information as it does on our AD domain. Regards, Edward Ip Algonquin College | 1385 Woodroffe Avenue | Room C316 | Ottawa | Ontario | K2G 1V8 | Canada algonquincollege.com From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Wang, Yu Sent: Friday, November 18, 2016 8:48 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi? Edward, NPS servers (radius) do not have clients' IP information as the whole 802.1X authentication process happens before a client can have an IP address. Once a client is successfully authenticated, radius' job is done. The client is then assigned to a network and acquires an IP through DHCP. You can get a client's IP from Aruba controllers or DHCP servers (client's MAC address from NPS). Yu From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Edward Ip Sent: Thursday, November 17, 2016 2:38 PM To: <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi? We have being using Microsoft NPS in a cluster as Radius for 80.21X for a while now. Our normal concurrent client load is about 12,000 users. Monitoring is now done via Airwave, specifically using the Clarity feature. In the pass, we used Solarwinds to query our Aruba controllers for the statistics and then graphing it in Solarwinds. We are not doing anything fancy with the NPS servers. My network architect wants to be able to query the AD network and set up network policies (like bandwidth control and app control) using Bluecoat PacketShaper and the Authentication and Authorization Agent (BCAAA) with User Awareness feature. However, the NPS servers do not update our ad directory with regards to what IP address the wireless client is currently using. So this feature is not useable on our wireless client (works great on wired domain clients). Investigating if we can use ClearPass to give the bluecoat the required information. Edward Ip Algonquin College | 1385 Woodroffe Avenue | Room C316 | Ottawa | Ontario | K2G 1V8 | Canada algonquincollege.com From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, November 16, 2016 9:40 AM To: <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi? Hello to the awesome group. We've used Cisco ACS with general satisfaction for many years as the RADIUS solution for our very, very large WLAN's 802.1X authentication. We also have Aruba Clearpass in-house for guest wireless, and have poked around at ISE a bit. We're weighing replacing our aging ACS environment, but as many of you know times are changing. When you shop for RADIUS, you have to wade through the fog of NAC systems because everything is getting ever more "feature rich". For major vendors, RADIUS is just a slice of NAC now, and since everybody "is a software company!" licensing can be ugly. I'm not slamming those who find value in the many interesting features that the likes of ISE and Clearpass offer, but I also can't
RE: [WIRELESS-LAN] Cisco ISE
To offer a different perspective, we are an Aerohive wireless shop. For our dorm wireless, we offer two SSIDs – one that is 802.1x for general consumption, and a second for media devices. On the media device SSID, we have employed an Aerohive proprietary system called PPSK – private pre-shared key. We use this to generate several thousand keys once a year, and our service desk uses a web portal to assign the keys, 1 per device, for each media device. To the end user it looks just like WPA2-PSK, but each key is unique and can be revoked without affecting anyone else. With the exception of the high demand for keys at the beginning of the semester, this has worked very well for us and has allowed us to avoid getting into the realm of mac registrations. Having a unique PSK per device allows us to meet audit and identification requirements but offers compatibility with devices that don’t support PKI. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Shayne Ghere Sent: Tuesday, August 2, 2016 12:08 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco ISE Bruce, It was a consultant that recommended it, but for gaming/non-802.1x capable devices. I may have stated it incorrectly. Our problem is that we have more and more devices that are non-standard Windows/Mac OS so the certificate don’t work. Most are Engineering/IT students and it’s an uphill battle for us. We’re currently looking at Apogee to take over our Dorm wired/wireless network, but we can do the same thing with our own equipment. The question we’re asking ourselves is..do we want to create an open network in the dorms, firewall them from everything unless they’re using secure wireless, or continue to fight the certificate issues. We have a homegrown registration system, but we’re quickly outgrowing it and need to move to something that’s all encompassing. We used ACS a few years ago, but our CIO (at the time) wanted to move to all open source and that’s caused more headaches than anything. I do have a conference call with Cisco deployment on Wednesday, but just wanted to get a feel how others in our field like the product, and what real world issues you’ve had. Unfortunately, we don’t get that kind of feedback from the manufacturer. I appreciate all the e-mails and responses! Shayne From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> ] On Behalf Of Osborne, Bruce W (Network Services) Sent: Tuesday, August 02, 2016 6:33 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Cisco ISE I am surprised ( and appalled) that Cisco would recommend *WPA2-Personal* (aka WPA2-PSK) in an Enterprise environment. We are currently using PEAP-MSCHAPv2 with our WPAs-Enterprise (aka 802.1X) wireless network. For self-registration on devices that cannot use 802.1X, we are using a custom portal with the ClearPass APIs. We are currently using an open network for mac authentication. We block our website & Blackboard system to “encourage” users to use our secure network for laptops instead of registering for mac auth. We are considering moving to using certs with ClearPass Onbiard, but have not yet imp;lemented. We are currently using CloudPath Wizard for onboarding 802.1X devices. Bruce Osborne Wireless Engineer IT Network Services - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: T. Shayne Ghere [mailto:sgh...@fsmail.bradley.edu] Sent: Monday, August 1, 2016 10:06 AM Subject: Cisco ISE Good morning, Currently we have a home grown wireless registration system in place that is becoming obsolete. We are getting ready to refresh our Cisco AP’s, and I’m writing to see if anyone has any positive/negative issues in using Cisco ISE for individual “self” registration on your wireless network. We also use WPA2/AES Certificate based security, but that is problematic because of compatibility issues and devices that have no way of accepting certs. In talking with some Cisco Wireless Engineers, they recommend WPA2/AES-PSK but we don’t have the manpower to set that up on every device. We also do not NAT any devices. If you have any suggestions, or comments on using ISE and moving away from Certs, I would greatly appreciate them. Thanks Shayne -- T. Shayne Ghere Bradley University Wireless/Lan Network Engineer 1501 W. Bradley Ave, Jobst 224A <mai
RE: point to point wireless bridge
Bruce, We have a remote proctor site adjacent to one of our campuses that has been online for 7 months using a pair of Ubiquiti Airfiber 5. The testing site is CCTV intensive and we see ~300Mbps across this link very reliability pretty much all day long. We also push standard network and VoIP traffic across the link. For the price, they are pretty hard to beat. If I were purchasing them again today, I would consider the AirFiber 24 instead for the increased throughput. I would estimate we are shooting about 300yds, and no doubt they would work well at much greater distance. They come with built in GPS locating mechanisms and support AES encryption. We power them with a set of Ubiquity POE injectors and surge suppressors. http://www.ispsupplies.com/brands/airFiber/Ubiquiti-AF24.html http://www.ispsupplies.com/brands/airFiber/Ubiquiti-airFiber-5.html Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Entwistle, Bruce Sent: Tuesday, July 19, 2016 12:02 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] point to point wireless bridge We have been running a pair of Bridgewave GE60 units for several years to link to some remote buildings. We recently learned that these units are reaching/reached EOL, so it is time to begin looking at replacing this hardware. I was looking to see what others have used for this type of link. The distance between the two units is about 200 feet and the bridge units are connecting to 1Gb ports on the switches at each end. Thank you Bruce Entwistle Network Manager University of Redlands ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: Top P2P apps as classified by shapers?
Lee, We use Fortinet Fortigate appliances extensively with great success at handling P2P traffic. As a whole, we generally block the entire FortiGuard P2P category (among others), and then whitelist legitimate applications higher in the policy set. Skype, Steam, and Battle.net are a few examples of P2P traffic that we do allow. I have also been slowly moving our traffic shaping efforts off of Blue Coat PacketShapers and onto our FortiGates with great success and simplified administration. If you'd like to see what is encompassed in the FortiGuard P2P category, you can view it here: https://fortiguard.com/appcontrol I'm sure that PA has similar features that you are already utilizing. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Tuesday, July 19, 2016 8:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Top P2P apps as classified by shapers? Apologies for the dual-posting for those who fall into that. I'm wondering if those schools running Palo Alto boxes and the like might be willing to share what your appliances are classifying as the top 10-15 P2P apps seen these days, whether you choose to block/limit them or not? Just want to sanity check one of our methodologies, and a few outside views would be helpful if anyone feels like sharing that information. Regards, Lee Badman Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+) Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e <mailto:lhbad...@syr.edu> lhbad...@syr.edu w its.syr.edu SYRACUSE UNIVERSITY syr.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
Kees, Thank you for sharing. FYI, our first order of Aerohive AP250s is shipping now so I hope to be able to provide some “real world” experience with them soon. We will be deploying a number of them in auditoriums with high seat counts where we’ve wanted to increase density yet again. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk Sent: Thursday, June 30, 2016 8:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? All, Little kick at the discussion from a while ago: There is a YouTube video now from 7signal in which dual 5GHz radio setup is discussed: https://youtu.be/6eueR3PYXlA (from 11:30 in the video). Pretty interesting! BR, Kees Van: Kees Pronk Verzonden: donderdag 7 april 2016 13:45 Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Onderwerp: RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Hi Chris, “you could in theory double the airtime available” I would be interested in your actual experience with this. Now that a few vendors have taken this approach and others stay away from this. Arguments in favor of 5/5 you will find these abundant on the vendors marketing pages, but how about : Extra COGS (band pass filters etc), extra complexity with your channels plans (need a lot of separation between the 5/5 radios), you must enable DFS channels on every AP but what about false positive radar detects? What about the 2 radio’s ‘deafening’ each other while trying so send/receive at the same time. Please keep us posted and maybe others testing with this 1. Innovation 2. Marketing gimmick (pick one ;-) Best regards, Kees Van: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] Namens Larry Dougher Verzonden: donderdag 7 april 2016 03:11 Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Onderwerp: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Thanks Chris! Larry Dougher Chief Information Officer Information Technology Services <http://its.wsesu.net> Windsor Southeast Supervisory Union <http://wsesu.net> 127 State Street, Windsor, VT 05089 Email <mailto:ldoug...@wsesu.net> | Google+ <http://goo.gl/gEAdt> | Twitter <http://twitter.com/larrydougher> | LinkedIn <http://www.linkedin.com/in/larrydougher> | 802.674.8336 On Wed, Apr 6, 2016 at 2:45 PM, Chris Adams (IT) <chris.ad...@ung.edu <mailto:chris.ad...@ung.edu> > wrote: Larry, We have deployed 802.11ac WAPs in many locations, but only have 80mhz channels enabled sparingly around campus. My hope is that by having the SDR option, we could configure 2x 5ghz radios with either 20Mhz or 40Mhz channels, logically operating as 2 WAPs. Our wireless use case is primarily for internet access – we just don’t have a need for true wave1/2 802.11ac throughputs at this time. To see true Wave2 throughputs, I believe the client WNIC would need to be upgraded. If we could operate 2 “logical” 5ghz WAPs from a single unit for a small increase in price, I think this is where our greatest benefit would be at this time as you could in theory double the airtime available. This is based on several assumptions I am making – I have not gotten my hands on the new AP250 yet but I am actively looking to do so. http://boundless.aerohive.com/blog/Designing-WLANS-What-If-we-could-double-our-airtime-at-5-GHz.html Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> ] On Behalf Of Larry Dougher Sent: Wednesday, April 6, 2016 2:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Chris, I have a question about the AP250, but may be a question about MU-MIMO more generally. So, all things being equal, would a 5Ghz 802.11ac device/client see any benefit from a Wave 2 AP or would that device/client have to have an upgraded/new 802.11ac 5Ghz Wave 2 chip to see a benefit? Thanks, Larry Dougher Chief Information Officer Information Technology Services <http://its.wsesu.net> Windsor Southeast Supervisory Union <http://wsesu.net> 127 State Street, Windsor, VT 05089 Email <mailto:ldoug...@wsesu.net> | Google+ <http://goo.gl
RE: [WIRELESS-LAN] Wi-Fiber experince
I got a sales pitch from this group today also. One line of interest, in this white paper from their website: http://wi-fiber.us/casestudies/Georgetown%20Prep%20Wireless%20Giga%20Campus.pdf “Donation: wi-fiber will donate all wireless devices and the associated network management equipment to The Georgetown Preparatory School at no cost. The Georgetown Preparatory School will be responsible for monthly maintenance and bandwidth utilization fees.” I’ve not experienced on premise pay per use wireless infrastructure! It would have to be a seriously fantastic product to be better than a pair of ubiquiti airfiber and entice me to subscribe to monthly recurring costs. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Watts Sent: Friday, June 17, 2016 7:17 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wi-Fiber experince So the spec sheet on that site mentions 2Gbps over 802.11N 2x2 MIMO. Nope. Unfortunately that looks like vaporware or a site designed to look like a real product until you read it. The WiFiber SmartSecurity paper talks about motion detecting IP cameras and the next bullet mentions his these same cameras can be used to share moments with family and friends. It's like someone took data sheets from five different products that are not wireless backhaul and smooshed them together. I wouldn't care if the in-person pitch was perfect, if I saw that website I would run away. If it IS wireless backhaul you're shopping for then there are plenty of decent products including the aforementioned Airfiber from Ubiquiti. Sent from my iPhone On Jun 17, 2016, at 3:01 AM, Davidoff, Michel <mdavid...@calstate.edu <mailto:mdavid...@calstate.edu> > wrote: How about <http://wi-fiber.us/index.htm> Wi-Fiber Michel Davidoff Director CyberInfrastructure California State University, Chancellor's Office Tel 562 951 8419 Cell 707 481 1084 It is amazing what we can achieve together when nobody cares who gets the credit From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@listserv.educause.edu> > on behalf of Jeremy Gibbs <jlgi...@utica.edu <mailto:jlgi...@utica.edu> > Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@listserv.educause.edu> > Date: Thursday, June 16, 2016 at 6:51 PM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@listserv.educause.edu> " <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@listserv.educause.edu> > Subject: Re: [WIRELESS-LAN] Wi-Fiber experince You know, I needed a laugh today and someone delivered, thanks! In all seriousness, are you referring to Ubiquiti Airfiber <https://www.ubnt.com/airfiber/airfiber5/> ? -- Jeremy L. Gibbs Sr. Network Engineer Utica College IITS T: (315) 223-2383 F: (315) 792-3814 E: jlgi...@utica.edu <mailto:jlgi...@utica.edu> http://www.utica.edu On Thu, Jun 16, 2016 at 9:40 PM, Samuel Clements <scleme...@gmail.com <mailto:scleme...@gmail.com> > wrote: 802.11bh ? This email sent from a mobile computing device. Please excuse typos and brevity. On Jun 16, 2016, at 8:25 PM, Jeremy Gibbs <jlgi...@utica.edu <mailto:jlgi...@utica.edu> > wrote: Yup, googled it and came up with Wisconsin Sheep and Wool Festival <http://www.wisconsinsheepandwoolfestival.com/> . I don't think that's right.. -- Jeremy L. Gibbs Sr. Network Engineer Utica College IITS T: (315) 223-2383 <tel:%28315%29%20223-2383> F: (315) 792-3814 <tel:%28315%29%20792-3814> E: jlgi...@utica.edu <mailto:jlgi...@utica.edu> http://www.utica.edu On Thu, Jun 16, 2016 at 6:36 PM, Jason Watts <jwa...@pratt.edu <mailto:jwa...@pratt.edu> > wrote: That doesn't appear to be a real website On 6/16/2016 4:19 PM, Davidoff, Michel wrote: I would like to know if you have heard or if you are using products from wi-fiber.com <http://wi-fiber.com> for inside or outside deployment. Michel Davidoff Director CyberInfrastructure California State University, Chancellor's Office Tel 562 951 8419 <tel:562%20951%208419> Cell 707 481 1084 <tel:707%20481%201084> We all work better when we work together! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participat
RE: Access Point Failure Rate
Jason, School: University of North Georgia Brand: Aerohive Access Point Count: 1200 RMA Replacements in the last year: 5 (Calendar year 2015) Failure rate: 0.4% We have had 1 unit fail this year due to a busted water heater soaking it in a residence hall. I believe all of the failures we experienced last year were older models that had been in service around 4 years. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trinklein, Jason R Sent: Wednesday, April 27, 2016 3:10 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Access Point Failure Rate I’m curious to know other institutions’ equipment failure rate for access points. School: College of Charleston Brand: Xirrus Access Point Count: 692 RMA Replacements in the last year: 36 Failure rate: 5% What do you observe? -- Jason Trinklein Wireless Engineering Manager College of Charleston 81 St. Philip Street | Office 311D | Charleston, SC 29403 <mailto:trinkle...@cofc.edu> trinkle...@cofc.edu | (843) 300–8009 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: Turning off 2.4 on a select SSID?
I think this raises an interesting challenge that I've faced too: should we enact a minimum specification requirement (ex. no 802.11a/b) for wireless network access? For student PCs that our service desk supports, we have minimum requirements, IE Windows versions, AV vendors, etc. Outside of those requirements, they cannot support the machines. Should we do something similar for wireless? Is it fair to potentially reduce the network experience for others associated to access point to support devices that only utilize legacy wireless methods? I am certainly sympathetic to allow as much device freedom as possible - but at what cost to performance and user experience? I am interested if any of you may have already crossed this bridge. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Wednesday, April 13, 2016 8:18 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? We have some management with Visio TVs that requires 802.11b rates in order to associate. That presents a challenge too. Bruce Osborne Wireless Engineer IT Network Services - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Gogan, James Patrick [mailto:go...@email.unc.edu] Sent: Tuesday, April 12, 2016 8:08 AM Subject: Re: Turning off 2.4 on a select SSID? I'm unfortunately seeing that we may actually start to experience an INCREASE in 2.4GHz-only devices . when we asked about this on campus recently, I received this reply ... and this is from a central IT person: " I wanted to point out that many brand new phones don't speak 5GHz such as the Motorola Moto G (3rd generation) which just began shipping late last summer. In fact, none of the generations of Moto G have a 5GHz radio. Motorola has reserved 5GHz wifi for the Moto X which is their premium spec phone.The Moto G is a pretty common phone - I know of several folks (in our department) that have such including myself and a coworker who just bought a brand new one Friday. Republic Wireless sells a ton of these. The Moto E, which is the base model, also doesn't speak 5GHz. Several folks in our building also have that phone." Don't know whether to blame Motorola or folks that go for the cheapest stuff possible. -- Jim Gogan / Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Earl Barfield Sent: Monday, April 11, 2016 4:07 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? > On 04/07/2016 09:24 AM, Hector J Rios wrote: >> >> I guess this brings up another good question, and that is, what is >> the percentage of 5GHz vs 2.4GHz you all see in your institutions? >> For us is still 50-50. And it’s been like that for a while. I still >> see new laptops that only come with 2.4GHz adapters. >> While it can be useful to track what percentage of connections use 5GHz radios, we've found that a better question to ask is "What percentage of 5GHz-capable clients are actually connecting at 5GHz". In our environment, it varies wildly by building: some as high as 95% of sessions and others, such as our outdoor spaces, down close to zero. We focus our resources on improving the 5GHz coverage in the buildings with the lower percentages. All this data is in the Airwave Management Platform database. It just takes a little gentle coaxing to get it out. In our high density spaces, we have many many APs on 5GHz with directional antennas, along with turning of lower data rates and raising RxSOP to limit the cell size. We turn off 2.4GHz radios on all but a few APs in the room, From the user side, this should look about like APs with multiple 5GHz radios. We're using Cisco AP3702Es right now but we're anxious to take a look at the upcoming AP3802Es that should allow us to use fewer APs to but the same number of 5GHz antennas serving a room. -- Earl Barfield -- Academic & Research Tech / Information Technology Georgia Institute of Technology, Atlanta Georgia, 30332 Internet: earl.barfi...@oit.gatech.edue...@gatech.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for th
RE: Pros/Cons of implementing Optimized Roaming on Cisco Controller
Will, What lower data rates do you have enabled on your 2.4ghz and 5ghz radios? Most of our sticky client issues were fixed by disabling the lower data rates available. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of William Dawes Sent: Friday, April 8, 2016 5:22 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Pros/Cons of implementing Optimized Roaming on Cisco Controller We are seeing evidence of "sticky clients", clients that remain associated to access points that are far away, when a user moves between floors of a building. I admit to being new to supporting optimized roaming on Cisco controllers (after having easily supported this on Aruba controllers for the past several years, by using Client Match.) What are the pros/cons of implementing Optimized Roaming on Cisco Controllers? We don't currently have it enabled here, and it may never have been before. One of the caveats before enabling it is "Disable 802.11a / 802.11b network before changing Optimized Roaming Interval value" . this means I have to disable the 802.11a and 802.11b/g networks on the controller, enable Optimized Roaming, tune the interval value, re-enable the 802.11a and 802.11b/g networks . this sounds like an outage, yes ? -- Will Dawes - Aruba ACMA Network Engineering and Architecture University Networking and Infrastructure Louisiana State University 200 Frey Computing Services Center, Baton Rouge, LA 70803 office 225.578.5926 <mailto:wda...@lsu.edu> wda...@lsu.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
Phillipe, I would suggest that it’s not always an issue of the client not supporting 5ghz, but rather that some deployments are not conducive to good 5ghz propagation – we’ve all seen WAPs in hallways between classrooms before. In my experience, clients that associate to 2.4ghz are doing so due to lack of good 5ghz signal, and less so due to client radios. Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset Sent: Thursday, April 7, 2016 10:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? My ears have been burning… I understand Hector's comment about the spirit of eduroam, but like Ryan I have also be tempted in the past to only support 5 GHz in certain areas because 2.4 GHz was becoming too much of a pain (e.g. Dormitories). The eduroam Compliance Statement requires 802.11, no frequency mentioned. eduroam users with 2.4GHz devices will just not see the available SSID if a school decides to only offer it at 5 GHz in certain locations. In a sense it is no different than schools only offering eduroam in certain locations. Now, if the entire eduroam SSID for all locations at the school is on 5 GHz, it might be challenging. But how many clients REALLY can’t support 5 GHz? The stats showing 2.4 GHz VS 5 GHz usage can be deceiving. Is it a client with both radios and a poor selection of spectrum, or is it really 2.4 Ghz only capable devices? It seems that the best way to know if 5 GHz only is fine for your community is to “just do it”. I checked cheap laptops at BestBuy and under specifications you find “Wireless-AC” or “Wireless-B, G, N". No reference to the type of radio. Those darn marketing people, they will get you every time. Philippe Philippe Hanset www.anyroam.net <http://www.anyroam.net> www.eduroam.us <http://www.eduroam.us> +1 (865) 236-0770 GPG key id: 0xF2636F9C On Apr 7, 2016, at 10:04 AM, Turner, Ryan H <rhtur...@email.unc.edu <mailto:rhtur...@email.unc.edu> > wrote: I don't think so. I think anytime a university enforces a uniform policy that applies to all folks, it shouldn't be an issue. Of course, we are a long way from actually doing this. We'll involve Phillipe if we move forward. Sent from Outlook Mobile <https://aka.ms/qtex0l> On Thu, Apr 7, 2016 at 7:01 AM -0700, "Hector J Rios" <hr...@lsu.edu <mailto:hr...@lsu.edu> > wrote: I would go back to Jason's comment and reference eduroam's policy. I personally think that only allowing 5GHz on eduroam goes against the spirit the global availability of eduroam. My 2 cents. Hector Rios Louisiana State University -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Matthew Newton Sent: Thursday, April 07, 2016 8:54 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@listserv.educause.edu> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? On Thu, Apr 07, 2016 at 01:27:04PM +, Joseph M. Karam wrote: > We offer 2.4 and 5 GHz service. When we have conflicts, we work with > departments to give them a channel in the 2.4 GHz space, then we take > that channel out of our central infrastructure. > So, for example we gave engineering channel 6 for all of their labs, > and we took that out of our central infrastructure. So far it has > worked well and we can play together nicely What do you do after you've given the last remaining free 2.4Ghz channel to the third department that requests one and you've got none left for yourselves? And presumably Engineering have lots of CCI because all of their APs are on the same frequency? Not critcising, just trying to understand! :) Matthew -- Matthew Newton, Ph.D. <m...@le.ac.uk <mailto:m...@le.ac.uk> > Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk <mailto:ith...@le.ac.uk> > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at <http://www.educause.edu/groups/> http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent G
RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
Kees, I think your skepticism is well founded. We have many locations with multiple 5ghz radios in the same room, but multiple 5ghz on the same device will be a more “uncharted” territory for our deployment. I am in the process of getting a few AP250 to throw into a few of our smaller auditoriums, which should be a good test of their performance. I do believe that the channel width may be a differentiator in how well the deployment works – we are using 20mhz in most locations, which eliminates many of the spectrum and channel availability issues found with 40mhz+ channel widths. PS: I’m sure some of the Xirrus guys are chuckling at this conversation as Xirrus has been well known for having large SDR arrays for many years now :) Thanks, Chris Adams, CISSP Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk Sent: Thursday, April 7, 2016 7:45 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Hi Chris, “you could in theory double the airtime available” I would be interested in your actual experience with this. Now that a few vendors have taken this approach and others stay away from this. Arguments in favor of 5/5 you will find these abundant on the vendors marketing pages, but how about : Extra COGS (band pass filters etc), extra complexity with your channels plans (need a lot of separation between the 5/5 radios), you must enable DFS channels on every AP but what about false positive radar detects? What about the 2 radio’s ‘deafening’ each other while trying so send/receive at the same time. Please keep us posted and maybe others testing with this 1. Innovation 2. Marketing gimmick (pick one ;-) Best regards, Kees Van: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] Namens Larry Dougher Verzonden: donderdag 7 april 2016 03:11 Aan: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Onderwerp: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Thanks Chris! Larry Dougher Chief Information Officer Information Technology Services <http://its.wsesu.net> Windsor Southeast Supervisory Union <http://wsesu.net> 127 State Street, Windsor, VT 05089 Email <mailto:ldoug...@wsesu.net> | Google+ <http://goo.gl/gEAdt> | Twitter <http://twitter.com/larrydougher> | LinkedIn <http://www.linkedin.com/in/larrydougher> | 802.674.8336 On Wed, Apr 6, 2016 at 2:45 PM, Chris Adams (IT) <chris.ad...@ung.edu <mailto:chris.ad...@ung.edu> > wrote: Larry, We have deployed 802.11ac WAPs in many locations, but only have 80mhz channels enabled sparingly around campus. My hope is that by having the SDR option, we could configure 2x 5ghz radios with either 20Mhz or 40Mhz channels, logically operating as 2 WAPs. Our wireless use case is primarily for internet access – we just don’t have a need for true wave1/2 802.11ac throughputs at this time. To see true Wave2 throughputs, I believe the client WNIC would need to be upgraded. If we could operate 2 “logical” 5ghz WAPs from a single unit for a small increase in price, I think this is where our greatest benefit would be at this time as you could in theory double the airtime available. This is based on several assumptions I am making – I have not gotten my hands on the new AP250 yet but I am actively looking to do so. http://boundless.aerohive.com/blog/Designing-WLANS-What-If-we-could-double-our-airtime-at-5-GHz.html Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> ] On Behalf Of Larry Dougher Sent: Wednesday, April 6, 2016 2:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Chris, I have a question about the AP250, but may be a question about MU-MIMO more generally. So, all things being equal, would a 5Ghz 802.11ac device/client see any benefit from a Wave 2 AP or would that device/client have to have an upgraded/new 802.11ac 5Ghz Wave 2 chip to see a benefit? Thanks, Larry Dougher Chief Information Officer Information Technology Services <http://its.wsesu.net> Windsor Southeast Supervisory Union <http://wsesu.net> 127 State Street, Windsor, VT 05089 Email <mailto:ldoug...@wsesu.net> | Google+ <http://goo.gl/gEAdt> | Twitter <http://twitter.com/larrydougher> | LinkedIn <
RE: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
Larry, We have deployed 802.11ac WAPs in many locations, but only have 80mhz channels enabled sparingly around campus. My hope is that by having the SDR option, we could configure 2x 5ghz radios with either 20Mhz or 40Mhz channels, logically operating as 2 WAPs. Our wireless use case is primarily for internet access – we just don’t have a need for true wave1/2 802.11ac throughputs at this time. To see true Wave2 throughputs, I believe the client WNIC would need to be upgraded. If we could operate 2 “logical” 5ghz WAPs from a single unit for a small increase in price, I think this is where our greatest benefit would be at this time as you could in theory double the airtime available. This is based on several assumptions I am making – I have not gotten my hands on the new AP250 yet but I am actively looking to do so. http://boundless.aerohive.com/blog/Designing-WLANS-What-If-we-could-double-our-airtime-at-5-GHz.html Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Larry Dougher Sent: Wednesday, April 6, 2016 2:28 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? Chris, I have a question about the AP250, but may be a question about MU-MIMO more generally. So, all things being equal, would a 5Ghz 802.11ac device/client see any benefit from a Wave 2 AP or would that device/client have to have an upgraded/new 802.11ac 5Ghz Wave 2 chip to see a benefit? Thanks, Larry Dougher Chief Information Officer Information Technology Services <http://its.wsesu.net> Windsor Southeast Supervisory Union <http://wsesu.net> 127 State Street, Windsor, VT 05089 Email <mailto:ldoug...@wsesu.net> | Google+ <http://goo.gl/gEAdt> | Twitter <http://twitter.com/larrydougher> | LinkedIn <http://www.linkedin.com/in/larrydougher> | 802.674.8336 On Wed, Apr 6, 2016 at 1:30 PM, Chris Adams (IT) <chris.ad...@ung.edu <mailto:chris.ad...@ung.edu> > wrote: I echo Jeremy’s sentiment – our experience with band-steering has been overwhelmingly positive. We are also not (currently) using DFS channels – but may be revisiting this soon. I’d estimate almost 2/3 of our 2.4ghz radios are disabled. I am very happy to see the new Aerohive AP250 has a SDR with the option of disabling the 2.4ghz radio in favor of having 2x 5ghz radios. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> ] On Behalf Of Jeremy Gibbs Sent: Wednesday, April 6, 2016 1:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID? I find the opposite to be true with band steering. If we turn it off, the majority of our clients won't connect to 5 Ghz, even if they are right above an AP. This causes lots of disconnect problems and congestion in the 2.4 Ghz spectrum. Turning band steering on fixes the problem for us. -- Jeremy L. Gibbs Sr. Network Engineer Utica College IITS On Wed, Apr 6, 2016 at 1:18 PM, Turner, Ryan H <rhtur...@email.unc.edu <mailto:rhtur...@email.unc.edu> > wrote: All, This is probably a fool’s errand, but we are debating experimenting with turning off the 2.4 spectrum on our eduroam SSID on parts of campus that have a dense 5 gig coverage. We’ve always positioned eduroam as the premium SSID, and left a WPA2-PSK SSID for all the rest that don’t support advanced EAP methods. We are debating trying this in just the IT building to start (see how many people scream). Has anyone done anything like this? The goals would be to continually remove traffic from the garbage bands, hopefully increasing client performance. Band steering isn’t very good. Thanks, Ryan Turner The University of North Carolina at Chapel Hill r...@unc.edu <mailto:r...@unc.edu> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ***
RE: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED
School name University of North Georgia Total number of clients served (faculty + staff + students + guess at guests) during a typical school day Around 26,000 unique clients, depending upon the day Brand(s) of APs in use and approximate number of APs for each brand Aerohive - Around 1200 WAPs Whether the APs are standalone or controller based On-premises HiveManager VM Wireless management platform (e.g., Cisco Prime, HP Aruba Airwave, none, etc.) Aerohive HiveManager Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Danny Eaton Sent: Friday, April 1, 2016 10:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED Can we revisit this subject? It seems to have gotten a good number of responses but the information is of limited use without other information to go with it. If folks will send me information on their wireless networks I will tabulate it and send it back out to the list. How about the following info: School name Rice University Total number of clients served (faculty + staff + students + guess at guests) during a typical school day over 10,000 distinct clients per day Brand(s) of APs in use and approximate number of APs for each brand Cisco - various, from 1252, 1142, 3502 and 3702, total about 1850 APs Whether the APs are standalone or controller based Controller based - currently 2 WiSM-2 HA pairs, with AP/Client SSO in 6503's with Sup-720-3C's. (Note, we run an MPLS-L3 VPN based network so we have to have an MPLS PE in front of the controllers, whether they are external or WiSM's). Wireless management platform (e.g., Cisco Prime, HP Aruba Airwave, none, etc.) Prime 2.2.0.0.158 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at <http://www.educause.edu/groups/> http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: Self-registered MAC device bypass- worth the headaches?
We are using Aerohive PPSK for media devices on our residential network as well. We have a RESNet-Media SSID for gaming consoles, smart-TVs, streaming media devices, and other non-802.1x compliant devices to connect to. We strictly enforce 1 key per device connection limits to avoid abuse. This solution has worked well for us because we have been able to create accounts within the HiveManager for the IT Service Desk to provision the PPSK keys themselves and simplify key distribution. We also automatically roll the keys every 12 months which prevents stale/idle keys from hanging around too long. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Forrester, Matthew Sent: Tuesday, March 1, 2016 5:18 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? I believe that is a bit out of date! We use Aerohive and their PPSK option extensively. We love the feature. The total number of PPSK’s that each access point can store is around 5000 at this time. For our environment, that is more than enough. Aerohive is a great company and their kit is wonderful. Thanks, Matt Forrester Senior Systems Engineer Berry College From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt Sent: Tuesday, March 1, 2016 3:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Not sure how up to date this is… http://2.bp.blogspot.com/-XhUW84JOJj4/TdZdX3YbIJI/AAA/BpQ7LDfc5Yo/s1600/comparison%2Bbetween%2BPPSK.jpg From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield Sent: Tuesday, March 1, 2016 3:09 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? I’m curious how PPSK scales. What are the limits on the number and span of a PPSK? From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Coehoorn, Joel Sent: Tuesday, March 01, 2016 12:02 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches? Ruckus supports a PPSK variant, as well. I'm just gonna put this out there. I have this idea in my head for an ideal wifi service. It starts with personal pre-shared key (PPSK), but it's something I don't believe is possible yet with any vendor. Step one is to create a unique key prefix for each user, effectively embedding a username value (the prefix) into the same field as the key/password. The prefix would be as short as possible, perhaps as small as three characters, in order to keep entry into devices simple. The purpose of this prefix is to allow users to choose their own wifi password, while still ensuring that each PSK value is unique and identifiable to a given user. If we don't value allowing users to choose their own wifi passwords, we could instead generate and assign them, and just map back the assigned key to the user.. but I believe there is value in this. Users would onboard by first connecting to a portal available via open/limited ssid to claim their key. They would have to log in with their traditional username/password. The portal would then prompt them for a key suffix (their wifi password), and then show them the complete key (prefix + suffix), which would be registered with our system. It would also have options to show them history for devices authenticated using their key, expire an old/create a new key using the same prefix, and other typical account management options. Once created, that key could be used with anything that supports traditional PSK connections. One important feature that I'd like to see as part of this, and what I think helps make this idea unique, is that devices authenticated with the same PPSK should always end up with the same vlan id. In this way, a student would be able to, for example, connect to a desktop in his room from the phone/tablet he brought to class and grab a file he forget to show an instructor. It also makes things like wireless printers, long the bane or our existence, almost reasonable in terms of setup and support. By keeping a prefix that's unique to each user, or mapping all key assignments back to the user, we can still always know who is responsible for a given device. We could do things lik
RE: Current state of DAS in Higher Ed?
I think this is very likely the case. In the end, it’s a pretty sweet deal for the carriers – reducing the amount of infrastructure they are responsible for in the future, and incidentally transferring some of the responsibility for quality of the call/SMS/MMS experience onto those who provide wireless (802.11) service, whether they want it or not. This will create additional impetus on networking professionals to continue improving wireless networks. I believe we will see a new market emerge for systems/appliances they help optimize the VoWifi experience (managed QoS in a box, anyone?). Of course it will be implemented at the expense of the wireless (802.11) provider, while the carriers collect the revenue. Is anyone actively monitoring the impact of VoWifi on your networks, or had complaints/comments pertaining to call quality from these services? Also, are there being any discussions happening on your campuses about the potential life-safety implications of these calls being offloaded onto campus wireless networks? Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield Sent: Wednesday, February 17, 2016 5:19 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Current state of DAS in Higher Ed? I think the time for new indoor DAS deployments in most buildings has passed. If you’ve already invested in a head-end, it may be worthwhile to expand it. If you haven’t done it yet, now is not the time to start. Avoid anything you can possibly avoid until Wi-Fi calling and SMS makes indoor cellular coverage moot (could be a 3 to 5 years to 90% penetration in some markets). Keep spending low by addressing anything you can’t avoid with OTA systems (no head-end) or femtocells. Improve your Wi-Fi network with what you would have spent on DAS. I don’t anticipate in-building public safety network requirements to drive installation of multi-provider systems. Ignoring any specific or implied code requirements that the two systems be separate, supporting multiple service providers, technologies, and bands will drive up the installation cost and short the system life-cycle substantially over what would be required to support public safety alone. On a large scale, the price difference will likely continue to discourage DAS for cellular coverage. Chuck Enfield Manager, Wireless Systems & Engineering Telecommunications & Networking Services The Pennsylvania State University 110H, USB2, UP, PA 16802 ph: 814.863.8715 fx: 814.865.3988 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Pete Hoffswell Sent: Wednesday, February 17, 2016 12:47 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Current state of DAS in Higher Ed? Hiya - What is the current state of DAS in Higher Ed? Are you using DAS systems on your campus? For coverage or capacity or both? Glad you did? I'm interested to hear stories. We have a few LEEDS buildings that are quite Faraday cage-like. Wonder if we should explore DAS, wait for wifi-calling, or what - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu <mailto:pete.hoffsw...@davenport.edu> http://www.davenport.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
RE: [WIRELESS-LAN] Sticky Clients and Probe Suppression
We have typically achieved this by disabling lower data rates available per SSID. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: <mailto:chris.ad...@ung.edu> chris.ad...@ung.edu | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeremy Gibbs Sent: Friday, November 20, 2015 2:05 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Sticky Clients and Probe Suppression Has anyone ever used probe suppression and force dissociation of clients at a particular RSS value? This feature was just introduced and we have a lot of "sticky" clients that don't like to roam even though there are more desirable AP's in the area. I have enabled it on a handful of AP's for testing, but would like to hear what others have experienced. Thanks -- Jeremy L. Gibbs Sr. Network Engineer Utica College IITS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. smime.p7s Description: S/MIME cryptographic signature
Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators
I have seen POE IP Cameras in (newer) elevators – I’m sure additional ethernet drops could be included at the time of installation. Retrofitting into existing elevators may be a more difficult task. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu<mailto:chris.ad...@ung.edu> | Office: (706) 867-2891 From: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of "Sullivan, Don" <dsulli...@samford.edu<mailto:dsulli...@samford.edu>> Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Wednesday, November 18, 2015 at 11:28 AM To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators It’s a really great question just considering new/major re-work. I’m wondering if the elevator manufacturers might start remodeling the elevators to allow for wireless access points in addition to the emergency phones already required. To that point I wonder if it will eventually become part of the local building codes. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, November 18, 2015 10:21 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Hi Don- I agree on the costs. I’m thinking opportunistically, like where a major re-work or new building might be in work versus retrofit. There’s a lot of technical and philosophical points to be considered, for sure. -Lee From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don Sent: Wednesday, November 18, 2015 11:15 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Lee, Our thoughts and planning on this subject started about the time I read your email. ☺ I have not given any thought to this before but your email has raised questions as to what we might need to consider going forward. Considering how we would implement something like this in our current buildings/facilities would be a challenge and a potentially costly one. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, November 18, 2015 9:26 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators Hello to the excellent group. As you get into new building wireless deployments, I’m wondering if anyone is rethinking their coverage of elevators (like with dedicated coverage in each car) and stairwells (also specific coverage, not just bleed out from hallways) now that we’re into the era of Wi-FI calling, RTLS, safety apps, etc. Granted, if you have an established VoWiFi culture, the question may seem low-brow, for the rest of us I’d love to hear your thoughts on what you are doing with WLAN in stairwells and elevators, what you’re planning on doing differently from what you’ve done in the past (if anything), whys and why-nots, and general thoughts on the topic. Thanks- Lee Badman Lee Badman | Network Architect Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu<mailto:lhbad...@syr.edu>w its.syr.edu SYRACUSE UNIVERSITY syr.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Minimum Standards
We are having a similar conversation on our campuses. As technology / wireless folks, we want to provide as much access as we reasonably can. But with 802.11b and/or low data rates, there is a risk/reward that has to be observed. Risk: If 802.11b / low data rates are enabled, and you have clients that are trying to use them, all users in that wireless coverage area are reduced to the lowest common denominator. Throw in channel overlap on 2.4ghz, and youve potentially got a nasty situation where entire building areas and clients on 2.4ghz are dragged down to abysmal data rates, affecting many users. Having these low data rates on 2.4ghz can also cause users to hang on to lower signal WAPs rather than hopping to a closer AP while roaming about buildings. Reward: Outlier devices, such as the referenced xboxs, smart TVs, wii, etc can connect. Is the reward worth the risk? I tend to think not, but this is a conscious decision that IT leadership must make and communicate. Supporting the 2% of legacy devices and affecting the 98% unnecessarily is a difficult decision. How do we fix this? I'd be interested in hearing how other campuses have handled this. - 5ghz adoption & band steering (our biggest challenge here is getting WAPs out of the Hallways in some of our older dorms so the 5ghz signal can propogate) - Wired ports available for these devices in rooms - Minimum client standards policy - 802.11g/n/ac only As an aside, we only have 802.11b enabled in our residence halls - we disabled these in our academic buildings and disabled low data rates. The user experience was improved dramatically. Thanks, Chris Adams Director, Network & Telecom Services Division of Information Technology University of North Georgia E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Thursday, November 5, 2015 7:48 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Minimum Standards I wish we could turn down 802.11b. We strongly recommend 802.11ac compatibility, but since we have residences with game consoles (Xbox 360) & some clueless TVs (Vizio) we needed to turn on 1 & 2 mbps so those devices would associate to our mac-auth SSID for non-802.1X devices. Bruce Osborne Wireless Engineer IT Infrastructure & Media Solutions (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -Original Message- From: Smith, Todd [mailto:todd.sm...@camc.org] Sent: Wednesday, November 4, 2015 5:41 PM Subject: Re: Minimum Standards We are starting to move away from 802.11a since it doesn't support DFS channels with with our new 802.11ac Wave 2 rollout coming soon will be needed. Turning 802.11b down has helped quite a bit but we still see a large about of 802.11g traffic. Todd From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hinson, Matthew P [matthew.hin...@vikings.berry.edu] Sent: Wednesday, November 04, 2015 4:42 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Minimum Standards Just wondering what everyone's minimum standards look like for supported Wi-Fi devices. Or if your department has any defined. We don't enforce any sort of minimum bar aside from -Your device needs to support 802.11a, g, n, or ac. 802.11b devices cannot successfully authenticate -Consistent 2.4GHz-only connectivity usually cannot be guaranteed in residence halls. At a glance, we're usually only at about 0.3% 802.11g clients. Everyone else is a, n, or ac. Thank you! Matthew Hinson Supervisor, Network Operations "Have I not commanded you? Be strong and courageous. Do not be afraid. Do not be discouraged. For the LORD your God will be with you wherever you go." (Joshua 1:9) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/<https://urldefense.proofpoint.com/v2/url?u=h ttp-3A__www.educause.edu_groups_=CQMFAg=2GaipCMI-4CXTl0y2l8grQS3faC7QKiD QZYpyUtD00M=uvxIRDMxwssmr2VjVNRe6I_MeNT0SmtowN9dpqcMAFc=VanKeK1AoUUDR1mj sz3-DKjqo7S0sHw9UuV31RXPXhI=7SOOucS3y4c8v2RQTxdGiP8BqiEvoxzsnBG2EXW_rq8= >. == CONFIDENTIALITY NOTICE: The information contained in this message may be privileged and confidential. If this e-mail contains protected health information, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited, except as permitted by law. If you have received this communication in error, please notify the sender immediately by replying to this message and deleting it from your computer. Thank you. ** Participation and subscription information
