from:"Eric LaCroix"

Re: [WIRELESS-LAN] MAC Randomization, a step further...

2020-07-10 Thread Eric LaCroix

A quick internet search seems to indicate the default for a Windows DHCP server 
is 8 days. On a visitor network, likely it’s a much shorter time, and may even 
be handled by something other than a Windows server (perhaps the onboarding 
device handles it). But once students come onto a production network because 
they’re trusted/802.1x etc., it’s possible that some of us use Windows and left 
the defaults and didn’t consider it would become an issue since that population 
really doesn’t change often. … Now I’m curious to know what our defaults are. 
But not TOO curious – it’s Friday at 5pm.

Have a good weekend everyone!
Eric
--
Eric LaCroix P’20 P’22, Director of Technology
New Hampton School<https://www.newhampton.org/> • 603-677-3454
Where a fulfilled life begins.


From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Tim Cappalli 
<0194c9ecac40-dmarc-requ...@listserv.educause.edu>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 

Date: Friday, July 10, 2020 at 4:52 PM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Agreed on IPv6, but even for IPv4, I imagine most folks are running short 
leases on a visitor network, so I don’t really think much changes here. If your 
leases are 12 hours or less, there should be no impact.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 

Date: Friday, July 10, 2020 at 16:51
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Maybe a good use case for IPv6

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 3:49 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Uhg.  Didn’t even think about that.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Eric LaCroix
Sent: Friday, July 10, 2020 4:48 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

We’re all going to need to check the TTL on DHCP leases… some of our scopes 
will get eaten alive otherwise.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of "Floyd, Brad" mailto:bfl...@mail.smu.edu>>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 3:42 PM
To: 
"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Thanks Tim. I just started a conversation with my SE.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 2:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

For extended visitor use cases (over 1 day), Passpoint is really the only 
feasible solution moving forward. Aruba has a Passpoint offering/service called 
Air Pass and WBA’s OpenRoaming initiative is gaining a lot of support.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 15:04
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Tim,
Anything in the works from Aruba about how best to deal with ClearPass Guest 
MAC Auth?
Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 2:01 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Connected MAC randomization on iOS will be enabled by default, just like on 
Android (starting in 10).

Two major differences:

  1.  iOS does not expose the randomization knob (to disable it) to end users 
during initial connection. It is available after connection in the saved 
network list
  2.  On Android (version 10 and 11), the MAC is set once per ESSID for the 
lifetime of the OS instance (aka until a factory reset). On iOS 14, the MAC is 
set per ESSID and is changed once every 24 hours.

Note that Android 11 has a developer option to enable a per-connection MAC 
which likely indicates this will enabled by default or expos

Re: [WIRELESS-LAN] MAC Randomization, a step further...

2020-07-10 Thread Eric LaCroix

We’re all going to need to check the TTL on DHCP leases… some of our scopes 
will get eaten alive otherwise.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of "Floyd, Brad" 

Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 

Date: Friday, July 10, 2020 at 3:42 PM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Thanks Tim. I just started a conversation with my SE.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 2:07 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

For extended visitor use cases (over 1 day), Passpoint is really the only 
feasible solution moving forward. Aruba has a Passpoint offering/service called 
Air Pass and WBA’s OpenRoaming initiative is gaining a lot of support.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 15:04
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Tim,
Anything in the works from Aruba about how best to deal with ClearPass Guest 
MAC Auth?
Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 2:01 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Connected MAC randomization on iOS will be enabled by default, just like on 
Android (starting in 10).

Two major differences:

  1.  iOS does not expose the randomization knob (to disable it) to end users 
during initial connection. It is available after connection in the saved 
network list
  2.  On Android (version 10 and 11), the MAC is set once per ESSID for the 
lifetime of the OS instance (aka until a factory reset). On iOS 14, the MAC is 
set per ESSID and is changed once every 24 hours.

Note that Android 11 has a developer option to enable a per-connection MAC 
which likely indicates this will enabled by default or exposed to users in 
Android 12.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 14:57
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [WIRELESS-LAN] MAC Randomization, a step further...
Apple is moving forward with their privacy efforts. The next step is to 
randomize MAC addresses when connecting to an AP, not just when probing. This 
is coming soon.

https://globalreachtech.com/blog-mac-randomisation-apple/

This is from Apple. Luckily, there is a way to disable private addresses. I 
just don’t know if it will be ON by default.
https://support.apple.com/en-qa/HT211227

Happy Friday!

Hector Rios, Wireless Network Architect
The University of Texas at Austin

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at

Re: Cost effective alternatives to AP-220-MNT-W2

2016-09-01 Thread Eric LaCroix

Perhaps someone has already said this – but, with so many institutions pushing 
for “maker spaces” and 3D printing, I’d be surprised if there’s not a template 
out there somewhere to print your own. Of course, printing could take a while… 


Eric LaCroix, Director of Technology, New Hampton School
70 Main Street • New Hampton, NH 03256


On 9/1/16, 12:37 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
on behalf of Coehoorn, Joel" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of 
jcoeho...@york.edu> wrote:

--001a113e34ae54fa6f053b74d386
Content-Type: multipart/alternative; boundary=001a113e34ae54fa6d053b74d385

--001a113e34ae54fa6d053b74d385
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Find someone with a good 3D printer ;D



Joel Coehoorn
Director of Information Technology
402.363.5603
*jcoeho...@york.edu <jcoeho...@york.edu>*

The mission of York College is to transform lives through
Christ-centered education and to equip students for lifelong service to
God, family, and society

On Thu, Sep 1, 2016 at 11:24 AM, Troy Lynn Wiseman <twise...@siu.edu> wrote=
:

> This is not pretty, but we use standard L brackets you can buy at the
> hardware store.
>
>
>
> Thanks
>
>
>
> TROY WISEMAN
>
> Network Engineer V
>
>
>
> INFORMATION TECHNOLOGY
> MAIL CODE 4622
> SOUTHERN ILLINOIS UNIVERSITY
> 625 WHAM DRIVE
> CARBONDALE, ILLINOIS 62901
>
>
>
> twise...@siu.edu
>
> P: (618) 453-6264
>
> INFOTECH.SIU.EDU <http://infotech.siu.edu/>
>
>
>
> [image: SIU]
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Brian Helman
> *Sent:* Thursday, September 1, 2016 10:59 AM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Cost effective alternatives to AP-220-MNT-W=
2
>
>
>
> You actually answered a question I meant to include, but I didn=E2=80=99t=
 ask ..
> how are people doing wall mounts.  That issue just popped up this morning=
.
> I=E2=80=99ll keep this on file for those instances.  Thanks!
>
>
>
> -Brian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] *On Behalf Of *James Helzerman
> *Sent:* Saturday, August 27, 2016 10:11 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Cost effective alternatives to AP-220-MNT-W=
2
>
>
>
> We use Cisco so I am not sure of the Aruba bracket but I was able to
> easily modify a camera mount for this purpose.  We also use the Oberon
> mount and are happy with that.
>
> This camera mount attaches to a single gang box and has a pass thru for
> the cable.  My picture does show the pass thru well but the link below do=
es.
>
> http://www.securityideas.com/pa89pathjstm.html
>
> Jimmy
> University of Michigan
>
>
>
> On Aug 26, 2016 5:55 PM, "Lionel Shigemura" <lio...@hawaii.edu> wrote:
>
> A local Aruba vendor has made some custom 2-gang cover plates modified
> with a tile grid type piece for another Campus.  Just mount the adapter
> plate and clip the AP similar to a ceiling grid.  It was custom piece at =
a
> "decent" price, but can't recall exactly.  I've used various Oberon
> products and they're really nice.  We have some older bldgs with plenum
> ceiling that use a steel frame grid with integrated supply ducts.  No
> standard grid for clip usage. I've used the Aruba AP-220-MNT-W1 and Aruba
> AP-220-MNT-W2 using screws and zip ties.  If the W2 is too costly, a
> cheaper options we entertained was to modify the included grid clip adapt=
er
> and screw it into the steel plate.  The latter solution was really
> difficult to remove so we didn't use it.
>
>
>
> For walls, I prefer this solution until I find something better.  #1011-0=
0
>
> http://www.oberoninc.com/products/right-angle-brackets
>
>
>
> I contacted Oberon's competitor and their similar model didn't have a
> knockout for cable pass-through and had some differences.  This was short=
ly
> after Atmosphe

Re: [WIRELESS-LAN] MAC Randomization, a step further...

Re: [WIRELESS-LAN] MAC Randomization, a step further...

Re: Cost effective alternatives to AP-220-MNT-W2

3 matches

Site Navigation

Mail list logo

Footer information