Re: [WIRELESS-LAN] Interference in dorms.

[James F Eyrich]

We have slated 11b to go away before fall semester of 2012.
Giving all the departments with olde equipment 2 fiscal cycles to replace.

On 7/21/2011 1:54 PM, Rick Brown wrote:

We've disabled all 11B speeds. It was time to make 11b go bye-bye. It is just
not worth letting one client drag everyone down. I agree with Neil's sentiment,
'you want to connect your game box go buy a wired adapter'

Rick B.



On 7/21/2011 2:36 PM, Gogan, James P wrote:


 That kinda begs the question then what DO you do about Wii's (for example)? Do
 you have 1-2 Mbps disabled?

 -- Jim Gogan

 UNC-Chapel Hill

 *From:*The EDUCAUSE Wireless Issues Constituent Group Listserv
 [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Tim Fairlie
 *Sent:* Thursday, July 21, 2011 1:31 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] Interference in dorms.

 Yep, that was our experience with Wii's.

 Through experimentation we saw that once the Wii joined, if you disabled
 2mpbs, they'd stay on...but they couldn't join if 2mbps wasn't on initially.
 Really weird

 Timothy J. Fairlie - Director
 Network/User/Telecommunication Services (N.U.T.S)
 Rider University fair...@rider.edu

 - "Rick Coloccia"mailto:coloc...@geneseo.edu>>  
wrote:
 >  Be careful disabling 2 mbps. We were told at the Cisco conference in a
 wireless class just last week that the Wiis require 2mbps to successfully find
 and join the wireless network. I have not personally verified this, but the
 source is reliable...
 >
 >  -Rick
 >
 >  On 7/21/2011 12:58 PM, Johnson, Neil M wrote:

 We are struggling with the same issues. We are finding that X-boxes and PS3s
 generate lots of interference (they use a proprietary 2.4 protocol between the
 joysticks and console).


 >

 This summer we've added over 100 AP to the dorms, moved several, changed our
 AP's antenna configuration, disabled 1 and 2 Mbps data rates, and are
 implementing channel layering (Meru) to try and address the issue.


 >

 We are also planning on being more aggressive at getting rid of student
 installed wireless AP's.


 >

 We are considering adding a 5GHz only SSID in the dorms to encourage users to
 use 5 GHz ( we do have band steering enabled, but a dedicated SSID would
 insure that devices only use 5GHz and not fall back to 2.4).


 >

 We'll see what happens.


 >

 -Neil


 >

 --

 Neil Johnson

 Network Engineer

 The University of Iowa

 Phone: 319 384-0938

 Fax: 319 335-2951

 Mobile: 319 540-2081

 E-Mail: neil-john...@uiowa.edu


 >


 >

 >  *From: *"Lay, Daniel"mailto:dl...@samford.edu>>
 >  *Reply-To: *The EDUCAUSE Wireless Issues Constituent Group Listserv
 mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
 >  *Date: *Thu, 21 Jul 2011 11:16:29 -0500
 >  *To: *mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
 >  *Subject: *[WIRELESS-LAN] Interference in dorms.
 >


 >

 >

 >

 Last year we had several students that would complain about poor wireless
 coverage in their rooms. It was usually followed by the comment that they did
 not have this problem at home or in other areas of the campus. After
 performing various test and wireless scans I am of the opinion that a good
 portion of these problems were introduced by the students themselves by
 bringing in various devices that emit 2.4 interference. I am curious about how
 any of you guys have addressed this problem and informed the students of these
 potential interferences. Have any of you added a section to orientation that
 discusses the problem of interference and did it have good results. Did any of
 you do a poster campaign with good results or did you issue a Faraday cage to
 each student to store their stuff in (yes that was a joke). I can only see
 this problem getting worse with wireless printers and game consoles that all
 have a potential to cause interference. I am open to any ideas and or
 suggestions. Thanks.

 Daniel Lay

 Networking Specialist

 Samford University

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/. ** Participation and subscription
 information for this EDUCAUSE Constituent Group discussion list can be found
 at http://www.educause.edu/groups/.


 >

 --
 Rick Coloccia, Jr.
 Network Manager
 State University of NY College at Geneseo
 1 College Circle, 119 South Hall
 Geneseo, NY 14454
 V: 585-245-5577
 F: 585-245-5579

 CIT will never ask for your password or other confidential information via 
email.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.




--
** Participation and subscription information for this EDUCAUSE
Constituent Group d

Re: [WIRELESS-LAN] Alternative POE injector for Ubiquiti wireless gear

[James F Eyrich]

Laird

On 7/20/2011 8:16 AM, Nathan Hay wrote:

We have several point-to-point wireless links on our campus using Ubiquiti 
Bullet wireless access points.  These use a non-standard 24 V POE injector to 
power them.

Less than a year after the install, almost all our POE injectors died.  We've 
been RMAing them, but it takes a long time and now the RMA units are dying on 
me after just a few weeks.

Has anyone found a replacement injector from another company to use with the 
Ubiquiti Bullets?

Thanks,

Nathan

Nathan P. Hay
Network Engineer | Information Technology
Cedarville University | www.cedarville.edu
937-766-7905
twitter:  @nathanphay

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] iOS devices on wireless

[James F Eyrich]

We do not support bonjour (multicast) on wireless. We have concerns 
regarding network usage.


we have WPA2-Enterprise supporting TTLS and PEAPv0 for outer and 
MS-CHAPv2 inner. Our initial testing found that Apple devices worked 
better on TTLS.


We publish an iOS configuration profile that setups the device to use 
our service. It includes the root certificates, and also locks down the 
authentication server name. When I had an iPhone I thought it worked well.


-jim



On 6/13/2011 3:23 PM, Nathan Hay wrote:

Couple of questions for everyone about iOS devices on wireless.

1.  Do you support/allow Bonjour over wireless so that iOS devices can talk to 
each other?  We currently do not, but we are thinking about enabling it for the 
fall.

2.  What kind of wireless security do you use on the network for iOS devices 
and are you happy with your setup?

We currently place iOS devices on a WPA2-PSK network, but we are considering a 
change to WPA2-Enterprise.  My primary concern is how quickly the devices can 
authenticate so that the user experience remains good.  It seems to take a 
little longer for the wireless to connect in my testing.

Thanks in advance for your insight,

Nathan

Nathan P. Hay
Network Engineer | Computer Services
Cedarville University | www.cedarville.edu
937-766-7905
twitter:  @nathanphay

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] MERU wireless

[James F Eyrich]

We plan on rolling out IPv6 on our secured SSID by at least World IPv6 
day and have been running on a test SSID for several weeks now.

Using RA to assign the addresses.
No issues so far.
We have only tested it on 4.0 MR2.

-jim

On 4/13/2011 11:49 AM, Johnson, Neil M wrote:

Meru currently supports IPv6 in "bridging only" mode, so you lose some of 
Meru's proprietary traffic management features.

In testing I've had issues with SLAAC, but Illinois has not, so your mileage 
may vary. I haven't tested it since version 3.6 of their code.

Our campus is currently routing IPv6 everywhere and plans are under way to IPv6 
enable more services (we plan to participate in World IPv6 Day by enabling  
records for our Microsoft servers), so I'm getting asked every week when IPv6 
will be supported on wireless.

Meru understands that IPv6 support is a priority and they do have a roadmap for 
IPv6 support, but I think I'm under a NDA about that.

-Neil



--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] MERU wireless

[James F Eyrich]

We run a Meru system of over 3150 APs

As far as how we like it: We decided to renew the purchase agreement for 
an additional 5 years that last time it expired.


I am happy to discuss further offline if you like.
You are close enough drive up sometime if you want to get the nickle 
tour of the gear and the tools we use to manage it.


-jim

On 4/13/2011 9:50 AM, Randy Ethridge wrote:

I just heard a pitch for MERU and it almost sounds to good. Is anyone running 
MERU and if so how do you like it and what problems have you run into ?

Thanks.

Randy Ethridge
Network Engineer V
Information Services
Eastern Illinois University
rlethri...@eiu.edu

Proud to say "I am EIU"

EIU THINKS GREEN: Before printing this e-mail think if it is necessary


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.




--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wireless for lab / staff PCs?

[James F Eyrich]

You also need to allow members of the Domain Computers group to auth on 
your radius server.


We provide this option and the people with wireless connected lab 
machines are happy.  Not sure if they remote into them. Mostly it was 
about users being able to auth on a machine they had never logged into 
before.


-jim

On 1/18/2011 10:17 AM, heath.barnhart wrote:


I'd like to point out I'm making a lot of assumptions about your
network/services. Assumptions:

1. Your using IAS for RADIUS, or your RADIUS is tied into AD.
2. There is no captive portal on your WPA2 networks.
3. You are using Windows XP with the Windows native supplicant or
machine authentication is an option.


There should be an option in the windows wireless configuration to use
the "machine authentication." The PC will then send its name and
authenticate against AD through your RADIUS server. I would imagine your
management capabilities would be the same as if the machine was on a
wired connection but logged out.

We don't really have a deployment of wireless only AD machines, though
the service is available. The only issue is with downloading profiles.
I've found that you need a pretty solid connection because Windows
doesn't appear to handle packet loss very well during the import. Too
much loss and it gives up. You get logged in, but with a temporary profile.

Hope this helps.



--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] DHCP lease times?

[James F Eyrich]

Has any one looked at running significantly longer lease times?

We are looking at the possibility of NATing our wireless service, moving 
to large private IP subnets for the clients and not needing to recycle 
addresses so often. We have discussed moving from the current 1 hour 
lease to 8 or 12 hours.


thoughts?

--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867



On 9/14/2010 10:13 AM, Methven, Peter J wrote:

We run on half an hour lease times at Heriot-Watt University, Edinburgh as 
well. I had the lease time set to 15 minutes for a while, but this didn’t seem 
to release IP addresses in any great numbers at peak times when we most needed 
the leases available and just put more load on our DHCP servers.

Many Thanks
Peter

Mr Peter Methven, Network Specialist
Information Technology (IT)
Allen McTernan Building, Edinburgh Campus
Tel:  0131 451 3516

For IT support queries or requests, please email 
ith...@hw.ac.uk  or phone ext 4045, with full details 
of your query or request and your contact details.

http://www.hw.ac.uk/it


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of heath.barnhart
Sent: 14 September 2010 16:01
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] DHCP lease times?

30 minutes at Washburn as well. We had the same issue as what you described. No 
issues with the shorter lease time since we changed it 3 years ago.

Heath

On 9/13/2010 4:47 PM, Marcelo Lew wrote:
What do you guys use for DHCP lease times on your wireless networks (external 
DHCP server)?
We have an issue were our DHCP server (Cisco) reports subnets almost full, 
however, the Aruba Controller shows plenty IPs available. I think the issue 
might be related with devices getting on the network for a very short time, 
going off line, but the DHCP server still holds that lease. We have lease times 
set at 1hour for the wireless network.
Shorter lease times maybe?

Thanks,

Marcelo

Marcelo Lew
Wireless Enterprise Administrator
University Technology Services
University of Denver
Desk: (303) 871-6523
Cell: (303) 669-4217
Fax:  (303) 871-5900
Email: m...@du.edu

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.




--

Heath Barnhart, CCNA

Network Administrator

Information Systems and Services

Washburn University

Topeka, KS 66621
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.


Heriot-Watt University is a Scottish charity registered under charity number 
SC000278.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] 802.11n phased deployment approaches

[James F Eyrich]

With Meru it is strongly suggested to do entire buildings at a time.

Beyond Meru's suggestions based on how their tech works I still think it 
is a good idea.


User experience would be consistent for the whole building instead of 
only having better connections in the strategic locations.


I also have concerns if bonded channels are deployed on N near standard 
A APs.


-jim



On 6/3/2010 9:03 AM, Steve Hess wrote:

For anyone who has done a phased deployment of 802.11n gear to replace b/g/a,  
what have you found to be most effective, a whole building (or floor perhaps) 
approach or putting N in strategic locations with nearby b/g/a AP's?  Any 
gotcha's or learning experience with either approach?  We're an Alcatel (Aruba) 
shop so direct experience with that gear would be great.


Thanks,

Steve

--
-
Steve Hess
Network Administrator
Wheaton College
Phone: 508-286-3404
Fax: 508-286-8270
-


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Client tracking and privacy concerns

[James F Eyrich]

I have those concerns.
So far only the wireless team and the security office have access to the 
location DB.  Yesterday I was thinking it was time to work on a policy 
for access to the information.


Anyone already have one written?

jim

On 5/5/2010 8:53 AM, Lee H Badman wrote:

So… regardless of whether you use WCS, AirWave or something else, if 802.1x 
clients come up by user name or ID in the system and can be located on 
floorplans, etc, is anyone hearing privacy concerns regarding who is allowed to 
see the management system.

Think: potential stalking concerns and similar if student employees are allowed 
to see where other students are graphically (just one example), as more and 
more personal data is removed from directories.

-Lee




** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



--
James Eyrich
Team Lead Network Design
Wireless Service Manager
CITES - Networking - Network Design and Support - Network Design Group
University of Illinois

eyr...@illinois.edu
217-265-6867

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Android devices - certificates for enterprise wireless

[James F Eyrich]

Has anyone come up with a way to setup the certificate trust settings on 
an Android device when using WPA2-Enterprise with EAP-PEAPv0 or EAP-TTLS 
 - without rooting the device.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.