RE: RADIUS Monitoring
For gathering the data it's easier to use radclient http://wiki.freeradius.org/config/Status For Graphing/Alerts we use Cacti http://www.horoa.net/2013/09/installation-du-template-cacti-pour-freeradius2/?lang=eng But we were already using Cacti so YMMV. Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu StrengthsQuest Top 5: Ideation, Strategic, Analytical, Adaptability, Intellection - Find out more - http://www.strengthsquest.com/content/141728/index.aspx Please consider the environment before printing this email. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis K. Larsen Sent: Wednesday, October 08, 2014 12:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] RADIUS Monitoring I am trying to be proactive regarding scaling of RADIUS servers as we move to a new load-balanced environment. The idea is to know when we are getting close to a threshold and need to add another VM, allocate more CPU, RAM, etc. I've used a traffic generator to simulate authentications against our FreeRADIUS VM's and so I know the max. number of auths/sec. that a server can handle and I've seen that the server will start to reject clients when it can't handle the load. So I am thinking a dashboard that graphs the auths per second, and pie chart that shows successful vs. failed requests with some alerting would allow us to preempt load/growth issues. It seems this info wouldn't be too difficult to grab from syslog and graph on a web page somehow. I am just wondering if any of you have already done this or something like this that you could share before I re-invent the wheel. Let me know. Thanks, Curtis Larsen University of Utah ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Power Management
I prefer the CLI but NeDi www.nedi.ch will do what you are looking for (And quite a bit more) On 9/8/2014 12:22 PM, Watters, John wrote: > I have been using the PowerDsine PoE inserters (6, 12, & 24 ports) for > years and am generally very pleased with them. We started using them > before VoIP caught on and before our switches had built-in PoE. I am > now getting pressure to abandon the PowerDsine devices since all of > our new switches do have PoE (mostly using Cisco 3750x/3850x for distribution > now). > > The problem I have with abandoning the PowerDsine units is the lack of > a nice graphical management tool for the PoE on my Cisco switches. Has > anyone found a nice tool for power management of Cisco switches? > > At a minimum I need to see the interface name, the interface > description, and the current power usage; and be able to easily toggle > power off and back on. It would be very nice to be able to only show > the interfaces that have a description matching a specified mask so I > could look at only APs, only phones, all, etc., based on my mask. > > We don't really want to turn on HTTP for the switches, but we could if > this would provide what we need for power management. > > Any advice would be appreciated. > > Thanks. > > -jcw UA Logo > > *__* > > John Watters The University of Alabama > > Office of Information > Technology > > 205-348-3992 > > ** Participation and subscription information for this > EDUCAUSE Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu StrengthsQuest Top 5: Ideation, Strategic, Analytical, Adaptability, Intellection - Find out more - http://www.strengthsquest.com/content/141728/index.aspx Please consider the environment before printing this email.
RE: [WIRELESS-LAN] Wow vision veos: Will products using Miracast be an alternative?
>From my testing with a Nexus 4 and Netgear PTV-3000 using wireless and >miracast (while it may do horrible things to the sprectrum and destroy >batteries) it works fine. Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu StrengthsQuest Top 5: Ideation, Strategic, Analytical, Adaptability, Intellection - Find out more - http://www.strengthsquest.com/content/141728/index.aspx Please consider the environment before printing this email. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Jeff Kell [jeff-k...@utc.edu] Sent: Friday, May 24, 2013 11:38 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wow vision veos: Will products using Miracast be an alternative? On 5/24/2013 10:45 PM, Barron Hulver wrote: > Will products using Miracast take hold and be an alternative? > > http://www.wi-fi.org/wi-fi-certified-miracast%E2%84%A2 In their FAQ... > 7. How is Miracast related to Wi-Fi Direct? > Wi-Fi Direct allows devices to connect directly to each other, without > the need for a Wi-Fi > AP, and often requiring just the push of a button. Wi-Fi Direct allows > source and display > devices to discover one another and provides the underlying > device-to-device connectivity > for Miracast. Sounds like if you ALSO need wireless internet, you're SOL... Jeff ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] need help to substantiate an SSID recommendation
I can’t speak to other vendors, but with our vendor(Cisco) encryption/decryption is handled by the AP/Client NIC not the controller. According to the 802.11n spec (enforcement varies) devices not using AES will be restricted to 802.11g speeds. Personally we have stayed away from spaces and special characters in SSID’s because the quality of client drivers varies wildly. Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu<mailto:josh...@housing.ufl.edu> StrengthsQuest Top 5: Ideation, Strategic, Analytical, Adaptability, Intellection - Find Out More<http://www.strengthsquest.com/content/141728/index.aspx> Please consider the environment before printing this email. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Barros, Jacob Sent: 2013-01-24 10:44 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] need help to substantiate an SSID recommendation I feel silly asking this question but value your opinions. We recently had some authentication errors that caused me to open a support case. The engineer I was working with eluded to the fact that having a space in my SSID name could be contributing to the problem though not the root. He also inferred that using TKIP instead of AES would cut processing requirements on the controller and therefore grant better performance. I have not been able to confirm his opinions from those I have asked (including other engineers from the same company) nor in print. We are using a single SSID for most of our campus, 'Grace WiFi' WPA2-PSK AES. Theoretically, should I get better performance (or less overhead) from 'Grace-WiFi' WPA2-PSK TKIP? Leaving the vendor/company out of this conversation, will you please comment on whether or not these changes will make a difference? I would love to either substantiate or debunk this theory. Jake Barros | Network Administrator | Office of Information Technology Grace College and Seminary | Winona Lake, IN | 574.372.5100 x6178 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Turning off TKIP to enable N
Cisco Wireless shop as well and you don't need to to turn off TKIP to allow N your AP's just need to support N, That being said we are primarily Cisco 1252 and I made the call not to order the A radios (cost usage wise I'm still right but at this point we are retrofitting AP's to bleed whatever performance gains we can). I'm in the process of gathering usernames from WCS that connect with tkip so our help desk can contact them and verify the why of them using tkip, is it a hardware limit or improper configuration (802.11b was largely a configuration problem) Statistics right now (minus the 1500 plus clients the will show up in the next hour or two) [cid:4b610de3-55cf-47a1-9aff-e3ab9236d9f2] These statistics are included above but should be subtracted from above because they operate under separate controllers and code base (Cisco 1510's are supported as well as 802.11b), This is HUD Housing so even the occasional windows 98 user is possible. [cid:7539dec0-63f4-4556-8b08-9a2bb262fdcb] Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu<mailto:josh...@housing.ufl.edu> Before printing this email think if it is necessary. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Nick Kartsioukas [lists.educause.wirel...@change.nightwind.net] Sent: Tuesday, September 27, 2011 7:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Turning off TKIP to enable N All these graphs showing everyone's N clients is making me feel way behind the times. We still have TKIP allowed on WPA. Has anyone else recently gone through the transition of disabling TKIP in order to enable N? If so, what issues did you run into with older equipment (both student and institution owned)? We're a Cisco wireless shop, I've got WCS installed but haven't had time to set up any kind of reporting on it yet. I know the few times I've remembered to check there haven't been any TKIP clients, but I'll need more than just a few slices in time to be sure. -- Nick Kartsioukas Cuesta College Computer Services 805-546-3248 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <><>
RE: [WIRELESS-LAN] 1200 Series AP's on a newer 2960s Cisco switch using POE
I'll second the CDP if you are having power budget problems (which it appears you are not), for instance a 1231G AP that budgets for 4.4 watts with CDP will budget for 15.4 watts if CDP is disabled. Joshua Coleman | Network Infrastructure Engineer University of Florida Department of Housing and Residence Education PO Box 112100 | Gainesville, FL 32611-2100 office 352.392.2171 x12053 | fax 352.392.6819 | josh...@housing.ufl.edu Before printing this email think if it is necessary. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of James J J Hooper Sent: Monday, August 15, 2011 3:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] 1200 Series AP's on a newer 2960s Cisco switch using POE On 15/08/2011 19:57, Taillon II, Kendall wrote: > We are in the middle of adding new 2960s Cisco switches to are edge. > When connecting our old 1200 series AP’s to the switch via POE, the > switch interface just keeps flashing. Is this because the old AP’s use > the old pre-standard POE? Our new 1142 series AP’s connect just fine. > Is there any way to have the older AP’s use the newer POE through the switch > port? http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps6406/prod_qas0900aecd80322c37.html ...it should "just work" Note however that _some_ of the 2960 series are oversubscribed for POE i.e. it can only power 8 APs on a 24 port poe switch, and only 24 on a 48port poe switch. Exactly which model switches do you have? have you enabled CDP on the ports? If you're using gig ports, what happens if you set them to 100/full? -James ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
