Looked into enabling this after a recent upgrade, but there is one major
hurdle for my environment: This feature must be implemented only if you
are using one controller. The assisted roaming feature is not supported
across multiple controllers. See
I can tell you we use dot1x here with AD credentials and it doesn't lend itself
to a good end-user experience. Our security policy requires password expiration
after 60 days. When a student's password expires we see an increase of wireless
related complaints (typically blaming the
We have done a complete TLS deployment using both onboard cloudpath CA (for
guest access) and Microsoft CA (for standard access). It takes some work, but
it is well worth the effort. Feel free to contact me. We would be happy to
help.
Ryan H Turner
Senior Network Engineer
The University of
Isn't that really a client supplicant issue though? You can send back a reason
for authfailure, and then the client could prompt for a replacement password.
--
ian
-Original Message-
From: Fleming, Tony
Sent: 20-11-2013, 14:22
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re:
We have implemented it on all production WLANs for one month. There is only one
issue: BlackBerry Z10 cannot connect to our 802.1X secure wlan, but it can
connect to the open wlan. I tested in my lab and confirmed that Z10 can connect
to the secure wlan without 802.11k. We are considering roll
Unable to access 5508 controller GUI with Google Chrome after upgrading to
7.5.102.0 - SSL Connection Error
https://supportforums.cisco.com/docs/DOC-38027
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord
Sent:
FYI We're seeing 142 Blackberrys on our Wireless Networks. This is exactly 1%
of the Wireless devices on our networks and compares to 51.55% which are Apple
devices.
(Using an updated OUI VendorMacs.xml list on Cisco PI 1.3 from
http://www.macvendorlookup.com/)
Regards,
Jen.
-Original
That bug hit us hard since we depend on webauth.
We upgraded to a more recent 7.5. code but then hit another bug:
https://tools.cisco.com/bugsearch/bug/CSCuj59101
On rare occasions, the Cisco Aironet series Access Point crashes and
reboots due to corruption of a certain data-structure used to
rantWhat I really want to provide is an HTTPS-like experience for my
users that just works: an SSL layer that doesn't care who you are, but
still provides meaningful encryption for the last 50 meters where your
traffic is moving through the air for anyone nearby to snoop.
I'm annoyed that so many
I wonder if this might be closer to what you are looking for:
http://theruckusroom.typepad.com/files/dynamic-psk-fs.pdf
It definitely looks interesting.
-Curtis Larsen
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
I have been to hotels that use WPA2 for their wifi. You get an id and
password at checkin, sometimes the id and password is tied to the room and not
unique for every customer over time.
While you can’t quite get the eduroam experience without a valid userid and
password you could
I agree with a lot you said. Philippe Hanset had mentioned 'unathenticated
TLS', which appears to do what you want to do, but it appears it isn't very
well supported yet.I haven't found much on it.
Ryan H Turner
Senior Network Engineer
The University of North Carolina at Chapel Hill
CB
On Nov 19, 2013, at 4:32 PM, Mike Albano mike.alb...@unlv.edu wrote:
Curious if others have enabled 802.11k and if doing so has resulted in any
client connectivity issues for clients that do not support it. Also, for the
Cisco shops, the same question for non-802.11k assisted roamingie
Seeing this as well on our captive-portal SSID. Will be attempting the work-around shortly.MIkeUNLV-The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU wrote: -To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUFrom: Vlade Ristevski vrist...@ramapo.eduSent by: The
On Nov 20, 2013, at 10:46 AM, Curtis K. Larsen (UIT-Network)
curtis.k.lar...@utah.edu wrote:
I wonder if this might be closer to what you are looking for:
http://theruckusroom.typepad.com/files/dynamic-psk-fs.pdf
It definitely looks interesting.
-Curtis Larsen
Aerohive also has
My problem with these approaches is their proprietary nature. I wonder how
this has been addressed/discussed in the IEEE groups...
Ryan H Turner
Senior Network Engineer
The University of North Carolina at Chapel Hill
CB 1150 Chapel Hill, NC 27599
+1 919 445 0113 Office
+1 919 274 7926 Mobile
Not to mention, these are still authentication AND encryption mechanisms, not
just encryption. I think the original poster was wanting just an encryption
method without the authentication. This doesn't really solve that.
Ryan H Turner
Senior Network Engineer
The University of North Carolina
As I mentioned in another thread, this issue was caused by the implementation
of 802.11k support. We are using Cisco WISM2s version 7.4.110.0.
Dennis
- Original Message -
From: Dennis Xu d...@uoguelph.ca
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Friday, November 15, 2013 1:27:58 PM
My Bad. I guess the Wi-FI alliance branded it Hotspot 2.0
http://en.wikipedia.org/wiki/Hotspot_(Wi-Fi)#Hotspot_2.0
On Wed, Nov 20, 2013 at 9:00 PM, Mike King m...@mpking.com wrote:
You mean, something like 802.11u?
http://en.wikipedia.org/wiki/IEEE_802.11u
On Wed, Nov 20, 2013 at 3:18
You mean, something like 802.11u?
http://en.wikipedia.org/wiki/IEEE_802.11u
On Wed, Nov 20, 2013 at 3:18 PM, Turner, Ryan H rhtur...@email.unc.eduwrote:
Not to mention, these are still authentication AND encryption mechanisms,
not just encryption. I think the original poster was wanting
20 matches
Mail list logo