What are you using for a AAA solution? ClearPass fully supports per-device PSK
with Cisco WLC’s with full self-registration.
tim
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
on behalf of Jason Cook
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv
Dat
We currently setup dedicated PSK’s for everything, but that’s such a pain so
are currently going through the process of something new. As a short term
measure to improve things (since at times we end up with 5 additional PSK’s
and cisco’s SSID assignment is a bit crappy) we have a single PSK th
We have three wireless employees:
Wireless Manager – part manager, part engineer
Wireless Engineer – full time engineer
Student Wireless Engineer – 20 hrs/wk during semester
AP Count: 800 (growing to 1,000+ in coming months)
Student count: 11,000
We have cable contractors run cable, and a separate
We used to set up custom SSIDs for conferences and special events on a subset
of our APs with PSKs, and the traffic ended up on a dedicated VLAN with
internet-only access. It was cumbersome and made our APs unstable with the
frequent configuration changes. We switched to creating a special OU/gr
We have a guest ssid with a click to accept use agreement that works for
most conferences we have. On occasion we will need to create a unique PSK
for a one time event but that is maybe once or twice a year and usually
centered around technology and accessing specific resources either on
campus or
Hector,
I’d recommend starting with your Institutional Research group and ask them who
they consider cohorts for Louisiana State. From there, I’d query those
universities directly as they’ll likely provide useful/actionable data vs a
general request here. That is, my numbers won’t do you a lot
Hi Daniel,
Wish you all the best in your project.
I would appreciate if you can explain more about how you handle IoT..that would
be nice.
Thanks.
Yahya Jaber.
CCIE Wireless.
055-869-7555
ITNC Engineering.
KAUST.
Sent from an Android
On Sep 27, 2017 19:41, Daniel Eklund wrote:
University o
University of Michigan has over 13,000 access points and we're continuing
to install for the next 9 months to reach a goal of about 16,000. We have
about 8 FTEs assigned to this but some have duties that aren't specifically
wireless and so that's why the number is approximate. We have also
employ
William – Very interested in this:
>> The wireless“eduroam” service is not available at the university, or for
>> university members at other institutions. Current interpretation of the laws
>> and policies surrounding use of state resources is that eduroam use is
>> prohibited on university pr
William – Very interested in this:
>> The wireless“eduroam” service is not available at the university, or for
>> university members at other institutions. Current interpretation of the laws
>> and policies surrounding use of state resources is that eduroam use is
>> prohibited on university
Hi Joachim,
Yep, I did not understand it that quick :P
And yes, it makes more sense.
Thanks.
Yahya Jaber.
Sr. Wireless Engineer
IT Network & Communications - Engineering
Building 14, Level 3, Rm 308-WS07
KAUST 23955-6900 Thuwal, KSA
Email yahya.ja...@kaust.edu.sa
Office +966 (0) 12 8081237
Mobi
Hey Jake,
Thanks for that, I didn’t get the picture from the first time ;)
Yes, your way is much better and less headache to the WLC.
The next thing I should find out now is how to remove all the registration
blanks "username..name...last name...email..etc.." and keep only the mobile
phone.
Th
On 27 Sep 2017, at 14:50, Yahya M. Jaber wrote:
I do use CWA with ISE.
The issue is not with the ISE, its with the WLC that by nature has the
idle timeout for 5 minutes.
Hi,
As I tried to express; the idle-timeout becomes irrelevant if you
implement MAC-caching. Then the user only need to lo
For CWA, you need to put the MAC address into a guest endpoint group.
Then, if the endpoint is in guest endpoint group, just put them on instead of
the portal.
Way easier than LWA + sleeping client.
Sent from my iPhone
> On Sep 27, 2017, at 6:50 AM, Yahya M. Jaber wrote:
>
> Hi,
>
> Thanks
Hi,
Thanks for that.
I do use CWA with ISE.
The issue is not with the ISE, its with the WLC that by nature has the idle
timeout for 5 minutes. Then the client would have to re-auth as its no longer
on the WLC client list.
For idle timeout...i am trying to find a sane value that would at least
On 27 Sep 2017, at 14:17, Yahya M. Jaber wrote:
- Would give up my guest SSID through ISE. As still there is no
feature to increase the idle timeout on the WLC “like the sleeping
client” which will stop users from complaining about the constant
login once they go idle “”especially iPhone that t
We currently do something similar as Bruce. Normal Self-registration
and sponsored registration
using clearpass guest, but large and/or multi-day events can get a PSK
SSID assigned if given
ample time and planning.
On 9/27/17 8:07 AM, Osborne, Bruce W (Network Operations) wrote:
Our process
Hi,
We are actually improving our guest experience, and what I thought of is the
following: “we use Cisco Equipment’s”:
- Would give up my guest SSID through ISE. As still there is no
feature to increase the idle timeout on the WLC “like the sleeping client”
which will stop users from
Our process is not ideal.
Where possible, we try to avoid setting up special SSIDs. Our normal Guest SSID
allows for self registration for bandwidth-restricted Internet access or
sponsored registration for faster Internet access.
We utilize our ClearPass Guest management to create an expiring e
It might be difficult to correlate any information you get because of
the diversity of
operations. I'll try to use your scope for our ops:
We have 3200 APs, one wireless engineer for: large plan reviews, Tier 3
level support, Controller/AP config/monitoring/maintenance, lifecycle
replacements
20 matches
Mail list logo