, and
our wired LAN. It would be nice to have one interface that does it all.
Thanks,
-Hector
-Original Message-
From: King, Michael [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 15, 2007 8:39 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] idEngines AAA server
We
We have it here. You may contact me on or off list. (We also have the
Autoconnect product, and the Guest Manager)
Mike
-Original Message-
From: Hector J Rios [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 15, 2007 9:33 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject:
Doug,
Every release that you put on a Controller loads new software onto the
AP's. There is always downtime with an upgrade.
Also, they upped the limit in the 4.0.206 to 10 APs at a time.
-Original Message-
Also the 4.2.62 has new code for the access points, so each will need to
Hi Don,
You could look at IDEngines. They sell a service (Autoconnect) that
scripts the install of the 802.1x Supplicant on Windows / Mac
We currently use the built-in XP/Vista Supplicant with PEAP, but I know
that IDEngines also supports (and distributes) the SecureW2 client.
They are
Just for reference, we chose Cisco LWAPP.
I personally feel you can't go wrong with either choice.
Aruba has some cool features Cisco doesn't have, and Cisco has some cool
features Aruba doesn't have.
Choose based on the features you want, not on the features you may never
use.
The bug (thru cisco's bug tool) specifically calls out a customer using
Symbol scanners, and having them all power on at once.
I wasn't going to post because I thought you had read the actual bug
text.
From the Cisco bug tool (Which is working a bit spastically this
morning)
Symptom:
Hi Lee.
I too am having 100 of these errors a day.
We've also been getting large number of complaints that students are
getting dropped off. (Up and down as the students term it)
It started with the 4.0 code for us.
Reports from the Cisco Netpro forums that 4.1.185.0 is the code
Allen,
You might want to enlist the services of a qualified reseller. Doing an
outdoor deployment gets complex fast.
That being said, lets see what we can do.
Some information that will help.
1. What are your goals? 100% outdoor coverage? Just the area's that
people walk on? Just the
Make sure your on release 4.0.206.0 or greater. There was a bad bug
that was fixed in 4.0.206.0 that had significant packet loss on the
wireless network if Multicast was enabled.
We don't have multicast enabled. We do have Peer to Peer blocking
disabled (so we are enabling Peer to Peer).
Has anyone upgraded to Release 4.0.219.0 for Cisco LWAPP yet? It
contains the fix for the Wireless ARP Storm issue.
(I know the 3.2 and the 4.1 version were available last week)
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be
WPA2, WPA, or WEP?
From: Dennis Xu [mailto:[EMAIL PROTECTED]
Sent: Friday, June 08, 2007 9:11 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] WiSM SUP720 Performance Issue
We use WiSM 4.0.217.0 and SUP720 12.2(18) SXF5. We experience bad
performance with wireless
The AP1200's were an unreleased Airespace model, you could only obtain
them via the beta program.
They eventually became the AP1510's. (After several model number
changes)
-Original Message-
From: Lee H Badman [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 03, 2007 12:07 PM
To:
Read the release notes.
You HAVE to hit a certain version before you can use the 4.1 code.
Contemplating the upgrade myself.
Mike
From: Lee H Badman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 02, 2007 12:09 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN]
We use Ekahau software. Wireless Valley is better product, (It thinks in 3
dimensions, where Ekahau is two dimensional)
You load a floorplan onto the software. You scale it. (Measure a wall, and
tell the software how long the wall is)
First, you Simulate the layout.
You draw all the
-Original Message-
Can you please let me know if your school is currently using
802.1x and LEAP?
802.1x and PEAP TTLS, and WPA/WPA2 PEAP TTLS
If you can let me know if you are using a
supplicant client or just the vendor supplied utilities, I
would appreciate it.
Built in
What version code are you running on the controllers?
-Original Message-
Am opening a TAC case, but to save some some time from the
loathsome LWAPP debug process, wondering if anyone has
experienced this condition?
**
Participation and subscription information for this
Ok.. You have the release I was going to suggest.
You can try 4.0.206.0, but I don't see anything specific for your model
AP's. (I have the 1010's, and there is a specific bug fix in that
release we've been chasing)
But you never know, it might be related.
-Original Message-
From:
Hey, what user's do you have in your IAS's remote access policy?
Do you have DOMAIN COMPUTERS allowed? (It's not part of DOMAIN USERS)
Mike
-Original Message-
From: Lee Weers [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 01, 2007 4:42 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Quick question,
What's your radius server?
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
Someone has already mentioned the Syslog, and disabling the timeout.
One other thing. You can force AP's to associate to specific
controllers.
-Original Message-
From: Lee Badman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 03, 2007 7:41 PM
To:
Microsoft has released a new wireless utility update, that changes
Ad-HOC functionality. Maybe that is the fix you're looking for.
http://support.microsoft.com/kb/917021
Changes for ad hoc networks
On a computer that does not have the Wireless Client Update installed,
Wireless Auto
Found this on the
SANS site:
http://isc.sans.org/diary.php?storyid=1849
Seems Microsoft has
released a hotfix (This means it will NOT appear on Windows Update) that changes
the default behavior of the Wireless Supplicant.
Allows group policy to control WPA2 settings.
Allows networks in
-Original Message-
BSSID3
No encryption, Throttled via CCA, two hour limit before
having to select Guest again. Internet Only and Limited Access.
I'd suggest that you find out your average class duration, and make sure
that your Guest is at least that long.
Two hours sounds
-Original Message-
1. Legacy VPN-protected
2. 802.1x
3. Guest
4. EduRoam
(Travelling scholars can use their home RADIUS server to
use WiFi)
5. Ad Hoc local department network with legit special need
(Health Center?)
6. Appliances - for Tivos, game consoles, whatever.
-Original Message-
So I'd say it's good for the press release but at a decent
resolution it's going to be difficult to support more than a
few channels.
-Kevin
I've talked a bit with Dartmouth when they first rolled this out.
If I remember correctly, they have the
Bill,
There are two ways to make Multicast work with CCA right now. (The
problem is CCA's internal router does not currently route Multicast
Packets.)
The Cisco Offically supported way is to run your CAS's in Virtual
Gateway mode. (Since CCA is not the router, it doesn't have to route
the
-Original Message-
When you deploy 802.1x wep, it is very secure as well.
Just a note, this was true up till a few weeks ago.
http://www.ja.net/development/wireless/wag/wep-strongly-deprecated.pdf
The synopis of this paper is, it is now possible to crack WEP with 1
packet, and
-Original Message-
We'd like to allow or deny permission to each WLAN based
on group membership. Is anyone else doing this and
willing to share their Radius and WCS configs?
We're not doing this. But it is possible. I know because I saw a very
similar question on the FreeRADIUS
Title: Re: [WIRELESS-LAN] Cisco LWAPP
Actually, that's a little misleading.
Newer versions of WCS with older WISM code is OK. (Not the
best, but OK)
Newer versions of WISM, with older WCS is NOT OK. (WCS asks
a question, WISM gives a response WCS is not prepared to
answer)
From: Roth,
What version of Controller code are you running? There was a bug in
4.0.155.0 that cause AP's to reboot randomly. This was fixed in
4.0.155.5
-Original Message-
From: Jorge Bodden [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 29, 2006 11:46 AM
To:
Just in from the front. (sorta, it's dated april)
http://www.microsoft.com/technet/community/columns/cableguy/cg0406.mspx
Non-broadcasting wireless networks
A non-broadcasting wireless network does not advertise its network name,
also known as its Service Set Identifier (SSID). A wireless
We're changing the SSID we've used in the past. In the past it was
Broadcasted.
We plan to Broadcast the New SSID, and non-broadcast the Old SSID.
All new setups, and any calls for help would change people to the New
SSID. The thought is to provide service for the old SSID, but not
encourage
Jorge,
I'm just trying to understand. Were the clients that were already
configured OK? It was just the support people themselves that were
saying the network is down. (I can't see it, It must be down)
Or is it more serious than that, and people actually stopped working
because it wasn't
-Original Message-
On Fri, 7 Jul 2006, Matt Ashfield wrote:
I am running FreeRadius and SunOne ldap server.
Whoops, missed that part.
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at
I went.
Lots of good basics, plus they cover a lot of they why you click that
button.
I think it was worth it. I had figured out quite a few things on my
own, but being in the classroom environment I got to ask a lot of
questions about things I couldn't understand why you clicked that.
There
Nintendo, on they're support forum,
Has stated, and I quote:
http://forums.nintendo.com/nintendo/board/message?board.id=tech_question
s_wifimessage.id=4196#M4196
We have no plans for WPA at this time.
If your concerned about WEP, turn your computers are OFF after you've
switch to WEP for the
-Original Message-
From: Lee Weers [mailto:[EMAIL PROTECTED]
1. Can you extend an antenna from an AP 250 ft? (That's how
long it is to the scoreboard)
Yes, you can. But it won't work very well.
2. What kind of coax do we
need to use to do a/b/g?
Expensive, and one for
Lee
From the controller
Management - SNMP - Trap Receivers
Put your NMS here
Management - SNMP - Trap Controls
Check off what you want.
Sounds like you want to start with
Cisco AP Traps
AP Register
AP Interface Up/Down
With WCS, you could create a template, and apply this
Site survey as in:
1. Real time read out of all signal strength seen a single point of
time.
2. Heat maps showing a the coverage pattern of 802.11 on a given floor
plan.
-Original Message-
From: Flagg, Martin D. [mailto:[EMAIL PROTECTED]
Sent: Friday, May 05, 2006 11:20 AM
To:
Keeping with the
free/cheap theme:
Spectrum
analyzer
http://www.thinkgeek.com/gadgets/electronic/80ce/
AP Power in
Real-Time
http://www.netstumbler.com/downloads/
You need a "Good" card in
the fact that Netstumbler was designed for it's chipset
I haven't found anything
that puts stuff
This won't help with your feature request,
But in most RADIUS Server, (and for example, I know Funk and FreeRADIUS
can do this) you can configure a default entry, or wildcard entry.
It will allow you to collect the statistics while you configure your
AP's.
Also, (I'm pretty sure you have FUNK)
Or Pre-WiMax Stuff as well
Here's a list of everything Proxim sells.. (Had a very good product
spread. Licensed, unlicensed, laser, etc. I've never used Proxim
personally)
http://www.proxim.com/products/bwa/point/
-Original Message-
From: Philippe Hanset [mailto:[EMAIL PROTECTED]
-optical wireless solutions.
Our not-so- happy experiences with Proxim is what pointed us
initially towards Bridgewave for our current point to point project.
--Mike
On Apr 19, 2006, at 12:37 PM, King, Michael wrote:
Or Pre-WiMax Stuff as well
Here's a list of everything Proxim
SIGNED MESSAGE-
Hash: SHA1
At 22:00 -0400 04/10/2006, King, Michael wrote:
After extensive packet captures, and comparisons, Funk/Juniper has
identified and fixed the problem. Microsoft didn't follow
they're own
Spec when they made they're own client.
Unfortunately, they only fixed
Jake,
We too have begun to consider anonymous guest access.
Where in CALEA are you to referring to? (A hyperlink would help) I'd
like to approach this new initiative aware of all the facts, and this is
one I hadn't considered before.
-Original Message-
From: Barros, Jacob
I suggest you find another cisco reseller if they're
charging you list price
http://www.cdwg.com/shop/products/default.aspx?EDC=801563
(And that
is without calling and asking for educational
pricing.)
Since we have 6509's we purchased the WISM
card.
It does 300 AP's instead of 100, and
Several.
Securew2 seems the best supported and most popular
http://www.securew2.com/ It supports batch configuration.
Unfortunately the website seems a bit slow right this second.
Wire1x is an Open1x port to windows. (Hasn't had any activity since
2004)
http://wire.cs.nthu.edu.tw/wire1x/
I keep beating them up about not having it. :-)
-Original Message-
From: Frank Bulk [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 19, 2006 9:10 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Vocera over Aruba
Let me know when you see WPA2-Enterprise
Many of the Vendors that are direct competitors of Aruba (AireSpace,
Trapeze) recommend disabling Aggressive load balancing for the problems
that you have described.. Have you disabled Aruba's aggressive load
balancing feature?
Also, I know that WPA2 has features like Cached authentication, and
-Original Message-
Where would you set the host to ask for credentials every
time a connection is initiated?
Short answer, Not sure you can do this.
There is a registry key you would have to delete manually to effect
this.
You can also set the 802.1x to use the windows domain
I just got an email from a contact at Vivato. He forwarded this to me,
with the note that his doors close tommorrow
Last Call for Vivato?
12.15.05
Everyone is talking about rumors of the imminent demise of Vivato Inc.,
one of the startups that originally kick-started the wireless LAN switch
This points to the network card driver. Has the network driver been
updated recently?
Driver_IRQL_Not Less_or_Equal
Tech Info:
NDIS.SYS
**
Participation and subscription information for this EDUCAUSE
Dave, and Dave (or anyone else with Cisco ACS on a wireless network)
Since you both have Cisco ACS servers, could you check something for me.
Pre-requisites
1. User is not joined to the domain
2. User is using built-in XP supplicant
3. User changes password on the domain. (Any mechanism)
Both
www.cisco.com Cisco, http://www.tropos.com/troposand http://www.belairnetworks.com/Bellair
networks have wireless mesh networks.
Cisco's is built on they're AireSpace acquisition, so it
integrates with those controllers.
Here is the Marketing line...
From: Eric Morgenroth [mailto:[EMAIL PROTECTED]
This network will only be used by our IT staff, and the network
has access to all university resources, based on firewall rules.
If that is your premise, I would start out with the Highest level of
security you can tolerate, but since most people
-Original Message-
From: Dale W. Carder [mailto:[EMAIL PROTECTED]
We have bpdu-guard enabled on the switchports, the network
doesn't get into a loop state, but this has the side effect
of taking the AP down.
Slightly left of the topic at hand,
Shouldn't bpdu-guard take the
You can use machine authentication, if your RADIUS server supports it.
The computer will authenticate using it's computer account, and have
access. When a user logs in, it will drop the computer credentials, and
switch to the users credentials. When the user logs out, it will switch
back to the
I don't support this, and don't use it. But you should know that it
exists
WPS Wireless Provisioning Services
http://www.microsoft.com/whdc/device/network/wireless/wps.mspx
Wireless Provisioning Services (WPS) enable the discovery of and
connection to wireless networks. WPS enhancements are
- - is anyone using Active Directory as an authentication resource?
We are
- - who's using native 802.1x supplicants versus who is
distributing additional software? Of the latter group, any
recommendations? (my personal leanings are Funk's 802.1x
supplicant mated with the Open.com
Funk has issued a fix for this problem, and is planning to have it
available by Monday.
Contact Alan Phillips [EMAIL PROTECTED] for further details.
At 17:07 -0400 07/19/2005, King, Michael wrote:
Can everyone that's using Funk SBR, and is Concerned with
the password
expiration
We're looking for help from current WLAN managers. You can
either provide general input or answer the following two
questions. I hope in most cases you would be willing to post
your thoughts publicly, but if you have comments that are of
a sensitive nature, you can e-mail me directly.
Hmm..
Any have a Verisign/Thawte/Somebody Top level CA and a Mac to test this
on?
We're self generated CA's here as well, so this will be a problem for us
as well.
-Original Message-
From: Julian Y. Koh [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 14, 2005 5:48 PM
To:
One quick warning here. Be very careful about running Steel Belted
RADIUS on Windows doing domain authentication or IAS in an
environment
where the machines authenticating via 802.1x are *not* domain member
machines with users logging in via domain accounts. The
builtin WinXP
-Original Message-
From: Bennefield, Cully A. [mailto:[EMAIL PROTECTED]
Sent: Friday, June 24, 2005 3:59 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Peap info
The students were unable to log on to the laptop
since their credentials were not cached. We
Close.
.11b is of course 11meg
.11g goes to compatibility mode, and drops down to something in the
order of 19meg.
-Original Message-
From: 802.11 wireless issues listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Yohe
Sent: Thursday, May 12, 2005 4:42 PM
To:
Of King, Michael
Sent: Tuesday, April 26, 2005 8:14 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WinXP 802.1x and password changes
I did some digging.
For my implementation (Funk SBR) It looks like when my users put a bad
password, the Statistics counter increments
) is the MSCHAPv2 response. Since this response is
tunneled inside TLS, a packet capture would not show anything useful.
--Mike
King, Michael wrote:
Anyone have FreeRadius? I'm sure this can answered with a packet
capture. (The message the client is receiving)
-Original Message-
From: 802.11
Interesting. I joined the list just because of this issue.
I'm running on Funk SBR and it does not appear that the client is
prompting for a new password.
Could it be in the answerback that the radius server is sending?
-Original Message-
From: 802.11 wireless issues listserv
difficulty.
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
King, Michael wrote:
Interesting. I joined the list just because of this issue.
I'm running on Funk SBR and it does not appear that the client is
prompting for a new
69 matches
Mail list logo