Re: [WIRELESS-LAN] Cisco ISE

2016-08-03 Thread Lee H Badman
This is without MAC auth. Pure open, piloted market leading MAC auth solutions and fingerprinting was less than impressive. This is an experiment. On Aug 3, 2016, at 7:36 AM, Osborne, Bruce W (Network Services) > wrote: We have been doing open

Re: [WIRELESS-LAN] Cisco ISE

2016-08-03 Thread Norton, Thomas (Network Services)
Q/A , EIRP, data rates, and channel planning are going to be your friend. Should be interesting. Would certainly be interested to hear how it goes. What APs are you going to be using? T.J. Norton Wireless Network Architect | Team Lead Network Operations - Wireless (434)

Re: [WIRELESS-LAN] Cisco ISE

2016-08-03 Thread Jeremy Mooney
We had that for years, and no issues from a technical perspective. Internet access was the same as any other wireless device, although we did block the designed-for-private-networks things like SMB. These days that seems like little motivation for the average student though (they'd rather use

RE: [WIRELESS-LAN] How big are your wireless segments?

2016-08-03 Thread Chuck Enfield
Apple is battery-life obsessed. I wouldn't take their advice about anything that affects network performance. BTW, don’t interpret this as an opinion on the DTIM interval. I have an opinion on that, but don’t know enough to share it publicly. It's just an ad hominem attack. Chuck Enfield

Re: [WIRELESS-LAN] How big are your wireless segments?

2016-08-03 Thread James Andrewartha
I tried DTIM 3 (after reading that blog post), but it didn't help, the laptop's wifi chipset still just went to sleep and missed packets. Plus, some vendors (eg Meraki, Ruckus) don't let you change it anyway. One thing Ruckus does do is broadcast to unicast conversion when an SSID has 5 or

Re: [WIRELESS-LAN] How big are your wireless segments?

2016-08-03 Thread Jake Snyder
There was some talk about this with IOS a while back. Something about Apple wanting a longer dtim value (3 seems to be working for a lot of folks). Dtim of 1 seemed to give some grief. http://www.sniffwifi.com/2016/05/go-to-sleep-go-to-sleep-go-to-sleep.html?m=1 Thanks Jake Snyder Sent

RE: [WIRELESS-LAN] Cisco ISE

2016-08-03 Thread Danny Eaton
We’ve got a pure open SSID – but with a captive portal AUP acceptance page. Keeps some of the devices off that either don’t have a browser or can’t click on “Accept”. It ends up in our visitor VRF, which we treat devices as if they are at Starbucks, etc., so cannot reach private devices

RE: [WIRELESS-LAN] Cisco ISE

2016-08-03 Thread Lee H Badman
Is Cisco 11ac environment. The open SSID is straight to Internet, no campus access. Also 1X SSID still in place for campus business. RF side really doesn’t change much. The devices have always been there, just many of them unusable. And we still draw the line on legacy data rate support. Lee

RE: [WIRELESS-LAN] How big are your wireless segments?

2016-08-03 Thread Lee H Badman
But what's the penalty on non-Apple devices? -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jake Snyder Sent: Wednesday, August 03, 2016 8:56 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject:

RE: Cisco ISE

2016-08-03 Thread Osborne, Bruce W (Network Services)
We have been doing open network with mac authentication for non-802.1X devices for years. We just block some things like our web site & course system that would not be used by those devices anyway. This “encourages” people to use the secure 802.1X network. ​ Bruce Osborne Wireless