Good Morning All,
We are using the Cisco Unified Wireless solution here at the University of New
Mexico. We continue to see a high number of DeAuthntication Floods and other
IDS signatures being triggered on the wireless system. We are curious to know
what others are doing to mitigate these
Hi I run a medium-sized wifi network.We are cisco shop
(autonommous access points).Recently wifi users number have reached
limits we didn't expect.Because of that,we had to adjust our subnet
network in order to support more users associated to the only SSID our
wireless network use.
I've been
vlans
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of reflect ocean
Sent: Friday, May 15, 2009 10:52 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] WLAN Deployment-High number of
Are you running controller code or WISM? If controller code what
version of code are you running? We didn't see the problem with 5.0.63,
but when we upgraded to 5.2.157 we began to see this. The attacking mac
was another cisco ap in the system. We have upgraded to 5.2.178 and
this fixed the
We were having a problem where webauth on our 4402 would quit working
and we had to reboot the WLC to fix it. Just got this note from TAC:
The new code 4.2.205.0 is out and the fix for bug CSCsx07878 is in this
release. We're loading the new code now. We may not know if it worked
until August
Not sure if Cisco has anything like this but Aruba has vlan pooling which
allows multiple vlans to be assigned to the same SSID and the algorithm will
assign clients to each vlan based on that. That works well if you want to
continue to broadcast the same ssid over all of campus. Not sure if Cisco
LWAPP does bring significant benefits. Whether they're worth the cost is
another matter.
1) Radio Resource Management. The system will figure out how to properly
interleave channels and set power levels for minimum interference. It's not
100% perfect, but I wager it's better than almost any
You could still get away with that with FAT AP's
That is since they are autonomous, you could assign different vlans and
in turn different ip scopes to the same ssid as they are all unawares of
each other.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
Just to add another on the downside- new Licensing costs. Can be a bit
maddening, depending on which solution gets purchased.
Lee -Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Voll, Toivo
Sent:
You don't mention if your using 802.1x, but if you are, you can utilize
Vlan Override.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080665ceb.shtml
which allows you to throw users int specific VLAN's based on RADIUS return
attributes. All off the same
The only thing about that is training your users to accept the limited
or no connectivity state when connecting to the assigned vlan...
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Mike King
Sent: Friday, May 15, 2009
We have similar issues in our library, and haven't found a solution yet. We
are a Meru shop.
Users attempting to log on to laptops that are members of the domain get
Unable to find a logon server errors when the wireless net in the library is
being heavily utilized.
We are using a Vista
Is that a temporary condition until DHCP completes?
Bruce T. Johnson | Network Engineer
Partners Healthcare | Network Engineering | 617.726.9662 | Pager: 31633 |
bjohns...@partners.org BLOCKED::mailto:bjohns...@partners.org
From: The EDUCAUSE Wireless
Correct, but it generated a ton of support calls..
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Johnson, Bruce
T
Sent: Friday, May 15, 2009 12:45 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN
Yes I can imagine. Thanks for the heads-up.
How hard has it been to provision via RADIUS? I am in favor of the reduced SSID
load over the air. Are MAC addresses the only thing can you use to map
attributes to? What about machine names?
Thanks for your feedback,
Bruce T. Johnson
It wasn't particularly difficult and many attributes from login name,
authenticator type, location, machine name, and snmp names can be used
to differentiate and pass different vlans... just do your research on
what the cisco is looking for when passing a vlan..
As an aside, the scenario
As wisms are doing broadcast suppression, so I don't think large subnet is an
issue:
http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch2_Arch.html#wp1028269
We have been running /22 subnets on wisms for more than a year and we haven't
seen any issues with that. As we are
This is interesting, we are running 5.1.151.0 code on our WiSMs. Is this
a known bug for different versions of code?
John
Lee Weers wee...@central.edu 5/15/2009 12:21 PM
Are you running controller code or WISM? If controller code what
version of code are you running? We didn’t see the
This depends on your implementation.
If you don't do Auth vlans, and just do straight vlan switching (like the
article I linked) you can be placed on a VLAN based on many things. We use
Group membership here.
No DHCP delay in that configuration.
On Fri, May 15, 2009 at 3:43 PM, Jason Appah
19 matches
Mail list logo
