WLC 5508 Reboots- 8.0.110.0 Code
Sigh... just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn't catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: PEAP cert question
We onboard our clients with Cloudpath XpressConnect Wizard, By default, Apple devices do not trust any certificates for EAP. Your onboarding needs to setup the trust for the root certificate and any intermediate CAs, if any. Similarly, Windows can be set up to trust certificates from a particular CA and certs with particular hostnames. Bruce Osborne Wireless Engineer IT Infrastructure Media Solutions (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Eric T. Barnett [mailto:ebarn...@astate.edu] Sent: Tuesday, March 17, 2015 3:45 PM Subject: Re: PEAP cert question Yes. It shows the proper name. Apparently, from some of the off-list replies I’ve gotten (thanks!), this is normal functionality. Unless there’s a better/easier way to do this other than PEAP? --Eric From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike King Sent: Tuesday, March 17, 2015 2:03 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] PEAP cert question Eric, It's been a little while since I've bumped into this, but did you use the correct name for your certificate, and was it a server certificate? I think the name had to be the radius servers name. On Tue, Mar 17, 2015 at 10:43 AM, Eric T. Barnett ebarn...@astate.edumailto:ebarn...@astate.edu wrote: We’re running PEAP for our WPA2-Enterprise SSID, but we keep getting warning messages saying that we’re not using a verified cert. We’re currently using GlobalSign. Is there anybody out there running PEAP on a cert that doesn’t give this error? Mine expires this August, but I’d gladly get rid of it for a cert that doesn’t cause Apple and Microsoft to give that error. Regards, Eric Barnett Wireless Administrator Information and Technology Services Arkansas State University 870 680 4243tel:870%20680%204243 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] ResHall Wireless - FlexConnect
We use WiSM2s, and based strictly on the numbers supported by this platform (which are pretty horrible: 25 APs per FlexConnect group) I don't think we will be using FlexConnect any time soon. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Wednesday, March 18, 2015 1:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does not require reboot (Cool!) *No IPv6 ACL support More testing to do, but so far so good. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 12, 2015 11:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless We use Cisco's wireless solution with WiSM2s and a variety of WAPs. We actually implemented the guest anchor controller solution last year with dual controllers (WLC2504) and we've been happy. I like Britton's idea of using FlexConnect at the dorms to switch the student data locally. However, I believe there are some limitations that would keep us from using it such as no support for AVC, and some limitations on IPv6. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Thursday, March 12, 2015 7:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAU SE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless Hector, You do not say what wireless solution you are using. Let me assume a Cisco or Aruba controller based solution. You can have vlans from your
RE: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Here is the info Jeffry: The number of FlexConnect groups and access point support depends on the platform that you are using. You can configure the following: Up to 100 FlexConnect groups and 25 access points per group for a Cisco 5500 Series Controller. Up to 1000 FlexConnect groups and 50 access points per group for a Cisco Flex 7500 Series Controller in the 7.2 release. Up to 2000 FlexConnect groups and 100 access points per group for Cisco Flex 7500 and Cisco 8500 Series Controllers in the 7.3 release. Up to 20 FlexConnect groups and up to 25 access points per group for the remaining platforms. http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration-guide/b_cg76/b_cg76_chapter_010001010.html#d34284e204a1635 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Legge, Jeffry Sent: Wednesday, March 18, 2015 9:51 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect Hector I am just starting to think about using FlexConnect. I have two Wism2's and about 750 Aps. Can you tell me where I can read up on the 25 AP restriction? -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Wednesday, March 18, 2015 10:10 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We use WiSM2s, and based strictly on the numbers supported by this platform (which are pretty horrible: 25 APs per FlexConnect group) I don't think we will be using FlexConnect any time soon. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Wednesday, March 18, 2015 1:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client
SV: WLC 5508 Reboots- 8.0.110.0 Code
Work for me, rock solid but I have only 22 APs on that controller. Cheers Anders Från: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] För Lee H Badman Skickat: den 18 mars 2015 14:53 Till: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Ämne: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-r estarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didnt catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
On Wed, Mar 18, 2015 at 01:53:25PM +, Lee H Badman wrote: Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? Having been on 8.0.110.0 for a while now, we've seen no real issues so far (apart from a continuing AP client counting bug). However, like 8.0.100.0, it has got memory leaks. The amount of free memory on the 5508s has steadily been decreasing. The 8510 free memory has been flat, which could be no leak, or just the leak is invisible out of 16Gb RAM... The memory leak did cause an issue when upgrading. We put the 110 image on in the morning to reboot that night, and one 5508 rebooted in the afternoon, which we believe to be out of memory. We had errors when uploading, it reported using a slow transfer mode due to lack of free RAM. If you're plotting memory usage, might be worth checking that. We did have two 5508s spontaneously reboot on 8.0.100.0. The third 5508 didn't and is the only one that had been physically powered off before the upgrade as it moved location (the other two were rebooted into the new version). No issues on the 8510. These were diagnosed to be caused by a bug in AVC (CSCuq97965) which is supposed to have been fixed in 8.0.110.0. Thanks Matthew -- Matthew Newton, Ph.D. m...@le.ac.uk Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, ith...@le.ac.uk ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Hector I am just starting to think about using FlexConnect. I have two Wism2's and about 750 Aps. Can you tell me where I can read up on the 25 AP restriction? -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Wednesday, March 18, 2015 10:10 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We use WiSM2s, and based strictly on the numbers supported by this platform (which are pretty horrible: 25 APs per FlexConnect group) I don't think we will be using FlexConnect any time soon. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Wednesday, March 18, 2015 1:29 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does not require reboot (Cool!) *No IPv6 ACL support More testing to do, but so far so good. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 12, 2015 11:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless We use Cisco's wireless solution with WiSM2s and a variety of WAPs. We actually implemented the guest anchor controller solution last year with dual controllers (WLC2504) and we've been happy. I like Britton's idea of using FlexConnect at the dorms to switch the student data locally. However, I believe there are some limitations that would keep us from using it such as no support for AVC, and some limitations on IPv6. -Hector From: The EDUCAUSE Wireless
Re: [Ext] [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Hi Lee, If helps, we made the jump to 8.0.115.0 on seven 5508s last Thursday morning, 3/12/15 and so far so good. best! jim On 3/18/2015 9:53 AM, Lee H Badman wrote: Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: _http://wirednot.wordpress.com_) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
WLC reporting incorrect remote address to TACACS sever
We had a pretty bad scare a couple of weeks ago. We thought we had been compromised, but after some serious troubleshooting we came to find a bug on the Cisco controller software. We have two 2504 anchor controllers on our DMZ that serve guests only. In our ACS logs we started noticing successful authentications by external sources with some of our known user accounts. It turned out that the controller was simply sending the incorrect remote address. We tested this on 7.6.130 and also on 8.0.110. Cisco was able to reproduce it quite easily. So there you go. In case you run into this, hopefully this will save you from freaking out like we did. Hector Rios Louisiana State University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: WLC 5508 Reboots- 8.0.110.0 Code
Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: March-18-15 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Fixed, or traded for bigger and more interesting bugs? From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Danny Eaton Sent: Wednesday, March 18, 2015 12:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code I’ve found a bug in 7.6.130.x code and Cisco fixed it (I’ve downloaded the code, it’s 7.6.130.23) and it’s also fixed in 8.0.110.x (8.0.110.8). From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 11:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Not sure about all versions, just .110 (mine) and what the engineer has said so far about .115. I see at least one special version mentioned in discussion, but that hasn’t been offered to us yet. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Wednesday, March 18, 2015 11:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Wait, seriously? ALL of the version 8 code that has been released, currently has a bug that will randomly reload the controller for no reason? .. -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 10:47 AM, Linchuan Yang linchuan.y...@concordia.camailto:linchuan.y...@concordia.ca wrote: Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664tel:%28514%29848-2424%20ext.%207664 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: March-18-15 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003tel:315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. !DSPAM:911,5509a2f4187959519349851! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: WLC 5508 Reboots- 8.0.110.0 Code
PLEASE PLEASE PLEASE Stability over features. Amen to that one bruthuh! I would add: Transparency and proactive communicate would also really help! Pete Morrissey From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt Sent: Wednesday, March 18, 2015 11:35 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Do I need to get escalation image from TAC to fix this? I have had a few reboots on different 5508's that I have on 8.0.110.0 The bug page shows this version as fix 8.1(10.191) Are they offering to give you that? Also I know that there are many cisco folks that monitor this listserv. This message is to you... PLEASE PLEASE PLEASE Stability over features. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh... just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn't catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Wait, seriously? ALL of the version 8 code that has been released, currently has a bug that will randomly reload the controller for no reason? ... -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 10:47 AM, Linchuan Yang linchuan.y...@concordia.ca wrote: Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Lee H Badman *Sent:* March-18-15 9:53 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] [Ext] [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Thanks, Jim. So far, the TAC engineer is implying that 115 does not fix the spontaneous reboot issue, and I was asked what I have against downgrading back to 7.6. We'll see where next round of dialogue goes. rude comments and foul language deleted -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Glassford Sent: Wednesday, March 18, 2015 11:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] [Ext] [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Hi Lee, If helps, we made the jump to 8.0.115.0 on seven 5508s last Thursday morning, 3/12/15 and so far so good. best! jim On 3/18/2015 9:53 AM, Lee H Badman wrote: Sigh... just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn't catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
I’ve found a bug in 7.6.130.x code and Cisco fixed it (I’ve downloaded the code, it’s 7.6.130.23) and it’s also fixed in 8.0.110.x (8.0.110.8). From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 11:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Not sure about all versions, just .110 (mine) and what the engineer has said so far about .115. I see at least one special version mentioned in discussion, but that hasn’t been offered to us yet. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Wednesday, March 18, 2015 11:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Wait, seriously? ALL of the version 8 code that has been released, currently has a bug that will randomly reload the controller for no reason? .. -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 10:47 AM, Linchuan Yang linchuan.y...@concordia.ca wrote: Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664 tel:%28514%29848-2424%20ext.%207664 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: March-18-15 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. !DSPAM:911,5509a2f4187959519349851! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does not require reboot (Cool!) *No IPv6 ACL support More testing to do, but so far so good. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 12, 2015 11:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless We use Cisco's wireless solution with WiSM2s and a variety of WAPs. We actually implemented the guest anchor controller solution last year with dual controllers (WLC2504) and we've been happy. I like Britton's idea of using FlexConnect at the dorms to switch the student data locally. However, I believe there are some limitations that would keep us from using it such as no support for AVC, and some limitations on IPv6. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Thursday, March 12, 2015 7:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless Hector, You do not say what wireless
RE: WLC 5508 Reboots- 8.0.110.0 Code
Do I need to get escalation image from TAC to fix this? I have had a few reboots on different 5508's that I have on 8.0.110.0 The bug page shows this version as fix 8.1(10.191) Are they offering to give you that? Also I know that there are many cisco folks that monitor this listserv. This message is to you... PLEASE PLEASE PLEASE Stability over features. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh... just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn't catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Not sure about all versions, just .110 (mine) and what the engineer has said so far about .115. I see at least one special version mentioned in discussion, but that hasn’t been offered to us yet. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller Sent: Wednesday, March 18, 2015 11:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Wait, seriously? ALL of the version 8 code that has been released, currently has a bug that will randomly reload the controller for no reason? ... -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 10:47 AM, Linchuan Yang linchuan.y...@concordia.camailto:linchuan.y...@concordia.ca wrote: Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664tel:%28514%29848-2424%20ext.%207664 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: March-18-15 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003tel:315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: WLC 5508 Reboots- 8.0.110.0 Code
Thanks, Linchuan. We have hundreds of 11ac access points and rely on the latest NBAR protocol pack. Going back is not an option… I find that to be a pretty ludicrous “solution” given the adoption rate of 11ac. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Linchuan Yang Sent: Wednesday, March 18, 2015 11:47 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: March-18-15 9:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Leaking of RAs between VLANS is expected behavior as RA are multicast. Because the 802.11 protocol sends multicast traffic as broadcast over the air and every device on a BSSID shares the same group key for encryption, any client can decode any multicast packet, including RAs not on the same VLAN. Again, this is expected behavior. The solution to this is to use multicast to unicast conversion for the RA, however i've never done this in a flexconnect deployment. This is also important in IPv4 deployments where you need to secure who can gain access to a multicast stream. On Wed, Mar 18, 2015 at 10:32 AM, Frans Panken frans.pan...@surfnet.nl wrote: We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [ hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does not require reboot (Cool!) *No IPv6 ACL support More testing to do, but so far so good. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 12, 2015 11:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless We use Cisco's wireless solution with WiSM2s and a variety of WAPs. We actually implemented the guest anchor
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I would much prefer a mailing list, but would use it regardless. -- Hunter Fuller OIT Sent from my phone. On Mar 18, 2015 12:49 PM, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: *https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/* https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I feel like a curmudgeon saying this, but with the all the disparate things to keep track of on various websites that even with the enhanced tech available on a web platform I would likely stay more connected to this group using the existing email platform. The immediacy of the email platform keeps me reading all of these posts day in and day out... Thanks!--Jess Walczak Senior Network Analyst, University of St. Thomas Saint Paul, MN 55105 On Wed, Mar 18, 2015 at 1:23 PM, Pete Hoffswell pete.hoffsw...@davenport.edu wrote: Yeah, what they said. - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu http://www.davenport.edu On Wed, Mar 18, 2015 at 2:19 PM, Tony Skalski a...@stolaf.edu wrote: I would much prefer a mailing list, but would use it regardless. Ditto On Wed, Mar 18, 2015 at 12:49 PM, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: *https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/* https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Tony Skalski Systems Administrator a...@stolaf.edu 507-786-3227 St. Olaf College Information Technology 1510 St. Olaf Avenue Northfield, MN55057-1097 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Looking for interest among Wi-Fi professionals
This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code
Any word on what the root cause of the random reboot is from TAC? I have three 5508's on 8.0.110.0 and they have been rock solid since I updated them. Have been running without any issues for about 3 months. I am upgrading to 8.0.115.0 this week to fix the 2702 AP BPDU issue. On Wed, Mar 18, 2015 at 11:18 AM, Lee H Badman lhbad...@syr.edu wrote: Fixed, or traded for bigger and more interesting bugs? *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Danny Eaton *Sent:* Wednesday, March 18, 2015 12:11 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code I’ve found a bug in 7.6.130.x code and Cisco fixed it (I’ve downloaded the code, it’s 7.6.130.23) and it’s also fixed in 8.0.110.x (8.0.110.8). *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Lee H Badman *Sent:* Wednesday, March 18, 2015 11:08 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Not sure about all versions, just .110 (mine) and what the engineer has said so far about .115. I see at least one special version mentioned in discussion, but that hasn’t been offered to us yet. -Lee Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Hunter Fuller *Sent:* Wednesday, March 18, 2015 11:50 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Wait, seriously? ALL of the version 8 code that has been released, currently has a bug that will randomly reload the controller for no reason? .. -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 10:47 AM, Linchuan Yang linchuan.y...@concordia.ca wrote: Dear Lee We had the same issue. And Cisco engineer suggested to downgrade to version 7 because all of the codes in version 8 have this bug. We are waiting for an update that they solve this bug in version 8. Have a nice day. Linchuan Yang (Antony) Wireless Networking Analyst Network Assessment and Integration, IITS-Concordia University Tel: (514)848-2424 ext. 7664 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Lee H Badman *Sent:* March-18-15 9:53 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh… just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn’t catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 “recommended”. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. !DSPAM:911,5509a2f4187959519349851! ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I would much prefer a mailing list, but would use it regardless. Ditto On Wed, Mar 18, 2015 at 12:49 PM, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: *https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/* https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Tony Skalski Systems Administrator a...@stolaf.edu 507-786-3227 St. Olaf College Information Technology 1510 St. Olaf Avenue Northfield, MN55057-1097 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Looking for interest among Wi-Fi professionals BREAKING UPDATE
Get ya an eyeful: someone beat me to it: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ (updated) Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chuck Enfield Sent: Wednesday, March 18, 2015 4:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals We all know you're advancing up the career ladder. No need to rub it in. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Wednesday, March 18, 2015 4:22 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals On Wed Mar 18 2015 12:49:10 CDT, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: I’ll join in with the folks who prefer email-based mechanisms to purely web-based solutions. Just based on experiences with other things, my interaction with the latter would be much less than the former. Having said that, an argument could be made that I’m not quite the target audience anymore for these things anyway if they’re going to be talking about deep down details of specific technologies. :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco 702W APs
We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Cisco 702W APs
The 4 data ports on the 702 are configured down by default. We are on 7.6.130.0 and that means you must enable each port manually through the CLI of the WLC to make them active. Supposedly, you will be able to enter a range in 8.x. The other issue we saw is with the POE data port. We tested running a phone off of the 702 and it would not stay up. Found this bug (https://tools.cisco.com/bugsearch/bug/CSCup78439/?referring_site=bugquickviewclick). The workaround till it is fixed is to turn off CDP on the phone. We deployed around 700 of them and it has really helped in cutting down the wireless complaints in the dorms. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mattson III, Ken V. Sent: Wednesday, March 18, 2015 3:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco 702W APs We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it.
RE: [WIRELESS-LAN] Cisco 702W APs
Sorry, forgot to mention the issue about the NAC vendor needing to support changing VLANs on the AP. We have been told this will be coming out later this year. Our deployment plan was based on the dorm’s construction. Where possible we did one in every other room, but we had 4 dorms where we put one in every room. We have not lost any so far to being damaged, but we still have students plugging in wireless routers for devices that cannot authenticate into our primary SSID. In those instances we have seen an AP go down and when we check it there is a router plugged in. We detach the router, power cycle the AP, and it comes back up. We have not done a detailed investigation on that particular issue to see what may be causing that. Just have not had time. Don Sullivan Network Administrator 205-726-2111 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord Sent: Wednesday, March 18, 2015 3:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edumailto:kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743tel:402-280-2743 402-981-1140tel:402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Cisco 702W APs
I will be interested in how this works. I have looked for someone who used this scenario but so far I have not found anyone. Bruce Entwistle Network Manager University of Redlands From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mattson III, Ken V. Sent: Wednesday, March 18, 2015 1:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco 702W APs We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it.
RE: Looking for interest among Wi-Fi professionals
Thanks for the input, Hector. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Wednesday, March 18, 2015 2:49 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals It's an interesting idea and I wonder how it will play out with all the vendor participation. I would want to be a part of it just to see how that goes. As you point out, the potential for information overload (good and bad) is there, and it might end up being the one factor that turns people away. The educause listserv stays busy but not so much that we can't keep up with it on a regular basis. Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 12:49 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I hear you and get it, Ian- thanks. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald Sent: Wednesday, March 18, 2015 2:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Can't see me using anything that I have to visit and look at rather than it being delivered to me like a listserv. There's just not the time in the day. Best Regards Sent from my phone, please excuse brevity and/or misspelling. From: Lee H Badmanmailto:lhbad...@syr.edu Sent: 18/03/2015 17:49 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Perhaps best of both worlds? I believe there are some forums in which you can participate equally through both mailing lists and web forums. On March 18, 2015 2:59:56 PM EDT, Lee H Badman lhbad...@syr.edu wrote: I hear you and get it, Ian- thanks. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald Sent: Wednesday, March 18, 2015 2:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Can't see me using anything that I have to visit and look at rather than it being delivered to me like a listserv. There's just not the time in the day. Best Regards Sent from my phone, please excuse brevity and/or misspelling. From: Lee H Badmanmailto:lhbad...@syr.edu Sent: 18/03/2015 17:49 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
It is expected from an 802.11 perspective. May not be desirable, but that is how the wireless standard works. Unicasting RAs over the air fixes this. Sent from my iPhone On Mar 18, 2015, at 12:42 PM, Frans Panken frans.pan...@surfnet.nl wrote: No, it is not. The result is that it breaks IPv6 on local VLANs: clients receive multiple prefixes on local VLANs. Jake Snyder schreef op 18/03/15 om 17:51: Leaking of RAs between VLANS is expected behavior as RA are multicast. Because the 802.11 protocol sends multicast traffic as broadcast over the air and every device on a BSSID shares the same group key for encryption, any client can decode any multicast packet, including RAs not on the same VLAN. Again, this is expected behavior. The solution to this is to use multicast to unicast conversion for the RA, however i've never done this in a flexconnect deployment. This is also important in IPv4 deployments where you need to secure who can gain access to a multicast stream. On Wed, Mar 18, 2015 at 10:32 AM, Frans Panken frans.pan...@surfnet.nl wrote: We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I used to prefer e-mail as well, but lately I've appreciated the web site format more and more. Part of the reason is that it's so easy to turn this kind of web site into an e-mail subscription... this is what RSS is made for. That said, the reason I've preferred the web site is the ability to find the content through Google, and I'm not sure something that is publicly indexed is the right place to foster these discussions. What I'd really like is something that lives in between a Stack Overflow/Stack Exchange QA site and a traditional forum/bb format... something that is better at discussion than Stack Exchange, but does a better job of surfacing the truly useful discussions than a forum. Joel Coehoorn Director of Information Technology 402.363.5603 *jcoeho...@york.edu jcoeho...@york.edu* The mission of York College is to transform lives through Christ-centered education and to equip students for lifelong service to God, family, and society On Wed, Mar 18, 2015 at 2:17 PM, Lee H Badman lhbad...@syr.edu wrote: You could be right- I used to run a Google group for regional ham radio nerds, I think that did both (I think). *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Frank Sweetser *Sent:* Wednesday, March 18, 2015 3:07 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Perhaps best of both worlds? I believe there are some forums in which you can participate equally through both mailing lists and web forums. On March 18, 2015 2:59:56 PM EDT, Lee H Badman lhbad...@syr.edu wrote: I hear you and get it, Ian- thanks. *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Ian McDonald *Sent:* Wednesday, March 18, 2015 2:58 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Can't see me using anything that I have to visit and look at rather than it being delivered to me like a listserv. There's just not the time in the day. Best Regards Sent from my phone, please excuse brevity and/or misspelling. -- *From: *Lee H Badman lhbad...@syr.edu *Sent: *18/03/2015 17:49 *To: *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject: *[WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: WLC 5508 Reboots- 8.0.110.0 Code
I definitely had that issue. Lee that bug search sounds exactly like what I was experiencing. At the bottom of this response is my 12/9/14 response on this list describing our experience. I eventually had to downgrade to 7.6.130 to get things stable. We have 6 controllers and I RMA'd 4 of them about 6 or 7 times because after the frequent reboots, they would occasionally die for good. (unable to boot or get output any on a console connection). Only power supplies worked when this happened. I suffered it for several weeks, but it was simply too risky because at some points I had 2-3 controllers offline at once in RMA status. (scary). The controllers would never log the crash event to the server so we could never record the reason. Sounds like they finally got this addressed, but only 8.0.115.0 is available from February, yet the bug report suggestions this was posted March 15th, so it seem unlikely to be fully fixed in 8.0.115.0 code. I guess 8.1(10.191) is a special request since it's not yet available for download- at least not for me. Dexter Previous Thread excerpt-- From: Dexter Caldwell Sent: Monday, December 8, 2014 5:57 PM To: 'dannyea...@rice.edu'; WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: RE: [WIRELESS-LAN] Cisco WLC 8.0.100.0 GO or No Go? I'm running the 8.0.100.0 code in production. I'd say for now it's a wait. I like a lot of things about it, but I've had two controllers completely die on it to where both were out of production at the same time! Full RMA and everything. I have a plan B, C and D so I was prepared to deal with it, but until we figure out what's causing our issue, (spontaneous reboots), it's hard to recommend it for production. More often it seems to happen when there is load but a few times not. It also does not seem to generate a crash log when it occurs so it's been evasive to troubleshoot. If you can spare to lose a controller or two of and still operate seamlessly, you'll may wan to consider it. You'll want to test for sure. There is no question everything is very fast in terms of recovery from restart. It is far faster than what it used to be for us on 7.3. I was willing to deal with the reboots since users barely if ever noticed, but the controllers dyeing was another matter entirely. Two of them rebooted fine one time and another time they rebooted and never recovered. When this occurs, we cannot get any console output. Replacement was the only route. If you're wondering, not all of these problems show up in test because there are significant load differences. May not be typical, and they're the only issues I've noticed, but they are not trivial. ---end excerpt- Dexter Caldwell Dir. Systems Networks Information Technology Services Furman University 3300 Poinsett Hwy Greenville, SC 29613 email: dexter.caldw...@furman.edumailto:dexter.caldw...@furman.edu office: 864-294-3566 facsimile: 864-294.3001 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Cook Sent: Wednesday, March 18, 2015 7:49 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Not sure we have hit that issue, but still seeing some crash issues since May last year We have had 5 PRD controllers on 110.0 since 1st Feb and another 1(dev) since December last year. One of the PRD crashed 2 days ago, but that is all we have seen. I'm not sure if ours is related to memory, it's suspiciously looks like a similar crash to what we have seen since 7.6.120 and every release in between. (yep, take that kick). Though we haven't seen anything in the logs(memory allocation failures) like we did the first rounds in 7.6.120.0 in the other crashes, the memory usage pattern has similarities. That is it will gradually rise from 55-70% (where it's normally stable) upto 80-85%, then crash. (see attached image). We rarely get crash logs or dumps for this. Has been less obvious and occurred less since 7.6.120.0 but still appears to show up. Hard to tell with the one 2 days ago, Prime graphs are currently doing weird things Surprise surprise. Another thing we found with the upgrade to 8.0 was that 2 controllers crashed while downloading the software, this was memory again. Both controllers exhibited that wonderful memory issue upon investigation So next time we'll check memory and do a pre-reboot... The upgrade worked the second time around. If you monitor cisco uptime on your devices you can get messages when a device reboots, handy for when the timing means you don't get the down message. There is a reset timer on them though, which can provide false alerts...we have never hit that on a controller, they aren't up long enough.. I think it's 2+years, so we have seen it on switches PROBLEM for 'cisco_uptime' on host 'c5508-01-net02-plazadc-nt'
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I also prefer the mailing list. == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hunter Fuller [hf0...@uah.edu] Sent: Wednesday, March 18, 2015 1:17 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals I would much prefer a mailing list, but would use it regardless. -- Hunter Fuller OIT Sent from my phone. On Mar 18, 2015 12:49 PM, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: WLC 5508 Reboots- 8.0.110.0 Code
Not sure we have hit that issue, but still seeing some crash issues since May last year We have had 5 PRD controllers on 110.0 since 1st Feb and another 1(dev) since December last year. One of the PRD crashed 2 days ago, but that is all we have seen. I'm not sure if ours is related to memory, it's suspiciously looks like a similar crash to what we have seen since 7.6.120 and every release in between. (yep, take that kick). Though we haven't seen anything in the logs(memory allocation failures) like we did the first rounds in 7.6.120.0 in the other crashes, the memory usage pattern has similarities. That is it will gradually rise from 55-70% (where it's normally stable) upto 80-85%, then crash. (see attached image). We rarely get crash logs or dumps for this. Has been less obvious and occurred less since 7.6.120.0 but still appears to show up. Hard to tell with the one 2 days ago, Prime graphs are currently doing weird things Surprise surprise. Another thing we found with the upgrade to 8.0 was that 2 controllers crashed while downloading the software, this was memory again. Both controllers exhibited that wonderful memory issue upon investigation So next time we'll check memory and do a pre-reboot... The upgrade worked the second time around. If you monitor cisco uptime on your devices you can get messages when a device reboots, handy for when the timing means you don't get the down message. There is a reset timer on them though, which can provide false alerts...we have never hit that on a controller, they aren't up long enough.. I think it's 2+years, so we have seen it on switches PROBLEM for 'cisco_uptime' on host 'c5508-01-net02-plazadc-nt' (129.127.xxx.xxx / Wireless Controller) 0d 0h 0m 10s ago (Wed Mar 18 06:54:09 ACDT 2015) --- Uptime CRITICAL - *26994* Performance Data: iso.3.6.1.2.1.1.3.0=26994 --- -- Jason Cook The University of Adelaide, AUSTRALIA 5005 Ph: +61 8 8313 4800 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Thursday, 19 March 2015 12:23 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] WLC 5508 Reboots- 8.0.110.0 Code Sigh... just kick me. Our latest Cisco WLAN fun comes in the form of 5508 spontaneous reboots on 8.0.110.0 code. Has anyone else on the list experienced this? I do find this Support Community thread: https://supportforums.cisco.com/discussion/12411926/wlc-5508-automatically-restarting-twice-week#comment-10362606 And this related bug: https://tools.cisco.com/bugsearch/bug/CSCuq74491 Have had one reboot today, and found that another had done so last week quick enough where monitoring and alerting didn't catch it. Now going through all of them to see if there might have been others missed. TAC case open and I see that 8.0.110.0 is no longer available to download, with 8.0.115.0 recommended. -Lee Badman Lee Badman Wireless/Network Architect ITS, Syracuse University 315.443.3003 (Blog: http://wirednot.wordpress.com) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Cisco 702W APs
Try one of the drywall mounting rings (a frame with no box behind it). Put it close to the existing dual outlet. Free up the wire from the current dual outlet snake it over to the mounting ring. Put a jack on it plug into the back of the 702W. Mount the 702W to the ring and you're in business (along with a dead port in the dual plate; you could put a blank insert in it). == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Jason Cook [jason.c...@adelaide.edu.au] Sent: Wednesday, March 18, 2015 6:16 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking at using them to fill some small holes, first question we have is how have people mounted these? Since we aim to use existing outlets, and they are duals we don’t actually want to replace the plate. While it’s nice you can hide everything, we’d rather mount next to the outlet and bring the lead in. This doesn’t seem to be in the design consideration of the AP with the uplink behind…. Unless I’m missing something. Anyone used something in particular for this? -- Jason Cook The University of Adelaide, AUSTRALIA 5005 Ph: +61 8 8313 4800 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Legge, Jeffry Sent: Thursday, 19 March 2015 7:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs If we were to do it we would probably mount unit on bulkhead and run patch cables to TOs in raceway about a few feet AFF with downward facing jacks. FYI. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord Sent: Wednesday, March 18, 2015 4:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edumailto:kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743tel:402-280-2743 402-981-1140tel:402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Cisco 702W APs
We are looking at using them to fill some small holes, first question we have is how have people mounted these? Since we aim to use existing outlets, and they are duals we don’t actually want to replace the plate. While it’s nice you can hide everything, we’d rather mount next to the outlet and bring the lead in. This doesn’t seem to be in the design consideration of the AP with the uplink behind…. Unless I’m missing something. Anyone used something in particular for this? -- Jason Cook The University of Adelaide, AUSTRALIA 5005 Ph: +61 8 8313 4800 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Legge, Jeffry Sent: Thursday, 19 March 2015 7:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs If we were to do it we would probably mount unit on bulkhead and run patch cables to TOs in raceway about a few feet AFF with downward facing jacks. FYI. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord Sent: Wednesday, March 18, 2015 4:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edumailto:kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743tel:402-280-2743 402-981-1140tel:402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Update on WLC 5508 random reboots on 8.0.110.0
From senior engineer execs: Fix code expected by Monday. Relaying the message: To give you a little background on this bug - this issue is mainly due race condition with rogue task and double call/release of a function causing crash. Unfortunately all this while until early this month we have not received the right dumps from other customers running into this bug hence we could not RCA. We have finally received full dump from a customer first week of March to root cause and fix this issue by March 5th. We are currently working on integrating the fix into the 8.0.110.x code train. We will have the fix ready by early next week.? Regards- -Lee Lee H. Badman Network Architect/Wireless TME ITS, Syracuse University 315.443.3003 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Looking for interest among Wi-Fi professionals
It's an interesting idea and I wonder how it will play out with all the vendor participation. I would want to be a part of it just to see how that goes. As you point out, the potential for information overload (good and bad) is there, and it might end up being the one factor that turns people away. The educause listserv stays busy but not so much that we can't keep up with it on a regular basis. Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 12:49 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Yeah, what they said. - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu http://www.davenport.edu On Wed, Mar 18, 2015 at 2:19 PM, Tony Skalski a...@stolaf.edu wrote: I would much prefer a mailing list, but would use it regardless. Ditto On Wed, Mar 18, 2015 at 12:49 PM, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: *https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/* https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Tony Skalski Systems Administrator a...@stolaf.edu 507-786-3227 St. Olaf College Information Technology 1510 St. Olaf Avenue Northfield, MN55057-1097 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
No, it is not. The result is that it breaks IPv6 on local VLANs: clients receive multiple prefixes on local VLANs. Jake Snyder schreef op 18/03/15 om 17:51: Leaking of RAs between VLANS is expected behavior as RA are multicast. Because the 802.11 protocol sends multicast traffic as broadcast over the air and every device on a BSSID shares the same group key for encryption, any client can decode any multicast packet, including RAs not on the same VLAN. Again, this is expected behavior. The solution to this is to use multicast to unicast conversion for the RA, however i've never done this in a flexconnect deployment. This is also important in IPv4 deployments where you need to secure who can gain access to a multicast stream. On Wed, Mar 18, 2015 at 10:32 AM, Frans Panken frans.pan...@surfnet.nl mailto:frans.pan...@surfnet.nl wrote: We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu mailto:hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu mailto:hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Can't see me using anything that I have to visit and look at rather than it being delivered to me like a listserv. There's just not the time in the day. Best Regards Sent from my phone, please excuse brevity and/or misspelling. From: Lee H Badmanmailto:lhbad...@syr.edu Sent: 18/03/2015 17:49 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
You could be right- I used to run a Google group for regional ham radio nerds, I think that did both (I think). From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser Sent: Wednesday, March 18, 2015 3:07 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Perhaps best of both worlds? I believe there are some forums in which you can participate equally through both mailing lists and web forums. On March 18, 2015 2:59:56 PM EDT, Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu wrote: I hear you and get it, Ian- thanks. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald Sent: Wednesday, March 18, 2015 2:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals Can't see me using anything that I have to visit and look at rather than it being delivered to me like a listserv. There's just not the time in the day. Best Regards Sent from my phone, please excuse brevity and/or misspelling. From: Lee H Badmanmailto:lhbad...@syr.edu Sent: 18/03/2015 17:49 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Breaking IPv6 is indeed undesirable ;-) Fortunately, other vendors do not share your opinion. Good news for the majority on this list: the bug is limited to Cisco's FlexConnect. -Frans Jake Snyder schreef op 18/03/15 om 20:19: It is expected from an 802.11 perspective. May not be desirable, but that is how the wireless standard works. Unicasting RAs over the air fixes this. Sent from my iPhone On Mar 18, 2015, at 12:42 PM, Frans Panken frans.pan...@surfnet.nl mailto:frans.pan...@surfnet.nl wrote: No, it is not. The result is that it breaks IPv6 on local VLANs: clients receive multiple prefixes on local VLANs. Jake Snyder schreef op 18/03/15 om 17:51: Leaking of RAs between VLANS is expected behavior as RA are multicast. Because the 802.11 protocol sends multicast traffic as broadcast over the air and every device on a BSSID shares the same group key for encryption, any client can decode any multicast packet, including RAs not on the same VLAN. Again, this is expected behavior. The solution to this is to use multicast to unicast conversion for the RA, however i've never done this in a flexconnect deployment. This is also important in IPv4 deployments where you need to secure who can gain access to a multicast stream. On Wed, Mar 18, 2015 at 10:32 AM, Frans Panken frans.pan...@surfnet.nl mailto:frans.pan...@surfnet.nl wrote: We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu mailto:hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
RE: Looking for interest among Wi-Fi professionals
I could be useful IF it is not dominated with Cisco Wi-Fi issues. Although Cisco is the largest vendor, they must have the most issues. When was the last time people were asking whether to upgrade to a GA version of ArubaOS?, for instance? Bruce Osborne Wireless Engineer IT Infrastructure Media Solutions (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Wednesday, March 18, 2015 1:49 PM Subject: Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Quick notes on the subject of building a topic-specific social network.. I posed a similar question at the social media constituent group meeting at a previous EDUCAUSE conference. How about I make a new venue for cohort X... I got a resounding NO! from them. They said use existing venues... twitter facebook. But Twitter? Messaging too short, as you said in the original note. Facebook? Too many cats. I am on the board for a local Cisco users group, and we struggle with how to engage with our members between meetings. We throw messaging at an email list, facebook, linked-in and Twitter. Nothing really sticks. We are currently working with the idea of seeding these outlets with conversation starters. I trick I'm sure you get, being our CG leader here. :) PS - I, too, started an email list for my local ham radio club. The list has been running strong since 2000. ;) - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu http://www.davenport.edu On Wed, Mar 18, 2015 at 5:38 PM, Chuck Enfield chu...@psu.edu wrote: Now I feel bad. I was joking. I guess I should have added an emoticon. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Wednesday, March 18, 2015 4:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals On Wed Mar 18 2015 15:26:27 CDT, Chuck Enfield chu...@psu.edu wrote: We all know you're advancing up the career ladder. No need to rub it in. Eek. I totally didn’t mean it that way. Apologies! -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Looking for interest among Wi-Fi professionals
Bruce, Not to side track this conversation too far, but is this because the ArubaOS is that stable or that it is not as prevalent? This is almost an exact reason for something like this to exist. In a perfect world this collaborative site would have sub-forums for the different vendors. Activity in each, mixed with membership polling would help indicate the number of people whom use a vendor and the amount of times people are posting. Typically people don't post if there are no problems. It's easy for us to pick on the largest vendor, but if we can show that other vendors have proportionally less issues; then we have some more ammo behind our complaints. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Wednesday, March 18, 2015 2:42 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals I could be useful IF it is not dominated with Cisco Wi-Fi issues. Although Cisco is the largest vendor, they must have the most issues. When was the last time people were asking whether to upgrade to a GA version of ArubaOS?, for instance? Bruce Osborne Wireless Engineer IT Infrastructure Media Solutions (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Wednesday, March 18, 2015 1:49 PM Subject: Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/https://urldefense.proofpoint.com/v2/url?u=https-3A__wirednot.wordpress.com_2015_03_18_hey-2Dwireless-2Dprofessionals-2Dwould-2Dyou-2Duse_d=AwMFAgc=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQr=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4m=dCxfcQfLO44eX42aDwfJu-n38EPsE5nIqFPWtDbKo58s=cwHtgV0PkYT1jSxP9dI5ZDck5-z2dfd2UkFuR60CWVEe= Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_d=AwMFAgc=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQr=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4m=dCxfcQfLO44eX42aDwfJu-n38EPsE5nIqFPWtDbKo58s=yGPfTNzfY5_Puu8ZfYzuQOr1OmbvtIo7ukTz7o45_u0e=. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I know I have just been assuming Aruba people have no issues, since I never see them on the list! ;) It would be nice to have some sort of context/insight into the grand scheme of things, rather than just Ciscoland. -- Hunter Fuller Network Engineer VBRH M-9B +1 256 824 5331 Office of Information Technology The University of Alabama in Huntsville Systems and Infrastructure I am part of the UAH Safe Zone LGBTQIA support network: http://www.uah.edu/student-affairs/safe-zone On Wed, Mar 18, 2015 at 3:17 PM, Chuck Enfield chu...@psu.edu wrote: I asked exactly that question just a few weeks ago, but I didn’t use this list. Between Airheads and more intimate peer groups, I don’t usually raise those questions here. FWIW, I’ve also been asked this question off-list by people from other edu’s. To be honest, I’m interested to hear whether or not people think this is the best venue for vendor-specific issues. I sometimes feel like I spend too much time deleting Cisco posts on this list. While I’ve never thought it was inappropriate to discuss those things here, it is why I tend to take Aruba issues to forums where I know the other participants use Aruba. On the other hand, there are plenty of people from Aruba shops on this list that may not a have access to the forums I use and would benefit from seeing the discussion here. So, should I be posting Aruba-specific questions and comments on this list, or should that stay on Airheads? Chuck Enfield Manager, Wireless Systems Engineering Telecommunications Networking Services The Pennsylvania State University 110H, USB2, UP, PA 16802 ph: 814.863.8715 fx: 814.865.3988 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Osborne, Bruce W (Network Services) *Sent:* Wednesday, March 18, 2015 3:42 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals I could be useful IF it is not dominated with Cisco Wi-Fi issues. Although Cisco is the largest vendor, they must have the most issues. When was the last time people were asking whether to upgrade to a GA version of ArubaOS?, for instance? *Bruce Osborne* *Wireless Engineer* *IT Infrastructure Media Solutions* *(434) 592-4229 %28434%29%20592-4229* *LIBERTY UNIVERSITY* *Training Champions for Christ since 1971* *From:* Lee H Badman [mailto:lhbad...@syr.edu lhbad...@syr.edu] *Sent:* Wednesday, March 18, 2015 1:49 PM *Subject:* Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Looking for interest among Wi-Fi professionals
I'd be interested. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Wednesday, March 18, 2015 12:49 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
On Wed Mar 18 2015 12:49:10 CDT, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: I’ll join in with the folks who prefer email-based mechanisms to purely web-based solutions. Just based on experiences with other things, my interaction with the latter would be much less than the former. Having said that, an argument could be made that I’m not quite the target audience anymore for these things anyway if they’re going to be talking about deep down details of specific technologies. :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Cisco 702W APs
We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it.
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
We all know you're advancing up the career ladder. No need to rub it in. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Wednesday, March 18, 2015 4:22 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals On Wed Mar 18 2015 12:49:10 CDT, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: I’ll join in with the folks who prefer email-based mechanisms to purely web-based solutions. Just based on experiences with other things, my interaction with the latter would be much less than the former. Having said that, an argument could be made that I’m not quite the target audience anymore for these things anyway if they’re going to be talking about deep down details of specific technologies. :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Other vendors are doing this too. I know from a recent presentation at Atmosphere 2015 that Aruba performs the RA Multicast to Unicast conversion. It's a known limitation in terms of how the 802.11 protocol works. Different vendors are implementing different features to overcome it, but it's an expected thing. There is currently not support for Multicast to Unicast conversion for Flexconnect, they simply bridge broadcast/multicast traffic. On Wed, Mar 18, 2015 at 1:36 PM, Frans Panken frans.pan...@surfnet.nl wrote: Breaking IPv6 is indeed undesirable ;-) Fortunately, other vendors do not share your opinion. Good news for the majority on this list: the bug is limited to Cisco's FlexConnect. -Frans Jake Snyder schreef op 18/03/15 om 20:19: It is expected from an 802.11 perspective. May not be desirable, but that is how the wireless standard works. Unicasting RAs over the air fixes this. Sent from my iPhone On Mar 18, 2015, at 12:42 PM, Frans Panken frans.pan...@surfnet.nl wrote: No, it is not. The result is that it breaks IPv6 on local VLANs: clients receive multiple prefixes on local VLANs. Jake Snyder schreef op 18/03/15 om 17:51: Leaking of RAs between VLANS is expected behavior as RA are multicast. Because the 802.11 protocol sends multicast traffic as broadcast over the air and every device on a BSSID shares the same group key for encryption, any client can decode any multicast packet, including RAs not on the same VLAN. Again, this is expected behavior. The solution to this is to use multicast to unicast conversion for the RA, however i've never done this in a flexconnect deployment. This is also important in IPv4 deployments where you need to secure who can gain access to a multicast stream. On Wed, Mar 18, 2015 at 10:32 AM, Frans Panken frans.pan...@surfnet.nl wrote: We use FlexConnect in both central and local switched mode (v 8.110.6). We use a single SSID and distinguish various user groups, differentiated by Radius and mapped on different VLANs. We observe that VLANs leak traffic to other VLANs. This is in particular very undesired with IPv6, where router adverstisements from one VLAN is broadcast to other VLANs (this also happens on IPv4, e.g., with ARP and other broadcast traffic). Even VLANs that are only centrally accessible leak traffic to local VLANs. This is a security issue that in my oppinion does not receive the desired attention. Frans Watters, John schreef op 18/03/15 om 07:29: Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Joel, I agree 100% with your point about searchability with Google's awesome software/robots, and that is why I subscribed to this email list with my Gmail address--I get all of the benefits of the email format and it is indexed and searchable forever back as far as I want with Google. Here I come off sounding like an advertisement for Google. It groups all the responses into the same thread, and I didn't have to tweak it. I don't even have to pay for it--well, not pay them $ in an obvious way :-) Whenever something is free, you are product being marketed [to]... Having said that. I'm all for using something that is RSS-enabled or whatever, but it's hard to argue with something that is easy and mature as regular old email. Thanks!--Jess Walczak Senior Network Analyst, University of St. Thomas Saint Paul, MN 55105 On Wed, Mar 18, 2015 at 2:59 PM, McClintic, Thomas thomas.mcclin...@uth.tmc.edu wrote: Bruce, Not to side track this conversation too far, but is this because the ArubaOS is that stable or that it is not as prevalent? This is almost an exact reason for something like this to exist. In a perfect world this collaborative site would have sub-forums for the different vendors. Activity in each, mixed with membership polling would help indicate the number of people whom use a vendor and the amount of times people are posting. Typically people don’t post if there are no problems. It’s easy for us to pick on the largest vendor, but if we can show that other vendors have proportionally less issues; then we have some more ammo behind our complaints. *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Osborne, Bruce W (Network Services) *Sent:* Wednesday, March 18, 2015 2:42 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals I could be useful IF it is not dominated with Cisco Wi-Fi issues. Although Cisco is the largest vendor, they must have the most issues. When was the last time people were asking whether to upgrade to a GA version of ArubaOS?, for instance? *Bruce Osborne* *Wireless Engineer* *IT Infrastructure Media Solutions* *(434) 592-4229 %28434%29%20592-4229* *LIBERTY UNIVERSITY* *Training Champions for Christ since 1971* *From:* Lee H Badman [mailto:lhbad...@syr.edu lhbad...@syr.edu] *Sent:* Wednesday, March 18, 2015 1:49 PM *Subject:* Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would-you-use/ https://urldefense.proofpoint.com/v2/url?u=https-3A__wirednot.wordpress.com_2015_03_18_hey-2Dwireless-2Dprofessionals-2Dwould-2Dyou-2Duse_d=AwMFAgc=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQr=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4m=dCxfcQfLO44eX42aDwfJu-n38EPsE5nIqFPWtDbKo58s=cwHtgV0PkYT1jSxP9dI5ZDck5-z2dfd2UkFuR60CWVEe= Won’t hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_d=AwMFAgc=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQr=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4m=dCxfcQfLO44eX42aDwfJu-n38EPsE5nIqFPWtDbKo58s=yGPfTNzfY5_Puu8ZfYzuQOr1OmbvtIo7ukTz7o45_u0e=. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
I asked exactly that question just a few weeks ago, but I didn't use this list. Between Airheads and more intimate peer groups, I don't usually raise those questions here. FWIW, I've also been asked this question off-list by people from other edu's. To be honest, I'm interested to hear whether or not people think this is the best venue for vendor-specific issues. I sometimes feel like I spend too much time deleting Cisco posts on this list. While I've never thought it was inappropriate to discuss those things here, it is why I tend to take Aruba issues to forums where I know the other participants use Aruba. On the other hand, there are plenty of people from Aruba shops on this list that may not a have access to the forums I use and would benefit from seeing the discussion here. So, should I be posting Aruba-specific questions and comments on this list, or should that stay on Airheads? Chuck Enfield Manager, Wireless Systems Engineering Telecommunications Networking Services The Pennsylvania State University 110H, USB2, UP, PA 16802 ph: 814.863.8715 fx: 814.865.3988 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Wednesday, March 18, 2015 3:42 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals I could be useful IF it is not dominated with Cisco Wi-Fi issues. Although Cisco is the largest vendor, they must have the most issues. When was the last time people were asking whether to upgrade to a GA version of ArubaOS?, for instance? Bruce Osborne Wireless Engineer IT Infrastructure Media Solutions (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Lee H Badman [mailto:lhbad...@syr.edu] Sent: Wednesday, March 18, 2015 1:49 PM Subject: Looking for interest among Wi-Fi professionals This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-woul d-you-use/ https://wirednot.wordpress.com/2015/03/18/hey-wireless-professionals-would -you-use/ Won't hurt my feelings either way, but could be kind of valuable if you picture it widely used. Regards- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
On Wed Mar 18 2015 15:26:27 CDT, Chuck Enfield chu...@psu.edu wrote: We all know you're advancing up the career ladder. No need to rub it in. Eek. I totally didn’t mean it that way. Apologies! -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
RE: [WIRELESS-LAN] Cisco 702W APs
Yes, this first one will be one AP per room. Furniture smashing is a concern to Res Life and us. The APs permanent location will be mostly shielded from furniture smashing. I will post some pictures and update periodically about the smashing part. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord Sent: Wednesday, March 18, 2015 3:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edumailto:kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743tel:402-280-2743 402-981-1140tel:402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco 702W APs
We have deployed several other types of Cisco APs one per room in our particularly tough buildings and no ones smashed them yet. The more frequent destruction location is, by far, the gym. -- Hunter Fuller OIT Sent from my phone. On Mar 18, 2015 4:04 PM, Mattson III, Ken V. kenmatt...@creighton.edu wrote: Yes, this first one will be one AP per room. Furniture smashing is a concern to Res Life and us. The APs permanent location will be mostly shielded from furniture smashing. I will post some pictures and update periodically about the smashing part. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Alan Nord *Sent:* Wednesday, March 18, 2015 3:32 PM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Cisco 702W APs
I plan on trying a few in res halls to fill in coverage gaps. I am concerned that it does not support 802.11ac as I understand it so we do not currently plan to do a mass deployment. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mattson III, Ken V. Sent: Wednesday, March 18, 2015 4:25 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco 702W APs We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743 402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it.
RE: [WIRELESS-LAN] Cisco 702W APs
If we were to do it we would probably mount unit on bulkhead and run patch cables to TOs in raceway about a few feet AFF with downward facing jacks. FYI. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Alan Nord Sent: Wednesday, March 18, 2015 4:32 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco 702W APs We are looking to do the same. We have two main issues that need to be worked out before moving forward - 1) NAC vendor needs to support changing VLANs on the AP, and 2) how do we deploy them so they don't get smashed by furniture/students? What is your deployment plan? 1 AP per room or something else? On Wed, Mar 18, 2015 at 3:25 PM, Mattson III, Ken V. kenmatt...@creighton.edumailto:kenmatt...@creighton.edu wrote: We are about to embark on covering a Res Hall with 99% 702W APs. Are there any lessons learned from others out there? If our pilot works well we intend on this being the cookie cutter as we move forward. Kenneth V. Mattson III Director - Network and Data DoIT Creighton University 402-280-2743tel:402-280-2743 402-981-1140tel:402-981-1140 A password is like a toothbrush: Choose a good one, change it regularly and don't share it. -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
Now I feel bad. I was joking. I guess I should have added an emoticon. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh Sent: Wednesday, March 18, 2015 4:58 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals On Wed Mar 18 2015 15:26:27 CDT, Chuck Enfield chu...@psu.edu wrote: We all know you're advancing up the career ladder. No need to rub it in. Eek. I totally didn’t mean it that way. Apologies! -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect
Please post any results you have if/when try expand FlexConnect to your entire campus. It looks like you are close to our size (we now have about 125 buildings about 38K students plus about 4K faculty/staff). Thanks. Sent from my iPhone On Mar 17, 2015, at 4:12 PM, Hector J Rios hr...@lsu.edu wrote: I've not performed tests to that scale yet. Plus we are only considering this for our ResHalls, of which we have 21 buildings only. -Hector -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Tuesday, March 17, 2015 11:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless - FlexConnect We played with FlexConnect for a number of months but still could not get what we needed it to do on a consistent basis. Essentially we wanted FlexConnect to drop users into their building VLAN so they would be able to easily interact with the same devices that the wired connections in the buildings could see. As I'm sure you know, this also resolves many of the Apple, Chromecast, etc., problems. We did have one caveat though that we just couldn't get past -- we wanted to drop faculty/staff into one VLAN and students into another (we can easily return the proper VLAN for a particular client in a particular building from Radius server - FreeRadius with a call to our LDAP server for info) but we also need to send everything else back to the controller for central switching (e.g., police connections, special bar-code scanners that roam and serve to identify a user, but not being used for client traffic, for example, to give out free flu shots to eligible folks or let folks into a sporting event). We just couldn't get past having 95+% locally switched and the remainder centrally switched for over 200 buildings many with now over 100 APs each without using FlecConnect groups which are limited to numbers way too small for our campus. We can even live comfortably without roaming between buildings. MOst folks are not used to being able to roam between buildings downtown or many cannot roam between apartments off campus. How did you get around the FlexConnect group problem? == -jcw From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [hr...@lsu.edu] Sent: Tuesday, March 17, 2015 9:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless I tested FlexConnect on 8.0.110.0. Here are my observations: *Great alternative to switch data locally (obviously) *No AVC Support *When controller is down, AP goes into standalone more. Must make sure that AP is not able to reach any other controller you don't want. This was fixed with an ACL. *Client details page does not show client IPv6 address. Client still gets IPv6 address. (PRIME does show it if you run a report). *Client details page does not show VLAN ID. *Putting AP in FlexConnect mode does not require reboot (Cool!) *No IPv6 ACL support More testing to do, but so far so good. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios Sent: Thursday, March 12, 2015 11:13 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless We use Cisco's wireless solution with WiSM2s and a variety of WAPs. We actually implemented the guest anchor controller solution last year with dual controllers (WLC2504) and we've been happy. I like Britton's idea of using FlexConnect at the dorms to switch the student data locally. However, I believe there are some limitations that would keep us from using it such as no support for AVC, and some limitations on IPv6. -Hector From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W (Network Services) Sent: Thursday, March 12, 2015 7:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ResHall Wireless Hector, You do not say what wireless solution you are using. Let me assume a Cisco or Aruba controller based solution. You can have vlans from your controller tunnel to an anchor controller in a DMZ. Use 802.1X authentication based on AD groups. This solution permits controlled internal access and, if you desire, unfiltered Internet access. Until recently, we did something similar with our open Guest wireless network on our Aruba system. We now use a different solution for this. The anchor controller idea was based on Cisco wireless training several years ago. At that time, it was their recommended guest solution. Bruce Osborne