date:20151215

Cisco WLC CPU ACL

2015-12-15 Thread Dennis Xu

Has anyone implemented CPU ACL on Cisco WLCs and any lessons learned? 

I would like to apply CPU ACLs to protect WLC dynamic interfaces and hope it 
will not break anything. :)

Thanks!

---
Dennis Xu, MASc, CCIE #13056
Analyst 3, Network Infrastructure
Computing and Communications Services(CCS)
University of Guelph

519-824-4120 Ext 56217
d...@uoguelph.ca 
www.uoguelph.ca/ccs

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Cisco LWAP Advice

2015-12-15 Thread Oliver, Jeff

There has been many posts here with a lot of info, and I would like to echo 
something in Jeff’s post here.

We have been running on cisco’s controller based platform since they purchased 
Airespace a number of years ago. From the Airespace appliances to the Cisco 
version of the same to the WiSM and now on the WiSM2, also running on stable 
code (based on our wireless SE’s recommend).  Outside of the normal growth and 
density issues that we all face, the only real issues that we have had over the 
course of the years have been self-induced issues. They simply work.

I will qualify that to say that our setup is intentionally quite simple and we 
are simply running three WiSM2’s with the same base config and a shared 
mobility zone across them all. Our AP’s have primary/secondary controllers 
configured on them and we provision a buildings access points to a specific 
WiSM to mitigate the roaming from AP to AP. As 99% of the wireless traffic is 
inet or data center bound, it is going to hit our main network core anyway so 
we have not tried to push the LWAP out of the core.

Easy. Stable.


Cheers,
Jeff

---

Jeffrey L. Oliver
Sr. Network Analyst
Information Technology Services
The University of Lethbridge

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Tuesday, December 15, 2015 12:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I have to disagree here too. Like Lee, we’re on good code, and our Cisco system 
has been running flawlessly for a very long time. W

The reason for the threads here is simple… Cisco is by a very wide margin the 
#1 WiFi vendor, so one would expect the ratio of posts to be proportionate to 
the installed base. For the distant #2 and others, maybe there is hesitation to 
post about problems here since upper management would then question the 
decision to go that route? Perhaps the installed based is just too low that 
it’s lost in the static?

What I do know is that at my consortium,  we have five colleges on Cisco and 
two on Aruba. Over the years, I’ve seen far more show stoppers on Aruba then on 
Cisco. It’s also been the case that the performance of the Aruba APs don’t 
appear to be nearly the same as the Cisco units, especially as client density 
goes up. Oh, and Aruba has nothing remotely close to CleanAir.

That said, for the day to day, both get the job done in their own ways. The 
upside is that having both provides extreme leverage in negotiating pricing.

Jeff



From: 
"wireless-lan@listserv.educause.edu" 
> 
on behalf of "bosbo...@liberty.edu" 
>
Reply-To: 
"wireless-lan@listserv.educause.edu" 
>
Date: Tuesday, December 15, 2015 at 4:25 AM
To: 
"wireless-lan@listserv.educause.edu" 
>
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I agree, Lee. When we decided to move away from Cisco fat APs, their abysmal 
support for them along with the constant threads here looking for Cisco code 
with the least bugs helped our decision to move to Aruba. At that time they 
were (and, to some extent, still are) a company that specialized in WLAN 
technologies.

For Cisco, WLAN is just another product line alongside routers, switches, 
voice, telepresence, etc. For Aruba, at least in 2008, if their WLAN did not 
succeed, they had no fallback product for profits.



Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Monday, December 14, 2015 1:47 PM
Subject: Re: Cisco LWAP Advice

I use both- and have a real fondness for Meraki. Cisco vs Meraki is not just 
Apples to Apples on hardware. With Meraki, the perpetual controller and NMS 
bugs are no longer your problem, and it’s liberating beyond belief to not have 
to deal with that. I might feel different if Cisco got their WLAN code act 
together, but I’ve heard 10 years of admissions and promises and have yet to 
see it happen. Escalation builds, engineering builds, blah blah blah. There is 
a high TCO to Cisco wireless beyond the price tags. That’s the cost of seeing a 
bazillion features exposed that you may never use.

In our Meraki sites, things work, they work well, and troubles tend to be 
statistical zero. Meraki APs never win bake-offs for high performance, but most 
well-designed environments don’t need rocket ships bolted to the ceiling 
either. System administration is an absolute breeze, in my years of

Re: Cisco WLC CPU ACL

2015-12-15 Thread Felix Windt

We are running CPU ACLs both on IPv4 and IPv6. The obvious thing is that you 
want to make sure to account for all your CAPWAP sources and all your 
management stations. If you use Prime Infrastructure to manage your WLCs, 
definitely don't forget accounting for that.

Also for Prime: its ACL builder is horrible, so we kept it intentionally simple 
with the least number of ACEs (often permitting all IP traffic instead of 
branching out to protocols, for example on the dedicated networks for APs 
sourcing CAPWAP tunnels). The worst gotcha is that ACLs are submitted line by 
line, which at one point locked out Prime itself since it created something 
that didn't account for itself. The work around is to always first disable CPU 
ACLs entirely, then to submit the new ACL, double check that it's applied 
correctly, and to only then re-enable it for enforcement.

Otherwise we've had no issues whatsoever.

Hope that helps,

felix

Dartmouth


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Dennis Xu 
Sent: Tuesday, December 15, 2015 12:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco WLC CPU ACL

Has anyone implemented CPU ACL on Cisco WLCs and any lessons learned?

I would like to apply CPU ACLs to protect WLC dynamic interfaces and hope it 
will not break anything. :)

Thanks!

---
Dennis Xu, MASc, CCIE #13056
Analyst 3, Network Infrastructure
Computing and Communications Services(CCS)
University of Guelph

519-824-4120 Ext 56217
d...@uoguelph.ca
www.uoguelph.ca/ccs

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco LWAP Advice

2015-12-15 Thread Jeffrey D. Sessler

I have to disagree here too. Like Lee, we’re on good code, and our Cisco system 
has been running flawlessly for a very long time. W

The reason for the threads here is simple… Cisco is by a very wide margin the 
#1 WiFi vendor, so one would expect the ratio of posts to be proportionate to 
the installed base. For the distant #2 and others, maybe there is hesitation to 
post about problems here since upper management would then question the 
decision to go that route? Perhaps the installed based is just too low that 
it’s lost in the static?

What I do know is that at my consortium,  we have five colleges on Cisco and 
two on Aruba. Over the years, I’ve seen far more show stoppers on Aruba then on 
Cisco. It’s also been the case that the performance of the Aruba APs don’t 
appear to be nearly the same as the Cisco units, especially as client density 
goes up. Oh, and Aruba has nothing remotely close to CleanAir.

That said, for the day to day, both get the job done in their own ways. The 
upside is that having both provides extreme leverage in negotiating pricing.

Jeff



From: 
"wireless-lan@listserv.educause.edu" 
> 
on behalf of "bosbo...@liberty.edu" 
>
Reply-To: 
"wireless-lan@listserv.educause.edu" 
>
Date: Tuesday, December 15, 2015 at 4:25 AM
To: 
"wireless-lan@listserv.educause.edu" 
>
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I agree, Lee. When we decided to move away from Cisco fat APs, their abysmal 
support for them along with the constant threads here looking for Cisco code 
with the least bugs helped our decision to move to Aruba. At that time they 
were (and, to some extent, still are) a company that specialized in WLAN 
technologies.

For Cisco, WLAN is just another product line alongside routers, switches, 
voice, telepresence, etc. For Aruba, at least in 2008, if their WLAN did not 
succeed, they had no fallback product for profits.



Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Monday, December 14, 2015 1:47 PM
Subject: Re: Cisco LWAP Advice

I use both- and have a real fondness for Meraki. Cisco vs Meraki is not just 
Apples to Apples on hardware. With Meraki, the perpetual controller and NMS 
bugs are no longer your problem, and it’s liberating beyond belief to not have 
to deal with that. I might feel different if Cisco got their WLAN code act 
together, but I’ve heard 10 years of admissions and promises and have yet to 
see it happen. Escalation builds, engineering builds, blah blah blah. There is 
a high TCO to Cisco wireless beyond the price tags. That’s the cost of seeing a 
bazillion features exposed that you may never use.

In our Meraki sites, things work, they work well, and troubles tend to be 
statistical zero. Meraki APs never win bake-offs for high performance, but most 
well-designed environments don’t need rocket ships bolted to the ceiling 
either. System administration is an absolute breeze, in my years of running 
these environmnets.

My guidance- carefully define your requirements and staffing, TRY BEFORE YOU BY 
in all cases, and query others that have gone before you in legitimate 
production.



Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.eduw 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Monday, December 14, 2015 12:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I’ve looked at Meraki and it seems positioned at small installations, and once 
you get to a certain number of AP’s, the conventional Cisco-based controller 
(or similar vendor solution) comes our far less expensive.

For smartnet, you can realize significant additional savings over and above the 
standard 30% EDU discount if you sign up for a multi-year contract e.g. 3 or 5 
years. You can also finance the smartnet via Cisco leasing (generally at zero 
additional cost) so that in the case of a three year contract, you make 3 
yearly payments.

Also, don’t forget the special SKU for the controllers. A couple of years ago, 
Cisco started bundling the AP support cost in the controller contract, and 
there is a SKU that backs the cost

RE: Cisco LWAP Advice

2015-12-15 Thread Osborne, Bruce W (Network Services)

I agree, Lee. When we decided to move away from Cisco fat APs, their abysmal 
support for them along with the constant threads here looking for Cisco code 
with the least bugs helped our decision to move to Aruba. At that time they 
were (and, to some extent, still are) a company that specialized in WLAN 
technologies.

For Cisco, WLAN is just another product line alongside routers, switches, 
voice, telepresence, etc. For Aruba, at least in 2008, if their WLAN did not 
succeed, they had no fallback product for profits.



Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Monday, December 14, 2015 1:47 PM
Subject: Re: Cisco LWAP Advice

I use both- and have a real fondness for Meraki. Cisco vs Meraki is not just 
Apples to Apples on hardware. With Meraki, the perpetual controller and NMS 
bugs are no longer your problem, and it’s liberating beyond belief to not have 
to deal with that. I might feel different if Cisco got their WLAN code act 
together, but I’ve heard 10 years of admissions and promises and have yet to 
see it happen. Escalation builds, engineering builds, blah blah blah. There is 
a high TCO to Cisco wireless beyond the price tags. That’s the cost of seeing a 
bazillion features exposed that you may never use.

In our Meraki sites, things work, they work well, and troubles tend to be 
statistical zero. Meraki APs never win bake-offs for high performance, but most 
well-designed environments don’t need rocket ships bolted to the ceiling 
either. System administration is an absolute breeze, in my years of running 
these environmnets.

My guidance- carefully define your requirements and staffing, TRY BEFORE YOU BY 
in all cases, and query others that have gone before you in legitimate 
production.



Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Monday, December 14, 2015 12:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I’ve looked at Meraki and it seems positioned at small installations, and once 
you get to a certain number of AP’s, the conventional Cisco-based controller 
(or similar vendor solution) comes our far less expensive.

For smartnet, you can realize significant additional savings over and above the 
standard 30% EDU discount if you sign up for a multi-year contract e.g. 3 or 5 
years. You can also finance the smartnet via Cisco leasing (generally at zero 
additional cost) so that in the case of a three year contract, you make 3 
yearly payments.

Also, don’t forget the special SKU for the controllers. A couple of years ago, 
Cisco started bundling the AP support cost in the controller contract, and 
there is a SKU that backs the cost back out for EDUs.

Jeff

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Daniel Eklund
Sent: Friday, December 11, 2015 5:52 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

RFP is a good idea.  Considering your size you should be seriously looking at 
alternative like Meraki and Ruckus.

On Fri, Dec 11, 2015 at 8:47 AM, Klaczko, Edwin 
> wrote:
Even though it’s a bit more work an RFP is a good idea.  Even if you are happy 
with your current vendor it helps with getting the best pricing.  On several 
occasions I’ve virtually eliminated the “Cisco premium” everyone expects.  Now 
ongoing SmartNet maintenance costs are another matter.


Eddie Klaczko

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Osborne, Bruce W (Network Services)
Sent: Friday, December 11, 2015 6:34 AM

To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I agree with the RFP idea.

When we last did an RFP and in-house demos & proof of concepts, we were 
surprised at what was offered by Aruba Networks. They even worked with us to 
support multicast video on wireless.



Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Thursday, December 10, 2015 1:41 PM
Subject: Re: Cisco LWAP Advice

If the old controller is all that is tying you to Cisco,  it

Re: [WIRELESS-LAN] Cisco WLC CPU ACL

2015-12-15 Thread Matthew Newton

On Tue, Dec 15, 2015 at 08:54:15PM +, McClintic, Thomas wrote:
> My understanding is that the CAPWAP traffic is not controlled by the CPU ACL.

"show rules" at the CLI will show you the built-in ACLs which are
automatically added to cover things like this. It covers everything
normally used, though I've found it misses RADIUS CoA udp/3799.
(This wasn't the case years ago on version 4.)

We use CPU ACLs - work fine. Apart from one 2504 controller where
applying the CPU ACL just blocks pretty much everything, so
there's a bug somewhere on that device. On everything else
(another 2504, 5508s, 8510s, and even on the old 4404s) never had
a problem.

Only real issue I have is that the Cisco/Airespace programmers
were smoking something far too strong when they designed ACLs for
AireOS. The syntax needs replacing with IOS ACLs as soon as
possible. They work fine, but are tedious to configure from the
CLI. So other comments stand - disable ACLs, apply new one,
re-enable ACL. You pretty much have to do that anyway, so just
make sure rule 1 permits SSH from your management network and
you'll be fine if something does happen to go wrong.

Matthew


-- 
Matthew Newton, Ph.D. 

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Cisco WLC CPU ACL

2015-12-15 Thread McClintic, Thomas

My understanding is that the CAPWAP traffic is not controlled by the CPU ACL.

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Felix Windt
Sent: Tuesday, December 15, 2015 2:12 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC CPU ACL

We are running CPU ACLs both on IPv4 and IPv6. The obvious thing is that you 
want to make sure to account for all your CAPWAP sources and all your 
management stations. If you use Prime Infrastructure to manage your WLCs, 
definitely don't forget accounting for that.

Also for Prime: its ACL builder is horrible, so we kept it intentionally simple 
with the least number of ACEs (often permitting all IP traffic instead of 
branching out to protocols, for example on the dedicated networks for APs 
sourcing CAPWAP tunnels). The worst gotcha is that ACLs are submitted line by 
line, which at one point locked out Prime itself since it created something 
that didn't account for itself. The work around is to always first disable CPU 
ACLs entirely, then to submit the new ACL, double check that it's applied 
correctly, and to only then re-enable it for enforcement.

Otherwise we've had no issues whatsoever.

Hope that helps,

felix

Dartmouth

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Dennis Xu 
Sent: Tuesday, December 15, 2015 12:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco WLC CPU ACL

Has anyone implemented CPU ACL on Cisco WLCs and any lessons learned?

I would like to apply CPU ACLs to protect WLC dynamic interfaces and hope it 
will not break anything. :)

Thanks!

---
Dennis Xu, MASc, CCIE #13056
Analyst 3, Network Infrastructure
Computing and Communications Services(CCS) University of Guelph

519-824-4120 Ext 56217
d...@uoguelph.ca
www.uoguelph.ca/ccs

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at 
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_=BQIFAw=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQ=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4=lLzJN8EUNYD1OEPjeKEOjfK88oz2vOYVI9qjZXbcvZs=WtInRNasNnDuX0hR7DYMPvIt1bWxEuvD0IZexsfsg38=
 .

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at 
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_=BQIFAw=6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQ=rYfqH_8oTvcXxRxUI3x3m3Y7Nwgir7tnuoGbdZsrUM4=lLzJN8EUNYD1OEPjeKEOjfK88oz2vOYVI9qjZXbcvZs=WtInRNasNnDuX0hR7DYMPvIt1bWxEuvD0IZexsfsg38=
 .

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Cisco LWAP Advice

2015-12-15 Thread Lee H Badman

Now in its defense… when we are on good code, our big Cisco WLAN runs like a 
dream, servicing 20K+ clients at our daily high water mark.

Lee Badman | Network Architect (CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Tuesday, December 15, 2015 7:26 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I agree, Lee. When we decided to move away from Cisco fat APs, their abysmal 
support for them along with the constant threads here looking for Cisco code 
with the least bugs helped our decision to move to Aruba. At that time they 
were (and, to some extent, still are) a company that specialized in WLAN 
technologies.

For Cisco, WLAN is just another product line alongside routers, switches, 
voice, telepresence, etc. For Aruba, at least in 2008, if their WLAN did not 
succeed, they had no fallback product for profits.



Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Lee H Badman [mailto:lhbad...@syr.edu]
Sent: Monday, December 14, 2015 1:47 PM
Subject: Re: Cisco LWAP Advice

I use both- and have a real fondness for Meraki. Cisco vs Meraki is not just 
Apples to Apples on hardware. With Meraki, the perpetual controller and NMS 
bugs are no longer your problem, and it’s liberating beyond belief to not have 
to deal with that. I might feel different if Cisco got their WLAN code act 
together, but I’ve heard 10 years of admissions and promises and have yet to 
see it happen. Escalation builds, engineering builds, blah blah blah. There is 
a high TCO to Cisco wireless beyond the price tags. That’s the cost of seeing a 
bazillion features exposed that you may never use.

In our Meraki sites, things work, they work well, and troubles tend to be 
statistical zero. Meraki APs never win bake-offs for high performance, but most 
well-designed environments don’t need rocket ships bolted to the ceiling 
either. System administration is an absolute breeze, in my years of running 
these environmnets.

My guidance- carefully define your requirements and staffing, TRY BEFORE YOU BY 
in all cases, and query others that have gone before you in legitimate 
production.



Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Monday, December 14, 2015 12:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

I’ve looked at Meraki and it seems positioned at small installations, and once 
you get to a certain number of AP’s, the conventional Cisco-based controller 
(or similar vendor solution) comes our far less expensive.

For smartnet, you can realize significant additional savings over and above the 
standard 30% EDU discount if you sign up for a multi-year contract e.g. 3 or 5 
years. You can also finance the smartnet via Cisco leasing (generally at zero 
additional cost) so that in the case of a three year contract, you make 3 
yearly payments.

Also, don’t forget the special SKU for the controllers. A couple of years ago, 
Cisco started bundling the AP support cost in the controller contract, and 
there is a SKU that backs the cost back out for EDUs.

Jeff

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Daniel Eklund
Sent: Friday, December 11, 2015 5:52 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco LWAP Advice

RFP is a good idea.  Considering your size you should be seriously looking at 
alternative like Meraki and Ruckus.

On Fri, Dec 11, 2015 at 8:47 AM, Klaczko, Edwin 
> wrote:
Even though it’s a bit more work an RFP is a good idea.  Even if you are happy 
with your current vendor it helps with getting the best pricing.  On several 
occasions I’ve virtually eliminated the “Cisco premium” everyone expects.  Now 
ongoing SmartNet maintenance costs are another matter.


Eddie Klaczko

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Osborne, Bruce W (Network Services)
Sent: Friday, December 11, 2015 6:34 AM

To:

Cisco WLC CPU ACL

RE: [WIRELESS-LAN] Cisco LWAP Advice

Re: Cisco WLC CPU ACL

Re: [WIRELESS-LAN] Cisco LWAP Advice

RE: Cisco LWAP Advice

Re: [WIRELESS-LAN] Cisco WLC CPU ACL

RE: Cisco WLC CPU ACL

RE: Cisco LWAP Advice

8 matches

Site Navigation

Mail list logo

Footer information