date:20210407

Re: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Hurt,Trenton W.

That’s the problem tp link isn’t like intel or other manufacturers and has 
drivers that say 2020 but when I look at the ini file for the driver package 
it’s actually 2015 drivers for win8 they are just repurposed for win10.  
Hopefully the other drivers that are for the broadcom chipset that asus also 
uses will fix the issue.  I was hoping another edu may have already dealt with 
this elite form company and has the secret sauce already.

Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Floyd, Brad 

Sent: Wednesday, April 7, 2021 6:57:54 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Trent,

Likely so. I’ve had the issue several times where Windows will tell me that the 
wireless drivers are up to date, but when I look at the driver date that’s 
installed, it will be one, two, or even three years old. I go out to the chip / 
card manufacturer’s website and usually find a driver that’s weeks or months 
old. It usually fixes the problem.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:52 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards



[EXTERNAL SENDER]

Really think it’s just some weird tp link driver win10 issue.  The cards are 
Broadcom BCM4360 chipset so may try some other drivers not tp link to see if I 
can figure it out



Sent from my mobile device.



Trent Hurt



5028521513



University of Louisville















From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Hurt,Trenton W. 
mailto:trent.h...@louisville.edu>>
Sent: Wednesday, April 7, 2021 6:48:36 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards



CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

No data rates are good and some will connect to 5ghz ok some others don’t and 
some connect to 5ghz but are unstable and shift to 2.4. I’m hoping it’s just 
driver and going to try that tomorrow based off the link. I also was just told 
that not all these machines have same card majority are the T6e but seems a few 
are T4e cards.  I haven’t actually gone through each machine because I’ve just 
messing with a few and was going off what the vendor who sells this gear was 
telling they used.  Should’ve learned by now when they used dual band ac cards 
but installed single lead antennas without disabling the second port on the 
card or diversity or mimo that I just have to check everything.



https://community.tp-link.com/en/home/forum/topic/222782







Sent from my mobile device.



Trent Hurt



5028521513



University of Louisville















From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Floyd, Brad mailto:bfl...@mail.smu.edu>>
Sent: Wednesday, April 7, 2021 6:39:45 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards



CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Trent,

>From your wireless PCAPs, any data rates that you have trimmed out, but they 
>require? I can send you the wireshark filters if that would help.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:31 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject:

RE: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Floyd, Brad

Trent,
Likely so. I've had the issue several times where Windows will tell me that the 
wireless drivers are up to date, but when I look at the driver date that's 
installed, it will be one, two, or even three years old. I go out to the chip / 
card manufacturer's website and usually find a driver that's weeks or months 
old. It usually fixes the problem.
Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:52 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


[EXTERNAL SENDER]
Really think it's just some weird tp link driver win10 issue.  The cards are 
Broadcom BCM4360 chipset so may try some other drivers not tp link to see if I 
can figure it out

Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Hurt,Trenton W. 
mailto:trent.h...@louisville.edu>>
Sent: Wednesday, April 7, 2021 6:48:36 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.
No data rates are good and some will connect to 5ghz ok some others don't and 
some connect to 5ghz but are unstable and shift to 2.4. I'm hoping it's just 
driver and going to try that tomorrow based off the link. I also was just told 
that not all these machines have same card majority are the T6e but seems a few 
are T4e cards.  I haven't actually gone through each machine because I've just 
messing with a few and was going off what the vendor who sells this gear was 
telling they used.  Should've learned by now when they used dual band ac cards 
but installed single lead antennas without disabling the second port on the 
card or diversity or mimo that I just have to check everything.

https://community.tp-link.com/en/home/forum/topic/222782



Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Floyd, Brad mailto:bfl...@mail.smu.edu>>
Sent: Wednesday, April 7, 2021 6:39:45 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Trent,

>From your wireless PCAPs, any data rates that you have trimmed out, but they 
>require? I can send you the wireshark filters if that would help.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:31 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Elite form WiFi workout machines using tp link archer 
t6e cards



[EXTERNAL SENDER]

Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor



https://eliteform.com/about/



They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I've tried this and 
still some don't connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won't

Re: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Hurt,Trenton W.

Really think it’s just some weird tp link driver win10 issue.  The cards are 
Broadcom BCM4360 chipset so may try some other drivers not tp link to see if I 
can figure it out

Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Hurt,Trenton W. 

Sent: Wednesday, April 7, 2021 6:48:36 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

No data rates are good and some will connect to 5ghz ok some others don’t and 
some connect to 5ghz but are unstable and shift to 2.4. I’m hoping it’s just 
driver and going to try that tomorrow based off the link. I also was just told 
that not all these machines have same card majority are the T6e but seems a few 
are T4e cards.  I haven’t actually gone through each machine because I’ve just 
messing with a few and was going off what the vendor who sells this gear was 
telling they used.  Should’ve learned by now when they used dual band ac cards 
but installed single lead antennas without disabling the second port on the 
card or diversity or mimo that I just have to check everything.

https://community.tp-link.com/en/home/forum/topic/222782



Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Floyd, Brad 

Sent: Wednesday, April 7, 2021 6:39:45 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Trent,

>From your wireless PCAPs, any data rates that you have trimmed out, but they 
>require? I can send you the wireshark filters if that would help.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Elite form WiFi workout machines using tp link archer 
t6e cards



[EXTERNAL SENDER]

Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor



https://eliteform.com/about/



They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I’ve tried this and 
still some don’t connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won’t work well given the card has antenna diversity and mimo enabled 
on it by default.   Anyway we are now getting dual port antennas but still 
seeing lots of issues with the cards connecting or staying on 5ghz.  They 
connect ok to the network just always 2.4 and there are no settings in the 
advanced tab of drivers to prefer band like intel has.   I found this on tp 
link supprt site and going to try this driver next as it’s different than the 
driver listed on card main support page



https://community.tp-link.com/en/home/forum/topic/222782



Again just hoping someone else has solved this puzzle and can just give me 
something else to look

Re: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Hurt,Trenton W.

No data rates are good and some will connect to 5ghz ok some others don’t and 
some connect to 5ghz but are unstable and shift to 2.4. I’m hoping it’s just 
driver and going to try that tomorrow based off the link. I also was just told 
that not all these machines have same card majority are the T6e but seems a few 
are T4e cards.  I haven’t actually gone through each machine because I’ve just 
messing with a few and was going off what the vendor who sells this gear was 
telling they used.  Should’ve learned by now when they used dual band ac cards 
but installed single lead antennas without disabling the second port on the 
card or diversity or mimo that I just have to check everything.

https://community.tp-link.com/en/home/forum/topic/222782



Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Floyd, Brad 

Sent: Wednesday, April 7, 2021 6:39:45 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] Elite form WiFi workout machines using tp link 
archer t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Trent,

>From your wireless PCAPs, any data rates that you have trimmed out, but they 
>require? I can send you the wireshark filters if that would help.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Elite form WiFi workout machines using tp link archer 
t6e cards



[EXTERNAL SENDER]

Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor



https://eliteform.com/about/



They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I’ve tried this and 
still some don’t connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won’t work well given the card has antenna diversity and mimo enabled 
on it by default.   Anyway we are now getting dual port antennas but still 
seeing lots of issues with the cards connecting or staying on 5ghz.  They 
connect ok to the network just always 2.4 and there are no settings in the 
advanced tab of drivers to prefer band like intel has.   I found this on tp 
link supprt site and going to try this driver next as it’s different than the 
driver listed on card main support page



https://community.tp-link.com/en/home/forum/topic/222782



Again just hoping someone else has solved this puzzle and can just give me 
something else to look at.  I did pcap and the cards only seem to support Unii 
1 36-48 but again the tp link says to only use 36.



Thanks

Trent







Sent from my mobile device.



Trent Hurt



5028521513



University of Louisville













**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional

RE: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Floyd, Brad

Trent,
>From your wireless PCAPs, any data rates that you have trimmed out, but they 
>require? I can send you the wireshark filters if that would help.
Thanks,
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Hurt,Trenton W.
Sent: Wednesday, April 7, 2021 5:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Elite form WiFi workout machines using tp link archer 
t6e cards

[EXTERNAL SENDER]
Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor

https://eliteform.com/about/

They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I've tried this and 
still some don't connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won't work well given the card has antenna diversity and mimo enabled 
on it by default.   Anyway we are now getting dual port antennas but still 
seeing lots of issues with the cards connecting or staying on 5ghz.  They 
connect ok to the network just always 2.4 and there are no settings in the 
advanced tab of drivers to prefer band like intel has.   I found this on tp 
link supprt site and going to try this driver next as it's different than the 
driver listed on card main support page

https://community.tp-link.com/en/home/forum/topic/222782

Again just hoping someone else has solved this puzzle and can just give me 
something else to look at.  I did pcap and the cards only seem to support Unii 
1 36-48 but again the tp link says to only use 36.

Thanks
Trent

Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Hurt,Trenton W.

And yes I know I could and may still do 5ghz only ssid and force them to 
connect only to that but just hoping there might be another solution before I 
do that

Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Hurt,Trenton W. 

Sent: Wednesday, April 7, 2021 6:31:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: [WIRELESS-LAN] Elite form WiFi workout machines using tp link archer 
t6e cards


CAUTION: This email originated from outside of our organization. Do not click 
links, open attachments, or respond unless you recognize the sender's email 
address and know the contents are safe.

Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor

https://eliteform.com/about/

They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I’ve tried this and 
still some don’t connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won’t work well given the card has antenna diversity and mimo enabled 
on it by default.   Anyway we are now getting dual port antennas but still 
seeing lots of issues with the cards connecting or staying on 5ghz.  They 
connect ok to the network just always 2.4 and there are no settings in the 
advanced tab of drivers to prefer band like intel has.   I found this on tp 
link supprt site and going to try this driver next as it’s different than the 
driver listed on card main support page

https://community.tp-link.com/en/home/forum/topic/222782

Again just hoping someone else has solved this puzzle and can just give me 
something else to look at.  I did pcap and the cards only seem to support Unii 
1 36-48 but again the tp link says to only use 36.

Thanks
Trent



Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Elite form WiFi workout machines using tp link archer t6e cards

2021-04-07 Thread Hurt,Trenton W.

Curious if any schools have any of these machines from this company installed 
and working ok on their enterprise wlan systems regardless of vendor

https://eliteform.com/about/

They have tp link archer t6e cards installed in them. Tp link support suggests 
only using channel 36 to get them to connect to 5ghz.  I’ve tried this and 
still some don’t connect to 5ghz but yet some do.  Tried some different drivers 
from tp supprt page still no change.  The cards are ac dual port and the 
company first sent single port antennas to connect.  I tried to explain to them 
how this won’t work well given the card has antenna diversity and mimo enabled 
on it by default.   Anyway we are now getting dual port antennas but still 
seeing lots of issues with the cards connecting or staying on 5ghz.  They 
connect ok to the network just always 2.4 and there are no settings in the 
advanced tab of drivers to prefer band like intel has.   I found this on tp 
link supprt site and going to try this driver next as it’s different than the 
driver listed on card main support page

https://community.tp-link.com/en/home/forum/topic/222782

Again just hoping someone else has solved this puzzle and can just give me 
something else to look at.  I did pcap and the cards only seem to support Unii 
1 36-48 but again the tp link says to only use 36.

Thanks
Trent



Sent from my mobile device.

Trent Hurt

5028521513

University of Louisville







**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Norman Elton

We are SecureW2 for EAP-TLS. In addition to working well, and handling the
recent Android changes fairly well, I’ll commend their excellent support
staff. They are always quick to respond and extremely knowledgeable about
all things CA related.

A word to those looking to go EAP-TLS, whether securew2 or not ... you have
to make lots of important decisions up front (particularly around your CA
structure) and then live with them, basically, forever. Talk to a number of
other institutions about how they’ve named & labeled things before
beginning to onboard users.

Norman Elton
William & Mary

On Wed, Apr 7, 2021 at 2:55 PM Adam T. Ferrero  wrote:

>
>
>   I love the geteduroam app!  It is awesome, easy, pretty, and simple.  We
> are planning to leverage it for more of our onboarding.
>
>
>
>   We are open SSID with Aruba Clearpass captive portal, SMS texted
> credentials for self service guests (via Twilio), and switch to WPA2
> enterprise for actual internet access.  We’d been using Aruba OS specific
> landing pages to feed their Quick Connect tool to onboard.  Aruba is
> encouraging Onboard rather than Quick Connect but that comes with license
> fees.  With Android 11 changes and a desired to deprecate our PEAP/MSCHAP
> we’ve been spending time here.
>
>
>
>   Still a work in progress but geteduroam app is a win!  Nice work to that
> team!
>
>
>
>   Adam
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Philippe Hanset
> *Sent:* Wednesday, April 7, 2021 10:55 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [External] Re: [WIRELESS-LAN] WLAN onboarding
>
>
>
> Lee,
>
>
>
> Based on your timeframe you might also want to consider the new
> development that is done in Europe called “geteduroam”.
>
> https://www.geteduroam.app
>
> It is App based and will feed from CAT but it is based on EAP-TLS or on
> EAP-TTLS/PEAP if preferred.
>
>
>
> So you could start with CAT  and username/password (CAT allows you to
> provision eduroam and other SSIDs as well) and evolve later to EAP-TLS.
>
>
>
> Philippe
>
>
>
>
>
> Philippe Hanset, CEO
> www.anyroam.net
> Operator of eduroam-US
> +1 (865) 236-0770
>
>
>
>
>
>
>
> On Apr 7, 2021, at 10:05 AM, Lee H Badman <
> 00db5b77bd95-dmarc-requ...@listserv.educause.edu> wrote:
>
>
>
> Hello everyone, hope your semesters are going along smoothly and that you
> are all staying healthy. As always- this message is not an invite for
> vendors to contact me.
>
>
>
> Looking out down our short timeline, we need to make a number of decisions
> about various aspects of our WLAN operations. One of these decision points
> is if/how to do the 802.1X onboarding after our current solution goes End
> of Everything at year’s end. To that end, I’m looking for any and all
> feedback on these questions:
>
> - If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even
> if none, with manual config as methodology)?
>
> -If you are doing PEAP-TLS, what is your onboarder of choice?
>
> -Have you recently piloted any onboarders that you just hate for any
> reason?
>
> -For those using eduroam as your 802.1X environment, have you found the
> free configuration tool to be reliable? Any downsides to using it at scale?
>
>
>
> Interested in 3rd party, native, whatever.
>
>
>
> Thanks as always,
>
>
>
> Lee Badman
>
>
>
> *Lee Badman* | Network Architect (CWNE#200)
>
> Information Technology Services
> (NDD Group)
> 206 Machinery Hall
> 120 Smith Drive
> 
> Syracuse, New York 13244
> 
>
> *t* 315.443.3003  * e* lhbad...@syr.edu *w* its.syr.edu
>
> Campus Wireless Policy:
> https://answers.syr.edu/display/network/Wireless+Network+and+Systems
>
> *SYRACUSE UNIVERSITY*
> syr.edu
>
>
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
>
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>

**
Replies to EDUCAUSE

RE: [External] Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Adam T. Ferrero


  I love the geteduroam app!  It is awesome, easy, pretty, and simple.  We are 
planning to leverage it for more of our onboarding.

  We are open SSID with Aruba Clearpass captive portal, SMS texted credentials 
for self service guests (via Twilio), and switch to WPA2 enterprise for actual 
internet access.  We’d been using Aruba OS specific landing pages to feed their 
Quick Connect tool to onboard.  Aruba is encouraging Onboard rather than Quick 
Connect but that comes with license fees.  With Android 11 changes and a 
desired to deprecate our PEAP/MSCHAP we’ve been spending time here.

  Still a work in progress but geteduroam app is a win!  Nice work to that team!

  Adam

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Philippe Hanset
Sent: Wednesday, April 7, 2021 10:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [External] Re: [WIRELESS-LAN] WLAN onboarding

Lee,

Based on your timeframe you might also want to consider the new development 
that is done in Europe called “geteduroam”.
https://www.geteduroam.app
It is App based and will feed from CAT but it is based on EAP-TLS or on 
EAP-TTLS/PEAP if preferred.

So you could start with CAT  and username/password (CAT allows you to provision 
eduroam and other SSIDs as well) and evolve later to EAP-TLS.

Philippe


Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US
+1 (865) 236-0770






On Apr 7, 2021, at 10:05 AM, Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
 wrote:

Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.

Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?
-If you are doing PEAP-TLS, what is your onboarder of choice?
-Have you recently piloted any onboarders that you just hate for any reason?
-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?

Interested in 3rd party, native, whatever.

Thanks as always,

Lee Badman

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w 
its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [EXT] [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Johnston, Ryan

Lee,

We are using SecureW2 for both EAP-PEAP (when necessary) and EAP-TLS (our 
default and preferred) configuration.  SecureW2 is also our PKI for EAP-TLS.  
We've been a user for multiple years so we do not have experience with other 
tools although we did look at the CAT tool and considered its use years ago for 
EAP-PEAP config.  We're generally happy our current solution and echo the 
comments around Android 11 headaches recently.  Be aware of them.  We also use 
Eduroam as our main 802.1X SSID, but obviously are not using the CAT tool for 
it.



Ryan

--
Ryan Johnston he/him/his
Associate Director of Infrastructure
DePaul University
55 E Jackson Blvd | Chicago, Illinois 60604
https://www.depaul.edu |  https://helpdesk.depaul.edu

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Lee H Badman
Sent: Wednesday, April 7, 2021 9:06 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXT] [WIRELESS-LAN] WLAN onboarding

Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.

Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year's end. To that end, I'm looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?
-If you are doing PEAP-TLS, what is your onboarder of choice?
-Have you recently piloted any onboarders that you just hate for any reason?
-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?

Interested in 3rd party, native, whatever.

Thanks as always,

Lee Badman

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Lee H Badman

Thanks much, Curtis. And everyone responding.

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Curtis K. Larsen
Sent: Wednesday, April 7, 2021 11:56 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN onboarding

Hi Lee,

We have used the Cloudpath Enrollment System (Ruckus now) since it's release 
(2009?) for EAP-TLS onboarding, and they added PEAP capabilities a few years 
back.  I think it has been very versatile and amazingly simple to maintain.  
The only drawbacks have been a lag of a few weeks sometimes (rarely but it has 
happened) when an OS changes their supplicant, and Windows flagged their exe as 
a virus twice over a ten year period (luckily a manual cert download could 
bypass that).  We looked at secureW2 about a year ago, and in my opinion it is 
the best in the space (probably doesn't get flagged as a virus, haha), but the 
cost was many, many times more than Cloudpath for our large campus and hospital 
org.  We have also been able to use Cloudpath not just for 802.1X onboarding, 
but also to send i-PSK registrations to Cisco ISE on our IoT SSID.  Let me know 
if you'd like to see how we use it sometime.

Thanks,

--
Curtis K. Larsen
Wireless Network Engineer III
The University of Utah

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
Sent: Wednesday, April 7, 2021 9:30 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] WLAN onboarding

Thanks, Philippe. I didn’t realize CAT would accommodate non-eduroam SSIDs. 
That’s huge.
Lee Badman (mobile)


On Apr 7, 2021, at 10:55 AM, Philippe Hanset 
<005cd62f91b7-dmarc-requ...@listserv.educause.edu>
 wrote:
 Lee,

Based on your timeframe you might also want to consider the new development 
that is done in Europe called “geteduroam”.
https://www.geteduroam.app
It is App based and will feed from CAT but it is based on EAP-TLS or on 
EAP-TTLS/PEAP if preferred.

So you could start with CAT  and username/password (CAT allows you to provision 
eduroam and other SSIDs as well) and evolve later to EAP-TLS.

Philippe


Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US
+1 (865) 236-0770






On Apr 7, 2021, at 10:05 AM, Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
 wrote:


Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.



Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?

-If you are doing PEAP-TLS, what is your onboarder of choice?

-Have you recently piloted any onboarders that you just hate for any reason?

-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?



Interested in 3rd party, native, whatever.



Thanks as always,



Lee Badman



Lee Badman | Network Architect (CWNE#200)

Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   e lhbad...@syr.edu w 
its.syr.edu

Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems

SYRACUSE UNIVERSITY
syr.edu


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward

Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Curtis K. Larsen

Hi Lee,

We have used the Cloudpath Enrollment System (Ruckus now) since it's release 
(2009?) for EAP-TLS onboarding, and they added PEAP capabilities a few years 
back.  I think it has been very versatile and amazingly simple to maintain.  
The only drawbacks have been a lag of a few weeks sometimes (rarely but it has 
happened) when an OS changes their supplicant, and Windows flagged their exe as 
a virus twice over a ten year period (luckily a manual cert download could 
bypass that).  We looked at secureW2 about a year ago, and in my opinion it is 
the best in the space (probably doesn't get flagged as a virus, haha), but the 
cost was many, many times more than Cloudpath for our large campus and hospital 
org.  We have also been able to use Cloudpath not just for 802.1X onboarding, 
but also to send i-PSK registrations to Cisco ISE on our IoT SSID.  Let me know 
if you'd like to see how we use it sometime.

Thanks,


--
Curtis K. Larsen
Wireless Network Engineer III
The University of Utah


From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
Sent: Wednesday, April 7, 2021 9:30 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: Re: [WIRELESS-LAN] WLAN onboarding

Thanks, Philippe. I didn’t realize CAT would accommodate non-eduroam SSIDs. 
That’s huge.

Lee Badman (mobile)

On Apr 7, 2021, at 10:55 AM, Philippe Hanset 
<005cd62f91b7-dmarc-requ...@listserv.educause.edu> wrote:

 Lee,

Based on your timeframe you might also want to consider the new development 
that is done in Europe called “geteduroam”.
https://www.geteduroam.app
It is App based and will feed from CAT but it is based on EAP-TLS or on 
EAP-TTLS/PEAP if preferred.

So you could start with CAT  and username/password (CAT allows you to provision 
eduroam and other SSIDs as well) and evolve later to EAP-TLS.

Philippe


Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US
+1 (865) 236-0770






On Apr 7, 2021, at 10:05 AM, Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
 wrote:


Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.



Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?

-If you are doing PEAP-TLS, what is your onboarder of choice?

-Have you recently piloted any onboarders that you just hate for any reason?

-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?



Interested in 3rd party, native, whatever.



Thanks as always,



Lee Badman



Lee Badman | Network Architect (CWNE#200)

Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   e lhbad...@syr.edu w 
its.syr.edu

Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems

SYRACUSE UNIVERSITY
syr.edu



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Lee H Badman

Thanks, Philippe. I didn’t realize CAT would accommodate non-eduroam SSIDs. 
That’s huge.

Lee Badman (mobile)

On Apr 7, 2021, at 10:55 AM, Philippe Hanset 
<005cd62f91b7-dmarc-requ...@listserv.educause.edu> wrote:

 Lee,

Based on your timeframe you might also want to consider the new development 
that is done in Europe called “geteduroam”.
https://www.geteduroam.app
It is App based and will feed from CAT but it is based on EAP-TLS or on 
EAP-TTLS/PEAP if preferred.

So you could start with CAT  and username/password (CAT allows you to provision 
eduroam and other SSIDs as well) and evolve later to EAP-TLS.

Philippe


Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US
+1 (865) 236-0770






On Apr 7, 2021, at 10:05 AM, Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
 wrote:

Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.

Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?
-If you are doing PEAP-TLS, what is your onboarder of choice?
-Have you recently piloted any onboarders that you just hate for any reason?
-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?

Interested in 3rd party, native, whatever.

Thanks as always,

Lee Badman

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w 
its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Philippe Hanset

Lee,

Based on your timeframe you might also want to consider the new development 
that is done in Europe called “geteduroam”.
https://www.geteduroam.app
It is App based and will feed from CAT but it is based on EAP-TLS or on 
EAP-TTLS/PEAP if preferred.

So you could start with CAT  and username/password (CAT allows you to provision 
eduroam and other SSIDs as well) and evolve later to EAP-TLS.

Philippe


Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US
+1 (865) 236-0770






> On Apr 7, 2021, at 10:05 AM, Lee H Badman 
> <00db5b77bd95-dmarc-requ...@listserv.educause.edu> wrote:
> 
> Hello everyone, hope your semesters are going along smoothly and that you are 
> all staying healthy. As always- this message is not an invite for vendors to 
> contact me.
>  
> Looking out down our short timeline, we need to make a number of decisions 
> about various aspects of our WLAN operations. One of these decision points is 
> if/how to do the 802.1X onboarding after our current solution goes End of 
> Everything at year’s end. To that end, I’m looking for any and all feedback 
> on these questions:
> 
> - If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
> none, with manual config as methodology)?
> -If you are doing PEAP-TLS, what is your onboarder of choice?
> -Have you recently piloted any onboarders that you just hate for any reason?
> -For those using eduroam as your 802.1X environment, have you found the free 
> configuration tool to be reliable? Any downsides to using it at scale?
>  
> Interested in 3rd party, native, whatever.
>  
> Thanks as always,
>  
> Lee Badman
>  
> Lee Badman | Network Architect (CWNE#200)
> 
> Information Technology Services
> (NDD Group)
> 206 Machinery Hall
> 120 Smith Drive
> Syracuse, New York 13244
> 
> t 315.443.3003   e lhbad...@syr.edu  w its.syr.edu
> Campus Wireless Policy: 
> https://answers.syr.edu/display/network/Wireless+Network+and+Systems 
> 
> SYRACUSE UNIVERSITY
> syr.edu
> 
>  
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire community 
> list. If you want to reply only to the person who sent the message, copy and 
> paste their email address and forward the email reply. Additional 
> participation and subscription information can be found at 
> https://www.educause.edu/community 

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [EXT] [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Sweetser, Frank E.

We are using EAP-TLS.

For university owned machines that are joined to Active Directory, we have the 
domain generate machine and user certificates that are trusted by our RADIUS 
infrastructure.

For other devices, including personally owned, we are using SecureW2.  Overall 
it's been pretty solid, though with the current changes going on in the mobile 
device world, you pretty much have to expect some headaches as the vendors (I'm 
looking at you, Google...) quietly sneak in changes that can break various 
workflows without much advance notice.  Even taking that into account, the last 
time I looked at our service tickets it pretty clearly saved us a lot more time 
than it costs us in maintenance.

One word of warning on Android - regardless of which tool you're evaluating, 
ask them how they're handling the Android 11 changes.  Most notably, Android is 
now causing any wireless configurations that were generated via API to be 
segregated into a separate namespace, where those network configurations are 
not editable or even visible from the standard wireless settings.  This means 
if you use an onboarding tool to make a network, Android will try to use it, 
but if you have the user go verify the settings as part of troubleshooting, it 
just won't be there.  Our workaround has been to use SecureW2 to issue identity 
certificates, and then push the user towards a set of manual directions to 
configure.  It's a lot more work up front, but has been the best way to produce 
reliable results.

Frank Sweetser
Director of Network Operations
Worcester Polytechnic Institute
"For every problem, there is a solution that is simple, elegant, and wrong." - 
HL Mencken

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
Sent: Wednesday, April 7, 2021 10:05 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: [EXT] [WIRELESS-LAN] WLAN onboarding


Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.



Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?

-If you are doing PEAP-TLS, what is your onboarder of choice?

-Have you recently piloted any onboarders that you just hate for any reason?

-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?



Interested in 3rd party, native, whatever.



Thanks as always,



Lee Badman



Lee Badman | Network Architect (CWNE#200)

Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   e lhbad...@syr.edu w its.syr.edu

Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems

SYRACUSE UNIVERSITY
syr.edu



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] WLAN onboarding

2021-04-07 Thread Felix Windt

At Dartmouth, we use the free eduroam tool to onboard our PEAP/MS-CHAPv2 
eduroam SSID, which is our only 802.1x WLAN. It works really well for us. 
Occasionally I argue for switching to EAP-TLS, at that point we’d switch to a 
tool that does the certificate provisioning.

thx,
felix

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 

Date: Wednesday, April 7, 2021 at 10:05 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
Subject: [WIRELESS-LAN] WLAN onboarding

Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.

Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year’s end. To that end, I’m looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?
-If you are doing PEAP-TLS, what is your onboarder of choice?
-Have you recently piloted any onboarders that you just hate for any reason?
-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?

Interested in 3rd party, native, whatever.

Thanks as always,

Lee Badman

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

WLAN onboarding

2021-04-07 Thread Lee H Badman

Hello everyone, hope your semesters are going along smoothly and that you are 
all staying healthy. As always- this message is not an invite for vendors to 
contact me.

Looking out down our short timeline, we need to make a number of decisions 
about various aspects of our WLAN operations. One of these decision points is 
if/how to do the 802.1X onboarding after our current solution goes End of 
Everything at year's end. To that end, I'm looking for any and all feedback on 
these questions:

- If you are using PEAP/MS-CHAP v2, what is your onboarder of choice (even if 
none, with manual config as methodology)?
-If you are doing PEAP-TLS, what is your onboarder of choice?
-Have you recently piloted any onboarders that you just hate for any reason?
-For those using eduroam as your 802.1X environment, have you found the free 
configuration tool to be reliable? Any downsides to using it at scale?

Interested in 3rd party, native, whatever.

Thanks as always,

Lee Badman

Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: Elite form WiFi workout machines using tp link archer t6e cards

RE: Elite form WiFi workout machines using tp link archer t6e cards

Re: Elite form WiFi workout machines using tp link archer t6e cards

Re: Elite form WiFi workout machines using tp link archer t6e cards

RE: Elite form WiFi workout machines using tp link archer t6e cards

Re: Elite form WiFi workout machines using tp link archer t6e cards

Elite form WiFi workout machines using tp link archer t6e cards

Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] WLAN onboarding

RE: [External] Re: [WIRELESS-LAN] WLAN onboarding

RE: [EXT] [WIRELESS-LAN] WLAN onboarding

RE: [WIRELESS-LAN] WLAN onboarding

Re: [WIRELESS-LAN] WLAN onboarding

Re: [WIRELESS-LAN] WLAN onboarding

Re: [WIRELESS-LAN] WLAN onboarding

Re: [EXT] [WIRELESS-LAN] WLAN onboarding

Re: [WIRELESS-LAN] WLAN onboarding

WLAN onboarding

17 matches

Site Navigation

Mail list logo

Footer information