sapd_proc_sap_resp: Non-matching response received; dropped. 1
18 != 18, expecting id (,00eb3380,513)
Robert Spellman
Bates College
Information and Library Services
On Tue, Dec 29, 2020 at 9:44 AM Bucklaew, Jerry
mailto:j...@buffalo.edu>> wrote:
Robert,
We had a similar issue and it t
Robert,
We had a similar issue and it turned out to be the Ap’s had communication
issues with the controllers and they were constantly re-bootstrapping. The
controller showed them down but you could ping them. It was a juniper/backbone
thing. But I guess the point is, if the primary or
We moved to “wired-auth” about 2 years ago. The original goal was to
authenticate every wired port and make it more consistent with wireless. It
comes down to tracking and accountability for access to our network. A very
happy outcome was it basically got rid of all moves/add/changes.
To ALL:
We are running 6 7240xm controllers in a cluster with 8.3.0.7 code. We are
seeing something similar but not exactly. We are also seeing re-bootstrapping
but our “cluster heartbeat” looks fine. What we noticed is after some type of
network event where the ap’s temporarily loose
Philippe,
I like the reports, but as people have pointed out the errors are
concerning. It might be good to quantify the errors to unique macs instead of
just failures. You have unique users authenticated and then authenticated
percentage. But is that the percentage of total request vs
To ALL:
We also are moving to ArubaOS version 8.2.1.1 this summer, but we are a
little further along. We have 6,000 access points (as mix of
214,215,314,315,325,324,205h,303h) and 8 7240 controllers. We upgraded to the
7420xm controllers and did a hardware appliance for the mobility
We just completed this. As a rough estimate we doubled our density. We were
roughly 4,000 SF per access point and we went to around 2,00 SF. Those are of
course just rough estimates and the old "you should survey" applies to at least
some buildings.
From: The EDUCAUSE Wireless Issues
We have been on 6.5.2.1 for a couple months now with no “major issues”.We
have the 3xx dfs bug and we do see a ton of radar hits.
Waiting for the fix release that is due out in another week or two.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
To ALL:
I think it might be a bit early to report in, our students come back this
weekend. This time of year is normally like a "frog in the pot", every day for
the next two weeks our counts just keep slowly getting higher and higher. We
will see where it ends.
We are an aruba shop
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Bucklaew, Jerry [mailto:j...@buffalo.edu]
Sent: Thursday, August 10, 2017 3:36 PM
Subject: Re: EAP-TLS
Lee,
I want to state first that I am not, by any means, an expert on all of the
authentication standards and protocols. I wa
p Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bucklaew, Jerry
Sent: Thursday, August 10, 2017 3:36 PM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] EAP-TLS
Lee,
I want to state first that I am not, by any
: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] EAP-TLS
Jerry,
Am curious your reasons for TLS, like if anything beyond "it's better". Concern
for PEAP being deprecated, etc?
Lee
-Original Message-----
From: Bucklaew, Jerry [j...@buffalo.edu]
Received: Thursday
To ALL:
We currently do mac auth and EAP-PEAP authentication on our wireless network.
I am trying to put together a proposal to move to cert based authentication
and I was wondering if anyone has a proposal or justification already written
as to why you should move to cert based auth?
> We use bridge mode for one of the wired Ethernet ports and terminate it
> locally. This way a student can plug in to the Ethernet port and get
> the wired floor based vlan as the other wired ports on that floor.
We did the opposite. We bring both the ap ports and the other wired ports on
Joachim,
We have 205h and are testing 303h. For the 205h we designed it so the 3
wired Ethernet ports are tunneled back to the controller and put on a central
vlan. We have the wired Ethernet ports supporting both 802.1x and mac auth. I
don't think you can drop the 3 ethernet ports
We are currently moving to eduraom as the primary ssid. We are doing a
communication campaign and will retire the old 802.1x ssid at some point. We
do have a non802.1x ssid for “other” devices. It is a “start here” ssid that
will also configure you for 802.1x.
From: The EDUCAUSE Wireless
How do you track them down when they do something bad?
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 28, 2017 10:18 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN]
We have two ssid’s. One a “start here” that will do 802.1x onboarding, guest
access and mac registration. That one is all mac auth based. The other is the
802.1x ssid. We onboard about 80% of the devices to 802.1x.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
On 03/10/2017 08:58 AM, Earl Barfield wrote:
> I know that the Aruba / Hewlett Packard literature says that you can
> support 2000 APs on their biggest controller (7240XM).
>
> Is anyone actually running that many APs per controller in real
> production? If not, then how may APs per controller do
Well it normally comes down to "you get what you pay for". A quality solution
does cost. We did 205h in every other
room and are happy with the outcome. We did every other room to keep cost down
while providing good coverage.
On 02/20/2017 02:01 PM, Norman Mourtada wrote:
> We are actively
David,
We use 2,500 sq feet per ap for budgetary and planning purposes. It works
out pretty close when all is said and done.
On 01/10/2017 01:47 PM, Schuette, David wrote:
> For budgetary planning and rough expectation for number of APs to install.
>
> We are currently looking to start
To ALL,
We are currently an Aruba shop. We use a combination of Nat, Vlan pools,
large subnets, and airgroup. We break
our wireless network up into 3 controller groups that are geographically
separate. In each one, On our main ssid's we
have a vlan pool of 8 /21 subnets doing 8 to 1
You need a trace closer to the client. Most likely the offer is not making it
to the client or request is not making it
back to the server.
Possible causes -
1. packetloss at client side
2. rouge dhcp server
On 12/13/2016 02:23 PM, Atanas P Atanasov wrote:
> We’re a seeing some odd
On 11/30/2016 11:20 AM, Tim Tyler wrote:
> Tim,
>
> “subnet based on policy”? I have a pool of 6 vlans of which devices get
> randomly assigned to one of the 6 subnets.
> How does Airgoup know which subnets the two pairing devices are in? I
> thought it required a broadcast to find each
>
We run 40mhz in 5ghz for all our ap's (around 4,000). We monitor channel
utilization and interference but so far it
looks fine. Our argument was 40 or 80 and we decided to play it safe and do
just 40.
>
>
> Hi All,
>
>
>
> I was just reading a blog article that heavily recommends *not* to use
On 11/10/2016 11:04 PM, Becker, Jason wrote:
> We're getting ready to reduce the number of ssid that we have across Campus
> and one idea is to use edroam as our main
> 802.1x secure ssid. Is anyone else doing this and if so how is it going?
>
>
>
We are attempting to get down to two, eduroam
We just completed half our dorms and did an AP approximately every other room
(installed 2,000). We used the
"hospitality" ap's so they are mounted on the wall at jack height. We mounted
them where ever jacks where, which
created some "interesting" designs. We have many on outside walls,
On 09/27/2016 03:50 PM, Kitri Waterman wrote:
> Hi Brian,
>
>
>
> I haven’t seen a firmware upgrade option with scheduling, but you can
> definitely firmware upgrades through Airwave.
> Upload the firmware to Airwave and then on the device itself, pull down
> Device Actions and then select
We have had IPv6 enable on all our wireless for over 5 years now. The only
issue we have seen is some gear processes
ipv6 packets via cpu instead of at the hardware layer. The most recent issue
is we had to move away from ipv6 verify
source as it was done at the cpu level so we went to
We use Aruba clearpass. Our guest can create an account based on their email
address or login via their facebook account.
On 09/08/2016 02:03 PM, Linchuan Yang wrote:
> Dear All
>
>
>
> We are doing research for the wireless Guest network. Currently, we create
> temp employee account for the
On 07/21/2016 04:00 PM, Hector J Rios wrote:
> Jerry,
>
> We actually performed a packet capture to confirm that the accounting record
> was making it to ClearPass and it is. It's disappointing to hear that it has
> taken them this long to fix it.
>
>
Ok, I have learned the hard way, that it
Yeah, We have been pushing them to get it straightened out for almost a year
now.
Last I left it there were two pieces.
clearpass needs to support ipv6 accounting records, due out in 6.1
The aruba controllers need to send ipv6 accounting records, due out in 6.5 I
think
Where are you
Brian,
We are a bradford shop and are migrating to clearpass. We used the
bradford for registration or our resnet as well
as our wireless gaming network. It worked ok, but my major issues with it
were..
1. Bradford is designed around vlan switching, moving ports from one vlan to
the
> The 5.0ghz radios have so many more channels now. So is this bandwidth
> consumption and efficiency still a major concern
> for many of you? I know this was most certainly a critical issue for the
> 2.4ghz radios with only 3 channels, but my
> stats are showing that 2/3rds of our clients
On 06/20/2016 11:50 AM, Todd M. Hall wrote:
> Do you have all of the 802.11b data rates disabled? If so, how long have they
> been disabled? Did you have many complaints when you disabled them? Were
> there
> any particular devices that could not connect as a result?
>
> I'm hoping this
On 6/3/2016 11:19 AM, Alexandre Adao wrote:
> We are in the process to deploy Aruba AP with ClearPass in our campus. Also,
> we have a quite few number of Cisco 3702i
> APs. Is it possible to integrate those Cisco 3702i AP's with Aruba wirleless
> controller and ClearPass?
Alex,
It depends
36 matches
Mail list logo
