Jerry,
Chad (from eduroam-US) must have asked you for a test account from your
institution.
We use those accounts to test the connectivity of your institution AND also
monitor the service against your RADIUS server.
I'll ask him to contact you...this is part of our standard procedure to enable
May I ask you all some numbers...
How many seats/AP did you plan for your NCAA stadium?
Philippe
Philippe Hanset
www.eduroam.ushttp://www.eduroam.us
On May 8, 2014, at 8:20 AM, Lee H Badman
lhbad...@syr.edumailto:lhbad...@syr.edu wrote:
Mike makes great points. Having done our own domed
Oops never mind...
This link has some good info about seats/AP
http://wlanbook.com/stadium-wifi-list/
Thanks to Mike Albano for providing this!
On May 8, 2014, at 10:12 AM, Hanset, Philippe C
phan...@utk.edumailto:phan...@utk.edu wrote:
May I ask you all some numbers...
How many seats/AP did
I would go to Curaçao myself ;-)
and Bonaire has great diving!
(hint: ABC... Dutch Caribbean...though only Bonaire is a municipality of the
Netherlands)
Philippe Hanset
www.eduroam.us
On Apr 25, 2014, at 9:02 AM, Osborne, Bruce W (Network Services)
bosbo...@liberty.edu wrote:
tl:dr
All,
We have been informing eduroam connected schools in the US that were vulnerable
to heartbleed (about 10 schools were vulnerable out of 180 connected to
eduroam-US, less than 5%).
The eduroam federation did testing for all eduroam-connected campuses to
evaluate the level of vulnerability
Bad math... 10 out of 180 is more than 5% !
Sorry!
On Apr 15, 2014, at 1:16 PM, Hanset, Philippe C phan...@utk.edu wrote:
All,
We have been informing eduroam connected schools in the US that were
vulnerable
to heartbleed (about 10 schools were vulnerable out of 180 connected
, Academic Computing
Senior Network Administrator
p. 718-399-4219
f. 718-399-3416
Hanset, Philippe C wrote:
All,
We have been informing eduroam connected schools in the US that were
vulnerable
to heartbleed (about 10 schools were vulnerable out of 180 connected to
eduroam-US, less than 5
Great for Branch Offices where you want you control traffic to be send to the
campus controllers but the user traffic
to stay on the local network/broadband (especially important if people need to
access a lot of digital resources local to the Branch office).
We used them for Agricultural
No Problem Danny. I'm just breathing again ;-)
On Mar 10, 2014, at 2:43 PM, Danny Eaton dannyea...@rice.edu wrote:
You are correct, my apologies. @rice.edu goes to 'staff' or 'student', @*.*
goes to visitor.
That setup is similar to what we're doing - if any of our @rice.edu
users
Linchuan, Patrick,
If you use the solution from Frank Sweetser or Danny Eaton, you really don't
care which SSID your own users are latched on your campus.
Regardless of the SSID, make sure that your own users are being assigned to the
same VLANs that they would be have been assigned
had they
Eric,
The eduroam team (www.eduroam.ushttp://www.eduroam.us) is developing a system
to help with visitors that do not have eduroam credentials,
using the security and power of 802.1X. Which can address your question...
Why register everywhere you go?
We have tried to approach owners of hotspots
University of Tennessee Knoxville entered into such an agreement.
Their interest was to cover the Stadium. It's done, and it seems to work well.
There are many providers of such service, and UTK used a competitive bidding.
Two things that I can remember from that agreement:
-Once the initial
Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:l...@listserv.educause.edu]
On Behalf Of Hanset, Philippe C
Sent: Monday, February 10, 2014 4:24 PM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] DAS
Is the main justification for two drops due to power/bandwidth/the-two?
With many services and most killer apps going to the cloud, I would suspect
that the bandwidth to the WAN is so limiting,
that this excess of capacity on Wireless is a complete overkill (a vendor
driven non-sense).
Yes,
Lee,
I have yet to encounter a WLAN admin that wasn't intrigued by the diversity of
visitors when eduroam is enabled.
And this is the low season for eduroam at the moment!
Check the graph of the US top levels at https://www.eduroam.us/node/232
If I may ask, how many non eduroam visitors do you
And the WLAN industry also does strange math ;-)
A lot of services are going to the Cloud, mostly using your pipe to the
Internet.
It seems that, progressively or even rapidly, the limiting factor is not Wi-Fi
anymore but rather the pipe to the internet.
1 Gbps to each Wireless AP is a lot of
Many places have problems with OSCP... they don't let users that join the portal
check for the OCSP validity (forget to allow for this in firewall) of the
portal's certificate. That will make some OSes that
don't automatically switch to CRL fail.
Or worse, certificate providers change the IP
from the top of my head...
###What's bad for the user:
-Captive portal: no encryption over the air, pesky re-authentication and
timeouts, no authentication of the infrastructure
(yes, when you accept that SSL Cert from RADIUS you actually authenticate the
infrastructure)
-802.1X: finicky
(coming from a discussion a few minutes ago with a large University that is
considering joining eduroam)
When we first started eduroam in the US, we had so few connectors that we
required institutions
to be Identity Providers (IdP, connect your backend authentication for your
users) and
Matt,
To add to what people have already mentioned on the list:
If you already have a working 802.1X implementation, the work on the RADIUS
server to become eduroam enabled is really basic.
(instructions are located on the website www.eduroam.ushttp://www.eduroam.us
for various RADIUS flavors.
By the way...
For schools that go with #1 (use eduroam as your own SSID), there is a free
installer that can make the rollout of 802.1X
quite easy! Not a bad saving!
http://cat.eduroam.org
Best,
Philippe Hanset
www.eduroam.ushttp://www.eduroam.us
On Nov 1, 2013, at 12:47 PM, Ian McDonald
Lee,
I hate to bust your identity pride ;-) but...
In my experience the only people that care about the SSID names are the IT
Crowd and some of the University administrators.
(when will we have TV series on University Administrators?)
Users just want something that works...they don't even look
About 802.1X installers...
There is a free installer that comes with eduroam that can help automatic
installations:
http://cat.eduroam.org
It works for most OSes except Android (and a client for Android is planned),
and it works for most EAP methods, except EAP-TLS.
It can only be used for the
Vendors can chime in on a purely technical aspect without promoting their
solution or brand.
That's where it gets tricky especially when some vendors promote a patented
technology under
the cover of promoting a solution.
It happens here and there, and in my 12 years on the list I have seen great
Steve,
From discussions that I have had with nsrc.org (the guys at University of
Oregon known for building networks in Africa),
they really enjoy Ubiquiti for small and mid size networks (they use point to
point and campus APs).
This said, you are managing a campus in the US and your
All,
I have contacted Cisco directly to try to accelerate the availability of the
REALM stripping feature.
Same with Microsoft and IAS (REALM stripping issue, and I'm also contacting
them directly as well)
Hope it will work!
Philippe
Philippe Hanset
www.eduroam.ushttp://www.eduroam.us
On
Lou,
http://www.linkedin.com/pub/lou-vogel/10/a80/870
Here is the list etiquette:
Promotional Messages and Advertising
EDUCAUSE Constituent and Discussion Groups are educational in nature and
not intended for promotional announcements, advertising, product-related
press releases, or other
Wishing you a great summer,
Philippe
Philippe Hanset
www.eduroam.ushttp://www.eduroam.us
wireless-lan@educause constituent group leader
Begin forwarded message:
From: Catherine Yang cy...@educause.edumailto:cy...@educause.edu
Subject: [CGLEADERS] Please Forward- EDUCAUSE Sprint 2013 - Beyond
It is with a lot of sorrow that I'm announcing to this list that our friend
and colleague Dewitt Latimer
has passed away.
http://www.kpax.com/news/msu-chief-information-officer-killed-in-motorcycle-crash/
Dewitt created the wireless-lan list out of University of Tennessee then
transferred it
Roger,
If I could, here is how I would do it.
3 SSIDs, and I will name them for your campus as an example:
# uthsc-open (open SSID controlled by a Web gateway)
# eduroam (802.1X only)
# uthsc-personal (hidden or not, you decide...great for medical instruments and
various styles of scanners
This seems like a good time to post Educause's list Etiquette:
Promotional Messages and Advertising
EDUCAUSE Constituent and Discussion Groups are educational in nature and not
intended for promotional announcements, advertising, product-related press
releases, or other commercial use. Please
Jake,
It seems that distributed architecture charge a yearly support fee per AP.
In the controller based world, we often skip AP support and self insure
ourselves due to our large deployments.
To keep in mind when the RFP comes back!!!
Also to consider:
-IP mobility
-Roaming: key exchange,
Jason,
When I first started eduroam in the US, I did that on my spare time while
working at University of Tennessee and while
supporting our growing Wi-Fi network. Mike (2004-2006), Dave (2007-2010), and
Chad (2010-now) were my eduroam acolytes over the years.
I couldn't have done it without
://www.eduroam.us
On Apr 18, 2013, at 10:29 PM, Becker, Jason
jbec...@wustl.edumailto:jbec...@wustl.edu wrote:
Thanks Philippe, we currently are using 802.1x and meant to just ask about the
psk.
Thanks!
From: Hanset, Philippe C phan...@utk.edumailto:phan...@utk.edu
Reply-To: The EDUCAUSE Wireless
Jason,
Your subject mentions WPA2-enterprise, and the body of your text mentions PSK.
If you move your infrastructure to WPA2-PSK, yes if someone watches the 4 way
handshake they can get the key between AP and device for
all people on the WPA2-PSK network.
With WPA2-enterprise it is more
www.eduroamus.org
On Nov 14, 2012, at 12:14 PM, Julian Y Koh kohs...@northwestern.edu wrote:
On Nov 13, 2012, at 09:11 , Hanset, Philippe C phan...@utk.edu wrote:
For sanity, we will only pass to you *.northwestern.edu or other domains
that you own and would like to be resolved e.gnorthwestern-1.edu
Lee,
eduroam is EAP agnostic.
All that the roaming does is pass the initial SSL/TLS tunnel to the home
institution.
Then in the tunnel, exchanges occur between your device and your home
institution
So, as long as your institution does a tunneled EAP, your are done. The visited
institution
has
For sanity, we will only pass to you *.northwestern.edu or other domains that
you own and would like to be resolved e.g northwestern-1.edu
On Nov 13, 2012, at 9:24 AM, Julian Y Koh kohs...@northwestern.edu wrote:
On Nov 12, 2012, at 18:34 , Hanset, Philippe C phan...@utk.edu wrote
Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
on behalf of Hanset, Philippe C [phan...@utk.edumailto:phan...@utk.edu]
Sent: Tuesday, November 13, 2012 10:01 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re
Buffalo
r...@buffalo.edumailto:r...@buffalo.edu
716.645.3552
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:l...@listserv.educause.edu]On
Behalf Of Hanset, Philippe C
Sent: Tuesday, November 13, 2012 10:02 AM
To:
WIRELESS-LAN
Educause-Denver-2012 was a success. Great topics, amazing Weather, great
audience, and even good food!
The following topics were tackled by the Wireless-LAN group within the 50
minutes assigned.
Here is the report from our meeting. Thank you to Jeffrey Ballentine from UPenn
for taking notes
... We have the stats but are not publishing institution specific them for
privacy reasons.
http://www.eduroamus.org/node/232
I have testimonials from Schools like UCSD and UChicago that immediately
noticed hundreds of visitors on their campuses.
Drexel University, for instance, had 40 eduroam
On Nov 12, 2012, at 6:39 PM, Lee H Badman lhbad...@syr.edu wrote:
Does anyone keep stats on how much your Eduroam efforts get used? Like, other
than just being in the club, is it really providing benefits that an
easy-to-use guest network wouldn't? Not being snarky, but genuinely wondering.
-a-Sketch. Please excuse squiggly lines.
On Nov 12, 2012, at 19:44, Hanset, Philippe C phan...@utk.edu wrote:
On Nov 12, 2012, at 6:39 PM, Lee H Badman lhbad...@syr.edu wrote:
Does anyone keep stats on how much your Eduroam efforts get used? Like,
other than just being in the club, is it really
The Wireless-LAN session is on Wednesday Nov 7, from 10:30 till 11:20 Mountain
Time, room 402.
Topics that come to mind:
-802.11AC Why wait? Why jump?
-How to empower users with Bonjour needs?
(or consequences for not doing it)
-Is Wireless management slowly moving to the switch? What does it
PowerDsine definitely!
One reminder: if you have old wiring where the cat5 is split into two circuits
(2 pairs for each circuit...was popular in some places in the nineties),
you cannot use a Midspan (power injector), but you can use an endpsan (powered
switch).
Philippe Univ. of TN
On Oct
This is official, we have almost reached the capacity of our public IP
addresses (20,000 just on Wireless)
We love IPv6, but for the moment it's not going to solve our issue!
So, NAT it is, and we have zero experience besides our visitor network that
handles 1000+ users.
Our plan is to
As you may have seen from recent posts on a few of the CG lists the Handheld
and Mobile Computing CG is now Mobile Technologies.
As the importance of mobile technologies has evolved since the inception of
this constituent group and as the importance of mobile technologies continues
to
All,
(trying to help our systems group by asking this list)
Have any of you experienced DHCP issues due to too many machines requesting
leases?
We run two ISC DHCP servers (in Active-Active mode) with 30 minutes lease time
Running on SUN V440, no unusual I/O load, no unusual CPU load and
Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hanset, Philippe C
Sent: Monday, August 27, 2012 1:20 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] DHCP losing its mind..
All,
(trying to help our systems group by asking this list
Craig,
That's a very good point to remind us. It's easy to forget that with VLAN
pooling each Access-Point does broadcast
to all members based on VLANs represented on that Access-Point. With the
scenario that you demonstrate (we have the same geographical behavior with
class changes),
Neil et al.,
About the petition, I would like to provide two comments:
(sorry for the delay, I was enjoying a few days off in NYC... man what a city!)
1) l would propose not to ask to support in enterprise networks but in
Academic Environments.
Though many of our networks are run like
Thank you Lee.
I definitely believe that it is a great use of the list...A request made by
Academia and for Academia
Let me add:
Even as an Apple shareholder,
(no conflict of interest, more of a vested interest in the matter ;-),
I believe that it is way past our time to voice our opinion
Mike,
For a one off and minimal investment, I would bring up an Open-WRT or DDRT AP
(or any affordable AP that is capable of doing WPA2-enterprise) independent
from your regular infrastructure and make people join a dedicated subnet for
that room (use NAT, and WPA2-enterprise).
Connect the
and was shot down.
If I do a separate SSID, on the same VLAN as the Apple TV, I'd still have to
turn Multicast on on the controller, but I wouldn't have to roll out a PIM-SM
deployment.
Mike
On Tue, Jul 3, 2012 at 10:03 AM, Hanset, Philippe C
phan...@utk.edumailto:phan...@utk.edu wrote:
Mike
Brian,
We haven't done a point to point with 802.11n yet but our considerations,
before 802.11n, were the following:
-We usually prefer a complete embedded solution (AP+Antennas in one enclosure)
rather than an outdoor AP with connected antennas
(e.g. Proxim used to do that with their Tsunami
Mike,
For wireless, we use release based printing.
No one knows where you are better than you ;-)
You can send a print job from anywhere you want. It goes to a print queue.
(the print queue has also the advantage to do accounting/person)
To release the print job at the right location, you have to
Michael,
Have you inquired about the built-in load balancing features of RADIATOR?
You might not need an extra load balancer...
Specifically one of these clauses:
AuthBy ROUNDROBIN, AuthBy VOLUMEBALANCE, AuthBy
LOADBALANCE, AuthBy HASHBALANCE, AuthBy EAPBALANCE.
Philippe
Philippe Hanset
Lee,
In Knoxville, TN we have Buddy's Barbecue (AKA Buddy's BBQ),
and we cannot resell an SSID as a state school.
I believe there is an Educause AUP about not mentioning BBQ before 11 a.m. EST.
Supposedly it creates various unwanted Pavlov conditionings
within our community. Also, next thing you
Lee,
Univ. of TN Knoxville still runs 4 channels (1-4-8-11) and has been doing so
since 2000!
This said, we had a long discussion with Aruba Networks engineers about 3 VS 4
and they mentioned that
their algorithms are better tuned for 3 channels (I suspect that it is the case
for most vendors
On May 8, 2012, at 3:00 PM, Coehoorn, Joel wrote:
The short answer is no. It comes down to the skirts again. Most low-end tools
to measure wireless coverage do a poor job of showing this, but my
understanding is that wifi RF is such that the skirts flare out quickly, and
you have nearly all
Brian,
With eduroam the relation is strictly between the client and its home
institution.
As long as you use a tunneled EAP method (PEAP, EAP-TTLS, EAP-TLS, EAP-FAST,
)
you will be able to join eduroam. The main national and international eduroam
servers only help pass the TLS tunnel
Give different IP addresses on the visitor network that cannot access local
resources (e.g Blackboard).
We also use the allow unknown clients in DHCP. Once a device is registered on
the regular network, it will not receive a lease on the visitor network.
Philippe Univ. of TN
On Jan 30,
We limit the upload for our dormitories to 3 Mbps and the download to 10 Mbps
per user on our Aruba controllers.
Mostly because we still have 802.11b/g and need to manage the WLAN capacity (we
rarely reach the limit on the WAN side).
Once we upgrade to 802.11n with high density we will
to connect their personal AP to
your network?
Bruce Osborne
Wireless Network Engineer
IT Network Services
(434) 592-4229
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
From: Hanset, Philippe C [mailto:phan...@utk.edu]
Sent: Thursday, November 10, 2011 8:44 PM
Subject: Re
If you provide a great wifi coverage and no wired access
You shouldn't have to worry about rogues (since there is
No port to connect to ;-)
Philippe,
University. Of TN, Knoxville
On Nov 10, 2011, at 8:29 PM, Jeff Kell
jeff-k...@utc.edumailto:jeff-k...@utc.edu wrote:
On 11/10/2011 8:24 PM,
Wireless Issues Constituent Group Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
on behalf of Hanset, Philippe C [phan...@utk.edumailto:phan...@utk.edu]
Sent: Thursday, November 10, 2011 8:44 PM
To: mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
WIRELESS-LAN
Group,
If you are interested in attending the ACTI annual meeting, please read below:
Best,
Philippe
Subject Line:
2012 ACTI Annual Meeting: Held Jointly with CSG, Open to All Interested in Core
Technologies
Copy:
To help facilitate collaboration on core technology challenges among colleges
Lee,
I will speak as UTK and eduroam-US.
We see a lot of satisfaction with the following three RADIUS flavors:
-RADIATOR (supported, very affordable, and PERL based...easy to customize,
keeps up with innovations: RadSec, CUI,...)
-FreeRADIUS (open Source, FREE, C based, support community, keeps
Lee,
If you want to see some configuration examples
for six RADIUS flavors go there:
https://www.eduroamus.org/radius_configuration
This will not give you examples of how to do PEAP, but you will have a good idea
of how the various flavors are configured for proxying.
Philippe
On Nov 1, 2011,
Jason et al.,
One heads up: with 2048 bit certs make sure that you have the Framed-MTU flag
in RADIUS set to something like 1400 bytes
Reference: http://www.eduroamus.org/node/29 read the last paragraph.
It applies for regular campus 1x and eduroam
Philippe
Univ. of TN
On Oct 19, 2011, at
All,
The wireless-lan@educause will have a session at the Educause conference
(Philadelphia)
this coming Wednesday from 4:50 p.m. till 5:40 p.m.
I will also present a poster (Wed 1:30 pm) and a session (Thu 1:30 pm) about
eduroam.
Here are some of the topics that I had in mind:
-iOS5:
This is the wireless-...@educause.edumailto:wireless-...@educause.edu, not
the un-wireless-...@educause.edumailto:un-wireless-...@educause.edu ;-)
Seriously, we have seen teachers requesting devices to be turned off during
class, or else...
Also, the curriculums are requesting increasingly
Nick,
Most RADIUS servers will let you do that
(freeRADIUS, RADIATOR, ACS...)
If you want to separate users you can also
Use the same SSID that you use currently
And return an attribute item from AD that would
Set the VLAN per user or per group of users.
Philippe,
Ken,
(just throwing a flashing experience of our own...)
Does it flash when you connect just one AP-1200 or if you connect many AP-1200?
Switches or Midspan can only handle as much as the power supply can provide.
So if you overload the system it will flash.
We have had that problem when
Ryan,
We have a 6 months password change policy for users with regular access
and a 2 months password change policy for users with sensitive access.
So far, it has been a nightmare for Macs (10.5, 10.6,...) on our 802.1x
network.
EAP-TLS or change the mind of the security office have been the
Don,
We have two separate SSIDs that do 802.1x
ut-wpa2 and eduroam, across campus.
This separation is creating a lot of confusion to our community.
Sometimes they wonder why use one versus the other!
We would like to redesign this and only have the eduroam SSID, but separate
the traffic based
Overlaying ATT Wi-Fi over the wireless network to me seems like the same
problem as
a vendor specific DAS.
Only ATT customers can really use the infrastructure unless you are willing to
pay a la carte for the service.
What's next? Verizon Wi-Fi, Sprint Wi-Fi... or a web page where you have to
@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
On Behalf Of Hanset, Philippe C
Sent: Thursday, July 21, 2011 1:01 PM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] ATT WiFi
Overlaying ATT Wi-Fi over the wireless network to me seems like the same
Bruce,
We install our APs in the same subnet as our users (for reasons mentioned by
others as well: it seems that
rogue detection works better on the wire side that way), but with private IP
addresses.
The gateway as two subnets (one primary and one secondary).
Primary is for users, secondary
All,
(I checked the Archives and couldn't find anything on this)
One of our desktop support guy is losing his mind on a problem with three iMacs
that have a very erratic behavior on wireless only.
-Those iMacs were purchased during the last month.
-They can join Wireless
-They can get a DHCP
but
safari and firefox seem to have problems with our CP on aruba over wireless
only.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hanset, Philippe C
Sent: Wednesday, June 01, 2011 3:38 PM
To:
WIRELESS-LAN
On Apr 5, 2011, at 11:34 AM, Johnson, Neil M wrote:
These questions are targeted at larger schools with large dorm populations
that use EAP authentication (802.1x) on their wireless network.
1. What is your school's policy in regards to students installing their own
access points in the
technological solution, but it's
still wrong in my book. If a student is not attending class, your dean of
students needs to bring the student in for a discussion.
Jeff
Hanset, Philippe C phan...@utk.edu 4/1/2011 9:22 AM
All,
University of Tennessee has had some class attendance
Having done a Dorm Installation last week, let me add another point:
5 Ghz is great, but in some places you might want to skip the expense.
We had no choice but to feed Dorm suites from the center hallway.
After a thorough testing we came to the conclusion that we would only provide
802.11n at
.
Dave Molta
On 3/22/11 3:59 PM, Hanset, Philippe C
phan...@utk.edux-msg://2463/phan...@utk.edu wrote:
Having done a Dorm Installation last week, let me add another point:
5 Ghz is great, but in some places you might want to skip the expense.
We had no choice but to feed Dorm suites from
Curtis,
I'm a big advocate of EAP-TLS if you are willing to deal with the PKI.
How do you deal with Certs? Do you have a PKI for other purposes as well?
Philippe
On Feb 25, 2011, at 3:35 PM, Curtis, Bruce wrote:
On Feb 14, 2011, at 12:28 PM, Hanset, Philippe C wrote:
All,
I have asked
Air is so noisy in the Microwaves range these days (cellular, Wi-Fi, you name
it...), I would think
that people that use spectrometers that are sensitive to Microwaves have to
worry
about a lot more things than just University based Wi-Fi.
Why not isolate the spectrometer instead of the Wi-Fi?
All,
I have asked this question in the past, but things change, someone out there
might have a better answer!
We run two 802.1x SSIDs with WPA2 (ut-wpa2 and eduroam).
All goes well on these two SSIDs until users are asked to change their password
(every 6 months)
(would love to get rid of that
Funny that you mention that. We did a comparison yesterday between
a Fluke AirCheck and an Iphone4 using WiFiFoFum.
The AirCheck was consistently 15 dBm better than the Iphone.
(consistent with your data)
Since Iphone like devices are showing all over campus much more than
Fluke
Stan
We do use VLAN pooling extensively and our pools are large - 16 to 20 /24
subnets. I don't think there is any issue going higher, but I don't know what
the upper limit is.
Aruba supports a maximum of 32 pools.
You assign the subnet that you want to each pool (we have 32*/23)
Philippe
Shiling,
We have opted to leave Aruba controller as layer2 devices,
and terminate all of our subnets on VRFs on one external router,
except for our web based visitor network that is terminated on our Master
Controller.
Aruba will let you do everything (Rules, Roles, FW etc...) you want at layer
,
Shiling
On Tue, Jan 18, 2011 at 2:47 PM, Hanset, Philippe C phan...@utk.edu wrote:
Shiling,
We have opted to leave Aruba controller as layer2 devices,
and terminate all of our subnets on VRFs on one external router,
except for our web based visitor network that is terminated on our
Zach,
I forwarded your question to our UTK resident faculty/service defender,
and here is his answer:
But to answer Zach's question about consequences..
Blocking mDNS/Bonjour/Zeroconf (all the same proto) will immediately
affect the users if they use the iLife tools (iTunes, iPhoto, etc).
Bruce,
We face the same issue.
So far we have solved it by deciding to continue to use b/g outdoor while
waiting
for an outdoor/enclosed 802.11n (antenna and AP embedded in one elegant metal
box) :(
This said, the cost of enclosed outdoor APs is really high
compared to indoor APs with outdoor
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Hanset, Philippe C
Sent: Jueves, 18 de Noviembre de 2010 07:42 p.m.
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WiFi blockers in classrooms
And do you plan to block air-cards
And do you plan to block air-cards on cellular as well with that jammer?
Philippe
Univ. of TN
On Nov 18, 2010, at 4:06 PM, Luis Fernando Valverde wrote:
I understand your points of view and I agree with some of your comments.
However, we use our classrooms for multiple academic activities (MBA
] On Behalf Of Hanset, Philippe C
Sent: Wednesday, October 06, 2010 7:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] solar panel powered AP: pictures
Some of you have asked to have details of our home-made
solar panel powered AP. Since it is dismounted at the moment I was able
Some of you have asked to have details of our home-made
solar panel powered AP. Since it is dismounted at the moment I was able to take
clear pictures of
the equipment's labels.
http://www.flickr.com/photos/crangoncrangon/
Best,
Philippe
Univ. of TN
**
Participation and subscription
One more piece of info on the 00:11:22:33:44:55 weirdness:
We have a user registered in NetReg with MAC address 00:11:22:33:44:55,
It is an Imac and was registered on our network in Parallels (browser reference
is Windows NT 6.1).
I wonder how many of these strange MAC addresses are generated by
1 - 100 of 104 matches
Mail list logo
