Quick question, what is the loglevel to get NAT and PAT translates from an
aruba controller? I'm stuck but I still don't feel like wasting an afternoon on
with TAC. Does someone know offhand?
Thanks!
**
Participation and subscription information for this EDUCAUSE Constituent Group
Anyone?
Jason Appah
Security / Systems Administrator
OIT
541-885-1719
On Dec 7, 2011, at 1:52 PM, Jason Appah
jason.ap...@oit.edumailto:jason.ap...@oit.edu wrote:
All,
We are looking to allow the private addresses of the unsecured wireless to pass
through our aruba, how would we go about
Thanks!
Jason Appah
Security / Systems Administrator
OIT
541-885-1719
On Dec 9, 2011, at 8:24 AM, Brooks, Stan
stan.bro...@emory.edumailto:stan.bro...@emory.edu wrote:
Jason -
We moved our NAT functionality off the Aruba controllers to separate boxes
because of some limitations in the NAT
All,
We are looking to allow the private addresses of the unsecured wireless to pass
through our aruba, how would we go about configuring the nat pools to
accomplish this? That is the 192.168.x.x that the client is assigned to pass
through the aruba on the way out to the external FW.
As it
We have had lots of problems with firefox and our aruba in general when used
with the captive portal. You didn't mention if this is 802.1x or CP or WPA but
safari and firefox seem to have problems with our CP on aruba over wireless
only.
From: The EDUCAUSE Wireless Issues Constituent Group
We are using it now, its niice!
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike King
Sent: Wednesday, March 23, 2011 9:28 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC code
Holy
The simple answer for that is a wireless print server, vlan the printers and
give the only route to the printers via the print server... viola! Choke point!
Cups works great for windows and mac and linux. As well as working with most
printers. Just make certain to bill whatever dept really
ignition server that worked flawlessly but has now died.
IAS was the replacement and machine auth hasn't worked since.
So, has anyone else experienced this?
Jason Appah
Security/Systems Administrator
Oregon Institute of Technology
Oregon's only Technical Institute.
Office 541-885-1719
Fax 541
We as ipad's and iphones become more prevalent in staff and faculty hands, we
become more interested in securing that new endpoint, for instance remote wipe,
and application security.
Can anyone on or off list speak to securing this new popular little bugger?
We have been Aruba from the start, and have deployed N alongside our initial BG
with great success.. a nice phased approach! The controllers support 10GBE, the
N radios have dual Gig uplinks (we use one for POE and one for GB uplink)
This was one of the deciding factors against MERU and Xirrus
I know that we've been contacted about issues relating to our rants on
technical nagging problems, (again for support not sales) and this makes us
quite happy. A perhaps unintended but useful feature :)
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
Procera will do that exactly
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Urrea, Nick
Sent: Friday, April 23, 2010 12:08 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN]
I'll chime in as well, we have around 100 Aruba 121 (n) and 65(BGA) access
points and two controllers. I won't talk about the ease of setup or the
features as that has already been discussed ad-nausea... I'll just say this:
not to knock Cisco, as they have never done me wrong, but Aruba support
-...@listserv.educause.edu] On Behalf Of Jason Appah
[jason.ap...@oit.edu]
Sent: Monday, December 14, 2009 11:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Private IP space for wireless users- anyone?
Yes, that is what we do. I just wondered how big if a bear it would be
to track
How does the user tracking work with pat? usually when we get a dmca
or virus or spam it doesn't come with a port?
Sent from my iPhone
Jason Appah
Systems Administrator
Oregon Tech
On Dec 14, 2009, at 6:09 PM, Hector J Rios hr...@lsu.edu wrote:
Lee,
We use private IPs, we PAT
Sounds like a great use case for ip mobility... what are you running for
wireless controllers?
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Garrett Harmon
Sent: Wednesday, September 30, 2009 11:09 AM
To:
Also on the subject, do you all cap per user bandwidth?
We recently reconstructed our dorms, and began support of the resnet (before
the recession they had their own foot soldiers taking care of it ).The old
resnet had a hodge podge of homegrown bandwidth caps tools that they used to
limit
We shape at the internet pipe as well... we only shape when user loads dictate
it, then we extend a per user bandwidth contract for the affected AP's
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of
I know that with aruba, we summarily have more than 40 people in a
single room , we have two access points and band steering turned on.
Nary a complaint (knocks on wood) it seems to load balance just fine.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
group determined by cisco? or by impluse? how do you enforce this?
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of Lee
H Badman
Sent: Wed 6/24/2009 4:54 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Student
As would I. thanks for sharing!
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Lunceford, Dan
Sent: Wednesday, June 17, 2009 9:01 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] configuration script
What is this VLAN pooling? How does it work?
**
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Jason Appah
Sent: Friday, May 15, 2009 1:01 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Enforcing and Ensuring Machine Auth 802.1x
At our little campus we have about 100 computers that are pure
I'd be interested to see how the packets look... and it also means rogue
detection just got a little funner L
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Lee H Badman
Sent: Monday, May 18, 2009 6:55 AM
To:
vlans
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of reflect ocean
Sent: Friday, May 15, 2009 10:52 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] WLAN Deployment-High number of
You could still get away with that with FAT AP's
That is since they are autonomous, you could assign different vlans and
in turn different ip scopes to the same ssid as they are all unawares of
each other.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
xample09186a0080665ceb.shtml
which allows you to throw users int specific VLAN's based on RADIUS
return attributes. All off the same SSID.
Mike
On Fri, May 15, 2009 at 2:39 PM, Jason Appah jason.ap...@oit.edu
wrote:
You could still get away with that with FAT AP's
That is since they are autonomous, you could
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Jason Appah
Sent: Friday, May 15, 2009 3:43 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN Deployment-High number of users
The only thing about
-...@listserv.educause.edu] On Behalf Of Jason Appah
Sent: Friday, May 15, 2009 4:10 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN Deployment-High number of users
Correct, but it generated a ton of support calls..
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
X2 to that! We'd love to be able to put an 80% loaded fair bandwidth
rule on our arubas...
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset
Sent: Monday, April 27, 2009 9:20 AM
To:
We have tried both with great results.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Brian J David
Sent: Wednesday, April 22, 2009 7:33 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject:
802.1x
On 3/17/09 7:57 AM, Paul Crittenden paul.critten...@simpson.edu wrote:
We are in the process of making our entire campus wireless. One of our
concerns is student printing. Currently our printer queues are on servers that
are on AD. We use a printer accounting software called Papercut
entire aruba infrastructure - so far no issues. Would
like to hear that your migration 3.3.2.11 is going well...
Travis Schick
UCDavis
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Jason Appah
Sent: Friday
i did the upgrade.
Thanks
Manoj
x2702
---
P. Manoj Abeysekera
Network Engineer
American University
4200 Wisconsin Ave, NW
Washington DC. 20016
Jason Appah jason.ap...@oit.edu
Sent by: The EDUCAUSE Wireless Issues Constituent
Sorry we are running Airwave Version 5
On 3/6/09 9:31 AM, Jason Appah jason.ap...@oit.edu wrote:
On that note, when we moved to 3.3.2.11 the other week, Airwave stopped
reporting bandwidth, was there a change to the MIB from 3.3.2.8 to 11 that
would have affected this? Airwave still
Todd,
As a small school, nearly 95% of our WLAN traffic is bound for the internet,
so sooner or later it is destined for the core, so at least for us, edge or
core wlan switching makes little difference when its all going there
anyways. Maybe I¹m missing something?
On 3/2/09 1:36 PM, Smith,
There isnt, which is a real bummer, as there are many many drawbacks to the
WZC client
On 2/19/09 8:41 AM, Johnson, Bruce T bjohns...@partners.org wrote:
One useful application with WZC-based PEAP is machine authentication for
unattended devices that need to stay connected. I'm not sure any
Does anyone have this command for aruba mc2400? I'm too lazy to look it up
:)
On 2/19/09 11:46 AM, Tupker, Mike mtup...@mtmercy.edu wrote:
:) Just had to ask. Sometimes the solution is an easy one. The only other way
I know of to control broadcasts on the AP420s is bc-mc-limiting command from
We use an aruba system with an aruba generated page, aruba also has a
concierge system that allows you to created automatically provisioned and
deprovisioned accounts to anyone who has the concierge login, and can allow
you to create multiple concierge systems as well as multiple captive portal
802.1x or MAC filtering, or both... In a previous life I supported wireless
for a large manufacturer with myriad dumb devices (thatis devices that
couldn¹t do 802.1x) so we did a mix an SSID that did MAC filtering for DUMB
devices and a SSID for 802.1x
On 12/10/08 3:30 PM, John Duran [EMAIL
to
the internal and just allow it to forward dhcp, the issues but we arent sure
that this will fix the issue as if it¹s dropping DHCP the obviously it wont
allow the forward to happen either.
Any suggestions?
Has anyone ran into this?
Thanks!
Jason Appah
Systems Administrator
Oregon Institute
Man I wish I had your budget, were about to pull the trigger on an aruba
deploy of 80 radios...
On 11/20/08 9:07 AM, Philippe Hanset [EMAIL PROTECTED] wrote:
Our latest strategy was phased ovehaul (but it might change!),
one building at a time with some tricky VLAN trunking when
buidling are
All,
We recently switched a few departments to an all 802.1x wireless solution,
using machine authentication; in the lab we had great success now that we
have this in the wild, we¹re having problems .
For infrastructure we have Aruba access points that broadcast three
different SSID¹s. One
I would second this step as well as updating drivers for the HP, most of
our problems with 802.1x are with older drivers
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Cottrell,
Charles P.
Sent: Monday, July 28, 2008
Most Windows Mobile 6 devices do WPA2 and 802.1x but a better client to
use would be Funk, (now juniper) odyssey client...
http://www.juniper.net/products_and_services/aaa_and_802_1x/odyssey/inde
x.html
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
as an add-on to other hand-helds.
-Lee
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Jason Appah
Sent: Friday, May 30, 2008 11:05 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] PDA 802.1x WPA2
] On Behalf Of Jason Appah
Sent: Friday, May 30, 2008 11:24 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] PDA 802.1x WPA2 or WPA
I have only used it as a part of windows mobile 5 on Intermec scanners
and touch screen devices, so I admit, I've only used it as a
pre-installation
We do the same, it's an extra step, but our Network Engineer scripted
the lookup for the DMCA notices allowing an almost instantaneous
response. Its quite nice once you have it setup.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL
I saw this post this morning also and I concur with Lee; with the price of
enterprise class AP's dropping you have two choices go enterprise, or do
nothing. That is at least you can manage expectations even if it's no the
answer your customers want to hear, it really IS what they want to hear,
I just wish I could get them to call me.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of Jon
Freeman
Sent: Sat 4/12/2008 1:49 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] many clients, one room
Added a
WOW?! Two radios and 250 users? Please describe your setup!
Jason D. Appah
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of John Center
Sent: Monday, April 14, 2008 5:28 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
I would second that, their technical support service is incredible, and are
patient and supportive, and in terms of ease of use, flexibility, and
overall power, they ignition server has all others beat.
Jason D. Appah
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent
I've tried this with our current implementation of IAS and it works fine,
re-challenges for correct password, and throws an event in ias evenlog...
perhaps its something else?
although I am glad to be moving to a idengines igition server... albeit for
different reasons.
the feature set that I am looking
for , e.g. aruba switched wireless or xirrus
We are starting to look at the xirrus as a means to deploy in environs were we
dont want to pay to (re) cable..
Has anyone used their solutions?
Jason Appah
[EMAIL PROTECTED]
Information Services
Systems Administrator
54 matches
Mail list logo