Re: [WIRELESS-LAN] MPSK SSID Names

[John Rodkey]

We kept things simple:
Visitor
IoT
Campus

Visitor has a well known password that is posted in various places around
campus and emailed to students.
IoT has a password distributed to students when they arrive on campus.
Campus is a 802.1x linked to their account credentials.

On Tue, Jun 8, 2021 at 1:22 PM Christopher H Ressel  wrote:

> We marketed MPSK as a solution for IOT clients so we named ours UNR-IOT.
> It seems to have been self-explanatory enough as we haven’t had much user
> confusion.
>
>
>
> Chris
>
>
>
> *From: *The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Brian Helman <
> bhel...@salemstate.edu>
> *Reply-To: *The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Date: *Tuesday, June 8, 2021 at 12:04 PM
> *To: *"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Subject: *[WIRELESS-LAN] MPSK SSID Names
>
>
>
> Anyone using Aruba’s (or if other manufacturers have a similar feature)
> MPSK service?  What did you use for an SSID – looking for naming ideas.
>
>
>
> -Brian
>
>
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity=04%7C01%7Ccressel%40UNR.EDU%7Cf776b29c68cf44a76e3f08d92ab049fa%7C523b4bfc0ebd4c03b2b96f6a17fd31d8%7C1%7C0%7C637587758913114482%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000=24MAjqUG0UXEMhmWBARsevIMtbCE%2B3TqpmhMMWgSfOc%3D=0>
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
-- 
John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues

[John Rodkey]

These are all outbound 8801 connections?  We don't block outbound, but we
do block inbound, and our firewall is blocking a number on port 8801.
Zoom's Firewall article https://support.zoom.us/hc/en-us/articles/201362683
only shows outbound as being required, but the inbound traffic is puzzling.

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Fri, Feb 12, 2021 at 8:54 AM Hales, David  wrote:

> Zoom starts out trying UDP/8801, then if that fails goes to TCP/8801.
> Then if that fails it runs SSL on TCP/443.  Then if that fails the user has
> to use the web client over http/https.  You can find the networks needed in
> an automatically updated text list format for linking to dynamic firewall
> rules at the follow URLs:
>
>
>
> https://assets.zoom.us/docs/ipranges/ZoomMeetings.txt
>
> https://assets.zoom.us/docs/ipranges/Zoom.txt
>
>
>
> That being said, this fallback process is at call setup.  Once the call is
> up and running, if you’re seeing client association issues, then the Zoom
> disconnects or hangs that follow those are just symptoms of whatever is
> causing the wireless issues between the client and the AP.
>
>
>
> *David Hales*
>
> *Network Systems Administrator*
>
>
>
> Information Technology Services
>
> Tennessee Tech University
>
> 1010 N. Peachtree Av., CLEM117
>
> Cookeville, TN 38505
>
> *P:* 931-372-3983
>
> *E: *dha...@tntech.edu
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Sullivan, Don
> *Sent:* Friday, February 12, 2021 10:01 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues
>
>
>
> *External Email Warning*
>
> *This email originated from outside the university. Please use caution
> when opening attachments, clicking links, or responding to requests.*
> --
>
> Ok, I’m going to throw something out there that may sound stupid, but I am
> ok with appearing stupid. When a client initiates a zoom call is that done
> via UDP or TCP? If it is done via UDP, can the session fail over to using
> TCP SSL connectivity in the middle of the call? Can that in turn create a
> situation where the wireless session disassociates and then tries to
> reassociate? I ask these questions because when I have been looking at
> drops during a Zoom call I have been seeing the wireless client
> disassociating and re associating at the same time the Zoom dashboard says
> the client lost their network connection. Those of you using Voyance (ENI)
> will see it in the time line as a “bad roam”. I am wondering if I am seeing
> a wireless network issue or is it a client and/or Zoom issue. I have seen
> it on both Windows and Macs. Just wondering if this is a one off or
> consistent with what others are seeing.
>
>
>
> *Don Sullivan*
>
> *Network Administrator*
>
> *Technology Services*
>
>
>
> 205-726-2111 <+1205-726-2111> | office
>
> dsulli...@samford.edu
>
> LinkedIn
> <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Flinkedin.com%2Fin%2Fdonaldasullivan=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856917823%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000=l9y2yWdXgafEV3Mv5agMLCQW4b9EhWXX64vgXesEzzY%3D=0>
>
> www.samford.edu
> <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.samford.edu%2F=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856927814%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000=qwWHuNk%2BydBuxM%2FLl2Ko%2FU6gFKLsqzuEFE8sXsuKz%2FA%3D=0>
>
> 800 Lakeshore Drive
> Birmingham, AL 35229
> <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmaps.google.com%2Fmaps%3Fq%3D800%2BLakeshore%2BDrive%2C%2BBirmingham%2C%2BAL%2B35229%2C%2BUS=04%7C01%7Cdhales%40TNTECH.EDU%7C139667bc5ebe4b9ef07208d8cf6f71f3%7C66fecaf83dc04d2cb8b8eff0ddea46f0%7C1%7C0%7C637487424856927814%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000=KWFea%2FK%2FVhOAyGZIVmC1wtw0CyXZ7Q%2BWGMD0tDhNlTM%3D=0>
>
>
>
> [image: Samford Samford University Logo]
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU

Re: [WIRELESS-LAN] Issues with Zoom in Res Halls

[John Rodkey]

Mike Dorshimer's experience mirrors ours at Westmont.  We had to upgrade
our firewalls, switch stack associated with the Internet, Bandwidth from
our ISPs, and core switches to deal with the increased traffic demands.  We
found that even though wireless signal and connectivity appeared solid,
there was a certain unpredictability present in wireless that wasn't
present for wired connections.  This unpredictability seems to be more
likely in APs running 802.11ax compared to 802.11ac for some reason.
However, we do not have the resources to do a deep dive that would be
necessary to track down these intermittent problems.

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Mon, Jan 25, 2021 at 5:54 PM Dorshimer, Michael 
wrote:

> We hit that hurdle last semester as well. All students were remote in the
> spring and of course no issues because the traffic demand was distributed.
> In the fall they all returned to campus but we maintained much of the zoom
> schedule. Our WAN links were hit hard and we had to upgrade them, wireless
> took a beating with all the HD video use, on top of the existing noise
> floor from IoT and rogue devices. We took a flood of helpdesk tickets and
> tried our best to suggest best practices and campus wide messaging.
>
> I later found out there is also the ability to host the majority of heavy
> Zoom traffic locally on a few VMs. I believe there was no additional
> licensing cost, at least at our subscription level. Just some server and
> admin time to set it up. Perhaps worth looking into.
>
> Mike Dorshimer
> Network Administrator
> Shippensburg University
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Charles Rumford
> Sent: Friday, January 22, 2021 10:22 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: [WIRELESS-LAN] Issues with Zoom in Res Halls
>
> Hey -
>
> We have started getting reports of issues with Zoom calls in our Res
> Halls. Most of the complaints have been around multiple drops during calls
> or lagging calls.
> Our res halls are currently only at 40-50% capacity if that.
>
> I was curious if anyone else has been seeing any issues with an increase
> of Zoom calls from on campus students.
>
>
> --
> Charles Rumford (he/his/him)
> IT Architect
> ISC Tech Services
> University of Pennsylvania
> OpenPGP Key ID: 0xF3D8215A
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] Status of Wi-Fi 6 Client Drivers?

[John Rodkey]

This was our experience as well.

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Thu, Oct 1, 2020 at 10:08 AM Patrick McEvilly <
patrick_mcevi...@harvard.edu> wrote:

> Thanks Brad.  Not exactly what I wanted to hear but good to know for sure.
>
> The option mentioned by Norman Elton of disabling 802.11ax on 2.4ghz is
> interesting.  Have other done something similar?
>
>
> On 10/1/20, 1:04 PM, "The EDUCAUSE Wireless Issues Community Group
> Listserv on behalf of Floyd, Brad"  behalf of bfl...@mail.smu.edu> wrote:
>
> Patrick,
> Neither my open guest network nor my 802.1X network appeared to a
> client with the impacted Intel drivers while the ax features were enabled.
> As soon as the ax features were disabled, the SSIDs appeared.
> Thanks,
> Brad
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Community Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Patrick McEvilly
> Sent: Thursday, October 01, 2020 12:01 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Status of Wi-Fi 6 Client Drivers?
>
> [EXTERNAL SENDER]
>
>
> Hello
>
> Does anyone know if the Intel driver issue depends on the
> authentication method?  Would an open SSID that gets folks to a captive
> portal where we can have information/links to get to download/update
> drivers work?  For some reason I thought the issue was limited to 802.1x
> SSIDs but now I'm thinking I made that up.  If anyone here that might have
> seen the problem first hand could comment that would be appreciated.
>
> Thanks
>
> Patrick
>
>
>
> On 9/25/20, 10:42 AM, "The EDUCAUSE Wireless Issues Community Group
> Listserv on behalf of Enfield, Chuck"  on behalf of cae...@psu.edu> wrote:
>
> I don’t think waiting to enable ax features will provide much
> relief for the intel driver problem.  People don’t update their wireless
> drivers without a reason, so most of the drivers that are incompatible
> today will still be incompatible next fall.  IMHO, we're just going to have
> to suffer through that problem.
>
> My  bigger concern is IoT stuff, which is far less likely to have
> a fix available.  Anybody have ax enabled in their dorms?  How's it working
> there?
>
> Thanks,
>
> Chuck
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Norman Elton
> Sent: Wednesday, September 23, 2020 9:44 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Status of Wi-Fi 6 Client Drivers?
>
> We uncovered the same driver issue shortly after deploying
> 802.11ax.
> We mitigated by leaving 802.11ax enabled on the 5GHz radios, but
> disabling on the 2.4 radios. This way, compliant devices can connect and
> take advantage of 5Ghz connectivity. Those devices with faulty Intel
> drivers can still connect, albeit at substantially reduced data rates.
> There may be some inner workings of 802.11ax that I don't recall, but this
> worked for us!
>
> This was on our Mist AP43s, limited to a single building. The rest
> of campus is running 802.11ac access points from Aerohive.
>
> Norman Elton
> William & Mary
>
> On Wed, Sep 23, 2020 at 5:38 PM Lee H Badman <
> 00db5b77bd95-dmarc-requ...@listserv.educause.edu> wrote:
> >
> > What is truly frustrating is that all vendors involved are
> likely members of the Wi-Fi Alliance, whose "interoperability" testing
> obviously isn't getting it done.
> >
> > One man's opinion. 
> > From: The EDUCAUSE Wireless Issues Community Group Listserv
> >  on behalf of Ethan
> Grinnell
> > 
> > Sent: Wednesday, September 23, 2020 5:31:30 PM
> > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > Subject: Re: [WIRELESS-LAN] Status of Wi-Fi 6 Client Drivers?
> >
> > I recently wanted to do testing with an affected driver and was
> able
> > to obtain them on OEM websites instead of directly from Intel.
> This
> > build has the issue with WiFi6 SSID visibility:
> >
> https://nam01.safelinks.protection.outlook.c

Re: [WIRELESS-LAN] MDNS Traffic - problem with wifi on campus

[John Rodkey]

This is exactly what came to mind, Ricardo: Debbie, it sounds like you have
too large a broadcast area: it needs to be split up into smaller segments.
This is usually done with a combination of two things: first, the DHCP
server needs to be set up to accommodate non-overlapping IP pools for the
new VLANs you're going to create, then the network switches need to be
reconfigured with the additional vlans and set up to forward DHCP traffic
to your DHCP server.  (Sorry if this is pedantic, but it sounds like you
might want to know some of this detail.)

I am surprised to hear the Ubiquiti are failing, because our tests showed
them to be stable.  But each WAP does have to process any mDNS broadcast it
'hears' in its VLAN, and they may be simply using all their CPU to process
these broadcasts.

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Tue, Sep 1, 2020 at 5:53 PM Ricardo Stella  wrote:

>
> I remember when the iPad came out and it was the hottest ticket item
> during the winter break. Spring started, and WiFi went down the drain on a
> Monday.
>
> At the time, we had a flat network with all wireless devices in the same
> vlan. By Wednesday we had isolated all wifi by dorm, creating a vlan for
> each one of them, and separate from the wired network.
>
> At the time we had Bluesocket APs. That helped tremendously, but within
> two years, we revamped the whole wireless network with Aruba, and they have
> "AirGroups" which basically create isolation between users for mDNS.
>
>
> On Tue, Sep 1, 2020 at 8:42 PM Debbie Unterseher <
> 0058e3b52c23-dmarc-requ...@listserv.educause.edu> wrote:
>
>> We have had poor wifi at our university since school started August 10.
>> We have less students than we did last semester, and less students in
>> classes because of social distancing. I am not the network person. However
>> I know I have had good luck at finding answers from other people, so I
>> thought I would share this with you all to see if you have any input. Most
>> of this means nothing to me. Would be happy for any suggestions you have!
>> Below are the two emails that the IT department just sent - one to me and
>> one to the whole campus. Thanks again for any input.
>> ~~
>> Let me just say in non-technical terms, I have heard that there is a
>> point that the traffic through the access points just stops, and my
>> understanding is that the Ubiquiti APs get super hot and some have failed.
>> Some will work after cooling down for several minutes. The HP and Ubiquitis
>> are reacting the same, but the Ubiquitis are worse.  We did just switch
>> from Moodle to Canvas, and some classes are being taught via Zoom.
>>
>> ~~
>> Information Systems would like to give an update on what we have found,
>> so far, in our work to solve the WiFi problems that have been experienced
>> this semester.
>>
>> Our working theory is that over the summer updates to the networking for
>> computers and mobile devices have changed to include new features.
>> Occasionally, the new features cause problems with our local
>> infrastructure. Right now our wireless network is overloaded with a lot of
>> unnecessary traffic. On a small network with a few devices such as a home,
>> this traffic would not be a problem and is very useful for interacting with
>> printers, cameras, or other devices. On a large network with 1800 devices
>> just on the student network, it can be a big problem. We are trying to
>> resolve how to control this traffic. This does not have anything to do with
>> our Internet connection speed, which is doing very well. It is mainly
>> centered around activity happening on the student network, which of course
>> is our largest network.
>>
>> We have been continually testing and making changes to our network. Some
>> of you may have seen us monitoring classes or even asking people in a class
>> to turn off or on certain devices. While there is not much activity for us
>> to monitor on Tuesdays and Thursdays, Mondays, Wednesdays, and Fridays are
>> busy times for testing. We made some significant configuration changes and
>> will be testing them tomorrow.
>>
>> Below are some details for the technically curious:
>>
>> Here is what we know:
>>
>>- Very high volume of multicast traffic
>>- Seems to be mostly mDNS protocol
>>- IPv4 and IPv6 are used for transpor

Re: [WIRELESS-LAN] 2.4Ghz channel designations

[John Rodkey]

I would be interested in the urinal analogy, although I have a pretty good
guess. Ewww!
John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Wed, Aug 26, 2020 at 12:31 PM Floyd, Brad  wrote:

> John,
>
> Have you ever heard of the bathroom urinal analogy? It’s rather crude and
> gross, but it explains why exactly to not use any channels other than 1, 6,
> and 11. If you haven’t heard it, I’d be happy to share it with you offline.
>
>
>
> Get a new consultant!
>
>
>
> Thanks,
>
> Brad
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
> *Sent:* Wednesday, August 26, 2020 11:13 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] 2.4Ghz channel designations
>
>
>
> *[EXTERNAL SENDER]*
>
> For many years I have consistently used channels 1, 6, and 11 as
> non-overlapping channels wherever 2.4Ghz is deployed.  I have a consultant
> who is suggesting using all 11 channels in our high density dorm
> situations, arguing that  signal interference will affect throughput less
> than the delays from protocols where the 3 channels are within hearing
> distance of each other.
>
>
>
> This doesn't make sense to me.  If you in your situation have found using
> all 11 channels to be an effective solution vs the 3 channel
> non-overlapping approach, could you explain to me why you made that choice,
> and what your on-the-ground experience is with this configuration?
>
>
>
> Thank you!
>
>
>
> John Rodkey
>
> Director of Servers and Networks
>
> Westmont College
>
>
>
> *Verification*: Unsure if this is a legitimate email to an email list?
> Make sure it is recorded at *https://my.westmont.edu/it_emails
> <https://my.westmont.edu/it_emails>*
>
>
>
> "*God-fearing faith... is neither brash nor foolhardy and does not tempt
> God."* - Martin Luther
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] [EXT] Re: [WIRELESS-LAN] 2.4Ghz channel designations

[John Rodkey]

Thank you all for the feedback.  I was feeling like I was being gas-lit .
And I conclude that I was.

John

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Wed, Aug 26, 2020 at 10:11 AM Enfield, Chuck  wrote:

> The four-channel plan made sense when AP density was lower and before OFDM
> (back when spectral density graphs had long tails.)  I’m not sure if it was
> every really better than a 3-channel plan, but there was a case for it.
> Even if it was better for 802.11b, 802.11g and the iPhone made it obsolete.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Seth Bean
> *Sent:* Wednesday, August 26, 2020 12:25 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] [EXT] Re: [WIRELESS-LAN] 2.4Ghz channel
> designations
>
>
>
> I briefly tried the 4 channel (1,4,7,11) plan and it was awful. I have
> found shutting off the 2.4 radio in dense environments works in a 3 channel
> plan.
>
>
>
> Seth Bean
>
> Administrator of Networks and Telecommunications
>
> MCLA APA Chapter President
>
> Massachusetts College of Liberal Arts
>
> 413.662.5022
>
> 413.663.1276
>
> 375 Church Street
>
> North Adams,
>
> MA 01247
>
>
>
>
>
> “National Top Ten
>
> Public Liberal Arts College”
>
> 2019 US News & World Report
>
>
>
> MCLA
> --
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of SWARTZ, POLA <
> pola_swa...@dpsk12.org>
> *Sent:* Wednesday, August 26, 2020 12:18:24 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Subject:* Re: [WIRELESS-LAN] [EXT] Re: [WIRELESS-LAN] 2.4Ghz channel
> designations
>
>
>
> *CAUTION:* This email originated from outside of MCLA. Do not click links
> or open attachments unless you recognize the sender and know the content is
> safe.
>
>
>
> Amen
>
>
>
> *Smile,*
>
> *Pola Swartz*
> *WAN/Wireless Infrastructure Manager*
> *Department of Technology Services*
>
> *780 Grant St., Denver, CO 80203*
>
> #p 720-423-3603 | c 303-905-9520 | dpsk12.org
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dpsk12.org%2F=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064852145=6%2Bt2IMa9lrpFPLSZDABMprM%2FWtcICsasSyPiAnuojw0%3D=0>
>
>
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dpsk12.org%2F=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064852145=6%2Bt2IMa9lrpFPLSZDABMprM%2FWtcICsasSyPiAnuojw0%3D=0>
>
>
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FDenverPublicSchools=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064862137=wCpUKAZJvskTM1is6Ur5fFfLJhuc7EQWlI0M3fK8UQc%3D=0>
>
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FDPSNewsNow=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064872135=kPlbtPKyG%2B0bRDdKNzxwgPJYMX280hdI1btYmGWFoAM%3D=0>
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Finstagram.com%2Fdenverpublicschools=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064872135=6hjoSpZud2gjZytvaxewP12Q3qDJv8YUO5Ze5iEuSvM%3D=0>
>
> <https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fuser%2FDenverPublicSchools=02%7C01%7Ccae104%40PSU.EDU%7C4214df4d0a4e41784bdb08d849dc96b7%7C7cf48d453ddb4389a9c1c115526eb52e%7C0%7C0%7C637340559064882127=nb9FCTNPb9yOxuuFssu5R0nNH%2Fj4uf7WBSErEnawjSg%3D=0>
>
> Students First . Integrity . Equity.  Collaboration. Accountability . Fun
>
> *Never out smart your common sense...*
>
>
>
>
> --
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Brady J. Ballstadt <
> bjbal...@uark.edu>
> *Sent:* Wednesday, August 26, 2020 10:15 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [EXT] Re: [WIRELESS-LAN] 2.4Ghz channel designations
>
>
>
> Find a new consultant.

2.4Ghz channel designations

[John Rodkey]

For many years I have consistently used channels 1, 6, and 11 as
non-overlapping channels wherever 2.4Ghz is deployed.  I have a consultant
who is suggesting using all 11 channels in our high density dorm
situations, arguing that  signal interference will affect throughput less
than the delays from protocols where the 3 channels are within hearing
distance of each other.

This doesn't make sense to me.  If you in your situation have found using
all 11 channels to be an effective solution vs the 3 channel
non-overlapping approach, could you explain to me why you made that choice,
and what your on-the-ground experience is with this configuration?

Thank you!

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] Wireless location data for contact tracing

[John Rodkey]

I found this podcast  about efforts by U of W and Microsoft to be
insightful.
https://stackoverflow.blog/2020/05/05/podcast-232-contact-tracing-privacy-surveillance-decentralized/
https://stackoverflow.blog/2020/05/08/podcast-233-contact-tracing-civil-liberties-sham-kakade/

John Rodkey
Director of Servers and Networks
Westmont College

Verification: Unsure if this is a legitimate email to an email list? Make
sure it is recorded at https://my.westmont.edu/it_emails


"*God-fearing faith... is neither brash nor foolhardy and does not tempt
God."* - Martin Luther


On Fri, May 15, 2020 at 9:38 AM Julian Y Koh 
wrote:

> I’m not sure that Wi-Fi data will be the best for doing actual contact
> tracing.  Maybe if you’ve got the full blown Meridian location tracking or
> something similar that can tie in Bluetooth-based beacons, but it seems to
> me that the granularity of Wi-Fi only data wouldn’t quite be up to what
> you’d need for effective contact tracing.  I’m not completely convinced
> that Bluetooth doesn’t cast too wide a net either, but it’d be a lot better
> that Wi-Fi triangulation.
>
> Where we’re anticipating having the discussion around Wi-Fi data is
> gauging user/device density and duration of stay in general areas so that
> we can gauge what areas present the greater risks of exposure.  There was a
> recent NYT article that explored this using cell phone location data.
>
>
> https://www.nytimes.com/interactive/2020/05/06/opinion/coronavirus-us-reopen.html
>
> Going back to contact tracing, as of right now we see the value of trying
> to roll our own app or system to be limited given that there’s no way to
> tell what people are going to do when they leave campus.  I’m hoping the
> state will come up with something workable that we can then point everyone
> here to use.
>
>
>
> --
> Julian Y. Koh
> Associate Director, Telecommunications and Network Services
> Northwestern Information Technology
>
> 2020 Ridge Avenue #331
> Evanston, IL 60208
> +1-847-467-5780
> Northwestern IT Web Site: <http://www.it.northwestern.edu/>
> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html>
>
>
> On May 15, 2020, at 11:17, McGuire, Michael <
> 00208832ddd0-dmarc-requ...@listserv.educause.edu> wrote:
>
> As I’m sure everyone else is doing, we’re working on plans for having our
> campus community rejoin us at some point. The question of “how far back do
> you keep wireless logs” was just asked which of course leads to “we want to
> see where a person has been on a given day”.
>
> This of course has privacy issues along with the technical challenges of
> storing and accessing that data.
>
> Has anyone else been asked to look into this or begun to make preparations
> for such?
>
> Being an Aruba shop we already leverage AirWave reports for our campus
> police when tracing lost or stolen devices as well as where a user has been
> or devices in an area at a specific time.
>
> This request seems to be a larger scale with potentially more moving parts.
>
>
> - Michael
>
> Michael McGuire
> *Network Systems Administrator*
> *Monmouth University*
> *mmcgu...@monmouth.edu *
> *732.263.5589*
>
> 
> <https://urldefense.com/v3/__https://www.monmouth.edu/?utm_source=Email*Signature_medium=email_campaign=Email*Signature*Generator__;Kysr!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLaFMvufg$>
> 400 Cedar Avenue
> West Long Branch, NJ 07764
> monmouth.edu
> <https://urldefense.com/v3/__https://www.monmouth.edu/?utm_source=Email*Signature_medium=email_campaign=Email*Signature*Generator__;Kysr!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLaFMvufg$>
>
> 
> <https://urldefense.com/v3/__https://twitter.com/monmouthu__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLnKTorsw$>
>
> 
> <https://urldefense.com/v3/__https://www.facebook.com/MonmouthUniversity__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLszoFXbQ$>
>
> 
> <https://urldefense.com/v3/__https://instagram.com/monmouthuniversity__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLwXUY6fw$>
>
> 
> <https://urldefense.com/v3/__https://www.snapchat.com/add/monmouthu__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbI6PXAvNQ$>
>
> 
> <https://urldefense.com/v3/__https://www.linkedin.com/school/monmouth-university/__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbI9xp1Rqg$>
>
> 
>
> We are a green campus.
> Think before you print.
>
&g

Re: [WIRELESS-LAN] neighbors 'jamming' 2.4GHz spectrum

[John Rodkey]

We found it when we were troubleshooting inconsistent connections on the
mesh device.  The signal level is fairly low at that location, so it's not
clear if it actually caused the connection problems.  We moved to a
dedicated channel, and haven't experienced the disconnection since.  It's
hard to tell if our clients in the dorms are experiencing issues with this,
since reporting is uneven.

John

On Mon, Jan 27, 2020 at 2:01 PM Bryan Ward  wrote:

> If you find the person who did this you should probably offer them a job.
> maybe a call to your local FCC inspector might be in order. Even though
> these are part 15 devices I'm pretty sure that this would count as
> intentional malicious interference. What's the duty cycle of the spectrum?
> Is it actually interfering with your operations?
>
> Get Outlook for Android <https://aka.ms/ghei36>
>
> --
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of John Rodkey <
> rod...@westmont.edu>
> *Sent:* Monday, January 27, 2020 3:19:04 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Subject:* [WIRELESS-LAN] neighbors 'jamming' 2.4GHz spectrum
>
> I put quotes around jamming, because it isn't technically.
> We are seeing an SSID named 'ACCESS DENIED' on 2.4GHz channel 4, with a
> 40MHz width and channel 8 extension.
> The signal is not high enough to interfere with most clients, but for some
> of our meshed access points, the signal level is fairly close to the signal
> available from the mesh's host access point.
>
> Is this a common thing?  Have others seen the same on their campus, and if
> so, what are the policies and practices that you follow?
>
> I know the signal is coming from off-campus, but I don't have assurance
> that it is malicious intent or that it is intended to disrupt our campus
> network.
>
> John Rodkey
> Director of Servers and Networks
> Westmont College
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity=02%7C01%7Cbryan.ward%40DARTMOUTH.EDU%7C1a3e0c38ca7c436a2a5408d7a3662f41%7C995b093648d640e5a31ebf689ec9446f%7C0%7C0%7C637157531588762851=xEicfaHDUSy%2BIOJys8lDl9mN9FUHhPgX9%2B4eQFunKBk%3D=0>
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

neighbors 'jamming' 2.4GHz spectrum

[John Rodkey]

I put quotes around jamming, because it isn't technically.
We are seeing an SSID named 'ACCESS DENIED' on 2.4GHz channel 4, with a
40MHz width and channel 8 extension.
The signal is not high enough to interfere with most clients, but for some
of our meshed access points, the signal level is fairly close to the signal
available from the mesh's host access point.

Is this a common thing?  Have others seen the same on their campus, and if
so, what are the policies and practices that you follow?

I know the signal is coming from off-campus, but I don't have assurance
that it is malicious intent or that it is intended to disrupt our campus
network.

John Rodkey
Director of Servers and Networks
Westmont College

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Wireless Instability issues?

[John Rodkey]

Are others who are  using Aerohive 650 experiencing instability issues?  We
have experienced a rather extensive problem that came with sudden onset
about 1/4/2020 .
Clients appear to be able to connect to the AP, get an IP and are able to
ping the default gateway, but not beyond.  The ethernet network is
unaffected, and the gateway is able to ping the rest of the network and the
AP, but not the client.

John

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] Theater wifi - to have or not to have

[John Rodkey]

I feel your pain.
We can all do deep breathing together.  It won't change things, but we'll
feel better about life in general.

John

On Fri, Oct 25, 2019 at 8:14 AM Jonathan Miller  wrote:

> > Some of this can be affected by the architect and what they deem
> aesthetically pleasing...
>
> This is one of the few things that actually still gets under my skin in
> this line of work.  Architects refusing to allow the installation of access
> points due to aesthetics is ludicrous.  We recently ran into this - even
> after presenting options for mounts and covers to hide our APs in a new
> building.
>
> What about that big red fire alarm horn/strobe, are you not going to allow
> that?
>
> When the complaints about poor wireless performance come in, will you, oh
> great architect and designer of all things beautiful, come in and help us
> troubleshoot?
>
> How will it make you feel when we have to slap wire mold all over your
> glorious aesthetically pleasing creation to run data out to the APs that we
> end up having to install after you turn the building over to us?  I guess
> as long as the wire mold isn't there for the opening ceremony it doesn't
> matter.
>
> If you happen to be in a position that has enough power to push back on
> architects and their asinine refusal to allow installation of access
> points, please back your local networking folks.
>
> OK, back to some deep breathing exercises.
>
> Jonathan Miller
> Network Analyst
> Franklin and Marshall College
>
>
> On Thu, Oct 24, 2019 at 1:50 PM Ronald Loneker  wrote:
>
>> Good Afternoon -
>>
>> Some of this can be affected by the architect and what they deem
>> aesthetically pleasing...
>>
>> When our theater was built in our fine and performing arts center 12
>> years ago, the architect was against us putting access points on the wall
>> due to aesthetics.  We ended up putting on AP in our projection booth and
>> one backstage in one of the wings.
>>
>> Our theater was originally slated to be used for all purposes
>> (performances, concerts, lectures, conference presentations, admissions
>> Open Houses, etc) so it really could have used a lot more connectivity than
>> what we could put in the theater.
>>
>> Three years ago, we upgraded the APs in the fine and performing arts
>> center and, with new leadership at the college, added three more access
>> points to support more connections.  Our theater has 560 seats, and we did
>> have a conference that we streamed video plus had public wifi available and
>> we seem to be fine with connectivity.
>>
>> If you can do it and not get pushback from the architect, I'd recommend
>> you build it into your plans for having availability day one.
>>
>> (then you can sit in the back of the theater and watch all the parents
>> with their smart phones raising them up and see the sea of phone screens as
>> they record their kids' performances...because it will happen when you
>> eventually rent out the space...)
>>
>> Ron Loneker, Jr.
>> Director, IT Special Projects
>> College of Saint Elizabeth
>> Mahoney Library
>> 2 Convent Road
>> Morristown, NJ  07960
>>
>> Phone:  973-290-4229
>>
>> e-mail:  rlone...@cse.edu
>>
>>
>>
>>
>>
>>
>>
>> On Tue, Oct 22, 2019 at 12:44 PM Bull, Mary  wrote:
>>
>>> Hello all,
>>>
>>>
>>>
>>> I’m wondering if anyone here has dealt with a decision on wireless in
>>> the theaters, concert halls, or recital halls on their campus. We have a
>>> new arts complex coming on line in the next two years and there’s no clear
>>> direction from faculty on whether wireless for the audience is desirable.
>>> The previous main theater, and other currently used theaters on campus,
>>> did/do not have full connectivity for the audience (just a few aps tacked
>>> on the walls that were useless when the room was full). Facilities planning
>>> is favorable toward building it in, so I’d prefer that too, especially
>>> since it would be much harder or impossible to install if the faculty
>>> changes their mind in a few years once the building is complete. However,
>>> I’m not sure whether there is really an expectation from the audience that
>>> they should have wifi when they attend a show or concert.
>>>
>>>
>>>
>>> Has anyone dealt with this on their campus? What influenced your choice?
>>>
>>>
>>>
>>> Mary Bull
>>>
>>> William and Mary
>>>
>>> 757-221-2491
>>>
>>> mb...@wm.edu
>>>
>>> **
>>> Replies to EDUCAUSE Community Group emails are sent to the entire
>>> community list. If you want to reply only to the person who sent the
>>> message, copy and paste their email address and forward the email reply.
>>> Additional participation and subscription information can be found at
>>> https://www.educause.edu/community
>>>
>> **
>> Replies to EDUCAUSE Community Group emails are sent to the entire
>> community list. If you want to reply only to the person who sent the
>> message, copy and paste their email address and forward the email reply.
>> Additional participation and subscription 

Re: [WIRELESS-LAN] [EXT] Re: [WIRELESS-LAN] Aruba Wi-Gi 6 APs

[John Rodkey]

Not only does the Intel wireless card problem on Windows computers prevent
them from attaching, our experience is that none of the SSIDs are even
visible to Windows computers when ax is turned on, even though ac and n are
also turned on.  So from their point of view, the WAPs are broken, and we
hear about it when the parents of students call people on the executive
team wondering why IT is so incompetent they can't provide a wireless
network similar to the one they rolled out in their home in a matter of
minutes.  Now it's public relations and a political problem.

The only solution that we've found apart from going to each computer and
hand installing the new drivers is turning off 802.11ax on our new,
expensive WAPs, and waiting for , what? 2 years? , until either Microsoft
makes these wireless upgrades mandatory security patches (unlikely), or the
population of old Windows computers diminishes to only a handful.

John Rodkey
Director of Servers and Networks
Westmont College

On Wed, Oct 9, 2019 at 5:48 PM Sweetser, Frank E  wrote:

> In theory, yes - I doubt that anyone is going to deploy 11ax with earlier
> standards disabled (except for base 11b data rates, anyway).  The problem
> is there's a bug in commonly deployed Intel driver versions which prevents
> the client from attaching to the network if 11ax rates are enabled at all:
>
>
> https://www.intel.com/content/www/us/en/support/articles/54799/network-and-i-o/wireless-networking.html
>
> Frank Sweetser
> Director of Network Operations
> Worcester Polytechnic Institute
> "For every problem, there is a solution that is simple, elegant, and
> wrong." - HL Mencken
> --
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Jennifer Minella <
> j...@cadinc.com>
> *Sent:* Wednesday, October 9, 2019 6:23 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Subject:* Re: [WIRELESS-LAN] [EXT] Re: [WIRELESS-LAN] Aruba Wi-Gi 6 APs
>
>
> I don’t believe ClearPass Device Insight shows driver details – I just
> skimmed through endpoint details page and attributes and don’t see it.
>
> At the risk of asking a dumb question, is there a reason not to simply
> deploy the 500-series with backwards compatibility enabled? That would
> allow you to offer a seamless experience for clients in a
> mixed-PHY-standard environment and support current clients on n/ac and even
> a/b/g etc.
>
>
>
> Cheers!
>
> -jj
>
> ___
>
> *Jennifer Minella*, CISSP, HP MASE
>
> VP of Engineering & Security
>
> Carolina Advanced Digital, Inc.
>
> *www.cadinc.com*
> <https://nam03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.cadinc.com%2F=02%7C01%7Cfs%40WPI.EDU%7C5d86227a676a4b1fd9a708d74d08c938%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637062572534302436=XctFjAz7IAvpBK5R0AxF9fp%2FusIkgecrtJSaBXzl5wE%3D=0>
>
> *j...@cadinc.com* 
>
> 919.460.1313 Main Office
>
> 919.539.2726 Mobile/text
>
> [image: CAD LOGO EMAIL SIG]
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Community Group Listserv
> **
>  on behalf of Michael Davis
> ** 
> *Sent:* Wednesday, October 9, 2019 7:57 AM
> *To:* *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU*
> 
> **
> 
> *Subject:* [EXT] Re: [WIRELESS-LAN] Aruba Wi-Gi 6 APs
>
>
>
> We currently have the Wi-Fi 6 extensions disabled because of the Intel
> Driver issues
> (
> *https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.intel.com%2Fcontent%2Fwww%2Fus%2Fen%2Fsupport%2Farticles%2F54799%2Fnetwork-and-i-o%2Fwireless-networking.htmldata=02%7C01%7Cfs%40WPI.EDU%7Cbc693525d46e464edc2308d74cafd52b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637062190393581783sdata=PPsyPwaUPetmfINaNm1FZVxnaI8DN9ydJ%2BA704MhLwM%3Dreserved=0*
> <https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.intel.com%2Fcontent%2Fwww%2Fus%2Fen%2Fsupport%2Farticles%2F54799%2Fnetwork-and-i-o%2Fwireless-networking.html=02%7C01%7Cfs%40WPI.EDU%7C5d86227a676a4b1fd9a708d74d08c938%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637062572534312429=TX%2BBCWo3phrnCl4CnmFveYgfjHfuqwF%2FXzZBbwIqhts%3D=0>
> )
>
> We've been notifying clients and were updating drivers until instructed
> to just turn off Wi-Fi 6.
> This begs the question of trying to identify the problematic machines
> and seek them out, or
> just announce a future date to turn on Wi-Fi 6 and go back to dealing
> with updating drivers as
> they come up.  We'll have a mix (currently ~15% Wi-Fi 6) of AP models
> for a while, so the issues
> won't all show right away.
>
> Anyone looked into identifying the machines needing updated through
> fingerprinting
> (Ar

Re: [WIRELESS-LAN] Aruba Wi-Gi 6 APs

[John Rodkey]

This was true of our Aerohive deployment as well.  The Windows drivers were
not compatible with 802.11ax, and SSIDs were invisible to them, and not
able to be connected to even if specified.
We were forced to revert our APs to 802.11ac mode because of the impact it
had.  The trouble is that even though the patches are available, they
aren't pushed out because they aren't security or otherwise urgent.
Bottom line is that the problem is with the user device, but naturally IT
is blamed for the failure nonetheless.  Welcome to IT!

John

On Thu, Sep 5, 2019 at 12:08 PM Turner, Ryan H 
wrote:

> We've done a test deployment of Aruba 515s.  There seem to be some driver
> compatibility issues.  We have 2 IT buildings.  I had an induvial able to
> connect and see SSIDs just fine in our building with 315s.  When she came
> to the building with 515s, she saw nothing.  I updated her drivers, and
> then everything worked.  So just be aware you might see more of that.  We
> were running 8.503 code (I think).
>
>
> Ryan Turner
> Head of Networking
> The University of North Carolina at Chapel Hill
> +1 919 445 0113 Office
> +1 919 274 7926 Mobile
> r...@unc.edu
>
>
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Community Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Chris Brizzell
> Sent: Thursday, September 5, 2019 2:45 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: [WIRELESS-LAN] Aruba Wi-Gi 6 APs
>
> Anyone have any Wi-Fi 6 APs deployed yet, and if so any thoughts either
> good or bad. I'm looking at swapping out the APs in our dining hall first,
> since they seem to get the most use.
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
> **
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [WIRELESS-LAN] Wireless Options

[John Rodkey]

Those are good words to put in my mouth.  In addition to these operational
benefits, there is a strong philosophical commitment at the C-level to
cloud-based services whenever it is feasible, so we don't go with on-prem
unless there is no feasible way to do it with cloud.

I am very appreciative of the comments so far.  Thank you all for your
input!

I will say we are currently Meraki, have been Meraki since their very early
days.  We are generally pleased with Meraki's controller capabilities, and
not terribly excited to go to something else, but since this is a large
investment and new game-changing players have come on the scene since 2008,
it is a matter of due diligence to look at the options.  Pricing is a real
factor, and we have had some issues with support since the transfer to
Cisco.  We have also had enough 'weird' problems with multiple clients
being unable to maintain a reliable connection that we are looking at the
possibility of global change (to get a whole new set of bugs, no doubt) in
hopes of removing these problems.

John

On Thu, May 17, 2018 at 1:38 PM, Enfield III, Charles Albert <cae...@psu.edu
> wrote:

> I don’t want to put words in John’s mouth, but operating controllers
> requires time and effort beyond what’s required to manage configurations.
> Scaling, security, software upgrades, etc., all require resources but
> contribute nothing to the user experience.  For us the benefits of hosting
> our own controllers is worth it, but I understand that isn’t true for
> everybody.  I’m not even sure it will always be true for us.  When the
> benefits of controllers as traffic aggregators can be easily replaced with
> SD fabrics, I’ll probably want cloud controllers too.  The details will
> matter, but it’s where I think we’re going.
>
>
>
> Chuck Enfield
> Manager, Wireless Engineering
> Enterprise Networking & Communication Services
> The Pennsylvania State University
> 119L, USB2, UP, PA 16802
> ph: 814.863.8715
> fx: 814.865.3988
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Peter P Morrissey
> *Sent:* Thursday, May 17, 2018 4:30 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Wireless Options
>
>
>
> Same here. I was also curious as to why it would be limited to cloud based
> solutions. I would drill down a layer into the perceived benefits of cloud
> based, and define it that way. Easier management requiring less staff time
> and thus lower TCO and more ability to accomplish other activities? Etc.
> Maybe.
>
>
>
> One of the disadvantages of cloud based solutions besides losing some
> control and visibility is the ongoing costs. We love Meraki as much as
> anyone, but the annual recurring licensing costs are rather steep and
> should be carefully weighed against the benefits.
>
>
>
> Pete Morrissey
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jake Snyder
> *Sent:* Thursday, May 17, 2018 2:26 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Wireless Options
>
>
>
> I’m curious about the requirement that controllers be “cloud based” and
> what business requirement that maps to.
>
>
>
> Trying to understand what a cloud based controller give your business that
> an on-premises controller does not.  How that translates to better
> experience, happier students or faster connectivity.
>
>
>
> Sent from my iPhone
>
>
> On May 17, 2018, at 12:13 PM, Norton, Thomas (Network Operations) <
> tnort...@liberty.edu> wrote:
>
> I  highly recommend looking at Aruba as well.
>
>
>
> *T.J. Norton*
>
> *Wireless Network Architect*
> *Network Operations*
>
> *Office: (434) 592-6552 *
>
>
>
> [image: Image removed by sender.
> http://www.liberty.edu/media/1616/40themail/wordmark-for-email.jpg]
>
>
> *Liberty University  |  Training Champions for Christ since 1971*
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>] *On Behalf Of *Trenton Hurt
> *Sent:* Thursday, May 17, 2018 2:11 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Wireless Options
>
>
>
> https://www.mist.com/
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mist.com%2F=02%7C01%7Ctnorton7%40liberty.edu%7Cc75bdb0477514218a00c08d5bc21c019%7Cbaf8218eb3024465a9934a39c97251b2%7C0%7C0%7C636621775498942781=LxLmDpwl3h17su4HEiv9evWnHBODxMCN0tmzXxYir0w%3D=0>
>
>
>
> On Thu, May 17, 2018 at 2:10 PM J

Wireless Options

[John Rodkey]

Our college - about 40 buildings, 1200 students, 3500 wireless clients per
day, currently 310 WAPs - is considering a major upgrade in WAPs, replacing
a number that are 9 years old and no longer supported.

We could replace with the latest model of our existing vendor, but want to
consider all the feasible alternatives.  We have a hard requirement that
the controller be cloud-based, the system deal well with Mac clients,
understand VLANs and an enterprise quality network, and have a rich set of
configuration, logging, monitoring, and troubleshooting tools for dealing
both with clients and access points. Responsive support is also required,
and unsurprisingly  total system cost is a significant issue.

3 vendors come to mind:  Meraki, Ubiquiti, and Aerohive.

Questions:
 1) do other vendors come to mind that play well in this space?
 2) what are your positive experiences with any of the above?
 3) what are your negative experiences?
 4) have you recently gone through this analysis, and if so, what were your
conclusions?
 5) what issues have you experienced with PoE capacity requirements with
these devices?

John Rodkey
Director of Servers and Networks
Westmont College

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] point-to-point wireless backhauls

[John Rodkey]

+1 for Ubiquiti

On Tue, Feb 20, 2018 at 12:17 PM, Brian Helman 
wrote:

> Well, it looks like we’re going with the NanoBeamAC units.  I just walked
> out to the field to look at the areas and  …. our security contractor
> already installed them.  One of which is directly behind home plate .. 20’
> back; 20’ up; unprotected.  Any guesses on how it will react to a foul ball?
>
>
>
> I agree with the comment about avoiding 2.4GHz.  I’m trying to get unit
> information on these things.  It appears, from the cutsheets, that there
> are either 2 models or that they support both 2.4 and 5Ghz (not clear to
> me).
>
>
>
> -Brian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Peter Redhead
> *Sent:* Tuesday, February 20, 2018 2:57 PM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] point-to-point wireless backhauls
>
>
>
> Thanks !
>
>
>
> Peter
>
>
>
> On Tue, Feb 20, 2018 at 2:37 PM, Erik Stagg <0048e3741c5a-dmarc-
> requ...@listserv.educause.edu> wrote:
>
> It worked well for us.  We had someone on either roof and adjusted
> accordingly. We already had an existing length, so we were able to
> determine the coordinates fairly easily. We tweaked them until the dB loss
> was 1dB or less.
>
>
>
>
>
> -Erik
>
>
>
> *From: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Peter Redhead <
> redhe...@newschool.edu>
> *Reply-To: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Date: *Tuesday, February 20, 2018 at 2:28 PM
> *To: *"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU"  EDUCAUSE.EDU>
> *Subject: *Re: [WIRELESS-LAN] point-to-point wireless backhauls
>
>
>
> Hi Erik, did you have difficulty aligning the airFiber Radios?
>
> Peter
>
>
>
> On Tue, Feb 20, 2018 at 2:11 PM, Erik Stagg <0048e3741c5a-dmarc-
> requ...@listserv.educause.edu> wrote:
>
> When I did IT for a TV station, we used these for our TSL and STL
> (Transmitter Station Link, Station Transmitter Link) backups. Worked great
> for VoIP and video. Transmitter had direct line of sight and about 5 miles
> away.
>
>
>
> https://www.ubnt.com/airfiber/airfiber5/
> 
>
>
>
> -Erik
>
>
>
> *From: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Brian Helman <
> bhel...@salemstate.edu>
> *Reply-To: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Date: *Tuesday, February 20, 2018 at 1:13 PM
> *To: *"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU"  EDUCAUSE.EDU>
> *Subject: *Re: [WIRELESS-LAN] point-to-point wireless backhauls
>
>
>
> I should add, I have fiber to the pressbox.  The point-to-point is to pick
> up cameras that will be remote to the pressbox.  How narrow are the “beams”
> for these backhauls?  We supply WiFi to the stands.
>
>
>
> -Brian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Brad Weldon
> *Sent:* Tuesday, February 20, 2018 12:44 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] point-to-point wireless backhauls
>
>
>
> Ubiquiti Nanobeam AC on 5ghz. One of the few times cheap, fast (enough),
> and good (works) have come together for me. We’ve used them for temporary
> backhaul during construction and to reach across the street.
>
> Brad
>
>
>
>
>
>
> On Feb 20, 2018, at 10:16 AM, Joseph Bernard  wrote:
>
> Don’t consider anything that uses 2.4GHz on the backhaul.  We have lost
> all of our 2.4GHz links in various places due to the rest of the world
> jumping on the channel during a power blip.  Ubiquiti stuff is cheap and
> works.
>
>
>
> Thanks,
>
> Joseph B.
>
>
>
> *From: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Brian Helman <
> bhel...@salemstate.edu>
> *Reply-To: *The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> *Date: *Tuesday, February 20, 2018 at 12:04 PM
> *To: *"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU"  EDUCAUSE.EDU>
> *Subject: *[WIRELESS-LAN] point-to-point wireless backhauls
>
>
>
> This has come up a few times, but I wanted to ask introduce a deviation
> from the larger (trunk) discussion – what are people recommending for small
> backhauls over wireless (e.g to support a 1-2 devices, such as CCTV) for
> example at a ball field?  If you are offering WiFi services to people
> attending events, do you need to 

Re: [WIRELESS-LAN] Wireless Log Sheet Inquiry

[John Rodkey]

my.meraki.com tells details about the client and access point, including
IP, MAC address, channel, protocol, bitrate, channel utilization, signal
strength, neighboring APs and clients.
No geo-location information.

John

On Thu, Oct 12, 2017 at 9:40 AM, Johnson, Christopher <cbjo...@ilstu.edu>
wrote:

> Thank you John. I’ll need to look into the google form some more. Having
> student workers being proactive is a great idea. I was curious what does a
> student see when they login to my.meraki.com – does it just display the
> AP-Name they’re associated to, display a map with a position, etc.
>
>
>
> *Christopher Johnson*
>
> Wireless Network Engineer
>
> AT Infrastructure Operations & Networking (ION)
>
> Illinois State University
>
> (309) 438-8444
>
> Stay connected with ISU IT news and tips with @ISU IT Help on Facebook
> <https://www.facebook.com/ISUITHelp/> and Twitter
> <https://twitter.com/ISUITHelp>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
> *Sent:* Monday, October 09, 2017 6:16 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Wireless Log Sheet Inquiry
>
>
>
> We used a google form for this purpose, which plunks the data into a
> spreadsheet.  It can be embedded in the email, so the barriers to filling
> it out are fairly low.
>
>
>
> When we did this, we asked for email, dorm, room, and a link to the
> results of a speedtest.net run, if they could connect, and noting if they
> couldn't connect.  From the link we gathered ping, upload, and download
> speeds.  We also asked them to go to my.meraki.com and give the access
> point to which they were connected.
>
>
>
> The intent was that any time they were having problems, they could fill
> out another survey.  The date-time stamp would help us correlate to events
> in the event log.
>
>
>
> We have also initiated a proactive program of having student workers check
> wireless quality at each of the floors of each building semi-weekly. For
> that, we've developed a small python script that pulls the above
> infomration plus connection/signal strength and GPS coordinates.  Jury is
> still out on whether we will be able to identify issues this way, but
> initial results are promising.
>
>
>
> John
>
>
>
> On Mon, Oct 9, 2017 at 3:31 PM, Johnson, Christopher <cbjo...@ilstu.edu>
> wrote:
>
> Good Evening,
>
>
>
> I was curious if anyone had created their own “Wireless Log Sheet
> Template” that they provide to end-users that run into wireless issues and
> may be willing to share? An RA had given me the idea awhile back when she
> went around to everyone on her floor for information gathering on a notepad
> (user name, room number, device, wireless rating [X out of 10[). I’m
> planning on creating a formatted excel sheet that I can send to the user to
> have them fill out over a course of a couple days with columns/rows along
> the lines of - –date/time, device, with issue experienced -> slow,
> disconnected, disconnected-couldn’t reconnect, etc.
>
>
>
> Thank you and have a great evening!
>
>
>
> *Christopher Johnson*
>
> Wireless Network Engineer
>
> AT Infrastructure Operations & Networking (ION)
>
> Illinois State University
>
> (309) 438-8444
>
> Stay connected with ISU IT news and tips with @ISU IT Help on Facebook
> <https://www.facebook.com/ISUITHelp/> and Twitter
> <https://twitter.com/ISUITHelp>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Wireless Log Sheet Inquiry

[John Rodkey]

We used a google form for this purpose, which plunks the data into a
spreadsheet.  It can be embedded in the email, so the barriers to filling
it out are fairly low.

When we did this, we asked for email, dorm, room, and a link to the results
of a speedtest.net run, if they could connect, and noting if they couldn't
connect.  From the link we gathered ping, upload, and download speeds.  We
also asked them to go to my.meraki.com and give the access point to which
they were connected.

The intent was that any time they were having problems, they could fill out
another survey.  The date-time stamp would help us correlate to events in
the event log.

We have also initiated a proactive program of having student workers check
wireless quality at each of the floors of each building semi-weekly. For
that, we've developed a small python script that pulls the above
infomration plus connection/signal strength and GPS coordinates.  Jury is
still out on whether we will be able to identify issues this way, but
initial results are promising.

John

On Mon, Oct 9, 2017 at 3:31 PM, Johnson, Christopher 
wrote:

> Good Evening,
>
>
>
> I was curious if anyone had created their own “Wireless Log Sheet
> Template” that they provide to end-users that run into wireless issues and
> may be willing to share? An RA had given me the idea awhile back when she
> went around to everyone on her floor for information gathering on a notepad
> (user name, room number, device, wireless rating [X out of 10[). I’m
> planning on creating a formatted excel sheet that I can send to the user to
> have them fill out over a course of a couple days with columns/rows along
> the lines of - –date/time, device, with issue experienced -> slow,
> disconnected, disconnected-couldn’t reconnect, etc.
>
>
>
> Thank you and have a great evening!
>
>
>
> *Christopher Johnson*
>
> Wireless Network Engineer
>
> AT Infrastructure Operations & Networking (ION)
>
> Illinois State University
>
> (309) 438-8444
>
> Stay connected with ISU IT news and tips with @ISU IT Help on Facebook
>  and Twitter
> 
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Plastered buildings

[John Rodkey]

How do you deal with buildings that have plaster and fine metal mesh
enclosing them?  We have placed access points on the exterior of the
building, but the signal isn't getting through.  The rooms all open onto an
outside hallway - there is no common internal hallway.

John Rodkey
Director of Servers and Networks

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Move In/Opening Week- Any Problems?

[John Rodkey]

Westmont is a much smaller school than most of yours, with 1200 students on
campus. 280 Meraki access points connected to 65 switches scattered in 58
buildings on about 60 acres of campus.
Yesterday about 400 first year students arrived along with a couple hundred
returning student volunteers for orientation, faculty, staff, and their
parents. We had just shy of 3000 unique clients on the network.
So far, only three reports of wireless problems have come in - but one
refers to essentially all the rooms in a new dorm which is being occupied
despite only barely being finished.  The wireless signal has not been tuned
there yet, and signal levels are low in the rooms.
In the past year we had struggled with reports of devices connecting to
newer access points even if they are more distant than older, nearer APs.
In order to ameliorate this, over the summer we 'homogenized' buildings,
grouping all 802.11N devices separate from 802.11AC .  We'll see how that
affects things.
Our radios are a mix of MR14, MR18, MR33, MR34, MR53, MR58, with the
majority MR14s, which are nearing end of service.

John Rodkey
Director of Servers and Networks
Westmont College, Santa Barbara, CA

On Fri, Aug 25, 2017 at 8:15 AM, Ian Lyons <ily...@rollins.edu> wrote:

> Good Morning
>
>
>
> Big changes from last year, we moved to Aruba
>
> We braced for the onslaught J  armed with
>
>
>
>- 7210 Master Controller
>- 2 7240’s for Local controllers (handling the traffic)
>
>
>
>- Airwave for monitoring
>- Clearpass for Authentication (HA active pair)
>
>
>
>- We have 3 networks
>
> o   802.1x
>
> o   Guest
>
> o   Misc-Device – IOT, TV, Apple TV, Chromecast etc  -and coffee
> pots…cannot forget the coffee pots
>
>
>
>
>
> So far, as we just finished installing the 1200 aps’, we are ~800 303h’s
> (1 in each dorm room) and ~500 325 Ap’s.
>
>
>
> To make things more interesting, we also upgraded our core from 1 gb to
> pure 10gb and changed our Firewall to the Cisco FTD platform.
>
>
>
> So we truly have no benchmarking from last year but a lot of
> expectations!  LOL
>
>
>
> So far, the students are connecting quickly, successfully and getting to
> their movies online.  Which I call success!
>
>
>
> Ian Lyons
>
> Rollins College
>
> Network Engineer
>
> ily...@rollins.edu
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeffrey D. Sessler
> *Sent:* Friday, August 25, 2017 11:01 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Move In/Opening Week- Any Problems?
>
>
>
> Pair of 8540’s running 8.2.160
>
> About half of all WAPs are now 2800/3800. 3800’s on multi-gig
>
> 20Gb Internet connection
>
>
>
> 3800-series equipped 110-bed residence hall, partially filled with a few
> early arrivals, already seeing peaks at over 600Mbps.
>
>
>
> No observed problems yet, but our first-years just arrived and returning
> student are due soon.
>
>
>
> Interesting stats:
>
> #1 - 70% of devices are Apple, 90% of traffic. On the 1st day our 330
> first-years arrived they did over 12TB of traffic.
>
>
>
> Jeff
>
>
>
>
>
> *From: *"wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.
> EDUCAUSE.EDU> on behalf of "lhbad...@syr.edu" <lhbad...@syr.edu>
> *Reply-To: *"wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.
> EDUCAUSE.EDU>
> *Date: *Friday, August 25, 2017 at 6:22 AM
> *To: *"wireless-lan@listserv.educause.edu" <WIRELESS-LAN@LISTSERV.
> EDUCAUSE.EDU>
> *Subject: *[WIRELESS-LAN] Move In/Opening Week- Any Problems?
>
>
>
> It might be beneficial to share notes in case other schools are hitting
> common problems. I’m wondering how everyone who is in the thick of it is
> faring with back-to-school?
>
>
>
> On this end, we are doing OK halfway to our expected total daily peak
> clients (we’re at 15K now high water mark).
>
>
>
> Our significant WLAN-related changes since end of Spring semester
>
> · Running 8.2.151 on our 8540s
>
> · Significant quantities of Wave 2 APs
>
> · ISE as RADIUS (only, no NAC, no onboarding)
>
>
>
> No changes to:
>
> · our guest WLAN (Clearpass/an Aruba controller pair)
>
> · onboarding (Cloudpath Wiz)
>
> · overall topology
>
> · open network in dorms for gadgets
>
> · non-use of AVC, it crapped out and never got solved after
> hundreds of hours with TAC
>
>
>
> Fears:
>
> ·  

Re: [WIRELESS-LAN] 2.4GHz - educating end users about interference

[John Rodkey]

Post it on stall doors in the bathroom.  Plenty of time to read...

On Wed, Feb 22, 2017 at 12:09 PM, Peter P Morrissey 
wrote:

> Me too. Nicely formatted, great graphics, clearly written. Just wondering
> how this would/could be used. Having a hard time imagining most or any
> users having enough interest to read the second line of this, never mind
> the second page, given everything else they are barraged with these days.
>
>
>
> Pete Morrissey
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Coehoorn, Joel
> *Sent:* Wednesday, February 22, 2017 10:30 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] 2.4GHz - educating end users about
> interference
>
>
>
> I love the 2nd page with the colored chart and diagram.
>
>
>
>
> Joel Coehoorn
> Director of Information Technology
> 402.363.5603 <(402)%20363-5603>
> *jcoeho...@york.edu *
>
> The mission of York College is to transform lives through
> Christ-centered education and to equip students for lifelong service to
> God, family, and society
>
>
>
> On Tue, Feb 21, 2017 at 10:24 AM, Walter Reynolds  wrote:
>
> This is a link to a pdf of what we came up with.
>
>
>
> https://drive.google.com/file/d/0B0BKRE3DeEPKb1RWc1BPSkljYUtJZ
> jRGel9icmU3NklJRHRv/view
>
>
>
> If the link does not allow you to see it I am attaching the file as well.
>
>
>
>
> 
>
> Walter Reynolds
>
> Principal Systems Security Development Engineer
> Information and Technology Services
> University of Michigan
> (734) 615-9438
>
>
>
> On Fri, Feb 17, 2017 at 11:02 AM, Michael Hulko  wrote:
>
> Netscout.. aka Fluke… aka Airmagnet wrote a pretty easy to understand
> document related to interference.
>
>
>
>
>
> M
>
>
>
> On Feb 17, 2017, at 10:44 AM, Jeffrey D. Sessler  > wrote:
>
>
>
> You are fighting a battle that will never be won, and even a stale-mate is
> unlikely.
>
>
>
> IMHO, your best bet is to work toward abandoning 2.4. In the early days,
> we did try outreach and education, but there are just too many devices
> today that use 2.4, and in many cases, users don’t even know it e.g.
> Apple’s Airdrop. You can minimize some of this by solving the reasons
> behind some of the interference sources i.e. install more WAPs to improve
> the service, reducing the rogue problem. Install residential printers to
> mitigate the need for student printers.
>
>
>
> Most of our residential is now designed around dense 5 GHz, and while 2.4
> is available, it’s mostly ignored.
>
>
>
> Jeff
>
>
>
> *From: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU > on behalf of "Gray,
> Sean" >
> *Reply-To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU >
> *Date: *Thursday, February 16, 2017 at 2:21 PM
> *To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU >
> *Subject: *[WIRELESS-LAN] 2.4GHz - educating end users about interference
>
>
>
> Hi Fellow Wireless Wizards!
>
>
>
> This is my first post to the group, so please be gentle.
>
>
>
> Here at the University of Lethbridge we are about to embark on a bit of an
> education drive for all of our wireless users with regards to the 2.4GHz
> spectrum and their impact on it. Does anybody have good examples of
> notices, posters etc. that they would be willing to share, that reference
> the evils of rogues and other interference sources citing the negative
> impact they have on the wireless network. Like everyone else on this list
> we are seeing huge influxes of our friends the wireless printer, Bluetooth
> devices and the like…
>
>
>
> if only we could just turn 2.4GHz off.
>
>
>
> Thanks
>
>
>
> Sean
>
>
>
>
>
> *Sean Gray* | B.Sc (Hons)
>
> Voice, Collaboration & Wireless Network Analyst
>
> ITS, University of Lethbridge
>
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>
>
>
>
>
> Michael Hulko
> Network Analyst
>
> Western University Canada
> Network Operations Centre
> Information Technology Services
> 1393 Western Road, SSB 3300CC
> London, Ontario  N6G 1G9
>
> tel: 519-661-2111 x82433 <(519)%20661-2111>
>
> direct: 519-850-2433 <(519)%20850-2433>
> e-mail: mihu...@uwo.ca
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>
>
> ** Participation and subscription 

Re: [WIRELESS-LAN] 2.4GHz - educating end users about interference

[John Rodkey]

:)  Indeed.  Virus just hit the west coast.  Westmont would also love
permission to use the content.

On Wed, Feb 22, 2017 at 11:56 AM, Stephen Savarese 
wrote:

> We would also like permission.
>
> Not everyday an informational pamphlet goes viral
>
>
>
> Stephen C. Savarese
> IT HelpDesk
> Southern Maine Community College
> 2 Fort Road
> South Portland, Maine 04106
> Phone: 207-741-5724 <(207)%20741-5724>
> Cell phone: 207-408-5336 <(207)%20408-5336>
>
> ​
> [image: http://www.smccme.edu/] 
>
> [image: https://www.facebook.com/smccme] 
>   [image: http://www.twitter.com/SMCCMaine]
>   [image:
> https://instagram.com/smccmaine/]   [image:
> https://www.youtube.com/channel/UCOLQmsBz7ttgY1elS57Am_w]
>  [image:
> https://www.linkedin.com/edu/school?id=32146=edu-cp-title]
> 
>
> On Tue, Feb 21, 2017 at 11:24 AM, Walter Reynolds  wrote:
>
>> This is a link to a pdf of what we came up with.
>>
>> https://drive.google.com/file/d/0B0BKRE3DeEPKb1RWc1BPSkljYUt
>> JZjRGel9icmU3NklJRHRv/view
>>
>> If the link does not allow you to see it I am attaching the file as well.
>>
>>
>> 
>> Walter Reynolds
>> Principal Systems Security Development Engineer
>> Information and Technology Services
>> University of Michigan
>> (734) 615-9438
>>
>> On Fri, Feb 17, 2017 at 11:02 AM, Michael Hulko  wrote:
>>
>>> Netscout.. aka Fluke… aka Airmagnet wrote a pretty easy to understand
>>> document related to interference.
>>>
>>>
>>> M
>>>
>>> On Feb 17, 2017, at 10:44 AM, Jeffrey D. Sessler <
>>> j...@scrippscollege.edu > wrote:
>>>
>>> You are fighting a battle that will never be won, and even a stale-mate
>>> is unlikely.
>>>
>>> IMHO, your best bet is to work toward abandoning 2.4. In the early days,
>>> we did try outreach and education, but there are just too many devices
>>> today that use 2.4, and in many cases, users don’t even know it e.g.
>>> Apple’s Airdrop. You can minimize some of this by solving the reasons
>>> behind some of the interference sources i.e. install more WAPs to improve
>>> the service, reducing the rogue problem. Install residential printers to
>>> mitigate the need for student printers.
>>>
>>> Most of our residential is now designed around dense 5 GHz, and while
>>> 2.4 is available, it’s mostly ignored.
>>>
>>> Jeff
>>>
>>> *From: *"wireless-lan@listserv.educause.edu" <
>>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >
>>> on behalf of "Gray, Sean" >
>>> *Reply-To: *"wireless-lan@listserv.educause.edu" <
>>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >
>>> *Date: *Thursday, February 16, 2017 at 2:21 PM
>>> *To: *"wireless-lan@listserv.educause.edu" <
>>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >
>>> *Subject: *[WIRELESS-LAN] 2.4GHz - educating end users about
>>> interference
>>>
>>> Hi Fellow Wireless Wizards!
>>>
>>> This is my first post to the group, so please be gentle.
>>>
>>> Here at the University of Lethbridge we are about to embark on a bit of
>>> an education drive for all of our wireless users with regards to the 2.4GHz
>>> spectrum and their impact on it. Does anybody have good examples of
>>> notices, posters etc. that they would be willing to share, that reference
>>> the evils of rogues and other interference sources citing the negative
>>> impact they have on the wireless network. Like everyone else on this list
>>> we are seeing huge influxes of our friends the wireless printer, Bluetooth
>>> devices and the like…
>>>
>>> if only we could just turn 2.4GHz off.
>>>
>>> Thanks
>>>
>>> Sean
>>>
>>>
>>> *Sean Gray* | B.Sc (Hons)
>>> Voice, Collaboration & Wireless Network Analyst
>>> ITS, University of Lethbridge
>>>
>>>
>>> ** Participation and subscription information for this EDUCAUSE
>>> Constituent Group discussion list can be found at
>>> http://www.educause.edu/discuss.
>>> ** Participation and subscription information for this EDUCAUSE
>>> Constituent Group discussion list can be found at
>>> http://www.educause.edu/discuss.
>>>
>>>
>>>
>>> Michael Hulko
>>> Network Analyst
>>>
>>> Western University Canada
>>> Network Operations Centre
>>> Information Technology Services
>>> 1393 Western Road, SSB 3300CC
>>> London, Ontario  N6G 1G9
>>>
>>> tel: 519-661-2111 x82433 <(519)%20661-2111>
>>> direct: 519-850-2433 <(519)%20850-2433>
>>> e-mail: mihu...@uwo.ca
>>>
>>>
>>>
>>> ** Participation and subscription information for this EDUCAUSE
>>> Constituent Group discussion list can be found at
>>> http://www.educause.edu/discuss.
>>>
>>>
>> ** Participation and subscription information for 

Re: [WIRELESS-LAN] Res hall wireless printing..

[John Rodkey]

We had to kill the geese to make our quills...  :)

On Thu, Sep 1, 2016 at 12:35 PM, Mike Cunningham 
wrote:

> We didn’t have printers in college, we had typewriters…… oh crap, did I
> just date myself L
>
>
>
> -Mike
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Brian Helman
> *Sent:* Thursday, September 01, 2016 2:50 PM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Res hall wireless printing..
>
>
>
> That was our  past philosophy .. go somewhere to print it on one of our
> units.  But that isn’t flying any more.  It’s all about convenience, right?
>
>
>
> Hey, I had to walk 2 miles in 6’ of snow in September uphill both ways to
> get my print outs when I was in college!
>
>
>
> -Brian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Tony Skalski
> *Sent:* Thursday, September 01, 2016 12:40 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Res hall wireless printing..
>
>
>
> Is the issue getting them onto your wireless network, or to stop them from
> broadcasting their own SSIDs?
>
>
>
> We try (by providing ~75 follow-me release stations around campus) to get
> them to use our infrastructure. We tell them not to bring printers. We see
> their SSIDs in the res, but to date, we haven't spent much time making them
> turn them off. We trust that they are low power transmitters and that they
> are only disruptive at short distances. If someone complains about poor
> performance in the area, and we can see evidence of interference, we will
> use it to encourage the student to turn off the wireless on their printer.
>
>
>
> We have no interest in getting them on our network.
>
>
>
> ajs
>
>
>
> On Thu, Sep 1, 2016 at 11:20 AM, Jeffrey D. Sessler <
> j...@scrippscollege.edu> wrote:
>
> Have you considered adding more printers in the residence halls,
> mitigating any compelling need for a student to have their own printer?
> There are a number of solutions out there today that provide air
> print/google print (or mobile print clients), making it even simpler.
>
>
>
> Basically, you’ll likely spend less to provide more/better
> college-provided printing then to engineer a solution for the personal
> printers.
>
>
>
> Jeff
>
>
>
> *From: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU> on behalf of Brian Helman 
> *Reply-To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU>
> *Date: *Thursday, September 1, 2016 at 9:08 AM
> *To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU>
> *Subject: *[WIRELESS-LAN] Res hall wireless printing..
>
>
>
> Can you tell it’s the start of the new academic year?...
>
>
>
> I know we talk about this every year, but here we go again.  How are
> people tackling/addressing students who want to use their wireless printers
> in their dorm rooms?  In the past, we’ve told them they have to disable the
> wireless and use a USB from their laptop.  That’s not flying as well as
> more and more people are more and more dependent on tablets, phablets and
> phones.
>
>
>
> We haven’t thought it through, but one option is to set up a separate,
> non-Internet accessible SSID for printers.  We’d have to think though if it
> should hit the NAC, be somehow otherwise registered, do we care about
> security, contain those SSID’s to buildings (and not pass that traffic
> between buildings) etc, etc.
>
>
>
> -Brian
>
>
>
> 
> *Brian Helman, M.Ed *|*  Director, ITS/Networking Services | *(: *978.542.7272
> <978.542.7272>*
>
> *Salem State University, 352 Lafayette St., Salem Massachusetts 01970*
>
> *GPS: 42.502129, -70.894779*
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
>
>
>
>
> --
>
> Tony Skalski
> Systems Administrator
> a...@stolaf.edu
> 507-786-3227
> St. Olaf College
> Information Technology
> 1510 St. Olaf Avenue
> Northfield, MN55057-1097
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
>

**
Participation and subscription 

Re: [WIRELESS-LAN] One more round- finer point on Open Networks in Dorm

[John Rodkey]

Westmont was wide open and is now non-open in the dorms.  There are
selected placed on campus and selected times on campus when wireless is
opened up.

John

On Fri, May 13, 2016 at 8:50 AM, Brian Helman 
wrote:

> Lee, I posed this question back at NERCOMP.  You may want to also know the
> answer to “who has done this and switched back to a non-open environment?”.
>
>
>
> -Brian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Lee H Badman
> *Sent:* Friday, May 13, 2016 9:02 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] One more round- finer point on Open Networks in
> Dorm
>
>
>
>
>
> I asked this back in February, and would like to go one more round with
> some specifics applied. Direct response off-list is OK if you prefer. Let
> me ask it two ways:
>
>
>
> · Who runs a wide-open WLAN in their dorms? I’m talking no
> encryption, no portal, no nothing. Just get on and go, baby.
>
> · Same question, but with simple PSK/WPA2 added.
>
>
>
> No ISE, no Clearpass, no MAC registrations. For those doing this, do you
> rate-limit? Restrict access only to Internet? Block WLAN clients from
> directly reaching each other? Any other restrictions/policy configs applied?
>
>
>
> Thanks,
>
>
>
> Lee Badman
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID?

[John Rodkey]

At Westmont we've got the following capabilities reported
802.11g 2.4 - 16 (0.4%)
802.11g 2.4/5 - 16 (0.4%)
802.11n 2.4 - 47 (1.3%)
802.11n 2.4/5 - 1774 (48%)
802.11ac 2.4/5 - 1831 (49%)

Hard to tell, but I think this means 63 2.4GHz (1.7%) and 3621 5GHz (98.3%)

In terms of channel width,
20MHz - 306 ( 8.3%)
40MHz - 996 ( 27%)
80MHz - 2382 (65%)

Would it be a better idea for us to limit our channel width to 40MHz, do
you think?







On Thu, Apr 7, 2016 at 2:37 PM, Jeffrey D. Sessler 
wrote:

> In our newly renovated residential hall, with dense 5 GHz coverage
> (basically every other room), I’m seeing:
>
> 89% 5GHz
> 11% 2.4GHz
>
> 49% of 5GHz clients are 802.11ac
>
> In areas where we don’t have the dense 5 GHz coverage, it looks more like
> this:
>
> 60% 5GHz
> 40% 2.4GHz
> 35% of 5GHz clients are 802.11ac
>
> Overall, 97% of the 2.4 population is 802.11n. The other 3% being G-only.
>
> Jeff
>
>
>
>
> On 4/7/16, 2:02 PM, "The EDUCAUSE Wireless Issues Constituent Group
> Listserv on behalf of Chuck Enfield"  on behalf of chu...@psu.edu> wrote:
>
> >>90% on 5GHz!  That's eye-opening.  I've got some thinking to do.
> >
> >-Original Message-
> >From: The EDUCAUSE Wireless Issues Constituent Group Listserv
> >[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller
> >Sent: Thursday, April 07, 2016 4:55 PM
> >To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> >Subject: Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID?
> >
> >On Thu, Apr 7, 2016 at 7:31 AM, Chris Adams (IT) 
> >wrote:
> >> PS: I’m sure some of the Xirrus guys are chuckling at this
> >> conversation as Xirrus has been well known for having large SDR arrays
> >> for many years now J
> >
> >I'm sure. :) One of our highest density areas has a couple of 8-radio
> Xirrus
> >units to serve a room of 250 students. We are running 2x2GHz radios,
> 5x5GHz
> >radios, and 1 monitor mode radio in these units. The performance is great
> >and we typically see a lot of 5GHz clients when the room is "fully
> loaded."
> >I have attached an example.
> >
> >This is definitely in contrast with what we see generally on campus, as
> >people move all around all the time, we see closer to 50/50, or maybe
> 40/60
> >toward 5GHz.
> >
> >As far as 5GHz radios in close proximity within the same unit - I don't
> >worry about it much. We generally just let auto channel take care of it
> and
> >we seem to be fine.
> >
> >--
> >Hunter Fuller
> >Network Engineer
> >VBRH Annex B-1
> >+1 256 824 5331
> >
> >Office of Information Technology
> >The University of Alabama in Huntsville
> >Systems and Infrastructure
> >
> >**
> >Participation and subscription information for this EDUCAUSE Constituent
> >Group discussion list can be found at http://www.educause.edu/groups/.
> >
> >**
> >Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] backhaul wifi comparison/suggestions

[John Rodkey]

I don't have any spare 5G in weatherproof.  Also this is proof of concept
for another non Meraki site .
On Apr 5, 2016 2:54 PM, "Ian McDonald" <i...@st-andrews.ac.uk> wrote:

> Yearly license fees?
>
>
>
> I see that 2.4 might not be ideal. What stops you using the 5G radios?
>
>
>
> --
>
> ian
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
> *Sent:* 05 April 2016 22:53
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] backhaul wifi comparison/suggestions
>
>
>
> That's what I've got in place now, but it also costs because of the yearly
> license fees.
>
> It hasn't been 100% reliable, either (interference on 2.4MHz, I'm pretty
> sure), so going 5 is desirable.
>
> John
>
>
>
> On Tue, Apr 5, 2016 at 2:42 PM, Ian McDonald <i...@st-andrews.ac.uk> wrote:
>
> A pair of (cisco) access points from your scrap pile in bridge mode? 100%
> inexpensive J
>
>
>
> --
>
> ian
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
> *Sent:* 05 April 2016 22:36
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] backhaul wifi comparison/suggestions
>
>
>
> I have need for a fairly inexpensive,  low bandwidth (10Mbps), short
> distance (<200 ft)  point to point wireless connection .
>
> I am aware of the Cambrium ePMP 1000 and Ubiquiti nano.
>
> Would anyone like to compare these items or propose other good solutions
> to this type of situation?
>
> John
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] backhaul wifi comparison/suggestions

[John Rodkey]

That's what I've got in place now, but it also costs because of the yearly
license fees.
It hasn't been 100% reliable, either (interference on 2.4MHz, I'm pretty
sure), so going 5 is desirable.

John

On Tue, Apr 5, 2016 at 2:42 PM, Ian McDonald <i...@st-andrews.ac.uk> wrote:

> A pair of (cisco) access points from your scrap pile in bridge mode? 100%
> inexpensive J
>
>
>
> --
>
> ian
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
> *Sent:* 05 April 2016 22:36
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] backhaul wifi comparison/suggestions
>
>
>
> I have need for a fairly inexpensive,  low bandwidth (10Mbps), short
> distance (<200 ft)  point to point wireless connection .
>
> I am aware of the Cambrium ePMP 1000 and Ubiquiti nano.
>
> Would anyone like to compare these items or propose other good solutions
> to this type of situation?
>
> John
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

backhaul wifi comparison/suggestions

[John Rodkey]

I have need for a fairly inexpensive,  low bandwidth (10Mbps), short
distance (<200 ft)  point to point wireless connection .
I am aware of the Cambrium ePMP 1000 and Ubiquiti nano.

Would anyone like to compare these items or propose other good solutions to
this type of situation?

John

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED

[John Rodkey]

Westmont College, Santa Barbara CA
3680 clients (1200 students)
Cisco Meraki APs - 280 active
Cloud Based
Cisco Meraki Cloud
Typical aggregate traffic 2.3TB per 24 hours. (280Mb/s)


On Tue, Apr 5, 2016 at 7:31 AM, Janice Gildawie 
wrote:

> Bard College at Simon's Rock (Great Barrington, MA)
> 650 clients
> Cisco Meraki APs - about 115 or so
> Cloud Based/not controller based
> Cisco Meraki Cloud
>
>
> On 4/1/2016 10:05 AM, Watters, John wrote:
>
> Can we revisit this subject? It seems to have gotten a good number of
> responses but the information is of limited use without other information
> to go with it.
>
>
>
> If folks will send me information on their wireless networks I will
> tabulate it and send it back out to the list.
>
>
>
> How about the following info:
>
>
>
> School name
>
> Total number of clients served (faculty + staff + students + guess at
> guests) during a typical school day
>
> Brand(s) of APs in use and approximate number of APs for each brand
>
> Whether the APs are standalone or controller based
>
> Wireless management platform (e.g., Cisco Prime, HP Aruba Airwave, none,
> etc.)
>
>
>
>
>
> For the University of Alabama I would answer as follows:
>
>
>
> The University of Alabama
>
> 45,000 clients
>
> Cisco 5,000 APs
>
> Controller based
>
> HP Aruba Airwave management
>
>
>
>
>
> If others want to suggest additional questions, that is fine as long as we
> can get them soon enough so that most people who respond will have answers
> to all of the questions. Why don't we collect questions until next WED and
> try to get the poll sent out next THU?
>
>
>
>
>
>
>
>
>
> -jcw
> [image: UA Logo]
>
>
>
>
> John Watters   The University of Alabama
>
> Office of Information
> Technology
>
> 205-348-3992
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who wifi vendors does everyone use?

[John Rodkey]

Although Cisco bought Meraki, their wireless APs and their cloud-based
management set them apart from the traditional Cisco APs.

John

On Thu, Mar 31, 2016 at 7:53 AM, Osborne, Bruce W (Network Services) <
bosbo...@liberty.edu> wrote:

> I thought Meraki == Cisco now.
>
>
>
> ​
>
>
>
> *Bruce Osborne*
>
> *Wireless Engineer*
>
> *IT Network Services - Wireless*
>
>
>
> *(434) 592-4229 <%28434%29%20592-4229>*
>
>
>
> *LIBERTY UNIVERSITY*
>
> *Training Champions for Christ since 1971*
>
>
>
> *From:* John Rodkey [mailto:rod...@westmont.edu]
> *Sent:* Wednesday, March 30, 2016 1:26 PM
> *Subject:* Re: Who wifi vendors does everyone use?
>
>
>
> Need to add Meraki to the list...
>
>
>
> On Wed, Mar 30, 2016 at 8:33 AM, Jeremy Gibbs <jlgi...@utica.edu> wrote:
>
> Here is a straw poll.
>
>
>
> https://strawpoll.me/7228156
>
>
>
>
>
>
>
>
>
> *-- Jeremy L. Gibbs*
>
> Sr. Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
>
> F: (315) 792-3814
>
> E: jlgi...@utica.edu
>
> http://www.utica.edu
>
>
>
> On Wed, Mar 30, 2016 at 11:22 AM, Julian Y Koh <kohs...@northwestern.edu>
> wrote:
>
> On Wed Mar 30 2016 10:20:03 CDT, Jeremy Gibbs <jlgi...@utica.edu> wrote:
> >
> > Utica College - We use Extreme Networks for WiFi, formerly known as
> Enterasys IdentiFi Wireless.
> >
>
> In the interest of not having a zillion replies, might I suggest some kind
> of web-based poll to gather and aggregate this information?  :)
>
>
>
> --
> Julian Y. Koh
> Associate Director, Telecommunications and Network Services
> Northwestern Information Technology
>
> 2001 Sheridan Road #G-166
> Evanston, IL 60208
> +1-847-467-5780
> NUIT Web Site: <http://www.it.northwestern.edu/>
> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who wifi vendors does everyone use?

[John Rodkey]

Need to add Meraki to the list...

On Wed, Mar 30, 2016 at 8:33 AM, Jeremy Gibbs  wrote:

> Here is a straw poll.
>
> https://strawpoll.me/7228156
>
>
>
>
>
>
> *--Jeremy L. Gibbs*
> Sr. Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
> F: (315) 792-3814
> E: jlgi...@utica.edu
> http://www.utica.edu
>
> On Wed, Mar 30, 2016 at 11:22 AM, Julian Y Koh 
> wrote:
>
>> On Wed Mar 30 2016 10:20:03 CDT, Jeremy Gibbs  wrote:
>> >
>> > Utica College - We use Extreme Networks for WiFi, formerly known as
>> Enterasys IdentiFi Wireless.
>> >
>>
>> In the interest of not having a zillion replies, might I suggest some
>> kind of web-based poll to gather and aggregate this information?  :)
>>
>>
>>
>> --
>> Julian Y. Koh
>> Associate Director, Telecommunications and Network Services
>> Northwestern Information Technology
>>
>> 2001 Sheridan Road #G-166
>> Evanston, IL 60208
>> +1-847-467-5780
>> NUIT Web Site: 
>> PGP Public Key:
>>
>> **
>> Participation and subscription information for this EDUCAUSE Constituent
>> Group discussion list can be found at http://www.educause.edu/groups/.
>>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco LWAP Advice

[John Rodkey]

I would echo Lee's observations.  Being an early adopter, Westmont had its
share of teething pains, but the benefits of Meraki managing the back-end
server are considerable.  Our wireless deployment isn't massive: about 300
WAPs, and typically about 3000 devices attaching per day, and I'm sure we
aren't cutting edge speed everywhere, but it generally 'just works', and
takes fairly low management effort.


John

On Mon, Dec 14, 2015 at 10:46 AM, Lee H Badman  wrote:

> I use both- and have a real fondness for Meraki. Cisco vs Meraki is not
> just Apples to Apples on hardware. With Meraki, the perpetual controller
> and NMS bugs are no longer your problem, and it’s liberating beyond belief
> to not have to deal with that. I might feel different if Cisco got their
> WLAN code act together, but I’ve heard 10 years of admissions and promises
> and have yet to see it happen. Escalation builds, engineering builds, blah
> blah blah. There is a high TCO to Cisco wireless beyond the price tags.
> That’s the cost of seeing a bazillion features exposed that you may never
> use.
>
>
>
> In our Meraki sites, things work, they work well, and troubles tend to be
> statistical zero. Meraki APs never win bake-offs for high performance, but
> most well-designed environments don’t need rocket ships bolted to the
> ceiling either. System administration is an absolute breeze, in my years of
> running these environmnets.
>
>
>
> My guidance- carefully define your requirements and staffing, TRY BEFORE
> YOU BY in all cases, and query others that have gone before you in
> legitimate production.
>
>
>
>
>
>
>
> *Lee Badman* | Network Architect
>
> Information Technology Services
> 206 Machinery Hall
> 120 Smith Drive
> Syracuse, New York 13244
>
> *t* 315.443.3003  * f* 315.443.4325   *e* lhbad...@syr.edu *w* its.syr.edu
>
> *SYRACUSE UNIVERSITY*
> syr.edu
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeffrey D. Sessler
> *Sent:* Monday, December 14, 2015 12:07 PM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Cisco LWAP Advice
>
>
>
> I’ve looked at Meraki and it seems positioned at small installations, and
> once you get to a certain number of AP’s, the conventional Cisco-based
> controller (or similar vendor solution) comes our far less expensive.
>
>
>
> For smartnet, you can realize significant additional savings over and
> above the standard 30% EDU discount if you sign up for a multi-year
> contract e.g. 3 or 5 years. You can also finance the smartnet via Cisco
> leasing (generally at zero additional cost) so that in the case of a three
> year contract, you make 3 yearly payments.
>
>
>
> Also, don’t forget the special SKU for the controllers. A couple of years
> ago, Cisco started bundling the AP support cost in the controller contract,
> and there is a SKU that backs the cost back out for EDUs.
>
>
>
> Jeff
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Daniel Eklund
> *Sent:* Friday, December 11, 2015 5:52 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Cisco LWAP Advice
>
>
>
> RFP is a good idea.  Considering your size you should be seriously looking
> at alternative like Meraki and Ruckus.
>
>
>
> On Fri, Dec 11, 2015 at 8:47 AM, Klaczko, Edwin  wrote:
>
> Even though it’s a bit more work an RFP is a good idea.  Even if you are
> happy with your current vendor it helps with getting the best pricing.  On
> several occasions I’ve virtually eliminated the “Cisco premium” everyone
> expects.  Now ongoing SmartNet maintenance costs are another matter.
>
>
>
>
>
> Eddie Klaczko
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Osborne, Bruce W
> (Network Services)
> *Sent:* Friday, December 11, 2015 6:34 AM
>
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Cisco LWAP Advice
>
>
>
> I agree with the RFP idea.
>
>
>
> When we last did an RFP and in-house demos & proof of concepts, we were
> surprised at what was offered by Aruba Networks. They even worked with us
> to support multicast video on wireless.
>
>
>
> ​
>
>
>
> *Bruce Osborne*
>
> *Wireless Engineer*
>
> *IT Infrastructure & Media Solutions*
>
>
>
> *(434) 592-4229 <%28434%29%20592-4229>*
>
>
>
> *LIBERTY UNIVERSITY*
>
> *Training Champions for Christ since 1971*
>
>
>
> *From:* Lee H Badman [mailto:lhbad...@syr.edu ]
> *Sent:* Thursday, December 10, 2015 1:41 PM
> *Subject:* Re: Cisco LWAP Advice
>
>
>
> If the old controller is all that is tying you to Cisco,  it sounds like
> RFP time- let the market compete for your business.
>
>
>
> *Lee Badman* | Network Architect
>
> Information Technology Services
> 206 Machinery Hall
> 

Re: [WIRELESS-LAN] FreeRADIUS Diffie-Hellman Keys and iOS9

[John Rodkey]

Interesting...  because when I installed a DH2048 key without adding the
dh_key_length parameter, users were not able to authenticate.
When I added the length, things worked.   I'm good with it just being
magic, as long as it works...

John Rodkey
Director of Servers and Networks
Westmont College

On Tue, Sep 15, 2015 at 9:10 AM, Walter Reynolds <wa...@umich.edu> wrote:

> Based on the following link, it implies that flag does not do anything.
> It is old, but did the same thing on code I am running (2.2.8)
>
> http://freeradius.1045715.n5.nabble.com/Why-is-the-default-DH-keysize-only-512-bits-td2754757.html
>
>
>
>
> 
> Walter Reynolds
> Principal Systems Security Development Engineer
> Information and Technology Services
> University of Michigan
> (734) 615-9438
>
> On Tue, Sep 15, 2015 at 11:04 AM, Bruce Curtis <bruce.cur...@ndsu.edu>
> wrote:
>
>> When we increased the size of our key Google had found a reference to
>> putting this line in EAP.conf.
>>
>> dh_key_length = 2048
>>
>> I have not tested without the line but the presence of the line does not
>> prevent freeradius from running and the device that was complaining about
>> the size of the key now works.
>>
>> On Sep 15, 2015, at 8:34 AM, Walter Reynolds <wa...@umich.edu> wrote:
>>
>> > On freeradius does it use the size of the key or do you have to specify
>> somewhere?
>> >
>> > When I put in a dh key that is 2048 and run in debug mode I see the
>> following
>> >
>> > Tue Sep 15 09:30:18 2015 : Debug:  Module: Instantiating eap-tls
>> > Tue Sep 15 09:30:18 2015 : Debug:tls {
>> > Tue Sep 15 09:30:18 2015 : Debug:   rsa_key_exchange = no
>> > Tue Sep 15 09:30:18 2015 : Debug:   dh_key_exchange = yes
>> > Tue Sep 15 09:30:18 2015 : Debug:   rsa_key_length = 512
>> > Tue Sep 15 09:30:18 2015 : Debug:   dh_key_length = 512
>> >
>> > But I verified the file itself.
>> >
>> > [root@aaa-maccvm-05 certs]# openssl dhparam -in dh -text -noout
>> > PKCS#3 DH Parameters: (2048 bit)
>> >
>> >
>> >
>> > 
>> > Walter Reynolds
>> > Principal Systems Security Development Engineer
>> > Information and Technology Services
>> > University of Michigan
>> > (734) 615-9438
>> >
>> > On Mon, Sep 14, 2015 at 8:43 AM, Christopher Michael Allison <
>> chris.m.alli...@siu.edu> wrote:
>> > Actually, We Upgraded to FreeRadius 2.2.8 to solve some issues with
>> iOS9. We have been using a 2048 bit Diffie-Hellman.  And it is a must do
>> ASAP as when it rolls out official you will have issues with clients
>> connecting. Also if you aren't on FreeRadius 2.2.7 or higher you will run
>> into the same issues that we did. Radius will answer the iOS9 clients TLS
>> v1.2 Hello but can't transmit anything back to it so the client will never
>> authenticate.
>> >
>> > Thanks,
>> >
>> > CHRISTOPHER ALLISON
>> > Network Engineer I
>> >
>> > Information Technology
>> > Mail Code 4622
>> > 625 Wham Drive
>> > Carbondale, Illinois 62901
>> >
>> > chris.m.alli...@siu.edu
>> > P: 618 / 453 - 8415
>> > F: 618 / 453 - 5261
>> > INFOTECH.SIU.EDU
>> >
>> >
>> >
>> > "Choose a job you love, and you will never have to work a day in your
>> life."
>> > Confucius
>> >
>> > 
>> > From: The EDUCAUSE Wireless Issues Constituent Group Listserv <
>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Bruce Curtis <
>> bruce.cur...@ndsu.edu>
>> > Sent: Sunday, September 13, 2015 6:14 AM
>> > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> > Subject: Re: [WIRELESS-LAN] FreeRADIUS Diffie-Hellman Keys and iOS9
>> >
>> >   We just upgraded to 2048 bit Diffie-Helman won September 3.   We had
>> a person come to the help desk with a Chromebook that stopped connecting to
>> the wireless on September 1, after an OS update.  We had been using a 512
>> bit Diffie Helman key.
>> >
>> >
>> >
>> > 2015-09-03T18:01:36.709399+00:00 NOTICE wpa_supplicant[472]: OpenSSL:
>> openssl_handshake - SSL_connect error:14082174:SSL
>> routines:ssl3_check_cert_and_algorithm:dh key too small
>> >
>> > On Sep 11, 2015, at 4:55 PM, Curtis K. Larsen <curtis.k.lar...@utah.edu>
>> wrote:
>>

Re: [WIRELESS-LAN] LTE over Wi-Fi spectrum sets up industry-wide fight over interference

[John Rodkey]

Seems to me it could also be solved by obstructionist, power-mongering
leadership at the FCC, if only they could find a self-interested reason for
doing what accidentally turns out to be the right thing.

So there might be an outside chance we're not doomed.

On Thu, Aug 27, 2015 at 12:51 PM, Lee H Badman lhbad...@syr.edu wrote:

 Sadly, this can only be solved with bold, nuanced, forward looking
 leadership out of the FCC.



 In other words, we’re freakin’ doomed.









 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Hinson, Matthew P
 *Sent:* Thursday, August 27, 2015 2:55 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] LTE over Wi-Fi spectrum sets up industry-wide
 fight over interference



 Source:
 http://arstechnica.com/information-technology/2015/08/verizon-and-t-mobile-join-forces-in-fight-for-wi-fi-airwaves/#p3



 It was only a matter of time.



 Thank you!

 Matthew Hinson

 Supervisor, Network Operations

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi

[John Rodkey]

From the FCC's FAQ in respect to public vs private property :
Jamming devices may not be used regardless of whether the device is
operated on public or private property. If you own a jammer, do not
continue to operate it. You risk substantial fines (of up to $16,000 for
each violation or each day of a continuing violation, or up to $112,000 for
a single act); seizure of the device by the government; and criminal
imprisonment. Signal jammers do not respect property lines, and *federal
law provides no exception that allows for the private or commercial use of
a jammer*.

The same FAQ explicitly names WiFi along with GPS and Cell as falling
within this jurisdiction, although it appears to be referencing jamming
devices, not jamming mechanisms (using NAK protocols, for instance).
Nevertheless, they specify that jammers prevent your Wi-Fi enabled device
from connecting to the Internet; and this appears to be the basis on which
Marriott was pursued.  In Marriott's case, protocol blocking not physical
signal jamming was the method used.

John

On Wed, Jan 28, 2015 at 11:22 AM, John Rodkey rod...@westmont.edu wrote:

 Indeed! The statement clarifies aspects of this, but muddies others.
 WARNING: *Wi-Fi Blocking is Prohibited.* *Persons or Businesses* Causing
 Intentional Interference to Wi-Fi Hot Spots Are Subject to Enforcement
 Action

 We start with a general statement that (presumably) ALL blocking is 
 prohibited.

 Then move on to Persons or Businesses ... are subject to enforcement.  Are 
 there entities which are neither Persons nor Businesses?  To the best of my 
 knowledge all enterprise wireless systems are operated by persons.

 If you aren't a Person and you aren't a Business, then you're in the clear: 
 FCC won't be pursuing enforcement against you.

 For the rest of us who are persons...

 Then the statement notes a trend among commercial establishments, and cites 
 the example of Marriott, and then muddies the water when it designates 
 hotels, convention centers or other commercial establishments.

 How many colleges and universities host conferences during the summer?  Would 
 they be considered convention centers?  Is student housing considered the 
 equivalent to 'hotels' in the view of the law?

 We need Educause lawyers to pin this down...






 On Wed, Jan 28, 2015 at 6:32 AM, Thomas Carter tcar...@austincollege.edu
 wrote:

 I'm disappointed in the statement from the FCC. This was a chance to
 clarify their position on this, but it's still as vague as ever. What is a
 commercial establishment? Does that include K-12 or Higher Ed? What about
 a corporate HQ?

 I'm also disappointed that the wireless vendors have been quiet on this
 issue as well. Where is Cisco, Aruba, Rukus, et. al who provide us with
 these tools? One reading of the FCC notice is that the product they market
 and sell is illegal. I feel they should be leading the charge with the FCC
 for clarification for us, their customers.

 Thomas Carter
 Network and Operations Manager
 Austin College
 903-813-2564


 -Original Message-
 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
 Sent: Tuesday, January 27, 2015 5:38 PM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi

 http://www.fcc.gov/document/warning-wi-fi-blocking-prohibited

 Which would imply that a subset of our tools are illegal:


 https://wirednot.wordpress.com/2015/01/06/are-wlan-vendors-selling-illegal-jammers/

 Complicated times.

 -Lee

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.




 --

 ​
 ​---======---​


 Want to quickly check
 ​a ​
 system status
 ​ or​
 report
 ​a problem to the IT team?
 Use http://justme.westmont.edu
 ​
 ​
 Have a problem that requires tracking and IT email response?
 Use http://mayday.westmont.edu​





-- 

​
​---======---​


Want to quickly check
​a ​
system status
​ or​
report
​a problem to the IT team?
Use http://justme.westmont.edu
​
​
Have a problem that requires tracking and IT email response?
Use http://mayday.westmont.edu​

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] SV: [WIRELESS-LAN] Attendance

[John Rodkey]

I'd say it's a ways off, if the facial recognition on my Nexus 7 is any
indication...  About half the time I need to enter the passcode by hand
because it doesn't recognize or even find my face.

John

On Mon, Nov 24, 2014 at 10:24 AM, Nilsson, Robert 
rnils...@extremenetworks.com wrote:

  Short of the student-embedded RF-chips or NFC, apparently some schools
 have been trying to move to facial recognition to track attendance.

 This is a Kyoto University paper on the topic
 http://www.mm.media.kyoto-u.ac.jp/old/research/doc/682/FRLASinAEARU.pdf.

 This is from a University in India: FACE RECOGNITION BASED ATTENDANCE
 MARKING SYSTEM http://ijcsmc.com/docs/papers/February2014/V3I2201468.pdf
 .

 This article is from a few years back: Face-recognition technology to
 monitor school attendance
 http://www.redicecreations.com/article.php?id=15343.



 But is still a ways off….



 -Bob



 Bob Nilsson | Director of Solutions Marketing
 Extreme Networks
 Mobile: 978.269.4819 | Office: 603-952-5120 | www.extremenetworks.com
 Twitter: @RHNilsson



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jim Glassford
 *Sent:* Monday, November 24, 2014 11:33 AM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] SV: [WIRELESS-LAN] Attendance




 Some faculty here use the TurningPoint clickers to check attendance.
 Students walk past the classrooms during class and click in, on there way
 to the gym or the coffee house.

 On 11/24/2014 11:18 AM, Anders Nilsson wrote:

 Aren’t we all operating small RF-chips into our students nowadays?

 Makes tracking people so much easier.  ;)

 On a more serious note I totally agree with Mr. Badman here.

 Getting rough stats is one thing, getting Attendance lists is a very
 different and more difficult thing.



 Cheers

 Anders Nilsson

 Univ of Umeå



 *Från:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
 mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *För *Lee H Badman
 *Skickat:* den 24 november 2014 17:01
 *Till:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Ämne:* Re: [WIRELESS-LAN] Attendance



 I can think of a few concerns.



 I give you my tablet to take to class, and I’m there without being there.



 I give you my credentials to put on your device- you get “seen” as you,
 then me. We’re both there without me being there.



 Client devices may not connect to the AP in the room. There may be no AP
 in the room… how close to the room is close enough if I connect to the
 floor above/below or adjacent room/hallway? And who sorts it all out?



 To me as an instructor, nothing is easier than good old paper sign-in. And
 if you didn’t sign in, you weren’t there. Period.



 Not everything needs to have a tech edge on it, and I’m as tech geeky as
 it gets…





 -Lee



 Lee Badman

 Wireless/Network Architect

 ITS, Syracuse University

 315.443.3003

 (Blog: http://wirednot.wordpress.com)



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
 mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Patrick Mauretti
 *Sent:* Monday, November 24, 2014 10:11 AM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] Attendance



 Funny you should ask, as we are looking into doing the same thing here.
 I’d love to see someone have it in place to know what the pitfalls might
 be.





 Patrick Mauretti

 Sr. Network Admin

 Massasoit Community College

 1 Massasoit Blvd

 Brockton, MA 02302

 508-588-9100 x1660

 *“On the internet, nobody knows you’re a dog.”*



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
 mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Joe Rogers
 *Sent:* Monday, November 24, 2014 6:16 AM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Attendance




 Are any folks currently using their wireless networks to verify class
 attendance?  For example, are you checking that a wireless device
 authenticated by a student was in the classroom?

 --

 *Joe Rogers*
 Associate Director, Network Engineering
 University of South Florida – Information Technology

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



 ** Participation and subscription information for this EDUCAUSE
 Constituent Group 

Re: [WIRELESS-LAN] Channel Utilization

[John Rodkey]

​Our experience is that at 40% users are going to start to wonder what's
wrong, and at 60% you might as well hang it up.
I'm not sure where the 34% number came from, but it matches with the
maximum practical utilization of the Aloha network in the late 60's.  ​

​Perhaps it is entirely a coincidence that Aloha and 802.11* show similar
maximum utilization?
I'd love to see  graphs of throughput vs. utilization for various
protocols, but can't lay my hands on any at the moment.

John​


On Thu, Nov 6, 2014 at 1:48 PM, Reams, Lane lane.re...@vanderbilt.edu
wrote:

  Our team has recently been having discussions about co-channel
 interference and channel utilization to better understand the issues we are
 having in our dorms.  We know we have a design issue, but we are trying to
 quantify the problem.  In Cisco’s “Enterprise Best Practices for Apple
 Mobile Devices on Cisco Wireless LANs”, they state that “Using the Aloha
 protocol definition of channel utilization, a wireless packet network
 reached capacity when the utilization reaches 34%.”



 What utilization parameters do you use to identify poor performance on a
 channel?  In other words, at what percentage do you say “that’s a problem”?



 *Lane Reams | Manager, Network Design  Engineering | Information
 Technology | Vanderbilt University*
 lane.re...@vanderbilt.edu | phone 615.936.2677 | it.vanderbilt.edu




  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.




-- 

​
​---======---​


Want to quickly check
​a ​
system status
​ or​
report
​a problem to the IT team?
Use http://justme.westmont.edu
​
​
Have a problem that requires tracking and IT email response?
Use http://mayday.westmont.edu​

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wireless lighting controls, etc

[John Rodkey]

That is amazing.  Definitely on the 'watch' list for my networking
class.

On Tue, Sep 30, 2014 at 10:30 AM, Coehoorn, Joel jcoeho...@york.edu wrote:

 Funny how things just come together sometimes. I also saw this today:

 https://www.youtube.com/watch?v=egIY7ushchU


   Joel Coehoorn
 Director of Information Technology
 York College, Nebraska
 402.363.5603
 *jcoeho...@york.edu jcoeho...@york.edu*




 The mission of York College is to transform lives through
 Christ-centered education and to equip students for lifelong service to
 God, family, and society

 On Tue, Sep 30, 2014 at 12:28 PM, Jason Watts jwa...@pratt.edu wrote:

 Lee,

 Aside from Lutron and Crestron, which I believe both have equipment which
 operates in the low Mhz range (200-400), I've heard of Enocean which has
 offerings in both 300 and 900Mhz range and uses energy harvesting with some
 of its switches and components so that they are non-wiring dependent.

 Here is a link to what they are terming their wireless ISO/IEC standard:

 http://www.enocean.com/en/enocean-wireless-standard/

 We looked at them when Facilities was shopping around to upgrade some
 lighting systems. Haven't seen any of their gear in operation yet.

 --
 Jason Watts
 Pratt Institute, Academic Computing
 Senior Network Administrator


 On 9/30/2014 10:11 AM, Lee H Badman wrote:

 My cynical side thinks I know the answer already, but let my cast my net
 anyways…
 Has anyone found or been involved with any sort of lighting/sound
 controls that have wireless componentry and work well with enterprise
 WLAN?
 Thanks-
 Lee
 Lee Badman
 Wireless/Network Architect
 ITS, Syracuse University
 315.443.3003
 (Blog: _http://wirednot.wordpress.com_)
 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Power Management

[John Rodkey]

I have had good success using RANCID to automate collecting show power
inline results into files for all our switches using one command, and then
use awk and grep to make reports.


On Mon, Sep 8, 2014 at 9:55 AM, Jeremy Gibbs jlgi...@utica.edu wrote:

 Command line show power inline with the | include should work out well.
  You could also have a programmer develop something for you.  You would
 just have to walk the SNMP tree and take port descriptions and power
 levels.  Also, if you use Cacit, check for a plugin that will graph total
 power usage.  That may be interesting to trend and could help with UPS
 sizing in the future etc.

 On Mon, Sep 8, 2014 at 12:39 PM, Peter P Morrissey ppmor...@syr.edu
 wrote:

  We just use the command line, and don’t seem to need to do much
 management as the devices are plug and play. Occasionally we power
 something down and up to reset it and occasionally we have to check on a
 power issue, but it seems to mostly take care of itself.  I can’t say I
 have ever missed not having a GUI for this purpose, and it definitely make
 sense to get rid of the midspans if the switches take care of it.



 Pete Morrissey



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Watters, John
 *Sent:* Monday, September 08, 2014 12:22 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Power Management





 I have been using the PowerDsine PoE inserters (6, 12,  24 ports) for
 years and am generally very pleased with them. We started using them before
 VoIP caught on and before our switches had built-in PoE. I am now getting
 pressure to abandon the PowerDsine devices since all of our new switches do
 have PoE (mostly using Cisco 3750x/3850x for distribution now).



 The problem I have with abandoning the PowerDsine units is the lack of a
 nice graphical management tool for the PoE on my Cisco switches. Has anyone
 found a nice tool for power management of Cisco switches?



 At a minimum I need to see the interface name, the interface description,
 and the current power usage; and be able to easily toggle power off and
 back on. It would be very nice to be able to only show the interfaces that
 have a description matching a specified mask so I could look at only APs,
 only phones, all, etc., based on my mask.



 We don’t really want to turn on HTTP for the switches, but we could if
 this would provide what we need for power management.



 Any advice would be appreciated.



 Thanks.







 -jcw
 [image: UA Logo]




 John Watters   The University of Alabama

 Office of Information
 Technology

 205-348-3992





 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.




 --


 *--Jeremy L. Gibbs*
 Network Engineer
 Utica College IITS

 T: (315) 223-2383
 F: (315) 792-3814
 E: jlgi...@utica.edu
 http://www.utica.edu
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Guest Network Access Policy

[John Rodkey]

:)  Yes, indeed.  The fact of the matter is that students if are not
motivated, they will default to using the unencrypted open network, with
all the entailing security problems.
We have a few categories of recurring guests for whom we have made
dedicated encrypted SSIDs with pre-shared keys, so we primarily torture the
parents of the students when they  drop off  first year students.  During
the first week of each fall semester, we ease the restrictions on open a
bit in deference to them.  It helps that our college is somewhat isolated.


On Thu, Jan 16, 2014 at 6:13 PM, Peter P Morrissey ppmor...@syr.edu wrote:

  “Our philosophy is that use of the open network should be so painful an
 experience that they will be highly motivated to configure their devices to
 connect to the encrypted network, which requires a college account for
 authentication.”



 Ah, so you like to torture your guests. J

 Pete M.



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *John Rodkey
 *Sent:* Thursday, January 16, 2014 7:26 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] Guest Network Access Policy



 1) yes, we allow guests in the public, academic, and administrative
 buildings, but not in the dorms.

  a.  It is an open network.

  b.  N/A

 2) see 1).



 Note:  we restrict bandwidth to a bit more than a trickle on the open
 SSID, and we disallow any streaming, video, or audio application.  Our
 philosophy is that use of the open network should be so painful an
 experience that they will be highly motivated to configure their devices to
 connect to the encrypted network, which requires a college account for
 authentication.

 We have a splash page stating this, but we still get people wondering why
 your network is so slow.



 On Thu, Jan 16, 2014 at 1:55 PM, Alexander, David alexa...@ohio.edu
 wrote:

 We have had a policy in place for several years requiring guests to be
 sponsored by an employee in order to use our wireless network.  There are
 two types of sponsorship – short term (5 days) and long term (30 days).  In
 addition, sponsored guests must register their network devices via MAC
 address registration to gain access to the network.



 Our guest wireless implementation has caused some issues with public areas
 like our student center and event spaces which host groups of people who
 require network access, and the identity of the guests isn’t always known
 in advance.



 I wanted to know about guest network access policy at other schools, and
 I’d appreciate your feedback on the following questions:



 1)  Do you allow guests on your wireless network?

 a.   If you allow guests, what steps do they need to take to gain
 access to the network (eg. sponsorship, MAC registration, open network)?

 b.  If you require sponsorship or device registration, can you
 explain the process or give me a pointer to your policy?

 2)  Is your wireless network completely open in any part of your
 campus (eg. Library, student center, event spaces, athletic fields, etc.)?





 Thanks,

 Dave



 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Guest Network Access Policy

[John Rodkey]

1) yes, we allow guests in the public, academic, and administrative
buildings, but not in the dorms.
 a.  It is an open network.
 b.  N/A
2) see 1).

Note:  we restrict bandwidth to a bit more than a trickle on the open SSID,
and we disallow any streaming, video, or audio application.  Our philosophy
is that use of the open network should be so painful an experience that
they will be highly motivated to configure their devices to connect to the
encrypted network, which requires a college account for authentication.
We have a splash page stating this, but we still get people wondering why
your network is so slow.


On Thu, Jan 16, 2014 at 1:55 PM, Alexander, David alexa...@ohio.edu wrote:

 We have had a policy in place for several years requiring guests to be
 sponsored by an employee in order to use our wireless network.  There are
 two types of sponsorship – short term (5 days) and long term (30 days).  In
 addition, sponsored guests must register their network devices via MAC
 address registration to gain access to the network.



 Our guest wireless implementation has caused some issues with public areas
 like our student center and event spaces which host groups of people who
 require network access, and the identity of the guests isn’t always known
 in advance.



 I wanted to know about guest network access policy at other schools, and
 I’d appreciate your feedback on the following questions:



 1)  Do you allow guests on your wireless network?

 a.   If you allow guests, what steps do they need to take to gain
 access to the network (eg. sponsorship, MAC registration, open network)?

 b.  If you require sponsorship or device registration, can you
 explain the process or give me a pointer to your policy?

 2)  Is your wireless network completely open in any part of your
 campus (eg. Library, student center, event spaces, athletic fields, etc.)?





 Thanks,

 Dave


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] off-topic: password change/reset for students

[John Rodkey]

Westmont wrote a web page to allow users to change their credentials. It
mostly works but is a little long on the tooth and could use a facelift.

Misspellings courtesy iPhone.

On May 22, 2013, at 5:08 AM, Ashfield, Matt (NBCC) matt.ashfi...@nbcc.ca
wrote:

Good morning


Sorry for the off-topic post, as this doesn’t have a whole lot to do with
wireless, although it’s an issue that has come up DUE to users trying to
access our wireless network for the first time.

We use XpressConnect for self-service configuration of user devices for our
wireless network. As part of that process, students must authenticate to
our certificate server using their Active Directory (AD) credentials. The
problem we are experiencing is that many of our users never use a domain
computer (they use their personal devices which we do not put on the
domain).

I’m just wondering what other institutions are using to allow for
self-service password change/resets for AD accounts. Ideally we’d have some
sort of webpage that does this. I google’d this and got a few hits for
software that seems to do it (providing multiple options: web, windows
Login add-on, and even mobile app), but was wondering what the most popular
one was. I thought maybe Microsoft FIM had this functionality, but not sure
it provides the portion.

Any info/advice is appreciated.

Thanks



Matt
** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco Just Bought Meraki

[John Rodkey]

As an exclusively Meraki campus, I echo Lee's plea.  It's working.  Don't
fix it, Cisco.  Please.

John

On Tue, Nov 20, 2012 at 8:12 AM, David Wang@U of G daw...@uoguelph.cawrote:

 Lee, I saw your Dear Cisco, Please Don't Screw Up Meraki (
 http://www.networkcomputing.com/wireless/dear-cisco-please-dont-screw-up-meraki/240142341).
 Big Thanks, that's exactly what I hated to see and wanted to say.


 David Wang
 Networking Services | www.uoguelph.ca/ccs | 519-824-4120 x52046



 On Sun, Nov 18, 2012 at 7:30 PM, Lee H Badman lhbad...@syr.edu wrote:

  Is all over the media... As a customer of both companies, I hope the
 Meraki way of life survives the transition.

  Lee Badman


 ** Participation and subscription information for this
 EDUCAUSE Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] FreeRADIUS performance question

[John Rodkey]

 16 19:11:44
 18 04:36:17
 18 04:43:12
 18 05:45:12
 18 06:26:13
 18 07:22:07
 18 08:18:46
 20 01:58:49
 20 03:28:29
 23 03:46:02


On 9/5/12, Walter Reynolds wa...@umich.edu wrote:
 Ok, we all have different usage patters and number of users.  So can we do
 a quick check of what sort of authentications our servers are doing per
 second.  Yes this does not filter out failures and logs and.  But at
 least it is an idea of how we stand to compared to others.

 cat radius.log-[DATE] | tr -s   | cut -d   -f 4 | uniq -c | sort -n |
 tail -10


 I did this for yesterday (first day of classes) and got the following.

  61 13:03:03
  62 13:01:03
  62 13:05:03
  62 14:50:11
  64 11:29:29
  64 12:50:13
  65 12:47:03
  65 12:50:08
  65 15:59:33
  68 13:02:58


 Wondering what others get.  Thanks.


 
 Walter Reynolds
 Principal Systems Security Development Engineer
 Information and Technology Services
 University of Michigan
 (734) 615-9438


 On Wed, Aug 22, 2012 at 7:31 PM, Gogan, James P go...@email.unc.edu
 wrote:

  A question for folks with relatively large 802.1x (greater than 15,000
 unique clients) wi-fi deployment (EAP-TTLS) with a FreeRADIUS
 infrastructure using Kerberos as the backend authentication …..

 ** **

 - how many FreeRADIUS servers do you deploy?, and

 - have you changed any of the default eap.con/radius.conf performance
 parameters/values?

 ** **

 The good news is that we've started the year with a lot more folks
 finally
 using the 802.1x network than the last academic year.

 The bad news is that we're getting long delays in
 connecting/authenticating -- not just a wireless issue as we're also
 getting lots of RADIUS server FAILED traps from our VPN concentrators
 throughout the day since the semester started (using the same RADIUS
 servers as the 1x wireless deployment)

 ** **

 We've also been seeing in the last three days HUGE numbers of:

 Aug 22 19:25:00 calvin radiusd[21691]: Discarding duplicate request from
 client Wireless8021XResNET port 32769 - ID: 76 due to unfinished request
 253745

 Aug 22 19:25:00 calvin radiusd[21691]: Discarding duplicate request from
 client Wireless8021XResNET port 32769 - ID: 140 due to unfinished request
 253705

 Aug 22 19:25:00 calvin radiusd[21691]: Discarding duplicate request from
 client Wireless8021XResNET port 32769 - ID: 85 due to unfinished request
 253758

 and 

 Aug 19 03:30:14 calvin radiusd[3507]: Login incorrect: [anonymous] (from
 client Wireless8021XResNET port 29 cli 68-a8-6d-ae-fc-5d)

 Aug 19 03:31:15 calvin radiusd[3507]: Login incorrect: [anonymous] (from
 client Wireless8021XResNET port 29 cli 28-6a-ba-6a-9d-6e)

 Aug 19 03:31:35 calvin radiusd[3507]: Login incorrect: [anonymous] (from
 client Wireless8021XResNET port 29 cli c8-bc-c8-2e-52-13)

 Aug 19 03:32:13 calvin radiusd[3507]: Login incorrect: [anonymous] (from
 client Wireless8021XResNET port 29 cli 10-40-f3-29-60-2c)

 ** **

 which, from what we can discern from the wonderful world of google, may
 be
 related to a slow database, although our Kerberos folks don't see any
 issues on their end.

 ** **

 Any thoughts? Responses to the two questions above would be
 appreciated … thanks!!

 ** **

 -- Jim Gogan / Univ of North Carolina at Chapel Hill

 ** **
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Inter-Campus Wifi GPS Tracking

[John Rodkey]

Well, at least you found out that the mitigation worked as advertised! :)

On Wed, Feb 1, 2012 at 10:26 AM, Jeff Kell jeff-k...@utc.edu wrote:

  On 2/1/2012 1:11 PM, Peter P Morrissey wrote:

  Sweet!  It seems like one challenge would be the devices would
 constantly be resetting every time the bus stops running if you are powered
 directly off the alternator? Has that caused any issues? On top of that it
 seems like you would be dealing with some environmental extremes that you
 wouldn’t normally have depending upon how it is all housed.


 Our local metro service (CARTA) added WiFi on their buses several years
 ago.  It took several weeks and some co-incidental problem reporting to
 discover that when the buses drove through campus (we're bordered by
 several main city avenues) anyone on the bus using their wireless would be
 dropped.

 We were doing rogue AP detection and mitigation at the time :)

 Jeff
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Very high number of wireless devices returning from break

[John Rodkey]

At Westmont we've seen a significant increase, but not as large as reported
by others on this list.  I'm eyeballing this off a rough graph, but the
median number of devices on a given week per month is as follows.
Oct 2011: 2000
Nov 2011: 2000
Dec 2011: 2200
Jan 2012: 2500
Looks like a 10% Black Friday increase and about 15% Christmas increase.

Most of the devices that are connecting are Mac laptops, iPhones and iPads.
1Mac OS X96034.2%2.03 TB61.0%2Apple iPhone78427.9%142.92 GB4.2%3Windows 7312
11.1%807.57 GB23.7%4Apple iPod1495.3%14.09 GB0.4%5Apple iPad1224.3%54.52 GB
1.6%6Android1164.1%10.36 GB0.3%7Windows Vista1144.1%192.66 GB5.6%8Other66
2.4%467.9 MB0.1%9Windows XP572.0%16.85 GB0.5%10Mac OS X 10.6371.3%47.07 GB
1.4%
On Fri, Jan 27, 2012 at 8:00 AM, Foggi, Nicola nfo...@depaul.edu wrote:

 The thold (Threshold) is a plugin for cacti:

 http://docs.cacti.net/plugin:thold

 it's not in the default install or wasn't last i looked...

 Nicola
 
 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Hector J Rios [
 hr...@lsu.edu]
 Sent: Friday, January 27, 2012 9:12 AM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: Re: [WIRELESS-LAN] Very high number of wireless devices returning
 from break

 Look under Management--Thresholds and there you can set your parameters
 as well as the email addresses that you want to send emails to.

 -H

 -Original Message-
 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Nathan Hay
 Sent: Friday, January 27, 2012 8:51 AM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: Re: [WIRELESS-LAN] Very high number of wireless devices returning
 from break

 Hector,

 How are you doing alerting with Cacti?  I use it, but don't think I've
 ever explored alerting before.

 On another note, I think we saw some growth over black friday, but not
 really over Christmas.  We used to average 1650 simultaneous wireless
 devices during peak times, now it's more like 1750.

 Thanks,

 Nathan

 Nathan P. Hay
 Network Engineer | Information Technology Cedarville University |
 www.cedarville.edu
 937-766-7905
 twitter:  @nathanphay


  Hector J Rios hr...@lsu.edu 1/27/2012 9:41 AM 
 It is interesting to see all these numbers. I've gone back to previous
 semesters and calculated our growth and we have seen an average of 15%
 growth from semester to semester. This semester we are also having to deal
 with DHCP pools (we use /22s) that are nearly exhausted.  Cacti does a
 great job for us to monitor lease consumption as well as alerting when they
 reach a critical level. Below are our numbers, and some previous numbers
 for comparison:

 Date

 802.11a

 802.11b/g

 n5gz

 n2.4ghz

 Clients total

 Spring 2011

 1510

 8144

 434

 373

 1

 Summer 2011

 522

 2733

 93

 63

 4300

 Fall 2011

 1631

 10296

 670

 796

 12400

 Spring 2012

 2121

 11208

 1047

 1828

 15140



 Thanks,

 Hector Rios
 Louisiana State University


 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Wright, Don
 Sent: Thursday, January 26, 2012 10:10 AM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: [WIRELESS-LAN] Very high number of wireless devices returning
 from break

 All,
 It seems an alarmingly high number of wireless devices have returned
 to our campus this week.  After at least of year of steadily increasing
 numbers, we are now seeing a roughly 40% increase since last December.  At
 first I didn't believe what I was seeing and opened a case with the vendor
 to confirm reporting was accurate.  Tied into this, we upgraded by a major
 version earlier this month and I thought this could be related.  Apparently
 not the case, everything we've looked at tells us that the numbers are
 accurate.  I'm still looking a stats, but haven't been able to come up with
 anything yet.
Is anyone else seeing this magnitude of increase in devices over winter
 break ?

 Don Wright
 Brown University
 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent 

Re: [WIRELESS-LAN] MIMO Antennas

[John Rodkey]

An additional concern:  the glass which is used now by LEEDs compliant
buildings seems to be particularly unfriendly to Wifi and Cell phone
signals.  You might want to find out exactly what kind of glass this is and
its emf characteristics.

John

On Thu, Sep 15, 2011 at 7:46 PM, Mike King m...@mpking.com wrote:

 I've done it.  I've had mixed results, both aesthetics and performance
 wise.

 You should find out the composition of the glass, as there are
 many varieties that are extremely difficult for Wireless to penetrate.

 Mike


 On Thu, Sep 15, 2011 at 6:08 PM, Branden Kirk branden.k...@biola.eduwrote:

 Forgive me if this has already been asked.

 1) I am wondering what others are using as their preferred choice for
 external MIMO Patch Antennas and external MIMO Omni Antennas.

 2) I have an outdoor space adjacent a room with a glass wall between them.
 Mounting an antenna outside the building is not desirable. Have many of you
 placed patch antennas above ceiling tile inside a building pointed through a
 glass wall to cover an outdoor space? Any issues I should be concerned
 about?

 Thanks in advance.

 Branden

 --
 Branden Kirk
 Network Administrator, IT Operations
 Biola University
 (562)944-0351 x5032
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wifi Support Staff

[John Rodkey]

I think this varies also with the type of access point deployed.
Westmont's information:
 275 Meraki WAPs
 2000 users
 0.3 staff (more or less)
 Helpdesk has 3 people, probably 0.3 FTE on wireless problems. We anticipate
that being reduced with recent deployment of XpressConnect Cloudpath.

Admittedly, this represents minimal staffing levels.

John

On Mon, Jul 25, 2011 at 10:33 PM, Brian Deem Williams bwilli...@gsu.eduwrote:

  Hi guys,

 ** **

 Just as an inquiry I would like to know what kind of support staff other
 universities have for their Wi-Fi environment.  Is there a formula that you
 use (i.e.  X number of users = Y number of staff, or X number of access
 points = Y number of staff)?  We have grown almost exponentially in the last
 couple of years (From 300 access points to 1000+ access points, 2000+ access
 points total planned within the next 12 months) and I’m curious as to the
 number of staff members dedicated to supporting the wifi (both from an
 engineering standpoint and from a helpdesk point of view) that other
 educational facilities have deemed necessary.  Any input would be greatly
 appreciated!

 ** **

 Thanks,

 ** **

 Brian D Williams

 Network Engineering

 IST – Georgia State University

 bwilli...@gsu.edu

 404.413.4450

 ** **

 “The definition of insanity is doing the same thing over and over again and
 expecting different results” - Einstein

 ** **

 ** **


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] iOS devices on wireless

[John Rodkey]

Like that's going to happen!

Sent from my iPhone

On Jun 24, 2011, at 6:53 PM, Lee H Badman lhbad...@syr.edu wrote:

 Would be nice if Apple updated Bonjour or ditched it and got with the fact 
 that enterprise networks are not built on Airports and single subnets...
 
 
 
 
 From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey Sessler 
 [j...@scrippscollege.edu]
 Sent: Thursday, June 23, 2011 2:53 PM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: Re: [WIRELESS-LAN] iOS devices on wireless
 
 Bruce,
 
 I'm not sure I'm advocating large wireless networks at all... At the minimum, 
 ensuring a given user's devices are all in the same L2 network doesn't change 
 your desire to use smaller /23 subnets, it only requires additional back-end 
 support to ensure those devices are placed together. Probably more work for 
 IT staff, and potentially less efficient IP pool use, but I'd argue it will 
 provide a better customer experience.
 
 Even the desire to group devices within a given residential hall together 
 doesn't mandate a change in the size of your subnets, although I suspect that 
 would depend more on the size of your housing units. Our residential halls 
 are 80-100 beds, so an easy fit within smaller subnets.
 
 Jeff
 
 Osborne, Bruce W bosbo...@liberty.edu 6/23/2011 5:32 AM 
 Jeff,
 
 Large wireless subnets increase airtime consumed by broadcast traffic. That 
 is why we use a VLan pool of /23 subnets.
 
 The clients are distributed automatically based on a hash of the mac address 
  the number of subnets in the pool, so we cannot easily control which subnet 
 a user gets.
 
 Changing the number of subnets in the pool recalculates everybody's subnet 
 too, so we make sure we have plenty of capacity.
 
 
 Bruce Osborne
 Wireless Network Engineer
 IT Network Services
 
 (434) 592-4229
 
 LIBERTY UNIVERSITY
 40 Years of Training Champions for Christ: 1971-2011
 
 
 -Original Message-
 From: Jeffrey Sessler [mailto:j...@scrippscollege.edu]
 Sent: Wednesday, June 22, 2011 4:30 PM
 Subject: Re: iOS devices on wireless
 
 Bruce,
 
 You could, by any number of technical solutions, ensure that students within 
 a given residential space were all on the same L2 network. That is to say, if 
 a given residence hall is made up of 200 students, then it's not technically 
 difficult to ensure all the residential wireless devices within that area are 
 placed in the same VLAN. Or, at a minimum, to ensure that a user's device(s) 
 will always be in the same L2 network so that they can see each other. If one 
 can't do that, then I wouldn't consider the wireless solution to be very 
 flexible, especially given the trend in devices wanting/needing to talk to 
 each other.
 
 On my campus, students spend four years of their life in what we consider a 
 residential setting, and it seems only logical to me that the experience 
 should, to the extent possible, mimic home life. That is, it's reasonable to 
 me to expect a student's wireless devices to see each other, and that they 
 should be able to share/collaborate with the other users within their 
 residential hall.
 
 I know that if I was back in college, I'd expect that level of functionality, 
 and If it wasn't there, I'd probably make it happen using my own gear... 
 exactly what you don't want happening.
 
 Jeff
 
 
 Osborne, Bruce W bosbo...@liberty.edu 6/22/2011 4:55 AM 
 We here at Liberty University have about 8000 students in our residences, the 
 vast majority using wireless.
 
 That would be a *huge* L2 network.
 
 Bruce Osborne
 Wireless Network Engineer
 IT Network Services
 
 (434) 592-4229
 
 LIBERTY UNIVERSITY
 40 Years of Training Champions for Christ: 1971-2011
 
 -Original Message-
 From: Jeffrey Sessler [mailto:j...@scrippscollege.edu]
 Sent: Tuesday, June 21, 2011 3:05 PM
 Subject: Re: iOS devices on wireless
 
 Mike,
 
 I take it you are not able to reference housing data and then place all 
 students/student devices from the same residential hall into the same VLAN?
 
 Jeff
 
 Michael Dickson mdick...@nic.umass.edu 6/21/2011 11:18 AM 
 On Jun 21, 2011, at 2:04 PM, Jeffrey Sessler wrote:
 
 My belief is that a student should be able to have a similar experience when 
 in a residential hall as they would at home. That requires supporting 
 everything under the sun including Bonjour.
 
 Unfortunately our enterprise network is sufficiently different enough that 
 the user cannot have a similar experience as they would at home.
 
 At home all of their devices are segregated in an L2 network. All their 
 neighbors devices are in their own L2 network, etc. They can browse and 
 discover all the devices in their house but not (hopefully) the devices in 
 their neighbors. Here at UMass their L2 domain is huge and includes mostly 
 unknown devices. Plus, thanks to vlan pooling, it is likely that all of their 
 devices are not in 

Re: [WIRELESS-LAN] Policy towards self installed AP's in dorms

[John Rodkey]

1.  Student Wireless Access Points are not allowed on campus
2.  This policy is in the student handbook.
3.  We have had several conversations about problematic WAPs
4.  We intervene when they are problematic.

On Tue, Apr 5, 2011 at 8:34 AM, Johnson, Neil M neil-john...@uiowa.eduwrote:

 These questions are  targeted at larger schools with large dorm populations
 that use EAP authentication (802.1x) on their wireless network.

 1. What is your school's policy in regards to  students installing their
 own access points in the dorms where you have wireless service already
 available?

 2. How do you inform students about your policy?

 3. Do you enforce your policy?

 4. Do you proactively search for access points, or do you intervene only
 when they are impacting your service?


 Thanks.

 Neil Johnson
 The University of Iowa

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] WiFi blockers in classrooms

[John Rodkey]

And the law of unintended consequences strikes again:  Students figure this
out and exchange credentials with those who aren't supposed to be in class
at the time.
End result:  not only do you have student using the network, but you've now
compromised the passwords of any number of students.

On Fri, Nov 19, 2010 at 8:50 AM, Methven, Peter J p.j.meth...@hw.ac.ukwrote:

  Greg, your suggestion makes sense in many ways especially as those
 students should be in the class! If they are not in class their “punishment”
 is no internet on campus... I would have a concern about what happens when a
 class location is moved (room or time), or a student changes
 class/module/course midterm whether this information is fed back correctly
 and in a timely manner. However this would be easy to implement as long as
 the student records systems had accurate information. (Which of course they
 always do ;-) )



 Many Thanks
 Peter



 Mr Peter Methven, Network Specialist

 Information Technology (IT)

 Allen McTernan Building, Edinburgh Campus

 Tel:  0131 451 3516



 For IT support queries or requests, please email ith...@hw.ac.uk or phone
 ext 4045, with full details of your query or request and your contact
 details.



 http://www.hw.ac.uk/it





 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Greg Schaffer
 *Sent:* 19 November 2010 16:35

 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] WiFi blockers in classrooms



 David,
 that's an interesting perspective.  I have had the opposite experience when
 I have taught.  Now, I should say that I am in IT and taught as an adjunct
 one intro networking class to 25-35 students.  At the beginning of the first
 class I told them that I am not going to regulate use of electronic devices
 in class; if they wanted to watch videos all during the class that was their
 decision *so long as it did not interfere with the class or other
 students*.  I also made it clear that they were responsible for all work in
 class and not paying attention in class was not a valid reason for extra
 attention during office hours.  It worked well, but it might have been a
 function of the smaller class size.  Tinkering on a device did not relieve
 you from being called on, and class participation was part of he grade.

 Having said that, I never had anyone complain of another's laptop use
 bothering them; if I had I would have adjusted.  Actually, I only had a few
 using laptops, and often they would use it to research class topics as I was
 talking.

 Bottom line, in my experience (limited), letting students decide worked the
 best.  But I can certainly see the other side.

 Finally, with regards to WiFi blocking, I don't think the simplest solution
 has been offered yet.  If the wireless is accessed via credentials, create
 an LDAP/AD/Radius interface that can disable those accounts during a
 specified class time, or on command from the instructor.  Can it be done?  I
 don't see why not, but I may be missing something(s)...

 Greg

 As a side note, authentication

 On Fri, Nov 19, 2010 at 10:02 AM, David J Molta djmo...@syr.edu wrote:

 As a faculty member who also closely follows developments in the wireless
 industry, I thought I would share my perspective.

 I teach an intro networking course to 120 students per semester. I try to
 edutain whenever possible but it is impossible for me to compete with the
 Internet for the attention of most students. Network guys/gals need to
 understand this. If you think you can command the attention of 120 students
 staring at laptops and smartphones in class, give me a call and I will hire
 you.

 I also know enough about wireless to know that dealing with this problem at
 the physical layer is probably not practical, for many reasons --
 financial,
 technical, and behavioral. If there is any hope for a technical solution, I
 could envision a system that ties together class rosters, authentication,
 and location services. But even with that, you don't have any control over
 commercial wireless services.

 My current policy is no laptops or smartphones in class. I give students a
 10-minute grace period at the start of class for urgent communication. Some
 students complain about this policy but the majority understand why I do
 this and feel it helps them focus on course content. The most valid
 complaint comes from students who take notes in class on their computer.
 I'm
 somewhat sympathetic to that, but if you've ever sat next to someone in a
 meeting who is taking notes on a laptop, you know that the keyboard clatter
 is distracting, sometimes infuriating. I encourage students to take notes
 by
 hand or record the lectures for later transcription, which helps with
 retention of course content.

 In my wireless course, which only has about 25-30 students, I have been
 more
 hesitant to implement a no-tolerance policy, but even there, I think the
 only 

Re: [WIRELESS-LAN] LG070 (MyLGNet) phones on campus wireless network?

[John Rodkey]

We implement this using what Cisco calls 'Policy based routing', described
here:
 http://www.ciscofinancing.com/en/US/docs/ios
255.240.0.0_0/qos/configuration/guide/qcpolicy.html#wp4826http://www.ciscofinancing.com/en/US/docs/ios/12_0/qos/configuration/guide/qcpolicy.html#wp4826
.


In our case, wireless and dorm traffic goes through 6 commercial cable
network modems which are bound together and presented to the campus through
a single IP using a Mushroom Networks Truffle.  All other traffic goes
through our DS3.

John

On Tue, Sep 7, 2010 at 5:52 AM, Lee H Badman lhbad...@syr.edu wrote:

  Russ,



 Can you explain what you mean by routing out a different carrier?



 Thanks-



 Lee






   --

 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Russ Leathe
 *Sent:* Friday, September 03, 2010 2:43 PM

 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] LG070 (MyLGNet) phones on campus wireless
 network?



 We wrote a mac rule that assigns the port to a different VLAN which routes
 out a different carrier.



 To date, we have had 8 of these phones. All but one works. The one that
 doesn’t work is a clone of the myLG series.







 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Lee H Badman
 *Sent:* Friday, September 03, 2010 1:54 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] LG070 (MyLGNet) phones on campus wireless
 network?



 In case anyone is interested. We’re finding that the LG070 VoIP phone that
 we have to work with is trying to get to these destinations, using these
 ports:



 IPs it tries to talk to :

 IP: 203.252.0.211
 Protocol: TIME
 Port: Src - 1025, Dst - 37

 IP: 58.148.106.230
 Protocol: TCP
 Port: Src - 1024, Dst - 80

 IP: 122.35.0.160
 Protocol: TCP
 Port: Src - 55003, Dst - 443

 IP: 112.223.24.78
 Protocol: SIP
 Port: Src - 5060, Dst - 5060

 IP: 112.223.24.149
 Protocol: RTP
 Port: Src - 30002, Dst – 50024



 We do not block any of these IP addresses- trace route gets you to Korea,
 but then the last two show unreachable. We’re checking our edge configs to
 see if we block the non-80/443 protocols.






   --

 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Lee H Badman
 *Sent:* Thursday, September 02, 2010 9:47 AM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] LG070 (MyLGNet) phones on campus wireless
 network?



 Please reference
 http://kb.mit.edu/confluence/pages/viewpage.action?pageId=5898281 where
 MIT did a nice job summarizing how they support the Korean LG070 phones that
 students bring to the dorms. We are attempting to go down this road, but so
 far have only found one student to work with (there are plenty of others, we
 just haven’t  made contact yet) and it’s not going so well yet with our one
 test case.



 We have an open network, high quality signal, and what seems like proper
 phone settings, yet we keep seeing the “leaving service area” message come
 up frequently.



 Given that what little supporting docs we can find so far are all in
 Korean, we’re not getting real far yet in identifying ports and protocols as
 we cant’ get our hands on the one test case phone long enough to do any real
 analysis yet.



 Has anyone else invested any time in trying to support these phones, and
 learned anything about them that can be shared?



 Thanks-



 Lee Badman



 Lee H. Badman

 Wireless/Network Engineer

 Information Technology and Services

 Adjunct Instructor, iSchool

 Syracuse University

 315 443-3003







 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Advertising Wireless Coverage

[John Rodkey]

I think many of us on the list would like a peek into the elves' workshop.
 At least some general outline of the tools and methods used would be
helpful to point us in the right direction.

John

On Wed, Sep 1, 2010 at 7:33 AM, Dave Barr d...@cornell.edu wrote:

  I don’t know how the overlay works,  I saw the map the first with the bus
 stops and parking as selectable items on it and then I just wished for Wi-Fi
 coverage to be indicated and sent a list to our webmaster then it was there;
 elves I think, but I’ll ask...



 All we’re indicating is that the building has some community space covered,
 meeting rooms classrooms that sort of thing.   We have program space about
 50% covered overall where that coverage was and is deployed is based upon
 individual department and college priorities.



  Dave



 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Methven, Peter J
 *Sent:* Wednesday, September 01, 2010 4:06 AM

 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] Advertising Wireless Coverage



 Dave, I’m curious about how you are doing your wireless coverage straight
 into an overlay on google maps. I’ve thought about doing that a few times
 but we have the issue that even in the buildings where we have “full
 coverage” there are black spots left on purpose in areas such as plant rooms
 etc. Do you show a building has coverage if all student accessible areas
 have coverage, or for all student and staff accessible areas (excluding
 plant rooms/comms rooms etc.)?

 Many Thanks
 Peter



 Mr Peter Methven, Network Specialist

 Information Technology (IT)

 Allen McTernan Building, Edinburgh Campus

 Tel:  0131 451 3516



 For IT support queries or requests, please email ith...@hw.ac.uk or phone
 ext 4045, with full details of your query or request and your contact
 details.



 http://www.hw.ac.uk/it





 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Dave Barr
 *Sent:* 31 August 2010 19:44
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* Re: [WIRELESS-LAN] Advertising Wireless Coverage



 Pete,

 Our website developers figured out a way to use Google maps:



 http://www.cornell.edu/maps/interactive.cfm



 Selecting the RedRover checkbox highlights the buildings that have Wi-Fi
 coverage.



 Dave Barr



 ***

 Cornell Information Technologies Web:
 http://www.cit.cornell.edu

 David Barr - Information Technology Specialist  Email:
 d...@cornell.edu

 110 Maple
 Avenue Telephone:
 607 255-4703

 Ithaca, NY
 14850-4902 Fax: 607
 255-8169

 ***





 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Peter P Morrissey
 *Sent:* Tuesday, August 31, 2010 2:08 PM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Advertising Wireless Coverage



 Has anyone come up with ways of advertising information about their
 wireless coverage that students and maybe parents have found to be
 particularly helpful? Right now we just have a list of buildings, most of
 which are at 100%, but some with partial coverage where we include a floor
 plan/map. We are also going to put a symbol indicating the locations we have
 started to upgrade to 11n. Just wondering if there may be some better ways
 to accomplish this.



 Thanks,

 Pete Morrissey

 Syracuse University



 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


  --

 Heriot-Watt University is a Scottish charity registered under charity
 number SC000278.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Meraki?

[John Rodkey]

In our experience this is a fairly good Pro/Con list, however we ended up
purchasing Meraki and uninstalling our Aruba network for a couple reasons:
1) much easier to use is a huge understatement.  No longer are we tied to
the availability of a dedicated network specialist who invests weeks to
understand all the ins and outs of tuning the controller.  This has made our
network much more 'transparent' to us.
2) significantly lower cost for increased coverage.
3) Meraki was responsive to our needs - Aruba was not. (Sorry, all the good
folks at Aruba: perhaps you're more responsive to other customers.  I'm just
reporting our experience.)  Meraki has made significant improvements in
their software - I'm not aware of Aruba's recent improvement level, but the
software was quite static when we had it, and ongoing problems were not
addressed.
4) Reporting is quick, easy, covers the salient points, and can be automated
to be sent by email to whomever is appropriate.  Perhaps this can be done in
Aruba: it never happened in our experience, perhaps because of point 1)
above.

It is true that one loses a certain amount of detailed control and complex
configuration options by going with the hosted controller.  In our
experience, this has rarely been a real loss in terms of functionality.

John

On Wed, Aug 11, 2010 at 12:45 PM, Ethan Sommer somm...@gac.edu wrote:

 We tried out Meraki, and wound up going with Aruba.

 Meraki Pros:
 * MUCH easier to use.
 * Possibly better coverage?
 * The Aruba 105 ceiling mount design is really annoying. With meraki you
 can just hang them on the wall with screws.
 * Their techs (once you convince them you actually have a problem) can go
 into your system and diagnose and fix the problem for you.
 * There is no controller to purchase, so the cost scales linearly with the
 number of APs. (the 65th ap isn't $10k)

 Meraki Cons:
 * We saw about a 40-50% increase in throughput using Aruba close to the
 access points. (I could transfer about 11MBytes/second over 5Ghz N with
 Meraki vs 19MBytes/second with Aruba.)
 * We found it a bit creepy that their techs could do packet captures of our
 network.
 * The user interface is so simple it often hides parameters we'd like to be
 able to tweek (or at least try tweeking.) For example, their sales people
 said it only did 802.11G on the 2.4ghz band, but it actually did 802.11N. We
 wanted to try turning it to 802.11G only and see if what the sales guy said
 about 802.11G and 802.11N interoperating was true, but there isn't a way to
 do that. I suspect that having N turned on was the better setting, but being
 who I am, I wanted to test it.
 * Each AP is more expensive than an Aruba AP-105. Depending on how your
 budgets work, it might actually be easier to have a big up front cost and
 lower incremental costs.
 * The ability to tunnel the traffic back to our server room and deal with
 the VLANs there was a handy Aruba feature. With Meraki, you have to tag the
 VLANs all the way out to the AP.

 Ethan





 On 08/11/2010 11:19 AM, Marcelo Lew wrote:

 I was wondering if somebody on the list is using (or considered) using the
 Meraki System?

 Marcelo Lew
 Wireless Enterprise Administrator
 University Technology Services
 University of Denver
 Desk: (303) 871-6523
 Cell: (303) 669-4217
 Fax:  (303) 871-5900
 Email: m...@du.edu

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.




 --
 Ethan Sommer
 Associate Director of Core Services
 Gustavus Technology Services
 somm...@gustavus.edu
 507-933-7042


 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Meraki?

[John Rodkey]

We're using Meraki at Westmont.

On Wed, Aug 11, 2010 at 9:19 AM, Marcelo Lew m...@du.edu wrote:

 I was wondering if somebody on the list is using (or considered) using the
 Meraki System?

 Marcelo Lew
 Wireless Enterprise Administrator
 University Technology Services
 University of Denver
 Desk: (303) 871-6523
 Cell: (303) 669-4217
 Fax:  (303) 871-5900
 Email: m...@du.edu

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba vs HP vs Meraki

[John Rodkey]

To say nothing of the MR58 !!!  If you can heft it, it would make a pretty
good dent in the AP jousting and bashing competition.

I have also enjoyed the clean and simple management interface Meraki has
developed.

John

On Tue, Apr 13, 2010 at 10:48 AM, Miles Davis mi...@cs.stanford.edu wrote:

 On Apr 13, 2010, at 10:45, Lee H Badman wrote:

  Just a bit more on Miles' comments- I did like that with Meraki, the
 controller layer is somebody else's problem. And that when you lose link to
 the cloud, everything local still pretty much works despite the controller
 being out there in the Great Beyond.
 
  And if you duct-taped a couple of Meraki MR14s together and put them at
 the end of a good chain or leather strap, you'd have a nice whoopin' piece.
 (One MR 14 alone has a fairly good edge you could leverage- may not puncture
 the skin with it but would certainly leave a good welt.)
 

 Ooh, especially with the mounting hardware attached...

 --
 // Miles Davis - mi...@cs.stanford.edu - http://www.cs.stanford.edu/~miles
 // Computer Science Department - Computer Facilities
 // Stanford University

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba vs HP vs Meraki

[John Rodkey]

We moved from Aruba to Meraki within the last year.
We were able to get considerably more saturation of the campus with wireless
using Meraki than would have been possible for the same cost with Aruba.
Administration of the access points was much more intuitive with Meraki than
our experience with Aruba, and the functionality provided by the cloud-based
controller is quite extensive. Deployment is very much plug and play: the
WAPs auto-configure themselves.  We've also used the mesh capability built
into the Meraki products to extend coverage where we have power but no
network connections.
Meraki has been very responsive to us in dealing with the problems we have
encountered.  In retrospect, most of the problems were either Radius
configuration or client computer problems.  The few that weren't
client/config problems were addressed quickly and professionally.

We're happy with the results.

Stats:  we have 270 802.11N APs deployed, 2393 distinct clients.

On Fri, Apr 2, 2010 at 11:21 AM, Ethan Sommer somm...@gac.edu wrote:

 We are considering replacing our 200+ AP wireless infrastructure with a
 controller based 802.11n system.

 I believe we have narrowed it down to Aruba, HP Procurve (we use HP switch
 gear), and Meraki.

 I have two questions:

 1. Are there any hidden costs we should watch out for with any of these
 (particularly Aruba.) Will we hit major costs other than the up front cost
 for the APs and the controllers?

 2. I know a lot of schools are very happily using Aruba, but I haven't
 heard of any schools using HP and very few using Meraki.

 Are there any schools who have gone with Aruba and regretted it? If so,
 why?

 Are there any schools out there using HP Procurve (formerly Colubrius) or
 Merkai? What do you think of them? Did you have any surprises after you
 deployed?


 Ethan

 --
 Ethan Sommer
 Associate Director of Core Services
 507-933-7042
 somm...@gustavus.edu

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] 802.11n Solutions

[John Rodkey]

I'd be happy to talk with anyone about our deployment of Meraki at Westmont.

John Rodkey
Associate director of IT
Westmont College

On Wed, Dec 16, 2009 at 11:49 AM, Lee H Badman lhbad...@syr.edu wrote:

 Pablo-

 For the size of your deployment, it may be worth your time to look at both
 Meraki and AiroHive product lines. They take interesting alternative
 approaches to the thin wireless paradigm.

 -Lee
 
 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [
 wireless-...@listserv.educause.edu] On Behalf Of Pablo J. Rebollo-Sosa [
 pablo.rebo...@upr.edu]
 Sent: Wednesday, December 16, 2009 1:24 PM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU

 Subject: Re: [WIRELESS-LAN] 802.11n Solutions

 He Lee,

 We currently own a wireless system with over a 150 autonomous APs.  Now
 we are working to move the infrastructure to 11n and to have a
 technology to manage the APs in a centralized way.

 Pablo

 Lee H Badman wrote:
  Pablo-
 
  How big is your expected deployment? There are some interesting choices
 depending on required scale.
 
  -Lee
 
  -Original Message-
  From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] On Behalf Of Pablo J. Rebollo-Sosa
  Sent: Wednesday, December 16, 2009 6:55 AM
  To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
  Subject: [WIRELESS-LAN] 802.11n Solutions
 
  Hi,
 
  We are looking for 802.11n solutions.  I would like know more about
  Enterasys and HP solutions experience.
 
  Best regards,
 
  Pablo J. Rebollo
 
  **
  Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.
 
  **
  Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.
 

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Restricting of wireless access in classrooms

[John Rodkey]

Build a Faraday cage around each classroom. [
http://en.wikipedia.org/wiki/Faraday_cage ] Embed wire mesh in all walls,
remove all windows, replace wooden doors with steel.   Your financial people
will look askance on this, and future technologist who are now required by
the faculty to ensure high wireless signal levels in every square centimeter
of campus (especially classrooms) will curse the day you were born, but you
will have provided a solution within the limits you've requested.

Seriously: you can't really talk with faculty about the ubiquity of wireless
signals and the need to have a workable strategy and classroom discipline
technique that allows for proper use of those signals?  This is really the
conversation that needs to be happening.  As the saying goes, you need to
win the hearts and the minds.  Faculty need to win their students' hearts
and minds on this front.  Otherwise, you will have set the stage for a
perpetual guerrilla warfare.

John Rodkey
Associate Director of IT
Westmont College

On Wed, Dec 2, 2009 at 11:02 AM, Urrea, Nick urr...@uchastings.edu wrote:

  I’m compiling research to give to our Faculty Technology Committee.

 My question is has anybody successfully implemented a solution that
 restricts access to wireless internet in classrooms?

 Also if you have tried and were not successful in restricting wireless
 access in classrooms let me know. Why didn’t the solution work.

 No opinions please about how students can just go buy a mobile broadband
 card from a cellular carrier, or installing microwaves in the classrooms, or
 that teaching techniques should improve.





 

 *Nicholas Urrea*

 *Information Technology *

 UC Hastings College of the Law

 urr...@uchastings.edu

 x4718


  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Meraki Networks

[John Rodkey]

We are currently rolling out a campus-wide deployment of Meraki, have about
40 devices in place at the moment, and expect to saturate the campus with
about 260 devices.
Our initial experience shows a substantial increase in performance over our
existing b/g system, but a full report on performance will have to wait
until after our students arrive in September.

We're very happy with the management and reporting interface, and the
company is very responsive to our input .  Feel free to contact me directly
with questions about it.

John

On Wed, Jul 29, 2009 at 10:36 AM, Branden Kirk branden.b.k...@biola.eduwrote:

 Anyone have experience with this company?  I'm especially interested if
 you've actually seen the performance of this service.

 **
 Participation and subscription information for this EDUCAUSE Constituent
 Group discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Student 802.1x

[John Rodkey]

What attribute do you use to transmit the user's group within RADIUS?

On Wed, Jun 24, 2009 at 11:08 AM, Lee H Badman lhbad...@syr.edu wrote:

  Hi Tom,



 We use forwarding of RADIUS accounting data (as users authenticate to
 802.1x) into our NAC system- (using Cisco LWAPP, ACS and Impulse NAC)-works 
 pretty well for single sign-on effect. Especially with the cached
 credentials for the supplicant- the whole thing ends up transparent to the
 user.



 Lee H. Badman

 Wireless/Network Engineer

 Information Technology and Services

 Syracuse University

 315 443-3003
   --

 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Tom Parenti
 *Sent:* Wednesday, June 24, 2009 9:25 AM
 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Student 802.1x



 Hello All,


 We are looking to start doing 802.1x authentication on our student
 wireless. We are an Aruba customer and we use Cisco NAC.



 Today we have an open SSID. The students connect to the SSID, open a web
 browser and are redirected to the Cisco NAC log on page. We would like to
 continue with the single sign on with NAC if possible. I think that would
 mean the students would have to cache their credentials in the supplicant to
 get authenticated to the new 802.1x SSID. Student computers are not part of
 our domain.



 Has anyone had any experience setting up 802.1x with NAC?



 Thanks,

 Tom

 **

 *Tom Parenti*

 Network Administrator

 Johnson  Wales University

 8 Abbott Park Place

 Providence, RI  02903

 (401) 598-1557




  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Student 802.1x

[John Rodkey]

By the way, this is good information, and I'll tuck that away as well, since
we will need this.

John

On Wed, Jun 24, 2009 at 1:50 PM, Mike King m...@mpking.com wrote:

 Tom, Nobody has said it yet (which I'm surprised)
 You might want to look into http://www.cloudpath.net/  which is program
 you can distribute that will auto configure the 802.1x settings on client
 machines.  Many universitys and colleges publish an Open SSID that lands on
 a captive portal that just displays this program.  The program will then
 autoconfigure they're supplicant to authenticated to the network.



 On Wed, Jun 24, 2009 at 2:11 PM, John Rodkey rod...@westmont.edu wrote:

 What attribute do you use to transmit the user's group within RADIUS?


 On Wed, Jun 24, 2009 at 11:08 AM, Lee H Badman lhbad...@syr.edu wrote:

  Hi Tom,



 We use forwarding of RADIUS accounting data (as users authenticate to
 802.1x) into our NAC system- (using Cisco LWAPP, ACS and Impulse NAC)-works 
 pretty well for single sign-on effect. Especially with the cached
 credentials for the supplicant- the whole thing ends up transparent to the
 user.



 Lee H. Badman

 Wireless/Network Engineer

 Information Technology and Services

 Syracuse University

 315 443-3003
   --

 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Tom Parenti
 *Sent:* Wednesday, June 24, 2009 9:25 AM

 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Student 802.1x



 Hello All,


 We are looking to start doing 802.1x authentication on our student
 wireless. We are an Aruba customer and we use Cisco NAC.



 Today we have an open SSID. The students connect to the SSID, open a web
 browser and are redirected to the Cisco NAC log on page. We would like to
 continue with the single sign on with NAC if possible. I think that would
 mean the students would have to cache their credentials in the supplicant to
 get authenticated to the new 802.1x SSID. Student computers are not part of
 our domain.



 Has anyone had any experience setting up 802.1x with NAC?



 Thanks,

 Tom

 **

 *Tom Parenti*

 Network Administrator

 Johnson  Wales University

 8 Abbott Park Place

 Providence, RI  02903

 (401) 598-1557




  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Student 802.1x

[John Rodkey]

OK, Well, I'm not really asking about 802.1x configuration.  I'm wondering
about the radius backend and the RADIUS attributes which contain, for
instance, 'faculty' for a faculty member.
When I read the RADIUS rfc, it didn't pop out to me which of the attributes
was used to transmit this information to the NAC device or Wireless
controller that is doing authentication and authorization.

It's actually the information for authorization that I'm interested in.
Authentication via RADIUS for 802.1x is working fine.

John

On Wed, Jun 24, 2009 at 1:50 PM, Mike King m...@mpking.com wrote:

 Tom, Nobody has said it yet (which I'm surprised)
 You might want to look into http://www.cloudpath.net/  which is program
 you can distribute that will auto configure the 802.1x settings on client
 machines.  Many universitys and colleges publish an Open SSID that lands on
 a captive portal that just displays this program.  The program will then
 autoconfigure they're supplicant to authenticated to the network.



 On Wed, Jun 24, 2009 at 2:11 PM, John Rodkey rod...@westmont.edu wrote:

 What attribute do you use to transmit the user's group within RADIUS?


 On Wed, Jun 24, 2009 at 11:08 AM, Lee H Badman lhbad...@syr.edu wrote:

  Hi Tom,



 We use forwarding of RADIUS accounting data (as users authenticate to
 802.1x) into our NAC system- (using Cisco LWAPP, ACS and Impulse NAC)-works 
 pretty well for single sign-on effect. Especially with the cached
 credentials for the supplicant- the whole thing ends up transparent to the
 user.



 Lee H. Badman

 Wireless/Network Engineer

 Information Technology and Services

 Syracuse University

 315 443-3003
   --

 *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
 wireless-...@listserv.educause.edu] *On Behalf Of *Tom Parenti
 *Sent:* Wednesday, June 24, 2009 9:25 AM

 *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 *Subject:* [WIRELESS-LAN] Student 802.1x



 Hello All,


 We are looking to start doing 802.1x authentication on our student
 wireless. We are an Aruba customer and we use Cisco NAC.



 Today we have an open SSID. The students connect to the SSID, open a web
 browser and are redirected to the Cisco NAC log on page. We would like to
 continue with the single sign on with NAC if possible. I think that would
 mean the students would have to cache their credentials in the supplicant to
 get authenticated to the new 802.1x SSID. Student computers are not part of
 our domain.



 Has anyone had any experience setting up 802.1x with NAC?



 Thanks,

 Tom

 **

 *Tom Parenti*

 Network Administrator

 Johnson  Wales University

 8 Abbott Park Place

 Providence, RI  02903

 (401) 598-1557




  ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.


 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Student 802.1x

[John Rodkey]

OK, Well, I'm not really asking about 802.1x configuration.  I'm wondering
about the radius backend and the RADIUS attributes which contain, for
instance, 'faculty' for a faculty member.
When I read the RADIUS rfc, it didn't pop out to me which of the attributes
was used to transmit this information to the NAC device or Wireless
controller that is doing authentication and authorization.

It's actually the information for authorization that I'm interested in.
Authentication via RADIUS for 802.1x is working fine.

John

On Wed, Jun 24, 2009 at 1:50 PM, Mike King m...@mpking.com wrote:

 Tom, Nobody has said it yet (which I'm surprised)
 You might want to look into http://www.cloudpath.net/  which is program
 you can distribute that
 On Wed, Jun 24, 2009 at 2:11 PM, John Rodkey rod...@westmont.edu wrote:

 What attribute do you use to transmit the user's group within RADIUS?




**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] 802.11n thoughts?

[John Rodkey]

We just had preliminary discussions with Aruba about this.
Although it's true that we have very little or no need to support 11n
through our infrastructure,
the existence of rogues is a substantial concern.  Since 11n uses
different frequencies than 11[abg]
it can't be detected directly by an 11[abg] sensor.  You are left with
four choices, as far as I can tell:
1) ignore 11n and maybe it will not be a problem until you can fund and
roll out 11n yourself
2) try to detect 11n indirectly (making the assumption that 11n devices
are 11[abg] compatible as well, and that they can be blocked by
appealing to their 11[abg] side
3) deploy 11[abgn] monitors on your system, and use them to triangulate
and locate the rogues.
4) deploy 11n wholesale.

Options 3 and 4 are not even possibilities at this point, AFAIK, because
the monitors/WAPs won't become available until about 3Q2007 . 
Option 4 is very expensive, not just for the cost of the waps, but
because the 11n WAPs will exceed the POE available power by a
significant margin, so alternate power must be provided.  In addition,
since the capacity of 11n is likely to exceed 100Mb/s by a wide margin,
this means we must add 1G connections to the WAPs, and
in turn, we will most likely need to upgrade from 1G to 10G between
buildings.

Our general approach is to start out with option 2 and move to 3 as it
appears feasible about a year from now.
option 4 would require a significant infrastructure replacement, which
isn't in the cards for several years, minimum, on our campus.

John Rodkey
Associate director of I.T.
Westmont

Simon Kissler wrote:
 Lee,

 I don't know if it's an issue of not thinking about it. I for one keep
 my eye on it, but until a standard is ratified and we get some gear
 with that standard on campus to do some real assessment in our
 environment, I keep on coming back to the point that it's largely
 academic at the moment. We won't deploy or use any pre-n gear as it
 too often happens that things change in the late hours of anything new
 and making any investment just to throw it out seems a pretty big
 waste (or even worse contending with gear that sort of works, if
 wiggled and massaged the right way). So in short, we're thinking about
 it and keeping an eye on the ratification process as well as our
 preferred vendor's reactions, roadmaps, and predictions, but that is
 about as far as we'll go with it. That said we have the luxury that
 some of our infrastructure that likely would not be able to support it
 is being looked at separately under different cover and will hopefully
 be addressed by the time this becomes a topic to really wrestle with.

 Cheers,

 -Simon

 Lee Badman wrote:
 Looking forward, wondering how (and if) members of this group are
 contemplating the impact of 802.11n on your WLANs? I would wager many of
 us have rogue pre-standard 802.11n hardware on campus now. Also, I have
 heard some vendors poo-poo .11n as a non-starter for the enterprise, and
 others promising support as soon as it is a ratified standard. Then
 there's worries if even a fast ethernet cable is robust enough for the
 promised throughputs of 802.11n... a lot to the discussion, obviously,
 and since it's still in draft it's easy to not think about. But those
 who are pondering, I'd be curious to hear thoughts and opinions.

 Regards-

 Lee Badman

 **
 Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.
   

 **
 Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Siemens Wireless

[John Rodkey]

We are being given a quote by Siemens for installation of wireless
to compete with quotes by Xirrus, Meru and Cisco.  However, I haven't
heard of Siemens in connection with wireless, and I am curious what
experience others have had with Siemens wireless.

John Rodkey
Associate Director of I.T.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.