Using Private IP addresses for wireless users.

2008-05-29 Thread Johnson, Neil M
We will be out of address space for one of our wireless nets (currently a /21) in the fall. We do not have a larger block available, and attempts to obtain additional address space by fall are not looking promising, so there is a distinct possibility that will have to move our wireless users

RE: [WIRELESS-LAN] Using Private IP addresses for wireless users.

2008-05-29 Thread Johnson, Neil M
(c.f. ipv6). -Kevin Johnson, Neil M wrote: We will be out of address space for one of our wireless nets (currently a /21) in the fall. We do not have a larger block available, and attempts to obtain additional address space by fall are not looking promising, so there is a distinct

RE: [WIRELESS-LAN] Using Private IP addresses for wireless users.

2008-05-29 Thread Johnson, Neil M
Information Technology and Services Syracuse University 315 443-3003 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Neil M Sent: Thursday, May 29, 2008 9:56 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject

RE: Using Private IP addresses for wireless users.

2008-05-29 Thread Johnson, Neil M
] From: The EDUCAUSE Wireless Issues Constituent Group Listserv [EMAIL PROTECTED] On Behalf Of Johnson, Neil M [EMAIL PROTECTED] Sent: Thursday, May 29, 2008 9:55 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Using Private IP addresses for wireless

RE: [WIRELESS-LAN] Using Private IP addresses for wireless users.

2008-05-29 Thread Johnson, Neil M
We use VLSM and we are constantly shift subnets around to accommodate increasing numbers of devices even on the wired side. -Neil -- Neil Johnson Network Engineer The University of Iowa W: 319 384-0938 M: 319 540-2081 http://www.uiowa.edu -Original Message- From: The EDUCAUSE Wireless

RE: [WIRELESS-LAN] NAT in large scale wireless networks

2008-07-01 Thread Johnson, Neil M
What supervisor were you running in the 6500's ? -Neil -- Neil Johnson Network Engineer The University of Iowa W: 319 384-0938 M: 319 540-2081 http://www.uiowa.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of

RE: Cisco WLAN 4400 Controllers and 802.1x

2008-07-25 Thread Johnson, Neil M
We have three remaining Cisco 4400 controllers and have been doing 802.1x using PEAP v0 and MS-CHAP-V2 for a couple of years. We finally killed off our Dynamic WEP SSID this summer. We don't have full wireless coverage in our dorms (common areas only) so the X-Box, Playstation, etc. has not

Tracking Wireless Users on Private Address Space

2008-10-10 Thread Johnson, Neil M
We are seriously looking into moving our wireless nets to private address space in order to save IPv4 addresses. I'm looking for other institutions that have done this to find out how they tracked NAT information in order to indentify wireless users for security and troubleshooting.

RE: Channel Selection on APs

2008-10-16 Thread Johnson, Neil M
We have both Meru and Cisco AP's. For Meru we put each controller on either channel 1 or 11, because it seems most SOHO routers choose channel 6. In high density locations (auditoriums) we will put AP's on different channels to increase density. For the Cisco AP's we enable Radio Resource

RE: Enforcing and Ensuring Machine Auth 802.1x

2009-05-15 Thread Johnson, Neil M
We have similar issues in our library, and haven't found a solution yet. We are a Meru shop. Users attempting to log on to laptops that are members of the domain get Unable to find a logon server errors when the wireless net in the library is being heavily utilized. We are using a Vista

RE: [WIRELESS-LAN] WLAN Deployment-High number of users

2009-05-22 Thread Johnson, Neil M
Meru is not consistent about what RADIUS attributes they send when using different authentication methods. This burned us when we tried to restrict users to particular controller and SSID. It worked okay for 1X authentication, but when using Web authentication the called-station-id attribute

Generating 3rd party CSR for NPS

2009-06-26 Thread Johnson, Neil M
Can someone detail the steps to generate a 3rd party CSR and import the resulting cert for NPS on Windows Server 2008 ? I tried the steps at https://blogs.technet.com/rrasblog/archive/2008/01/03/getting-certificate-from-third-party-authorities.aspx but it appears that I have an error that my

Looking for T-SQL Code for SQL logging of NPS Accounting Information

2009-07-14 Thread Johnson, Neil M
Does anyone have some sample T-SQL code that they could share for logging Windows Server 2008 NPS accounting data to a SQL Server database ? I have the example from Microsoft at http://msdn.microsoft.com/en-us/library/bb960723(VS.85).aspx , but I'm looking for something that is a little more

NPS and Outer Identities

2009-09-08 Thread Johnson, Neil M
Is anyone using Microsoft NPS as their RADIUS server ? Do you have make sure the outer and inner identities match in order for authentications to be successful ? Thanks. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile:

RE: [WIRELESS-LAN] wireless DHCP lease time

2009-09-30 Thread Johnson, Neil M
We are running a 10 minute lease on our 2 /21's with no issues that I know of. Generates a lot of logs though. I wouldn't want to go much shorter. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile: 319 540-2081 Fax: 319

NAT Appliance Recommendations

2009-10-21 Thread Johnson, Neil M
For those of you who have moved your wireless clients to private IP address space, what are you using to do NAT ? We are a Meru shop and Meru doesn't do NAT native on their controllers. Thanks. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa

RE: [WIRELESS-LAN] PhiHong

2009-11-11 Thread Johnson, Neil M
We tested several different vendors and settled on Powerdsine. The biggest issue we ran into was the robustness of the on-board management software. We had several instances where other vendors would crash, requiring the box to be restarted. The Powerdsine boxes were the most robust, but not

RE: [WIRELESS-LAN] Anyone use CloudPath ?

2009-11-23 Thread Johnson, Neil M
We have been using Xpress connect since this summer and it has greatly reduced the number of Wireless Setup support calls to our help desk. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile: 319 540-2081 Fax: 319 355-2618

RE: [WIRELESS-LAN] Experiences with Meru

2010-03-10 Thread Johnson, Neil M
We are currently expanding our wireless network and by fall semester we will have around 2100 AP's. We have both AP 208's and AP 300's. We have been very happy with the single channel architecture, but have had the same driver issues mentioned by others. Again most issues are easily resolved

Wireless for Exams

2010-08-18 Thread Johnson, Neil M
We are getting inquiries concerning the use of the wireless network for computer based exams in large lecture halls. Although we provide coverage in most of our lecture halls, our current policy states that given the unlicensed nature of 802.11 spectrum we can't guarantee network availability

RADIUS Accounting Interval

2010-09-07 Thread Johnson, Neil M
What do you use for RADIUS accounting interval ? We have ours set to 10 minutes in order to match our DHCP lease time and it's put quite a load on our RADIUS server infrastructure. Thanks. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319

RE: [WIRELESS-LAN] Macbooks with odd Airport MAC addresses

2010-09-27 Thread Johnson, Neil M
Jaime, I saw the exact same thing in our DHCP logs, including the hostname (android_977…) . Curious. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile: 319 540-2081 Fax: 319 355-2618 E-mail: neil-john...@uiowa.edu From:

RE: [WIRELESS-LAN] Apple and wireless connectivity issues?

2010-10-07 Thread Johnson, Neil M
We also see lots of problems with Macs being unable to obtain DHCP addresses properly eventually ending up with a self-assigned IP address. Attempts to engage Apple have not been helpful. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319

RE: [WIRELESS-LAN] Versign New Root CERT

2010-11-01 Thread Johnson, Neil M
We are also moving to Comodo via Incommon which is going to be interesting. Hopefully we can leverage our Cloudpath installation to rollout the changes. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa 319 384-0938 neil-john...@uiowa.edu From:

RE: [WIRELESS-LAN] Versign New Root CERT

2010-11-09 Thread Johnson, Neil M
-...@listserv.educause.edu] On Behalf Of Johnson, Neil M Sent: Monday, November 01, 2010 12:27 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Versign New Root CERT We are also moving to Comodo via Incommon which is going to be interesting. Hopefully we can leverage our Cloudpath

RE: [WIRELESS-LAN] Coachcomm system...

2010-11-17 Thread Johnson, Neil M
We had a similar issue with a wireless scoreboard system for the swimming pool in our new Recreation and Wellness center. It took out the whole 2.4 GHz band. Fortunately the pathways were in place so they could switch it to a wired setup. -Neil -- Neil Johnson Network Engineer Information

RE: [WIRELESS-LAN] 802.1x SIP Phone

2011-02-11 Thread Johnson, Neil M
My Cisco 7921 phone does... -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa 319 384-0938 neil-john...@uiowa.edu -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv

RE: [WIRELESS-LAN] WiFi on campus buses

2011-03-21 Thread Johnson, Neil M
We partnered with all our local municipal transportation services to implement NextBus (http://nextbus.com) route information technology. NextBus uses GPS and 3G backhaul to provide location and arrival time information that is accessible by the web, SMS, and voice. On our campus buses

RE: [WIRELESS-LAN] PEAP/MSCHAPv2 using Juniper SBR + AD

2011-03-22 Thread Johnson, Neil M
We are. With a little RADIATOR thrown in the middle to assign users to VLANS dynamically. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa 319 384-0938 neil-john...@uiowa.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv

Policy towards self installed AP's in dorms

2011-04-05 Thread Johnson, Neil M
These questions are targeted at larger schools with large dorm populations that use EAP authentication (802.1x) on their wireless network. 1. What is your school's policy in regards to students installing their own access points in the dorms where you have wireless service already

Re: [WIRELESS-LAN] MERU wireless

2011-04-13 Thread Johnson, Neil M
We have ~2300 APs on campus and are satisfied with the system. There's some functionality (VLAN pooling, Native IPv6 support) that we would like to see in the product. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile:

RE: [WIRELESS-LAN] MERU wireless

2011-04-13 Thread Johnson, Neil M
the case? Frank -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M Sent: Wednesday, April 13, 2011 10:07 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] MERU

RE: [WIRELESS-LAN] MERU wireless

2011-04-19 Thread Johnson, Neil M
Meru: - What version of code are you running Just upgraded to 4.0-150. So far it seems fine. It resolved the administration interface lock ups we were seeing. - What style of AP's do you use We have mix of 208's and 311's. - Do you use different style access points within the same air

Re: [WIRELESS-LAN] Wireless design

2011-06-13 Thread Johnson, Neil M
We use several separate subnets for wireless clients and use some RADIUS custom hooks (We use a combination of RADIATOR and SBR) to dynamically assign clients to the subnets. Our AP's themselves our addressed using RFC1918 space on a separate VLAN routed out each routing hub. -Neil -- Neil

Re: [WIRELESS-LAN] iOS devices on wireless

2011-06-24 Thread Johnson, Neil M
Even on on our wired side we have multiple L2 networks in the same dorm building. Our dorms are substantially bigger (800+ residents). When you only have two /16's for the entire campus and a desire not to do NAT, you have to make compromises. In addition, most of our dorms are right next to

Separate SSID for 5GHz band

2011-07-07 Thread Johnson, Neil M
Has anyone here considered creating a separate SSID for the 5GHz band? The ideas is to encourage users to exclusively use 5 GHZ over 2.4. We've implemented band-steering, but it was suggested this would insure that users use 5GHz and not fall back to 2.4. Thanks. -Neil -- Neil Johnson

Re: [WIRELESS-LAN] Separate SSID for 5GHz band

2011-07-08 Thread Johnson, Neil M
Infrastructure Manager Utica College On 7/7/2011 11:16 AM, Karl Reuss wrote: On 7/7/2011 10:29 AM, Johnson, Neil M wrote: Has anyone here considered creating a separate SSID for the 5GHz band? The ideas is to encourage users to exclusively use 5 GHZ over 2.4. We've implemented band

Re: Interference in dorms.

2011-07-21 Thread Johnson, Neil M
verified this, but the source is reliable... -Rick On 7/21/2011 12:58 PM, Johnson, Neil M wrote: We are struggling with the same issues. We are finding that X-boxes and PS3s generate lots of interference (they use a proprietary 2.4 protocol between the joysticks and console). This summer we've

Re: [WIRELESS-LAN] 1200 Series AP's on a newer 2960s Cisco switch using POE

2011-08-16 Thread Johnson, Neil M
That's why we only buy the 12-port Power Dsine, the 24 port ones are over subscribed. We are using Meru AP311's on ours. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu From: Hanset,

Re: [WIRELESS-LAN] NAT Logging Storage Requirements

2011-11-04 Thread Johnson, Neil M
environment. On Wed, Nov 2, 2011 at 11:32 AM, Johnson, Neil M neil-john...@uiowa.edu wrote: We are looking at having to move our wireless net's to private address space and NAT/PAT ing traffic from the wireless nets to the Internet. What are you using to store your NAT logs (Systems, Disk

Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.

2011-12-16 Thread Johnson, Neil M
If we are going to do this, implementing static wide area bonjour entries seems the way to go. Thanks for the references, but the one thing I can't find is the format for the SRV and TXT records for an Apple TV. If anyone has those I'd be grateful for them, I have an Apple TV device in my hands

Re: [WIRELESS-LAN] Blocking Chatty protocols

2012-03-13 Thread Johnson, Neil M
We don't filter it yet, but Princeton has some pretty good pages with good justifications for blocking (or getting users to disable these protocols). For example: http://www.net.princeton.edu/filters/ssdp.html The following link lays out the other protocols they filter.

Re: [WIRELESS-LAN] SSID connection order on Mac Devices

2012-03-27 Thread Johnson, Neil M
Pete, Yes, we have seen the same behavior. Users of Apple devices will frequently get put back on our open setup network SSID (UI-Wireless-Setup) because it comes alphabetically before our production WPA2 Enterprise Network SSID (UI-Wireless-WPA2). The only solution we have come up is the

PacketFence

2012-04-12 Thread Johnson, Neil M
I would be interested in talking to anyone about their experiences using packetfence (http://www.packetfence.org) to register guest users on their wireless network. Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081

Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.

2012-07-05 Thread Johnson, Neil M
Or maybe a well known blogger could write an article about it…. :-) -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu From: Lee H Badman lhbad...@syr.edumailto:lhbad...@syr.edu Reply-To: The

Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.

2012-07-05 Thread Johnson, Neil M
@LISTSERV.EDUCAUSE.EDU] on behalf of Johnson, Neil M [neil-john...@uiowa.edu] Sent: Thursday, July 05, 2012 1:23 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors. Or maybe a well known blogger could write an article

Apple Petition (Was Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.)

2012-07-05 Thread Johnson, Neil M
I'm a little fuzzy on the specifics things to request from Apple, but here is a first pass): Whereas, we the undersigned academic and research institutions are receiving numerous requests from our faculty, staff, and students for the ability to utilize Airplay technology in classrooms,

Re: [WIRELESS-LAN] Apple Petition (Was Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.)

2012-07-06 Thread Johnson, Neil M
Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Johnson, Neil M [neil-john...@uiowa.edumailto:neil-john...@uiowa.edu] Sent: Thursday, July 05, 2012 3:37 PM To: WIRELESS-LAN

Re: [WIRELESS-LAN] Apple Petition (Was Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.)

2012-07-06 Thread Johnson, Neil M
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Johnson, Neil M [neil-john...@uiowa.edumailto:neil-john...@uiowa.edu] Sent: Thursday, July 05, 2012 3:37 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject

Re: [WIRELESS-LAN] Apple TV/Wide Area Bonjour question

2012-07-06 Thread Johnson, Neil M
06:12 PM, Oscar Ricardo Silva wrote: Subject: Re: You knew it was coming...Airplay/Apple TV support for instructors. From: Johnson, Neil M neil-john...@uiowa.edu Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Mon, 19 Dec 2011 18:34

Re: [WIRELESS-LAN] Apple Petition

2012-07-09 Thread Johnson, Neil M
How does this sound for an update (The latest is posted on the Facebook site): We the undersigned academic and research institutions hereby solemnly request that Apple provide support for Bonjour/Airplay technology in enterprise networks. With an Apple client device penetration of 50% or

Re: [WIRELESS-LAN] Apple Petition

2012-07-09 Thread Johnson, Neil M
]On Behalf Of Johnson, Neil M Sent: Monday, July 09, 2012 10:16 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Apple Petition How does this sound for an update (The latest is posted on the Facebook site): We the undersigned academic

Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.

2012-07-10 Thread Johnson, Neil M
From an administrator's perspective: I unpack the Apple TV, connect it to the wired network and projector, configure it to register with a central directory, give it a name, enable authentication to the enterprise AAA service, and be done. From a end-user's standpoint I'd like to see the

Re: [WIRELESS-LAN] Apple Petition

2012-07-10 Thread Johnson, Neil M
We looked into DNS-SD, but with entries like this (example taken from an earlier e-mail from Oscar Silva at the Univ. or Texas , and confirmed by our own testing): _airplay._tcp PTR utnet-appletv._airplay._tcp utnet-appletv._airplay._tcp SRV 0 0 7000

Re: [WIRELESS-LAN] Apple Petition

2012-07-10 Thread Johnson, Neil M
This is where I have been keeping the latest draft. https://www.facebook.com/groups/enterpriseairplay/files/ -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu From: Jesse Rink

Re: [WIRELESS-LAN] Apple Petition

2012-07-10 Thread Johnson, Neil M
/modifying the needed records. Sent from my iPad On Jul 10, 2012, at 7:11 PM, Johnson, Neil M neil-john...@uiowa.edumailto:neil-john...@uiowa.edu wrote: We looked into DNS-SD, but with entries like this (example taken from an earlier e-mail from Oscar Silva at the Univ. or Texas , and confirmed

Re: [WIRELESS-LAN] Apple Petition

2012-07-11 Thread Johnson, Neil M
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M [neil-john...@uiowa.edu] Sent: Tuesday, July 10, 2012 8:41 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: Apple Petition My concern

Re: [WIRELESS-LAN] Apple Petition- Mid-Week Sanity Check

2012-07-11 Thread Johnson, Neil M
It's just my opinion, but while asking Apple to implement OKC sounds like worthwhile idea, I'd like to keep the focus on Bonjour and Airplay for this petition. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail:

Re: [WIRELESS-LAN] Apple Petition- Mid-Week Sanity Check

2012-07-12 Thread Johnson, Neil M
Jesse, We are looking at several options for providing a way to officially sign the petition. The Facebook group was one suggestion, but since not everyone is on (or wants to be on) Facebook, we'll look at something else. Stay tuned. Thanks. -Neil On Jul 11, 2012, at 6:33 PM, Jesse Rink

Our Apple Request Tracking ID

2012-08-02 Thread Johnson, Neil M
Our authorized Apple support person opened a feature request/trouble ticket for me. The ID is as follows: [386504] AirPlay/Apple TV Enhancement Request Basically we submitted a truncated version of the petition. Feel free to quote this ID in your requests to Apple support. -Neil -- Neil

FW: [386504]Pending: Feature Requested - ER: AirPlay/Apple TV Enhancement Request

2012-08-06 Thread Johnson, Neil M
Well, Here is the response I received from Apple. I did receive a voice-mail from our TAM who said he was going to follow-up via e-mail, but I haven't heard anything yet. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081

Re: [WIRELESS-LAN] Wireless AP Tripods

2012-08-10 Thread Johnson, Neil M
We've had good luck with Wonder Poles http://www.wonderpole.com/telescopingpole.html. The only down side is the bases. When filled with sand can be quite heavy, but less likely to tip over. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951

Re: [WIRELESS-LAN] DHCP losing its mindŠ.

2012-08-27 Thread Johnson, Neil M
We did last fall (ISC DHCP on Dell Servers running RedHat Enterprise Linux). Although the CPU load was fine, we were having disk I/O issues resulting in the server not responding to requests. - Quick Fix was to bring up DHCP on additional boxes and spread the scopes out. - Long term fix consisted

Re: [WIRELESS-LAN] FreeRADIUS performance question

2012-09-05 Thread Johnson, Neil M
We run RADIATOR and just had to add additional servers to handle the load. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu From: Craig Simons craigsim...@sfu.camailto:craigsim...@sfu.ca

Windows 7 Wireless Single Sign-On and UPN (eduroam) issue.

2012-09-10 Thread Johnson, Neil M
We are currently seeing the following issue. 1. User's laptop is configured to use SSO to connect to the wireless network BEFORE user logon 2. User logs in using a UPN (example: u...@uiowa.edu and connects just fine. 3. The User's wireless connection is interrupted (laptop goes to sleep, they

University of Iowa Network Architect Position

2012-09-20 Thread Johnson, Neil M
The University of Iowa has a position open for a Network Architect to support the campus wireless network (and assist with the wired network also). More information on the position can be found at: https://jobs.uiowa.edu/jobSearch/pandsDetailDisplay.php?requisitionNumber=61574fromComm=Y If

FW: [mdnsext] BoF today, minuter taker and Jabber relay needed

2012-11-06 Thread Johnson, Neil M
For those interested in the Apple Bonjour/Airplay issues, Sorry for the short notice, but if you are interested in participating in the development of mdnsext (Extensions to Bonjour protocols). Information is below. Live audio is available and hopefully there will be jabber (XMPP) chat

Re: [WIRELESS-LAN] eduroam question(s)

2012-11-13 Thread Johnson, Neil M
James, That's a cool graph. What tool(s) did you use to create it? Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu On 11/13/12 5:26 AM, James JJ Hooper

Apple TV's (Again).

2012-12-05 Thread Johnson, Neil M
I've been following the traffic over on the mdnsext mailing list and there hasn't been any significant traffic since 11-15-2012. While I'm all for going through the standards process to establish a long-term permanent fix for Bonjour/AirPlay in Enterprise environments, it will be probably

Re: [WIRELESS-LAN] Apple TV's (Again).

2012-12-11 Thread Johnson, Neil M
Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M Sent: Wednesday, December 05, 2012 3:29 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Apple TV's (Again). I've been following the traffic over

FW: [mdnsext] draft-lynn-mdnsext-requirements-01.txt - Bonjour Airplay Issues

2013-01-25 Thread Johnson, Neil M
FYI Posted yesterday If you have comments or suggestions please post them to the mdnsext mailing list. Thanks. -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu On 1/24/13 11:41 PM, Stuart

FW: [mdnsext] draft-cheshire-mdnsext-hybrid-00

2013-01-28 Thread Johnson, Neil M
Stuart Cheshire's submission for a longterm solution to mDNS (Bonjour) issues. Please review and submit your comments via the mdnsext mailing list: https://www.ietf.org/mailman/listinfo/mdnsext Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319

FW: [mdnsext] draft-cheshire-mdnsext-hybrid-01

2013-01-28 Thread Johnson, Neil M
Stuart submitted a update to his draft already... -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu On 1/27/13 12:46 AM, Stuart Cheshire chesh...@apple.com wrote: In private discussions

RE: [WIRELESS-LAN] About the eduroam configuration on Freeradius

2013-02-15 Thread Johnson, Neil M
We have been using eduroam as our primary SSID since the fall. We could put non @uiowa.edu users in a separate VLAN that appears outside our border, but the acutual number of non iowa users on campus is so small that it wasn't deemed worth the effort to setup and maintain. Implementing

Re: [WIRELESS-LAN] About the eduroam configuration on Freeradius

2013-02-18 Thread Johnson, Neil M
tristan.gul...@monash.edumailto:tristan.gul...@monash.edu Wireless Network Engineer M: +61 403224484 eSolutions divisionP: +61 3 9902 9092 Building 205 Monash University 3800 Australia On 16/02/2013, at 8:55 AM, Johnson, Neil M neil-john...@uiowa.edumailto:neil-john...@uiowa.edu

eduroam and machine authentication

2013-04-02 Thread Johnson, Neil M
We are getting requests to do windows machine authentication on our eduroam SSID (just for local machines). Is there anyone else out there doing this ? Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail:

Re: [WIRELESS-LAN] Radiator versus Freeradius

2013-04-19 Thread Johnson, Neil M
We have found RADIATOR to be very flexible and configurable. We are using it to implement our own version of vlan pooling since Meru doesn't have that feature. One caution, we run RADIATOR on windows servers (because we do AD authentication) and there is the potential for you to have

Re: [WIRELESS-LAN] Student devices

2013-05-03 Thread Johnson, Neil M
What we will have: UI-Wireless-Setup – Captive portal that redirects to Cloudpath XpressConnect setup scripts. eduroam – We are using this as our main WP2-Enterprise connection for everyone, and we don't differentiate between students and staff. attwifi (Coming soon) - For parents, guests, and

Re: [WIRELESS-LAN] Wow vision veos: Will products using Miracast be an alternative?

2013-05-28 Thread Johnson, Neil M
We had a departmental IT person who insisted on trying SIX simultaneous Miracast connected TV's in the same classroom. According to our spectrum analyzer, Two Miracast devices chew-up 80% - 90% of the available duty-cycle (they do this whether the display is static (Power Point Slide) or active

Re: [WIRELESS-LAN] eduroam best practices?

2013-05-29 Thread Johnson, Neil M
I plan to follow the guidelines in the UK documents also. Some Service Providers (SP) are also not sending the Calling-Station-Id attribute to the Identity Provider (IdP) for privacy reasons. However, the eduroam agreement signed by eduroam-us requires participants to send this data so that the

Re: [WIRELESS-LAN] 7Signal- anyone?

2013-06-03 Thread Johnson, Neil M
Lee, (Off the record). We purchased five eyes as a pilot. The product shows a lot of promise, but we have had the following issues: 1. Access to raw data is limited which results in the following: a. We found that their Radio Attach Success Rate measurement doesn't breakout into detail

Re: [WIRELESS-LAN] 7Signal- anyone?

2013-06-03 Thread Johnson, Neil M
Whoops :-( -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu From: Johnson, Neil Johnson neil-john...@uiowa.edumailto:neil-john...@uiowa.edu Reply-To: The EDUCAUSE Wireless Issues Constituent

Re: [WIRELESS-LAN] RF interference from 802.11

2013-06-05 Thread Johnson, Neil M
We faced the same situation in a building with multiple tenants. Researchers with labs didn't want wireless because they were concerned that it would interfere with their equipment (They didn't want to spend the money to shield the equipment) while people in the office spaces wanted it. The

Network Engineer Position at the University of Iowa

2013-08-05 Thread Johnson, Neil M
Information Technology Services (ITS) at the University of Iowa has an opening for a Network Engineer on the Network Services Team within Enterprise Infrastructure. The position is part of a team responsible for the design, architecture, performance and maintenance of the entire campus data

Prepare for the crush (again).

2013-10-22 Thread Johnson, Neil M
OS X (Mavericks) will be available ~2:00 CST today for free …. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: +1 319 384-0938tel:+13193840938 Fax: +1 319 335-2951tel:+13193352951 E-Mail: neil-john...@uiowa.edumailto:neil-john...@uiowa.edu Lync:

Re: [WIRELESS-LAN] Force Windows to send UPN

2013-11-15 Thread Johnson, Neil M
Here is what we ended up doing. Quoted from our Enterprise Client Team e-mail….. We have had some reported issues with the Eduroam single sign on GPO. The GPO, called _PUBLIC-Eduroam Wireless Config, allows laptops to connect to Eduroam before logon as long as the UPN is used as the username –

Re: [WIRELESS-LAN] Force Windows to send UPN

2013-11-19 Thread Johnson, Neil M
...@brandeis.edumailto:cappa...@brandeis.edu On Nov 15, 2013 10:42 AM, Johnson, Neil M neil-john...@uiowa.edumailto:neil-john...@uiowa.edu wrote: Here is what we ended up doing. Quoted from our Enterprise Client Team e-mail….. We have had some reported issues with the Eduroam single sign on GPO

Re: [WIRELESS-LAN] loadbalacing WPA2 802.1X traffic between controller and radius servers

2013-11-26 Thread Johnson, Neil M
We are running RADIATOR on Windows Boxes (long story). The boxes are configured with 6 child processes and 1 parent process. The parent process uses AuthBy EAPBALANCE to distribute the EAP authentications across the child processes. Using EAPBALANCE insures that each EAP conversation makes it

Re: [WIRELESS-LAN] loadbalacing WPA2 802.1X traffic between controller and radius servers

2013-11-27 Thread Johnson, Neil M
.html and let me know if you have any thoughts. Jethro. On Tue, 26 Nov 2013, Johnson, Neil M wrote: We are running RADIATOR on Windows Boxes (long story). The boxes are configured with 6 child processes and 1 parent process. The parent process uses AuthBy EAPBALANCE to distribute

Cisco LWAP disable DNS resolver

2014-01-17 Thread Johnson, Neil M
We are testing a few Cisco LWAP's and our security office dinged us in a scan because they are acting as open DNS resolvers. I can't find a way to turn that feature off. Any ideas ? -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: +1 319 384-0938tel:+13193840938 Fax: +1

Re: [WIRELESS-LAN] Cisco LWAP disable DNS resolver

2014-01-23 Thread Johnson, Neil M
Follow up. Cisco has it down as a bug to be fixed in future release and recommends that we put an ACL in place to filter incoming DNS requests. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: +1 319 384-0938tel:+13193840938 Fax: +1 319 335-2951tel:+13193352951 E-Mail:

RE: [WIRELESS-LAN] requests for open, unauthenticated, no portal WiFi

2014-05-21 Thread Johnson, Neil M
We get requests every 3-4 months to create an open SSID for on-campus Board of Regents Meetings. Our solution was to contract with ATT WiFi to provide guest access across campus. We advertise the attwifi SSID on our wireless infrastructure, hand off layer two traffic to an appliance provided

RE: [WIRELESS-LAN] guest wireless

2014-09-12 Thread Johnson, Neil M
We contracted with ATT to handle guests and visitors. We advertise their SSID (attwifi) on our wireless infrastructure and then hand the traffic off to them via boxes called Network Management Devices (NMD) that they provide. They tunnel the traffic to their cloud via our Internet connection.

RE: [WIRELESS-LAN] guest wireless

2014-09-16 Thread Johnson, Neil M
- You’re saying ATT charges you for this? Do you charge them back for the Wi-Fi offload? -Lee From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M Sent: Friday, September 12, 2014 11:13 AM To: WIRELESS-LAN

iOS 8 drops tomorrow

2014-09-16 Thread Johnson, Neil M
We’ve add some additional bandwidth to the links between our wireless nets and campus in anticipation of heavy traffic tomorrow. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail: neil-john...@uiowa.edu ** Participation and

Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the dorms- quick Survey

2015-09-04 Thread Johnson, Neil M
ucture & Media Solutions > > (434) 592-4229 > > LIBERTY UNIVERSITY > Training Champions for Christ since 1971 > > -Original Message- > From: Johnson, Neil M [mailto:neil-john...@uiowa.edu] > Sent: Thursday, September 3, 2015 12:08 PM > Subject: Re: Supporti

Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the dorms- quick Survey

2015-09-03 Thread Johnson, Neil M
We are investigating a device net at UofI so, I would be interested in hearing from anyone who has implemented a Device Net with Clearpass. Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail: neil-john...@uiowa.edu > On Sep 3,

Re: [WIRELESS-LAN] It's that time of year...

2015-12-03 Thread Johnson, Neil M
Some days I’d prefer to be working with wave lengths measured in meters rather than centimeters ;-) -Neil, N0SFH -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail: neil-john...@uiowa.edu > On Dec 3, 2015, at 6:43 AM, Jorj Bauer

Re: [WIRELESS-LAN] Nyansa Voyance - thoughts?

2016-05-26 Thread Johnson, Neil M
For those of you who are Aruba shops, Do you see this as a replacement for Airwave? I didn’t see anything like Visual RF. I looked at the demo, and while intriguing, at $30 per AP I’d have a hard time justifying the cost. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone:

Re: [WIRELESS-LAN] eduroam ssid

2016-06-20 Thread Johnson, Neil M
eduroam should work with just about any authentication method that uses EAP (PEAP,TLS,TTLS) etc. So if your are say moving to TLS (Client certificates) it should still just work. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail:

  1   2   >