Great topic.  I am trying to sort out whether we should use PEAP or mac 
authentication as well.

As for the devices, how do you limit the users to four devices?  Do you allow 
all of the devices on the internal network or a separate SSID for devices and 
computers?

Thanks,
Bob Williamson
Network Administrator
Annie Wright School
827 North Tacoma Avenue
Tacoma, WA 98403-9987
(253) 272-2216

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:[email protected]] On Behalf Of Fleming, Tony
Sent: Monday, November 07, 2011 2:20 PM
To: [email protected]
Subject: [WIRELESS-LAN] WPA2-Enterprise - account lockouts and password changes

Crew,
We have had several complaints from our students about wireless trouble. We 
believe we have a couple issues going on:
                Account lockouts - Our students are allowed to register four 
devices on WiFi and the majority of our students using all of their 
registrations ( laptops/ipads/smartphones...) What we see are a lot of password 
failures resulting in account lockouts. If one of their four devices has a bad 
username and password combination stored in the WiFi profile, it just compounds 
the problem and creates a lot of confusion for our students. Sadly, these 
devices do not return a failure cause to the user and is interpreted as a bad 
signal or bad network.
                OSX and WPA2 - It is our observation that OSX has a continual 
history of WPA2 bugs.

My questions to the group:
How do you guys handle Account lockouts?
Do your students interpret these issues as WiFi trouble?
If so, how are you changing that perception?
Have any of you abandoned 802.1x (PEAP) because of this issue?
                Do you see the same trouble with OSX and WPA2?
********** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Reply via email to