Problem with Clients not getting an ip address on the 2.4ghz radio of a dual setup 1252; any ideas?

[Urrea, Nick]

We installed Cisco 1252 APs in our classrooms over the summer.

The Cisco 1252 are running in autonomous mode and are fitted with dual
radios (2.4ghz, 5ghz).

What we have been seeing is that after a given time an 1252 AP will not
give clients on the 2.4ghz radio ip addresses. The clients on the 5ghz
radio don't have a problem. The AP will continue to associate and
authenticate users on both radios but users on the 2.4ghz radio looses
the ability to reach the network. A reboot fixes the problem for maybe a
day or two.  This is an output of the association table on an AP that is
having a problem.

We are running version 12.4(10b)JA1 of the firmware:

Any ideas?

 

802.11 Client Stations on Dot11Radio1: 

 

SSID [SecureHastings] : 

 

MAC AddressIP address  DeviceNameParent
State 

001c.b3b8.a1f7 192.168.34.219  unknown   -   self
EAP-Assoc

001c.b3b9.c835 192.168.32.234  ccx-client-   self
EAP-Assoc

001f.5bbe.823e 192.168.33.198  unknown   -   self
EAP-Assoc

0023.1205.4488 192.168.33.79   unknown   -   self
EAP-Assoc

0023.1255.1f17 192.168.35.152  unknown   -   self
EAP-Assoc

 

SSID [hastings] : 

 

MAC AddressIP address  DeviceNameParent
State 

001f.5bbc.d58c 192.168.14.189  unknown   -   self
Assoc

001f.5bbc.e60d 192.168.10.139  unknown   -   self
Assoc

0022.6890.b7f1 192.168.9.218   unknown   -   self
Assoc

0022.6980.5d0c 192.168.15.159  unknown   -   self
Assoc

0023.1201.4ed6 192.168.14.140  unknown   -   self
Assoc

0023.6c84.6aeb 192.168.13.211  unknown   -   self
Assoc

 

 

802.11 Client Stations on Dot11Radio0: 

 

SSID [SecureHastings] : 

 

MAC AddressIP address  DeviceNameParent
State 

0021.006a.d366 0.0.0.0 unknown   -   self
EAP-Assoc

 

SSID [hastings] : 

 

MAC AddressIP address  DeviceNameParent
State 

0013.e87d.2425 0.0.0.0 ccx-client198-3rd-RmK self
Assoc

001a.73bd.1ba9 169.254.126.12  unknown   -   self
Assoc

001c.bf6b.b904 169.254.202.5   ccx-client198-3rd-RmK self
Assoc

0023.4d64.56b6 0.0.0.0 ccx-clientCherylL self
Assoc

0025.5621.88db 0.0.0.0 ccx-clientBCARR   self
Assoc

 



Nicholas Urrea

Information Technology 

UC Hastings College of the Law

urr...@uchastings.edu

x4718

 


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Guest Portal - revisited

[Watters, John]

Try:  http://www.packetfence.org/en/home.html

It took me a little searching, but this seems to be it.


-jcw

-
John Watters    UA: OIT  205-348-3992


-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Lee H Badman
Sent: Tuesday, September 29, 2009 1:31 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Portal - revisited

Thanks... got a link? I can find nothing at first pass.

Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Guillaume Germain
Sent: Tuesday, September 29, 2009 1:13 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Portal - revisited

I know you said you where not looking into more open solutions, but
Pack Fense is a great open source solution which would do exactly what
you're looking for and much more, and it's free...

They do offer support thought if you're looking for a painless and
carefree solution

GG

On Tue, Sep 29, 2009 at 12:38 PM, Lee H Badman  wrote:
> Thanks, David- are you using the NAC gateway for other functions as well? And 
> what version of code are you on for wireless? Last question- does the web 
> auth cause any issues for your controllers (I know has been an issue on some 
> versions and in some configurations)?
>
>
> -Lee
>
> Lee H. Badman
> Wireless/Network Engineer
> Information Technology and Services
> Syracuse University
> 315 443-3003
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [mailto:wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
> Sent: Tuesday, September 29, 2009 12:13 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
>
> We're deployed Cisco NAC Guest Server to provide sponsored guest access.
>  That, in combination with the built-in webauth functionality in the
> Cisco WLC (if you're a Cisco shop), should be able to provide much of
> what you need.  We're doing very similar things here.
>
> Dave
>
> Lee H Badman wrote:
>> We have a wireless guest portal (homegrown) that has been satisfactory,
>> but we want to move into another solution for several reasons that I
>> won't bore you with.
>>
>>
>>
>> I'm familiar with Bluesocket (actively talking with them) and know that
>> Colubris used to compete with them in the gateway space. HP now owns
>> Colubris, and a request for more info went unanswered. So- wondering if
>> anyone knows of a commercial solution that competes with Bluesocket.
>>
>>
>>
>> We're looking for this sort of functionality:
>>
>>
>>
>> Single guest SSID- all functions come from easy-to-use portal. Single IP
>> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
>> users. Possible failover pair setup.
>>
>>
>>
>>    1. SU NetID Holders
>>          1. Ideally, OS could be identified. If Windows or Mac, users
>>             forwarded on to a page that tells them to (and how) to use
>>             the secure network
>>          2. Non-Windows/MAC NetID Holders get on with generous
>>             throughput and minimal restrictions (compared to other
>>             guest-path users)
>>
>>
>>
>>    2. Sponsored Guests- Sponsored by SU NetID Holder
>>          1. Everyone in our AD with a regular account (staff, faculty,
>>             students) can sponsor a guest- gateway verifies sponsor is
>>             in AD
>>          2. Guest logins limited to some period of time yet to be defined
>>          3. Guest credentials may get sent (SMS text) to guest cell
>>             phone number or forwarded directly by sponsor
>>          4. Different set of protocols - must allow VPN
>>          5. Easy batch creation of accounts for the likes of conferences
>>
>>
>>
>>    3. Self-sponsored Guests- provision their own
>>          1. Accounts will be limited to 4 hours (or something), then
>>             can't be reactivated for say 12 hours (or some other
>>             time-related constraint)
>>          2. Requires valid cell phone number, as that is where gateway
>>             will text the credentials
>>          3. More tightly limited in bandwidth and throughput
>>          4. Limited number of accounts per month.
>>
>>
>>
>> Not looking to build our own any more- off the shelf is desired in this
>> case. Welcome to any input on solutions beyond Bluesocket.
>>
>>
>>
>> Please don't consider this a hit against Bluesocket- we have not
>> discounted them, just looking for what else is out there that I am not
>> aware of.
>>
>>
>>
>> And please- no off-topic sales calls.
>>
>>
>>
>> Thanks-
>>
>>
>>
>> Lee
>>
>>
>>
>>
>>
>> **Lee H. Badman**
>>
>> Wireless/Network Engineer
>>
>> Information Technology and Services
>>
>> S

Re: [WIRELESS-LAN] Guest Portal - revisited

[LaPorte, David]

Nope, we're using it solely for sponsored guest access.  I believe the
lobby ambassador function in the WLC may also be able to do sponsored
guest, but it didn't meet our needs.  We tested it a while back and,
with the proper attributes returned from your RADIUS server, you can
assign the lobby ambassador ("sponsor") role to every user.

We had some issues a while back (I think in the 4.2.x days) with the
webauth function not displaying.  We're running 6.0.182.0 now and
haven't had any issues with webauth.

PacketFence may be able to provide what you need (I was one of the
original developers), but I don't believe it will do sponsored guest
access.  I haven't worked on the project in a while, so there may have
been a feature add to provide that.

Dave

Lee H Badman wrote:
> Thanks, David- are you using the NAC gateway for other functions as well? And 
> what version of code are you on for wireless? Last question- does the web 
> auth cause any issues for your controllers (I know has been an issue on some 
> versions and in some configurations)?
> 
> 
> -Lee
> 
> Lee H. Badman
> Wireless/Network Engineer
> Information Technology and Services
> Syracuse University
> 315 443-3003
> 
> -Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [mailto:wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
> Sent: Tuesday, September 29, 2009 12:13 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
> 
> We're deployed Cisco NAC Guest Server to provide sponsored guest access.
>   That, in combination with the built-in webauth functionality in the
> Cisco WLC (if you're a Cisco shop), should be able to provide much of
> what you need.  We're doing very similar things here.
> 
> Dave
> 
> Lee H Badman wrote:
>> We have a wireless guest portal (homegrown) that has been satisfactory,
>> but we want to move into another solution for several reasons that I
>> won't bore you with.
>>
>>  
>>
>> I'm familiar with Bluesocket (actively talking with them) and know that
>> Colubris used to compete with them in the gateway space. HP now owns
>> Colubris, and a request for more info went unanswered. So- wondering if
>> anyone knows of a commercial solution that competes with Bluesocket.
>>
>>  
>>
>> We're looking for this sort of functionality:
>>
>>  
>>
>> Single guest SSID- all functions come from easy-to-use portal. Single IP
>> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
>> users. Possible failover pair setup.
>>
>>  
>>
>>1. SU NetID Holders
>>  1. Ideally, OS could be identified. If Windows or Mac, users
>> forwarded on to a page that tells them to (and how) to use
>> the secure network
>>  2. Non-Windows/MAC NetID Holders get on with generous
>> throughput and minimal restrictions (compared to other
>> guest-path users)
>>
>>  
>>
>>2. Sponsored Guests- Sponsored by SU NetID Holder
>>  1. Everyone in our AD with a regular account (staff, faculty,
>> students) can sponsor a guest- gateway verifies sponsor is
>> in AD
>>  2. Guest logins limited to some period of time yet to be defined
>>  3. Guest credentials may get sent (SMS text) to guest cell
>> phone number or forwarded directly by sponsor
>>  4. Different set of protocols - must allow VPN
>>  5. Easy batch creation of accounts for the likes of conferences
>>
>>  
>>
>>3. Self-sponsored Guests- provision their own
>>  1. Accounts will be limited to 4 hours (or something), then
>> can't be reactivated for say 12 hours (or some other
>> time-related constraint)
>>  2. Requires valid cell phone number, as that is where gateway
>> will text the credentials
>>  3. More tightly limited in bandwidth and throughput
>>  4. Limited number of accounts per month.
>>
>>  
>>
>> Not looking to build our own any more- off the shelf is desired in this
>> case. Welcome to any input on solutions beyond Bluesocket.
>>
>>  
>>
>> Please don't consider this a hit against Bluesocket- we have not
>> discounted them, just looking for what else is out there that I am not
>> aware of.
>>
>>  
>>
>> And please- no off-topic sales calls.
>>
>>  
>>
>> Thanks-
>>
>>  
>>
>> Lee
>>
>>  
>>
>>  
>>
>> **Lee H. Badman**
>>
>> Wireless/Network Engineer
>>
>> Information Technology and Services
>>
>> Syracuse University
>>
>> 315 443-3003
>>
>>  
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
> 
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Grou

Re: [WIRELESS-LAN] Guest Portal - revisited

[Mike King]

PacketFence

On Tue, Sep 29, 2009 at 2:30 PM, Lee H Badman  wrote:

> Thanks... got a link? I can find nothing at first pass.
>
> Lee H. Badman
> Wireless/Network Engineer
> Information Technology and Services
> Syracuse University
> 315 443-3003
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> wireless-...@listserv.educause.edu] On Behalf Of Guillaume Germain
> Sent: Tuesday, September 29, 2009 1:13 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
>
> I know you said you where not looking into more open solutions, but
> Pack Fense is a great open source solution which would do exactly what
> you're looking for and much more, and it's free...
>
> They do offer support thought if you're looking for a painless and
> carefree solution
>
> GG
>
> On Tue, Sep 29, 2009 at 12:38 PM, Lee H Badman  wrote:
> > Thanks, David- are you using the NAC gateway for other functions as well?
> And what version of code are you on for wireless? Last question- does the
> web auth cause any issues for your controllers (I know has been an issue on
> some versions and in some configurations)?
> >
> >
> > -Lee
> >
> > Lee H. Badman
> > Wireless/Network Engineer
> > Information Technology and Services
> > Syracuse University
> > 315 443-3003
> >
> > -Original Message-
> > From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
> > Sent: Tuesday, September 29, 2009 12:13 PM
> > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
> >
> > We're deployed Cisco NAC Guest Server to provide sponsored guest access.
> >  That, in combination with the built-in webauth functionality in the
> > Cisco WLC (if you're a Cisco shop), should be able to provide much of
> > what you need.  We're doing very similar things here.
> >
> > Dave
> >
> > Lee H Badman wrote:
> >> We have a wireless guest portal (homegrown) that has been satisfactory,
> >> but we want to move into another solution for several reasons that I
> >> won't bore you with.
> >>
> >>
> >>
> >> I'm familiar with Bluesocket (actively talking with them) and know that
> >> Colubris used to compete with them in the gateway space. HP now owns
> >> Colubris, and a request for more info went unanswered. So- wondering if
> >> anyone knows of a commercial solution that competes with Bluesocket.
> >>
> >>
> >>
> >> We're looking for this sort of functionality:
> >>
> >>
> >>
> >> Single guest SSID- all functions come from easy-to-use portal. Single IP
> >> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
> >> users. Possible failover pair setup.
> >>
> >>
> >>
> >>1. SU NetID Holders
> >>  1. Ideally, OS could be identified. If Windows or Mac, users
> >> forwarded on to a page that tells them to (and how) to use
> >> the secure network
> >>  2. Non-Windows/MAC NetID Holders get on with generous
> >> throughput and minimal restrictions (compared to other
> >> guest-path users)
> >>
> >>
> >>
> >>2. Sponsored Guests- Sponsored by SU NetID Holder
> >>  1. Everyone in our AD with a regular account (staff, faculty,
> >> students) can sponsor a guest- gateway verifies sponsor is
> >> in AD
> >>  2. Guest logins limited to some period of time yet to be
> defined
> >>  3. Guest credentials may get sent (SMS text) to guest cell
> >> phone number or forwarded directly by sponsor
> >>  4. Different set of protocols - must allow VPN
> >>  5. Easy batch creation of accounts for the likes of conferences
> >>
> >>
> >>
> >>3. Self-sponsored Guests- provision their own
> >>  1. Accounts will be limited to 4 hours (or something), then
> >> can't be reactivated for say 12 hours (or some other
> >> time-related constraint)
> >>  2. Requires valid cell phone number, as that is where gateway
> >> will text the credentials
> >>  3. More tightly limited in bandwidth and throughput
> >>  4. Limited number of accounts per month.
> >>
> >>
> >>
> >> Not looking to build our own any more- off the shelf is desired in this
> >> case. Welcome to any input on solutions beyond Bluesocket.
> >>
> >>
> >>
> >> Please don't consider this a hit against Bluesocket- we have not
> >> discounted them, just looking for what else is out there that I am not
> >> aware of.
> >>
> >>
> >>
> >> And please- no off-topic sales calls.
> >>
> >>
> >>
> >> Thanks-
> >>
> >>
> >>
> >> Lee
> >>
> >>
> >>
> >>
> >>
> >> **Lee H. Badman**
> >>
> >> Wireless/Network Engineer
> >>
> >> Information Technology and Services
> >>
> >> Syracuse University
> >>
> >> 315 443-3003
> >>
> >>
> >>
> >> ** Participation and subscription information for this EDUCAUSE
> >> Constitu

Re: [WIRELESS-LAN] School WiVoip deployments

[Daniel Eklund]

We have about 16 ASCOM WiVoIP phones running right now for staff only.  The 
initial deployment was kind of challenging, but now that everything has been 
tweaked and some code issues resolved, we're happy.  I use mine every day as my 
primary phone and it will work all across our network.  Our wireless 
infrastructure is Meru 320s

--
Daniel Eklund
Director, Networking
Wayne State University
313-577-5558


- "Brian J David"  wrote:

> We where wondering what other schools are doing for WiVoip?
> Is it deployed everywhere or just in certain areas?
> Do you find the students using it?
> How reliable is it?
> Are there any got ya's?
> Thanks in advanced
> Brian
> 
> **
> Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Guest Portal - revisited

[Lee H Badman]

Thanks... got a link? I can find nothing at first pass.

Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Guillaume Germain
Sent: Tuesday, September 29, 2009 1:13 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Portal - revisited

I know you said you where not looking into more open solutions, but
Pack Fense is a great open source solution which would do exactly what
you're looking for and much more, and it's free...

They do offer support thought if you're looking for a painless and
carefree solution

GG

On Tue, Sep 29, 2009 at 12:38 PM, Lee H Badman  wrote:
> Thanks, David- are you using the NAC gateway for other functions as well? And 
> what version of code are you on for wireless? Last question- does the web 
> auth cause any issues for your controllers (I know has been an issue on some 
> versions and in some configurations)?
>
>
> -Lee
>
> Lee H. Badman
> Wireless/Network Engineer
> Information Technology and Services
> Syracuse University
> 315 443-3003
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [mailto:wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
> Sent: Tuesday, September 29, 2009 12:13 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
>
> We're deployed Cisco NAC Guest Server to provide sponsored guest access.
>  That, in combination with the built-in webauth functionality in the
> Cisco WLC (if you're a Cisco shop), should be able to provide much of
> what you need.  We're doing very similar things here.
>
> Dave
>
> Lee H Badman wrote:
>> We have a wireless guest portal (homegrown) that has been satisfactory,
>> but we want to move into another solution for several reasons that I
>> won't bore you with.
>>
>>
>>
>> I'm familiar with Bluesocket (actively talking with them) and know that
>> Colubris used to compete with them in the gateway space. HP now owns
>> Colubris, and a request for more info went unanswered. So- wondering if
>> anyone knows of a commercial solution that competes with Bluesocket.
>>
>>
>>
>> We're looking for this sort of functionality:
>>
>>
>>
>> Single guest SSID- all functions come from easy-to-use portal. Single IP
>> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
>> users. Possible failover pair setup.
>>
>>
>>
>>    1. SU NetID Holders
>>          1. Ideally, OS could be identified. If Windows or Mac, users
>>             forwarded on to a page that tells them to (and how) to use
>>             the secure network
>>          2. Non-Windows/MAC NetID Holders get on with generous
>>             throughput and minimal restrictions (compared to other
>>             guest-path users)
>>
>>
>>
>>    2. Sponsored Guests- Sponsored by SU NetID Holder
>>          1. Everyone in our AD with a regular account (staff, faculty,
>>             students) can sponsor a guest- gateway verifies sponsor is
>>             in AD
>>          2. Guest logins limited to some period of time yet to be defined
>>          3. Guest credentials may get sent (SMS text) to guest cell
>>             phone number or forwarded directly by sponsor
>>          4. Different set of protocols - must allow VPN
>>          5. Easy batch creation of accounts for the likes of conferences
>>
>>
>>
>>    3. Self-sponsored Guests- provision their own
>>          1. Accounts will be limited to 4 hours (or something), then
>>             can't be reactivated for say 12 hours (or some other
>>             time-related constraint)
>>          2. Requires valid cell phone number, as that is where gateway
>>             will text the credentials
>>          3. More tightly limited in bandwidth and throughput
>>          4. Limited number of accounts per month.
>>
>>
>>
>> Not looking to build our own any more- off the shelf is desired in this
>> case. Welcome to any input on solutions beyond Bluesocket.
>>
>>
>>
>> Please don't consider this a hit against Bluesocket- we have not
>> discounted them, just looking for what else is out there that I am not
>> aware of.
>>
>>
>>
>> And please- no off-topic sales calls.
>>
>>
>>
>> Thanks-
>>
>>
>>
>> Lee
>>
>>
>>
>>
>>
>> **Lee H. Badman**
>>
>> Wireless/Network Engineer
>>
>> Information Technology and Services
>>
>> Syracuse University
>>
>> 315 443-3003
>>
>>
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discuss

Re: [WIRELESS-LAN] BW capping

[Green, William C]

What:  We do bandwidth accounting based on tiers of service our users purchase 
(4GB, 20GB, 40GB, 60GB per week -- http://resnet.utexas.edu).  Its a home grown 
netflow based system.  Once a users exceeds their allocation, they are rate 
limited to modem speeds off campus for the remainder of the week (Cisco 6500 
uBRL).

Why:  Our Housing organization is an auxiliary business unit contracting for 
this service, so the Resnet must be self supporting which is why we charge.  
Given wireless expansion, equipment refresh and staffing, current charges allow 
for these bandwidth allocations based on present consumption patterns (we 
revisit yearly).  Without any limits, history has taught us 5% of the users 
will dominate all available bandwidth to the detriment of the 95%.  The 
approach fits with our university's core values (freedom of discovery and 
individual responsibility).  We also view ourselves as an ISP when serving 
Housing and don't wish to be involved in what adults do with their network (as 
I wouldn't expect an ISP at my home to tell me what I should do).

Non-dorm:  Non-dorm wireless users on campus receive a base allocation 
(500MB/week for students).  They may purchase tiers of service or one time 
bandwidth to supplement that.


Universities have different values and cultures.

1) What do people use who do bandwith cap?
2) Do you Bandwith Cap? Why or Why Not?

--
William C. Green  e-mail:  
gr...@austin.utexas.edu
Director, Networking  phone:   +1 512-475-9295
ITS (Information Technology Services) fax: +1 512-471-2449
University of Texas
1 University Station Stop C3800
Austin, TX  78712


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Guest Portal - revisited

[Guillaume Germain]

I know you said you where not looking into more open solutions, but
Pack Fense is a great open source solution which would do exactly what
you're looking for and much more, and it's free...

They do offer support thought if you're looking for a painless and
carefree solution

GG

On Tue, Sep 29, 2009 at 12:38 PM, Lee H Badman  wrote:
> Thanks, David- are you using the NAC gateway for other functions as well? And 
> what version of code are you on for wireless? Last question- does the web 
> auth cause any issues for your controllers (I know has been an issue on some 
> versions and in some configurations)?
>
>
> -Lee
>
> Lee H. Badman
> Wireless/Network Engineer
> Information Technology and Services
> Syracuse University
> 315 443-3003
>
> -Original Message-
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [mailto:wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
> Sent: Tuesday, September 29, 2009 12:13 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Guest Portal - revisited
>
> We're deployed Cisco NAC Guest Server to provide sponsored guest access.
>  That, in combination with the built-in webauth functionality in the
> Cisco WLC (if you're a Cisco shop), should be able to provide much of
> what you need.  We're doing very similar things here.
>
> Dave
>
> Lee H Badman wrote:
>> We have a wireless guest portal (homegrown) that has been satisfactory,
>> but we want to move into another solution for several reasons that I
>> won't bore you with.
>>
>>
>>
>> I'm familiar with Bluesocket (actively talking with them) and know that
>> Colubris used to compete with them in the gateway space. HP now owns
>> Colubris, and a request for more info went unanswered. So- wondering if
>> anyone knows of a commercial solution that competes with Bluesocket.
>>
>>
>>
>> We're looking for this sort of functionality:
>>
>>
>>
>> Single guest SSID- all functions come from easy-to-use portal. Single IP
>> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
>> users. Possible failover pair setup.
>>
>>
>>
>>    1. SU NetID Holders
>>          1. Ideally, OS could be identified. If Windows or Mac, users
>>             forwarded on to a page that tells them to (and how) to use
>>             the secure network
>>          2. Non-Windows/MAC NetID Holders get on with generous
>>             throughput and minimal restrictions (compared to other
>>             guest-path users)
>>
>>
>>
>>    2. Sponsored Guests- Sponsored by SU NetID Holder
>>          1. Everyone in our AD with a regular account (staff, faculty,
>>             students) can sponsor a guest- gateway verifies sponsor is
>>             in AD
>>          2. Guest logins limited to some period of time yet to be defined
>>          3. Guest credentials may get sent (SMS text) to guest cell
>>             phone number or forwarded directly by sponsor
>>          4. Different set of protocols - must allow VPN
>>          5. Easy batch creation of accounts for the likes of conferences
>>
>>
>>
>>    3. Self-sponsored Guests- provision their own
>>          1. Accounts will be limited to 4 hours (or something), then
>>             can't be reactivated for say 12 hours (or some other
>>             time-related constraint)
>>          2. Requires valid cell phone number, as that is where gateway
>>             will text the credentials
>>          3. More tightly limited in bandwidth and throughput
>>          4. Limited number of accounts per month.
>>
>>
>>
>> Not looking to build our own any more- off the shelf is desired in this
>> case. Welcome to any input on solutions beyond Bluesocket.
>>
>>
>>
>> Please don't consider this a hit against Bluesocket- we have not
>> discounted them, just looking for what else is out there that I am not
>> aware of.
>>
>>
>>
>> And please- no off-topic sales calls.
>>
>>
>>
>> Thanks-
>>
>>
>>
>> Lee
>>
>>
>>
>>
>>
>> **Lee H. Badman**
>>
>> Wireless/Network Engineer
>>
>> Information Technology and Services
>>
>> Syracuse University
>>
>> 315 443-3003
>>
>>
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Guest Portal - revisited

[Lee H Badman]

Thanks, David- are you using the NAC gateway for other functions as well? And 
what version of code are you on for wireless? Last question- does the web auth 
cause any issues for your controllers (I know has been an issue on some 
versions and in some configurations)?


-Lee

Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of LaPorte, David
Sent: Tuesday, September 29, 2009 12:13 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Portal - revisited

We're deployed Cisco NAC Guest Server to provide sponsored guest access.
  That, in combination with the built-in webauth functionality in the
Cisco WLC (if you're a Cisco shop), should be able to provide much of
what you need.  We're doing very similar things here.

Dave

Lee H Badman wrote:
> We have a wireless guest portal (homegrown) that has been satisfactory,
> but we want to move into another solution for several reasons that I
> won't bore you with.
> 
>  
> 
> I'm familiar with Bluesocket (actively talking with them) and know that
> Colubris used to compete with them in the gateway space. HP now owns
> Colubris, and a request for more info went unanswered. So- wondering if
> anyone knows of a commercial solution that competes with Bluesocket.
> 
>  
> 
> We're looking for this sort of functionality:
> 
>  
> 
> Single guest SSID- all functions come from easy-to-use portal. Single IP
> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
> users. Possible failover pair setup.
> 
>  
> 
>1. SU NetID Holders
>  1. Ideally, OS could be identified. If Windows or Mac, users
> forwarded on to a page that tells them to (and how) to use
> the secure network
>  2. Non-Windows/MAC NetID Holders get on with generous
> throughput and minimal restrictions (compared to other
> guest-path users)
> 
>  
> 
>2. Sponsored Guests- Sponsored by SU NetID Holder
>  1. Everyone in our AD with a regular account (staff, faculty,
> students) can sponsor a guest- gateway verifies sponsor is
> in AD
>  2. Guest logins limited to some period of time yet to be defined
>  3. Guest credentials may get sent (SMS text) to guest cell
> phone number or forwarded directly by sponsor
>  4. Different set of protocols - must allow VPN
>  5. Easy batch creation of accounts for the likes of conferences
> 
>  
> 
>3. Self-sponsored Guests- provision their own
>  1. Accounts will be limited to 4 hours (or something), then
> can't be reactivated for say 12 hours (or some other
> time-related constraint)
>  2. Requires valid cell phone number, as that is where gateway
> will text the credentials
>  3. More tightly limited in bandwidth and throughput
>  4. Limited number of accounts per month.
> 
>  
> 
> Not looking to build our own any more- off the shelf is desired in this
> case. Welcome to any input on solutions beyond Bluesocket.
> 
>  
> 
> Please don't consider this a hit against Bluesocket- we have not
> discounted them, just looking for what else is out there that I am not
> aware of.
> 
>  
> 
> And please- no off-topic sales calls.
> 
>  
> 
> Thanks-
> 
>  
> 
> Lee
> 
>  
> 
>  
> 
> **Lee H. Badman**
> 
> Wireless/Network Engineer
> 
> Information Technology and Services
> 
> Syracuse University
> 
> 315 443-3003
> 
>  
> 
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Guest Portal - revisited

[LaPorte, David]

We're deployed Cisco NAC Guest Server to provide sponsored guest access.
  That, in combination with the built-in webauth functionality in the
Cisco WLC (if you're a Cisco shop), should be able to provide much of
what you need.  We're doing very similar things here.

Dave

Lee H Badman wrote:
> We have a wireless guest portal (homegrown) that has been satisfactory,
> but we want to move into another solution for several reasons that I
> won’t bore you with.
> 
>  
> 
> I’m familiar with Bluesocket (actively talking with them) and know that
> Colubris used to compete with them in the gateway space. HP now owns
> Colubris, and a request for more info went unanswered. So- wondering if
> anyone knows of a commercial solution that competes with Bluesocket.
> 
>  
> 
> We’re looking for this sort of functionality:
> 
>  
> 
> Single guest SSID- all functions come from easy-to-use portal. Single IP
> space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous
> users. Possible failover pair setup.
> 
>  
> 
>1. SU NetID Holders
>  1. Ideally, OS could be identified. If Windows or Mac, users
> forwarded on to a page that tells them to (and how) to use
> the secure network
>  2. Non-Windows/MAC NetID Holders get on with generous
> throughput and minimal restrictions (compared to other
> guest-path users)
> 
>  
> 
>2. Sponsored Guests- Sponsored by SU NetID Holder
>  1. Everyone in our AD with a regular account (staff, faculty,
> students) can sponsor a guest- gateway verifies sponsor is
> in AD
>  2. Guest logins limited to some period of time yet to be defined
>  3. Guest credentials may get sent (SMS text) to guest cell
> phone number or forwarded directly by sponsor
>  4. Different set of protocols – must allow VPN
>  5. Easy batch creation of accounts for the likes of conferences
> 
>  
> 
>3. Self-sponsored Guests- provision their own
>  1. Accounts will be limited to 4 hours (or something), then
> can’t be reactivated for say 12 hours (or some other
> time-related constraint)
>  2. Requires valid cell phone number, as that is where gateway
> will text the credentials
>  3. More tightly limited in bandwidth and throughput
>  4. Limited number of accounts per month.
> 
>  
> 
> Not looking to build our own any more- off the shelf is desired in this
> case. Welcome to any input on solutions beyond Bluesocket.
> 
>  
> 
> Please don’t consider this a hit against Bluesocket- we have not
> discounted them, just looking for what else is out there that I am not
> aware of.
> 
>  
> 
> And please- no off-topic sales calls.
> 
>  
> 
> Thanks-
> 
>  
> 
> Lee
> 
>  
> 
>  
> 
> **Lee H. Badman**
> 
> Wireless/Network Engineer
> 
> Information Technology and Services
> 
> Syracuse University
> 
> 315 443-3003
> 
>  
> 
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Guest Portal - revisited

[Lee H Badman]

We have a wireless guest portal (homegrown) that has been satisfactory, but we 
want to move into another solution for several reasons that I won't bore you 
with.

I'm familiar with Bluesocket (actively talking with them) and know that 
Colubris used to compete with them in the gateway space. HP now owns Colubris, 
and a request for more info went unanswered. So- wondering if anyone knows of a 
commercial solution that competes with Bluesocket.

We're looking for this sort of functionality:

Single guest SSID- all functions come from easy-to-use portal. Single IP 
space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous users. 
Possible failover pair setup.


 1.  SU NetID Holders
*   Ideally, OS could be identified. If Windows or Mac, users forwarded on 
to a page that tells them to (and how) to use the secure network
*   Non-Windows/MAC NetID Holders get on with generous throughput and 
minimal restrictions (compared to other guest-path users)


 1.  Sponsored Guests- Sponsored by SU NetID Holder
*   Everyone in our AD with a regular account (staff, faculty, students) 
can sponsor a guest- gateway verifies sponsor is in AD
*   Guest logins limited to some period of time yet to be defined
*   Guest credentials may get sent (SMS text) to guest cell phone number or 
forwarded directly by sponsor
*   Different set of protocols - must allow VPN
*   Easy batch creation of accounts for the likes of conferences


 1.  Self-sponsored Guests- provision their own
*   Accounts will be limited to 4 hours (or something), then can't be 
reactivated for say 12 hours (or some other time-related constraint)
*   Requires valid cell phone number, as that is where gateway will text 
the credentials
*   More tightly limited in bandwidth and throughput
*   Limited number of accounts per month.

Not looking to build our own any more- off the shelf is desired in this case. 
Welcome to any input on solutions beyond Bluesocket.

Please don't consider this a hit against Bluesocket- we have not discounted 
them, just looking for what else is out there that I am not aware of.

And please- no off-topic sales calls.

Thanks-

Lee


Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

School WiVoip deployments

[Brian J David]

We where wondering what other schools are doing for WiVoip?
Is it deployed everywhere or just in certain areas?
Do you find the students using it?
How reliable is it?
Are there any got ya's?
Thanks in advanced
Brian

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

<>

RE: BW capping

[Osborne, Bruce W. (NS)]

Jason,

We here at Liberty University were also looking for a scalable bandwidth 
management solution. We needed integration swith our Aruba ECS / Bradford 
Campus Manager NAC solution.

We evaluated both the Allot NetEnforcer and the Procera PacketLogic solutions.

The Allot solution was almost twice the price of the Procera solution. We liked 
the Procera solution so much that we have decided to replace our external 
PacketShaper packet shaping appliances with Procera PacketLogic.

We have two Internet edges and we designed a highly available solution that 
handles our 2-Gigabit PortChannels to each edge switch.


Feel free to contact me off-list for further details.


Thanks,
Bruce Osborne
Network Engineer
Liberty University

-Original Message-
From: Jason Appah [mailto:jason.ap...@oit.edu] 
Sent: Monday, September 28, 2009 5:02 PM
Subject: Re: BW capping

I probably should have been more specific, we have a packeteer 7500 for shaping 
applications, the dorms need to be able to shut off internet for specific users 
after hey have reached their BW limit for the month. sort of like metered usage?
Jason Appah
Systems Administrator
Oregon Institute of Technology
office 541-885-1719

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[wireless-...@listserv.educause.edu] On Behalf Of Jason Appah 
[jason.ap...@oit.edu]
Sent: Monday, September 28, 2009 12:54 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] BW capping

Also on the subject, do you all cap per user bandwidth?

We recently reconstructed our dorms, and began support of the resnet (before 
the recession they had their own foot soldiers taking care of it ).The old 
resnet had a hodge podge of homegrown bandwidth caps tools that they used to 
limit people from excessive downloading (essentially anyone who downloaded more 
that 10 Gig a month).

We are currently looking into continuing to do this but were split as to 
whether or not it is an antiquated process. We would like to purchase a 
standards based tool but have been unable to located one that works on a large 
scale.

1) What do people use who do bandwith cap?
2) Do you Bandwith Cap? Why or Why Not?

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.
**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.