Re: [WIRELESS-LAN] Alternatives to XpressConnect
On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users.Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/ Here's another tool that might be of interest: http://sourceforge.net/projects/su1x/ Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Alternatives to XpressConnect
Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users.Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/ Here's another tool that might be of interest: http://sourceforge.net/projects/su1x/ Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Alternatives to XpressConnect
So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James P go...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users.Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/ Here's another tool that might be of interest: http://sourceforge.net/projects/su1x/ Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Alternatives to XpressConnect
We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web-ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users. Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/ Here's another tool that might be of interest: http://sourceforge.net/projects/su1x/ Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Alternatives to XpressConnect
Mike, Would you use XpressConnect if your campus were EAP-PEAP compliant, or would you publish instructions and skip the cost of XpressConnect? In other words, is it so good and makes the life so easy (help desk calls) that even with a EAP-PEAP system you would spend the money Philippe Univ. of TN On Apr 22, 2010, at 11:49 AM, Michael Dickson wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web- ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users. Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/ Here's another tool that might be of
Limiting Bandwidth on Autonomous APs
We are experiencing a problem in our dorm where one wireless user will use all of the Available bandwidth on an 802.11g Autonomous AP's radio. We are currently using a Bluecoat Packeteer packet shaper to shape traffic at the Internet. The problem I have seen is with user on-line backups, either to a Time Capsule (student moved a terabyte of data in a month) or to (mozy, Backblaze, etc.). We receive complainants that the Internet is slow. I am new to setting up QoS on cisco devices. Is there a way of limiting through QoS on an AP, so that if a student is using all of the radio's bandwidth other users using the same AP have a fair share of bandwidth? I would prefer not to rip and replace our 802.11g APs for 802.11N APs. Any other ideas are welcomed. Nicholas Urrea Information Technology UC Hastings College of the Law urr...@uchastings.edu mailto:urr...@uchastings.edu x4718 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Alternatives to XpressConnect
Just want to confirm as last time I checked it did remove some third party wireless managers because they did not play nice. You are saying that they do not have to delete any now, correct? Walt Reynolds University of Michigan (734) 615-9438 On Apr 22, 2010, at 11:49 AM, Michael Dickson mdick...@nic.umass.edu wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web-ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for some of our less tech savvy users. Does anyone have a solution to this problem? Here at NU, our Technology Support Services coded up a Windows utility that we use for this purpose. http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/
Re: [WIRELESS-LAN] Alternatives to XpressConnect
The current Cloudpath build allows us to choose to remove or let be any third party supplicants. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 12:48 PM, Reynolds, Walter wrote: Just want to confirm as last time I checked it did remove some third party wireless managers because they did not play nice. You are saying that they do not have to delete any now, correct? Walt Reynolds University of Michigan (734) 615-9438 On Apr 22, 2010, at 11:49 AM, Michael Dicksonmdick...@nic.umass.edu wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web-ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10, Williams, Mr. Michael wrote: We have tutorials available for our users, but our helpdesk folks still have to spend a lot of time manually configuring the wireless supplicant for
Re: [WIRELESS-LAN] Alternatives to XpressConnect
We had the same argument here at our campus. Some people thought that we could just publish the steps to setup the wireless network on out website and save the cost of XpressConnect. We chose to go with XpressConnect and have been very happy with it. It was money well spent. Our help desk staff are able to get wireless setups done quickly saving a lot of time. Students could even setup the wireless from home or pickup a cd with the XpressConnect installer on it. Philippe Hanset wrote: Mike, Would you use XpressConnect if your campus were EAP-PEAP compliant, or would you publish instructions and skip the cost of XpressConnect? In other words, is it so good and makes the life so easy (help desk calls) that even with a EAP-PEAP system you would spend the money Philippe Univ. of TN On Apr 22, 2010, at 11:49 AM, Michael Dickson wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web-ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example of you get what you pay for. -- Jim Gogan Univ of North Carolina at Chapel Hill -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jethro R Binks Sent: Thursday, April 22, 2010 5:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Alternatives to XpressConnect On Fri, 16 Apr 2010, Kevin Ehlers wrote: We're looking at deploying WPA/WPA2 and we think that something similar to XpressConnect from CloudPath would be very beneficial. However, in searching I have been unable to determine if there are any vendors offering a similar service. Does anyone know of a competitor to CloudPath in this area? Our current options are 1) writing our own application + all of the benefits and drawbacks that go with a homegrown solution, and 2) a vendor supported tool to configure client's machines. Any suggestions or alternatives are welcome. To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thu, 11 Mar 2010 08:49:58 + (GMT) Subject: Re: [WIRELESS-LAN] Automating WPA Setup On Tue, 9 Mar 2010, Julian Y. Koh wrote: At 10:38 AM -0600 3/9/10,
Re: [WIRELESS-LAN] Alternatives to XpressConnect
We are EAP-PEAP compliant, and had gone down the route of documenting setup instructions for as many os' as we could think of; including phones, linux (top 5 distros each month), windows, mac etc. However we found this wasn't sufficient to meet student's expectations for it to just work, like at home and our helpdesk and the network team were spending a lot of time configuring laptops manually. So we opted for Cloudpath XpressConnect in september 2009 and it has reduced HelpDesk visits; as well as making it a lot easier for those for whom English is not a native language. I still maintain instructions, as there is always space for those, but I do think XpressConnect is cost effective. Our calculations showed the time savings, in about 10 months, just on our first level HelpDesk paid for the cost of the license, and the students are rating our wireless service provision higher, despite no further coverage or services having been offered. One thing I would say is, it doesn't solve the wireless card driver issues that are prevalent where devices are just running the wrong drivers, old versions etc. but I think Kevin from Cloupath said, at a UK University network meeting last month that this is something they are looking at doing. (but don't quote me on that, before confirming it with Cloudpath, as I had been drinking a lot the night before!) Many Thanks Peter Peter Methven (Network Specialist) Heriot-Watt University, Edinburgh, Scotland www.hw.ac/UICS This email has been sent from a mobile phone, please excuse any creative spelling or grammar that may have occured! On 22 Apr 2010, at 17:42, Philippe Hanset phan...@utk.edu wrote: Mike, Would you use XpressConnect if your campus were EAP-PEAP compliant, or would you publish instructions and skip the cost of XpressConnect? In other words, is it so good and makes the life so easy (help desk calls) that even with a EAP-PEAP system you would spend the money Philippe Univ. of TN On Apr 22, 2010, at 11:49 AM, Michael Dickson wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web- ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and indicate that not just something similar but, in fact, XpressConnect from CloudPath has INDEED been very beneficial here on our campus. With the diversity of desktop configurations and systems that we have, the seamless configuration of Windows PCs, Macs, Ubuntu systems, iPhones/iPod Touches/iPads with a single common-interface tool (and great support, by the way) for consistent deployment of 802.1X/WPA2-Enterprise cannot be beat. Great product - classic example
Re: [WIRELESS-LAN] Alternatives to XpressConnect
True enough about the drivers. Cloudpath doesn't check for or update those (it will check for the correct OS rev, e.g. Win SP2+). And we haven't found a happy solution for Lenovo laptops which appear to use a quasi-proprietary version of Windows Wireless Manager. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 1:30 PM, Methven, Peter J wrote: We are EAP-PEAP compliant, and had gone down the route of documenting setup instructions for as many os' as we could think of; including phones, linux (top 5 distros each month), windows, mac etc. However we found this wasn't sufficient to meet student's expectations for it to just work, like at home and our helpdesk and the network team were spending a lot of time configuring laptops manually. So we opted for Cloudpath XpressConnect in september 2009 and it has reduced HelpDesk visits; as well as making it a lot easier for those for whom English is not a native language. I still maintain instructions, as there is always space for those, but I do think XpressConnect is cost effective. Our calculations showed the time savings, in about 10 months, just on our first level HelpDesk paid for the cost of the license, and the students are rating our wireless service provision higher, despite no further coverage or services having been offered. One thing I would say is, it doesn't solve the wireless card driver issues that are prevalent where devices are just running the wrong drivers, old versions etc. but I think Kevin from Cloupath said, at a UK University network meeting last month that this is something they are looking at doing. (but don't quote me on that, before confirming it with Cloudpath, as I had been drinking a lot the night before!) Many Thanks Peter Peter Methven (Network Specialist) Heriot-Watt University, Edinburgh, Scotland www.hw.ac/UICS This email has been sent from a mobile phone, please excuse any creative spelling or grammar that may have occured! On 22 Apr 2010, at 17:42, Philippe Hanset phan...@utk.edu wrote: Mike, Would you use XpressConnect if your campus were EAP-PEAP compliant, or would you publish instructions and skip the cost of XpressConnect? In other words, is it so good and makes the life so easy (help desk calls) that even with a EAP-PEAP system you would spend the money Philippe Univ. of TN On Apr 22, 2010, at 11:49 AM, Michael Dickson wrote: We use Cloudpath for our EAP-TTLS 802.1x wireless network. We're very pleased with how smoothly it works with virtually all Win and Mac OS variants. It even works with iPhone/iPad and Ubuntu linux. To handle TTLS in Windows we purchased a licensed copy SecureW2 and pre-configured the parameters within Cloudpath. When you're ready to deploy XpressConnect (Cloudpath's product name) you download a web-ready tarball to upload to your server. There's even a standalone CD/USB executable. If you're using SecureW2 (or any other third party helper app such as XSupplicant) you separately upload that binary in the /install directory. XpressConnect auto-detects the OS. If it's a Windows variant it looks for an existing installation of SecureW2. If it's there it'll create a new profile based on your specs. If it's not there XC will install SecureW2 and configure it appropriately. In our configuration XpressConnect ignores third party supplicants even if they are TTLS capable (e.g. Intel Pro Wireless). We configured XC to permanently enable WZC in Windows so that Windows now manages the wireless card, sort of leaving the third part supplicant and all its profiles in the lurch. This is of course the only way SecureW2 will work. I think XC can actually detect and remove third party supplicants but we thought that seemed a little mean in an academic environment. We configured XC to remove our public SSID after a successful migration to our 802.1x network. It even pushes the new profile to t he top of the list. As for users who have active profiles on their third party supp we suggest that they migrate these manually over to Windows. Otherwise they'll be switching wireless managers back and forth when they leave the campus. Not the most elegant solution but this is the price paid for requiring TTLS on Windows. Hope this helps. Mike Michael Dickson 413.545.9639 Network Analyst Univ. of Massachusetts Amherst On 4/22/2010 11:13 AM, Reynolds, Walter wrote: So for those using this how many need to use the TTLS supplicant setup? For those that do how do you handle if a user is using a built in supplicant that has profiles for other locations? -- Walter Reynolds University of Michigan On Apr 22, 2010, at 6:07 AM, Gogan, James Pgo...@email.unc.edu wrote: Like others, I'll throw in my $.02 here and