Re: [WIRELESS-LAN] Smart TVs and other "smart" devices

[Julian Y Koh]

On Mon Sep 14 2015 06:27:08 CDT, "Osborne, Bruce W (Network Services)" 
 wrote:
> 
> And the enterprise Wi-Fi vendors choose to ignore Wi-Fi Direct.
> 

This is not just in the residence halls either - business class equipment (like 
the MS Surface Hub) uses this for clients to project content and other things.  


-- 
Julian Y. Koh
Associate Director, Telecommunications and Network Services
Northwestern University Information Technology (NUIT)

2001 Sheridan Road #G-166
Evanston, IL 60208
847-467-5780
NUIT Web Site: 
PGP Public Key:

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket

[Jon Scot Prunckle]

I tired to get our Services department to buy-in to the Oberon unit for several 
of our more architecturally unique buildings, but there was no interest due to 
the cost.  I think the Oberon Units are quite nice.  

Currently we have contracted out the cabling portion of our Wi-Fi expansion.  
The contractor happens to be a licensed electrical contractor (by state law, 
our Network Services department is allowed to pull cable, but is not allowed to 
install conduit other than wiremold or a fire-stopping penetration; conduit 
must be installed by a licensed, state approved contractor).  The electrical 
contractor has devised a mount using:
- a wiremold 4 1/2" square by 3 1/2" deep surface mount electrical box 
- covered with a 4" square blank plate w/ a 1/2 knock out (with a plastic KO 
bushing) and a 
- 1/4" mud ring screwed into 
- two small angle brackets mounted to the 4" blank plate, and
- mounted to the 1/4" mud ring is a Juniper WLA-BRKT-WALL to which we mount our
- Juniper WLA532-US APs.

It's convoluted and may not present an ideal solution for many environments.

Sincerely,


J. Scot Prunckle
Network Engineer
UITS Network and Operations Services
University of Wisconsin-Milwaukee
Office Mobile: (414) 416-9709
E-mail: prunc...@uwm.edu


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Jeffrey D. Sessler 

Sent: Friday, September 11, 2015 5:48 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket

WE using the Oberon unit. Without the key lock they are very inexpensive and 
it’s built such that it’s nearly impossible to use it as a place to hang cloths 
(if installed in a room).

Jeff




On 9/11/15, 12:03 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
on behalf of Dan Brisson"  wrote:

>Oberon

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] FreeRADIUS Diffie-Hellman Keys and iOS9

[Christopher Michael Allison]

Actually, We Upgraded to FreeRadius 2.2.8 to solve some issues with iOS9. We 
have been using a 2048 bit Diffie-Hellman.  And it is a must do ASAP as when it 
rolls out official you will have issues with clients connecting. Also if you 
aren't on FreeRadius 2.2.7 or higher you will run into the same issues that we 
did. Radius will answer the iOS9 clients TLS v1.2 Hello but can't transmit 
anything back to it so the client will never authenticate. 

Thanks,

CHRISTOPHER ALLISON
Network Engineer I

Information Technology
Mail Code 4622
625 Wham Drive
Carbondale, Illinois 62901

chris.m.alli...@siu.edu
P: 618 / 453 - 8415
F: 618 / 453 - 5261
INFOTECH.SIU.EDU



"Choose a job you love, and you will never have to work a day in your life."
Confucius


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Bruce Curtis 

Sent: Sunday, September 13, 2015 6:14 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] FreeRADIUS Diffie-Hellman Keys and iOS9

  We just upgraded to 2048 bit Diffie-Helman won September 3.   We had a person 
come to the help desk with a Chromebook that stopped connecting to the wireless 
on September 1, after an OS update.  We had been using a 512 bit Diffie Helman 
key.



2015-09-03T18:01:36.709399+00:00 NOTICE wpa_supplicant[472]: OpenSSL: 
openssl_handshake - SSL_connect error:14082174:SSL 
routines:ssl3_check_cert_and_algorithm:dh key too small

On Sep 11, 2015, at 4:55 PM, Curtis K. Larsen  wrote:

> Hello,
>
> Are any other FreeRADIUS users planning to upgrade to 2048 bit Diffie-Hellman 
> keys before the iOS9 release?  Just came across these and thinking it's a 
> must do ASAP:
>
> https://support.apple.com/en-us/HT204932
> https://community.jisc.ac.uk/blogs/8021x-clients-and-radius-server-supporting-bigger-diffie-hellman-dh-keys
>
>
> Thanks,
>
> Curtis Larsen
> University IT/CIS
> Sr. Network Engineer
>
>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.

---
Bruce Curtis bruce.cur...@ndsu.edu
Certified NetAnalyst II701-231-8527
North Dakota State University

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Supporting "those other Wi-Fi devices" in the dorms- quick Survey

[Osborne, Bruce W (Network Services)]

Feel free to contact me offline for more details.

We are using ClearPass Guest and if I had the chance to redo it, I likely would 
use a custom portal instead of the pain of skinning the ClearPass Guest portal.

 
Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions
 
(434) 592-4229
 
LIBERTY UNIVERSITY
Training Champions for Christ since 1971

-Original Message-
From: Frank Sweetser [mailto:f...@wpi.edu] 
Sent: Friday, September 4, 2015 5:00 PM
Subject: Re: Supporting "those other Wi-Fi devices" in the dorms- quick Survey

This sounds almost exactly like what we're planning on doing in a major 
wireless auth overhaul this upcoming year!  Anything you have on how your 
system works that you could share would be greatly appreciated.

thanks!

Frank Sweetser fs at wpi.edu|  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |   - HL Mencken

On 09/04/2015 07:46 AM, Osborne, Bruce W (Network Services) wrote:
> What are you calling a Device Net?
>
> We have an open SSID with a custom captive portal using the ClearPass eTIPS 
> API.
>
> We use this SSID for onboarding to 802.1X with Cloudpath XpressConnect 
> Wizard, registering a non-8012.1X device Endpoint in ClearPass (with AirGroup 
> device registration for Apple-TV) and for permitting non-802.1X network 
> access, blocking out internal web server & blackboard servers. If devices try 
> to go to these sites, they are redirected to Cloudpath XpressConnect Wizard.
>
> I am leaving on vacation for a week, so it may take me a while to 
> resond further
>
> Bruce Osborne
> Wireless Engineer
> IT Infrastructure & Media Solutions
>
> (434) 592-4229
>
> LIBERTY UNIVERSITY
> Training Champions for Christ since 1971
>
> -Original Message-
> From: Johnson, Neil M [mailto:neil-john...@uiowa.edu]
> Sent: Thursday, September 3, 2015 12:08 PM
> Subject: Re: Supporting "those other Wi-Fi devices" in the dorms- 
> quick Survey
>
> We are investigating a device net at UofI so,
>
> I would be interested in hearing from anyone who has implemented a Device Net 
> with Clearpass.
>
> Thanks.
> -Neil
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Smart TVs and other "smart" devices

[Osborne, Bruce W (Network Services)]

And the enterprise Wi-Fi vendors choose to ignore Wi-Fi Direct.

A while ago when the specification was approved, I asked our vendor how they 
were going to deal with this. They could not see how this home technology would 
impact the enterprise network.
​

Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Thomas Carter [mailto:tcar...@austincollege.edu]
Sent: Monday, September 7, 2015 6:04 PM
Subject: Re: Smart TVs and other "smart" devices

Yes, wiFi direct is growing in use – Playstation 4s broadcast wifi direct to 
connect to Playstation portables. Some Roku players use wifi direct for remote 
controls. We have a blanket statement disallowing anything that we deem 
interference with the campus wireless.  As a smaller private institution, we 
work with the students to remove the wireless network. It’s no different than 
most HP wireless printers that broadcast a wireless network for setup.

Thomas Carter

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeremy Gibbs
Sent: Monday, September 7, 2015 2:26 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Smart TVs and other "smart" devices

I have been seeing more and more students coming to campus with "smart" tv's.  
We allow them to register the TV on our wireless network.  Recently, I have 
been seeing a lot of "Hidden" networks when doing some WiFi scans.  Turns out, 
many of these TVs are broadcasting their own SSID, some hidden and some not.  
This is obviously causing interference with our production wireless network in 
the dorms.  Also, I have seen xbox one devices broadcasting their own SSID, 
hidden but it is broadcasting.

On many of these "Smart" TVs and devices, I cannot find a way to turn off the 
broadcast of these networks.

Anyone have any experience mitigating problems like these?  It just appears 
that every new device these days broadcasts some sort of 2.4 Ghz network.

Thanks


--

Jeremy L. Gibbs
Sr. Network Engineer
Utica College IITS
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Supporting "those other Wi-Fi devices" in the dorms- quick Survey

[Osborne, Bruce W (Network Services)]

We map username to password and use bandwidth management to limit the amount 
used per month. Users have the option of purchasing additional bandwidth. This 
money helps subsidize our Internet connections.

 
Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions
 
(434) 592-4229
 
LIBERTY UNIVERSITY
Training Champions for Christ since 1971

-Original Message-
From: Danny Eaton [mailto:dannyea...@rice.edu] 
Sent: Friday, September 4, 2015 3:04 PM
Subject: Re: Supporting "those other Wi-Fi devices" in the dorms- quick Survey

Just to turn this on it’s ear a bit...

Why not go back to an open network for student devices, with the same EULA as 
they’d get be it at a Starbucks, McDonalds, hotel, or convention center? Why 
are we (my self included) so hell bent on student devices connecting via 
WPA-Ent and all the challenges associated with accommodating devices that can’t?

Here at Rice, we have just that - 1 network (eduroam), 2 network (Rice 
Owls, 802.1X authenticated), and 3 network (Rice Visitor, open, unencrypted, 
with a pop-up welcome page to accept our use policy).  We are not necessarily 
hell-bent on getting a PSK/MAC authenticated network built, but our students 
are.  They want to put their Wii-U, Xbox, AppleTV, Roku, Google Chromecast, 
etc. on the wireless network just like they would at home, their apartment, 
etc.  Obviously, they wouldn't do that at Starbucks, a hotel, or the like.  
They live on campus, so it's their home.  

Does data exist that shows all of this overhead we’ve created has had any 
measurable benefit (for the cost), especially when the same users aren’t 
concerned about over-the-air security when at the above mentioned places?

Why do we care so much? Is there some middle-ground that is “good enough” but 
provides almost the same experience as at home?

Would our efforts be better spent implementing other beneficial technologies 
such location-aware WiFi, where after the student connects all their AppleTV, 
TimeMachine, and Chromecast devices, the network is smart enough to provide 
them visibility of only those devices when in/near the same location e.g. 
Location-aware bonjour?



Jeff


On 9/4/15, 7:51 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv on 
behalf of Lee H Badman"  wrote:

>Where it gets interesting- broadcast and single class C required. But- this is 
>a great summary of requirements. 
>
>Lee Badman | Network Architect
>Information Technology Services
>206 Machinery Hall
>120 Smith Drive
>Syracuse, New York 13244
>t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w its.syr.edu
>SYRACUSE UNIVERSITY
>syr.edu
>
>-Original Message-
>From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil 
>M
>Sent: Friday, September 04, 2015 10:46 AM
>To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>Subject: Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in 
>the dorms- quick Survey
>
>Here is my first pass at requirements:
>
>1. The service must prevent or discourage devices that ARE capable of 
>using 802.1x authentication from using the service.
>
>2. The service should provide some sort of traceability of devices back to 
>their owners.
>
>3. The service must provide some method to deny access to an individual 
>device.
>
>4. The service must be easy enough to use that the average student can 
>connect a device to the network in 10-15 minutes without requiring assistance 
>from ITS.
>
>5. The service must restrict access to only authorized University 
>customers.
>
>6. In the residence Halls, the service must support most the most common 
>consumer devices that students might bring to campus
>
>
>We are also looking at a “Device Net” for campus for other devices that may 
>not do 802.1X (freezer monitors, digital signage, instrumentation, etc.).
>
>For the residence hall device net we are thinking about blocking all access to 
>campus resources and just allowing internet access.
>
>For the campus device net we thinking about RFC 1918 space restricting the 
>deivces to on campus resources only.
>
>--
>Neil Johnson
>Network Engineer
>The University of Iowa
>Phone: 319 384-0938
>Fax: 319 335-2951
>E-Mail: neil-john...@uiowa.edu
>
>
>
>> On Sep 4, 2015, at 6:46 AM, Osborne, Bruce W (Network Services) 
>>  wrote:
>> 
>> What are you calling a Device Net?
>> 
>> We have an open SSID with a custom captive portal using the ClearPass eTIPS 
>> API. 
>> 
>> We use this SSID for onboarding to 802.1X with Cloudpath XpressConnect 
>> Wizard, registering a non-8012.1X device Endpoint in ClearPass (with 
>> AirGroup device registration for Apple-TV) and for permitting non-802.1X 
>> network access, blocking out internal web server & blackboard servers. If 
>> devices try to go to these sites, they are redirected to Cloudpath 
>> XpressConnect 

RE: Smart TVs and other "smart" devices

[Lee H Badman]

There is a glaring element of cluelessness here- is amazing.

Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Monday, September 14, 2015 7:27 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Smart TVs and other "smart" devices

And the enterprise Wi-Fi vendors choose to ignore Wi-Fi Direct.

A while ago when the specification was approved, I asked our vendor how they 
were going to deal with this. They could not see how this home technology would 
impact the enterprise network.
​

Bruce Osborne
Wireless Engineer
IT Infrastructure & Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Thomas Carter [mailto:tcar...@austincollege.edu]
Sent: Monday, September 7, 2015 6:04 PM
Subject: Re: Smart TVs and other "smart" devices

Yes, wiFi direct is growing in use – Playstation 4s broadcast wifi direct to 
connect to Playstation portables. Some Roku players use wifi direct for remote 
controls. We have a blanket statement disallowing anything that we deem 
interference with the campus wireless.  As a smaller private institution, we 
work with the students to remove the wireless network. It’s no different than 
most HP wireless printers that broadcast a wireless network for setup.

Thomas Carter

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeremy Gibbs
Sent: Monday, September 7, 2015 2:26 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Smart TVs and other "smart" devices

I have been seeing more and more students coming to campus with "smart" tv's.  
We allow them to register the TV on our wireless network.  Recently, I have 
been seeing a lot of "Hidden" networks when doing some WiFi scans.  Turns out, 
many of these TVs are broadcasting their own SSID, some hidden and some not.  
This is obviously causing interference with our production wireless network in 
the dorms.  Also, I have seen xbox one devices broadcasting their own SSID, 
hidden but it is broadcasting.

On many of these "Smart" TVs and devices, I cannot find a way to turn off the 
broadcast of these networks.

Anyone have any experience mitigating problems like these?  It just appears 
that every new device these days broadcasts some sort of 2.4 Ghz network.

Thanks


--

Jeremy L. Gibbs
Sr. Network Engineer
Utica College IITS
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the dorms- quick Survey

[Dan Brisson]

Interesting.  Would you be willing to share what your average user 
consumes per month?


Thanks,
-dan


Dan Brisson
Network Engineer
University of Vermont

On 9/14/2015 7:18 AM, Osborne, Bruce W (Network Services) wrote:

We map username to password and use bandwidth management to limit the amount 
used per month. Users have the option of purchasing additional bandwidth. This 
money helps subsidize our Internet connections.

  
Bruce Osborne

Wireless Engineer
IT Infrastructure & Media Solutions
  
(434) 592-4229
  
LIBERTY UNIVERSITY

Training Champions for Christ since 1971

-Original Message-
From: Danny Eaton [mailto:dannyea...@rice.edu]
Sent: Friday, September 4, 2015 3:04 PM
Subject: Re: Supporting "those other Wi-Fi devices" in the dorms- quick Survey

Just to turn this on it’s ear a bit...

Why not go back to an open network for student devices, with the same EULA as 
they’d get be it at a Starbucks, McDonalds, hotel, or convention center? Why 
are we (my self included) so hell bent on student devices connecting via 
WPA-Ent and all the challenges associated with accommodating devices that can’t?

Here at Rice, we have just that - 1 network (eduroam), 2 network (Rice 
Owls, 802.1X authenticated), and 3 network (Rice Visitor, open, unencrypted, 
with a pop-up welcome page to accept our use policy).  We are not necessarily 
hell-bent on getting a PSK/MAC authenticated network built, but our students 
are.  They want to put their Wii-U, Xbox, AppleTV, Roku, Google Chromecast, 
etc. on the wireless network just like they would at home, their apartment, 
etc.  Obviously, they wouldn't do that at Starbucks, a hotel, or the like.  
They live on campus, so it's their home.

Does data exist that shows all of this overhead we’ve created has had any 
measurable benefit (for the cost), especially when the same users aren’t 
concerned about over-the-air security when at the above mentioned places?

Why do we care so much? Is there some middle-ground that is “good enough” but 
provides almost the same experience as at home?

Would our efforts be better spent implementing other beneficial technologies 
such location-aware WiFi, where after the student connects all their AppleTV, 
TimeMachine, and Chromecast devices, the network is smart enough to provide 
them visibility of only those devices when in/near the same location e.g. 
Location-aware bonjour?



Jeff


On 9/4/15, 7:51 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of 
Lee H Badman"  
wrote:


Where it gets interesting- broadcast and single class C required. But- this is 
a great summary of requirements.

Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil
M
Sent: Friday, September 04, 2015 10:46 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in
the dorms- quick Survey

Here is my first pass at requirements:

1. The service must prevent or discourage devices that ARE capable of using 
802.1x authentication from using the service.

2. The service should provide some sort of traceability of devices back to 
their owners.

3. The service must provide some method to deny access to an individual 
device.

4. The service must be easy enough to use that the average student can 
connect a device to the network in 10-15 minutes without requiring assistance 
from ITS.

5. The service must restrict access to only authorized University customers.

6. In the residence Halls, the service must support most the most common 
consumer devices that students might bring to campus


We are also looking at a “Device Net” for campus for other devices that may not 
do 802.1X (freezer monitors, digital signage, instrumentation, etc.).

For the residence hall device net we are thinking about blocking all access to 
campus resources and just allowing internet access.

For the campus device net we thinking about RFC 1918 space restricting the 
deivces to on campus resources only.

--
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
E-Mail: neil-john...@uiowa.edu




On Sep 4, 2015, at 6:46 AM, Osborne, Bruce W (Network Services) 
 wrote:

What are you calling a Device Net?

We have an open SSID with a custom captive portal using the ClearPass eTIPS API.

We use this SSID for onboarding to 802.1X with Cloudpath XpressConnect Wizard, 
registering a non-8012.1X device Endpoint in ClearPass (with AirGroup device 
registration for Apple-TV) and for permitting non-802.1X network access, blocking 
out internal web 

Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the dorms- quick Survey

[Jeffrey D. Sessler]

I’d curious as to what the break-even is here? The college invests money to 
build and maintain an infrastructure to track users and manage bandwidth, 
charge-back fees, staff time to manage, etc. If instead, those funds were 
invested in just increasing Internet bandwidth, do you come out ahead? What if 
you invest those funds in Internet bandwidth and charge a small technology fee 
to all students?

Jeff



On 9/14/15, 4:18 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
on behalf of Osborne, Bruce W (Network Services)" 
 wrote:

>We map username to password and use bandwidth management to limit the amount 
>used per month. Users have the option of purchasing additional bandwidth. This 
>money helps subsidize our Internet connections.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Chuck Enfield]

Any chance the APs are trying to draw more power than your switches are 
configured to provide?



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ronald Loneker
Sent: Monday, September 14, 2015 11:38 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points



Good Morning -

(forgive cross-postings - a member of the NETMAN list suggested this might 
be the place to post this question)



We just had close to 90 new Aruba Instant IAP-215 wireless access points 
installed in our residence halls to upgrade our wireless network.  Another 
building is soon to be underway, and I'm managing this project.

Over the last couple of weeks, it seems like random access points are 
shutting down wireless access.  They are not all connected to the same Cisco 
switch (various Cisco POE switches in two residence halls).  The access 
point is not ping-able, the MAC address is not found in the virtual 
controller's table, the switch port is up and power is being supplied to the 
access point.  The only way we seem to get an access point back up is to do 
a shut/no shut on the switch port to which it is connected.

The vendor who configured the access points hasn't been able to determine 
why this is happening and before we initiate an Aruba support call, I was 
wondering if anyone had any similar experiences like this and what you 
determined was the cause of the issue.  We are running into walls here.

Thanks in advance for any thoughts or ideas.


Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229 

e-mail:  rlone...@cse.edu 





** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Aruba Instant IAP-215 Wireless Access Points

[Ronald Loneker]

Good Morning -

(forgive cross-postings - a member of the NETMAN list suggested this might
be the place to post this question)

We just had close to 90 new Aruba Instant IAP-215 wireless access points
installed in our residence halls to upgrade our wireless network.  Another
building is soon to be underway, and I'm managing this project.

Over the last couple of weeks, it seems like random access points are
shutting down wireless access.  They are not all connected to the same
Cisco switch (various Cisco POE switches in two residence halls).  The
access point is not ping-able, the MAC address is not found in the virtual
controller's table, the switch port is up and power is being supplied to
the access point.  The only way we seem to get an access point back up is
to do a shut/no shut on the switch port to which it is connected.

The vendor who configured the access points hasn't been able to determine
why this is happening and before we initiate an Aruba support call, I was
wondering if anyone had any similar experiences like this and what you
determined was the cause of the issue.  We are running into walls here.

Thanks in advance for any thoughts or ideas.

Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

e-mail:  rlone...@cse.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket

[Jeffrey D. Sessler]

And if someone were to calculate the labor cost to piece that solution 
together, the $50 Oberon likely comes out ahead. :(

Jeff



On 9/14/15, 5:33 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
on behalf of Jon Scot Prunckle"  wrote:

>I tired to get our Services department to buy-in to the Oberon unit for 
>several of our more architecturally unique buildings, but there was no 
>interest due to the cost.  I think the Oberon Units are quite nice.  
>
>Currently we have contracted out the cabling portion of our Wi-Fi expansion.  
>The contractor happens to be a licensed electrical contractor (by state law, 
>our Network Services department is allowed to pull cable, but is not allowed 
>to install conduit other than wiremold or a fire-stopping penetration; conduit 
>must be installed by a licensed, state approved contractor).  The electrical 
>contractor has devised a mount using:
>- a wiremold 4 1/2" square by 3 1/2" deep surface mount electrical box 
>- covered with a 4" square blank plate w/ a 1/2 knock out (with a plastic KO 
>bushing) and a 
>- 1/4" mud ring screwed into 
>- two small angle brackets mounted to the 4" blank plate, and
>- mounted to the 1/4" mud ring is a Juniper WLA-BRKT-WALL to which we mount our
>- Juniper WLA532-US APs.
>
>It's convoluted and may not present an ideal solution for many environments.
>
>Sincerely,
>
>
>J. Scot Prunckle
>Network Engineer
>UITS Network and Operations Services
>University of Wisconsin-Milwaukee
>Office Mobile: (414) 416-9709
>E-mail: prunc...@uwm.edu
>
>
>From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> on behalf of Jeffrey D. Sessler 
>
>Sent: Friday, September 11, 2015 5:48 PM
>To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>Subject: Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket
>
>WE using the Oberon unit. Without the key lock they are very inexpensive and 
>it’s built such that it’s nearly impossible to use it as a place to hang 
>cloths (if installed in a room).
>
>Jeff
>
>
>
>
>On 9/11/15, 12:03 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
>on behalf of Dan Brisson" dbris...@uvm.edu> wrote:
>
>>Oberon
>
>**
>Participation and subscription information for this EDUCAUSE Constituent Group 
>discussion list can be found at http://www.educause.edu/groups/.
>
>**
>Participation and subscription information for this EDUCAUSE Constituent Group 
>discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Muraca, Peppino P.]

Make sure you have it plugged eth0

Peppino Muraca
Sr. Network Administrator
Stonehill College
508-565-1193
pmur...@stonehill.edu



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ronald Loneker
Sent: Monday, September 14, 2015 11:38 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

Good Morning -
(forgive cross-postings - a member of the NETMAN list suggested this might be 
the place to post this question)

We just had close to 90 new Aruba Instant IAP-215 wireless access points 
installed in our residence halls to upgrade our wireless network.  Another 
building is soon to be underway, and I'm managing this project.
Over the last couple of weeks, it seems like random access points are shutting 
down wireless access.  They are not all connected to the same Cisco switch 
(various Cisco POE switches in two residence halls).  The access point is not 
ping-able, the MAC address is not found in the virtual controller's table, the 
switch port is up and power is being supplied to the access point.  The only 
way we seem to get an access point back up is to do a shut/no shut on the 
switch port to which it is connected.
The vendor who configured the access points hasn't been able to determine why 
this is happening and before we initiate an Aruba support call, I was wondering 
if anyone had any similar experiences like this and what you determined was the 
cause of the issue.  We are running into walls here.
Thanks in advance for any thoughts or ideas.

Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

e-mail:  rlone...@cse.edu


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Williams, Matthew]

Make sure you aren’t over-running the available PoE on the switch.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Muraca, Peppino P.
Sent: Monday, September 14, 2015 12:40 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

Make sure you have it plugged eth0

Peppino Muraca
Sr. Network Administrator
Stonehill College
508-565-1193
pmur...@stonehill.edu



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ronald Loneker
Sent: Monday, September 14, 2015 11:38 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

Good Morning -
(forgive cross-postings - a member of the NETMAN list suggested this might be 
the place to post this question)

We just had close to 90 new Aruba Instant IAP-215 wireless access points 
installed in our residence halls to upgrade our wireless network.  Another 
building is soon to be underway, and I'm managing this project.
Over the last couple of weeks, it seems like random access points are shutting 
down wireless access.  They are not all connected to the same Cisco switch 
(various Cisco POE switches in two residence halls).  The access point is not 
ping-able, the MAC address is not found in the virtual controller's table, the 
switch port is up and power is being supplied to the access point.  The only 
way we seem to get an access point back up is to do a shut/no shut on the 
switch port to which it is connected.
The vendor who configured the access points hasn't been able to determine why 
this is happening and before we initiate an Aruba support call, I was wondering 
if anyone had any similar experiences like this and what you determined was the 
cause of the issue.  We are running into walls here.
Thanks in advance for any thoughts or ideas.

Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

e-mail:  rlone...@cse.edu


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Old Meru hardware

[Jason Becker]

If anyone is interesting in our retired Meru MC4200 controllers I have a 
pair for free. (you pay for shipping) I'll hang onto them until the end 
of September.



Thanks,

--
Jason Becker
Network Systems Engineer,
Network Planning and Services
Tel:(314)935-5006

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is it just us?

[Ciesinski, Nick]

Lee,


  *   APs renaming themselves  - YES
  *   Clean Air getting wholesale disabled on a controller - NO
  *   APs that way back when were config’d with static IP addresses, but that 
have been using DHCP for years, going back to showing static IPs configs - NO
  *   APs taking themselves out of a given AP group to default - NO

Let me add one that we see not on your list.


  *   APs that had a controller preference order set remove all controllers and 
go back to the default blank setting.

Nick Ciesinski



On Sep 14, 2015, at 2:24 PM, Lee H Badman 
> wrote:

Not so much looking for a solution here, but wondering if anyone else has seen 
similar. Having been on the Cisco thin thrill ride for almost a decade now, 
I’ve always been of the mind that gremlins like to make odd little config 
changes over time in the WLCs. Lately I’ve found:


  *   APs renaming themselves
  *   Clean Air getting wholesale disabled on a controller
  *   APs that way back when were config’d with static IP addresses, but that 
have been using DHCP for years, going back to showing static IPs configs
  *   APs taking themselves out of a given AP group to default


The odd thing is lack of pattern. An AP or two from a controller or a building, 
but not others from the same general grouping. Basically configs that have been 
in place for months or years and several code versions just changing on a small 
percentage of APs with no seeming rhyme or reason. Very few hands are allowed 
anywhere near the important parts of the soup, and I know it’s not a matter of 
human error.

Does anyone else experience anything like this?

-Lee

Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is it just us?

[Jeffrey D. Sessler]

Nothing at like that here. We had some growing pains back in the Cisco 5.0.x 
days, but have otherwise been OK since… small little bugs here and there, but 
nothing I wouldn’t expect from such complex code i.e. The campus here with 
Aruba runs into the same little stuff all the time.

Perhaps you’ve carried a lot of old configuration crud forward over the years 
that the various upgrades didn’t clean up?

Have you ever used the Cisco WLC config analyzer? It’s really helpful in 
finding odd crud and/or offering suggestions to problems you may not even be 
aware you’re having.

Jeff

From: 
"wireless-lan@listserv.educause.edu" 
on behalf of "lhbad...@syr.edu"
Reply-To: 
"wireless-lan@listserv.educause.edu"
Date: Monday, September 14, 2015 at 12:24 PM
To: 
"wireless-lan@listserv.educause.edu"
Subject: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is it 
just us?

Not so much looking for a solution here, but wondering if anyone else has seen 
similar. Having been on the Cisco thin thrill ride for almost a decade now, 
I’ve always been of the mind that gremlins like to make odd little config 
changes over time in the WLCs. Lately I’ve found:


  *   APs renaming themselves
  *   Clean Air getting wholesale disabled on a controller
  *   APs that way back when were config’d with static IP addresses, but that 
have been using DHCP for years, going back to showing static IPs configs
  *   APs taking themselves out of a given AP group to default


The odd thing is lack of pattern. An AP or two from a controller or a building, 
but not others from the same general grouping. Basically configs that have been 
in place for months or years and several code versions just changing on a small 
percentage of APs with no seeming rhyme or reason. Very few hands are allowed 
anywhere near the important parts of the soup, and I know it’s not a matter of 
human error.

Does anyone else experience anything like this?

-Lee

Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.eduw 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Jake Snyder]

The other thing you might check is to see if you have LLDP running on the 
switches.  This can help with Poe negotiation.

Thanks
Jake Snyder


Sent from my iPhone

> On Sep 14, 2015, at 6:53 PM, James Michael Keller  
> wrote:
> 
>> On 09/14/2015 11:37 AM, Ronald Loneker wrote:
>> Good Morning -
>> 
>> (forgive cross-postings - a member of the NETMAN list suggested this
>> might be the place to post this question)
>> 
>> We just had close to 90 new Aruba Instant IAP-215 wireless access points
>> installed in our residence halls to upgrade our wireless network. 
>> Another building is soon to be underway, and I'm managing this project.
>> 
>> Over the last couple of weeks, it seems like random access points are
>> shutting down wireless access.  They are not all connected to the same
>> Cisco switch (various Cisco POE switches in two residence halls).  The
>> access point is not ping-able, the MAC address is not found in the
>> virtual controller's table, the switch port is up and power is being
>> supplied to the access point.  The only way we seem to get an access
>> point back up is to do a shut/no shut on the switch port to which it is
>> connected. 
>> 
>> The vendor who configured the access points hasn't been able to
>> determine why this is happening and before we initiate an Aruba support
>> call, I was wondering if anyone had any similar experiences like this
>> and what you determined was the cause of the issue.  We are running into
>> walls here.
>> 
>> Thanks in advance for any thoughts or ideas.
>> 
>> Ron Loneker, Jr.
>> Director of Media Services
>> College of Saint Elizabeth
>> Mahoney Library
>> 2 Convent Road
>> Morristown, NJ  07960
>> 
>> Phone:  973-290-4229 
>> 
>> e-mail:  rlone...@cse.edu 
>> 
>> /**/
>> 
>> 
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
> 
> I have seen similar with the campus APs when the PoE power is either
> dropping below min spec either due to switch power or cable run
> resistance.   The APs will have enough power to initialize which brings
> up the link, but they fail to boot into ArubaOS and hang until they are
> power cycled.  Typically the ones with cable run issues continue to fail
> on the next cycle.  Brown out triggered ones come up fine usually, and
> typically we see more then one on the same switch do it for PoE power
> issues.
> 
> -- 
> 
> -James
> 
> 
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.
> 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Lionel Shigemura]

Using WS-C2960S-48LPS-L & WS-C2960X-48LPD-L
With lldp transmit enabled (default), non-IAP model PoE consumption on
Cisco switches below:
AP-135 draws 15.4 watts
AP-215 draws 21.4 watts
AP-225 draws 22.4 watts
AP-275 draws 30.0 watts

Although not standard and recommended, we have some Aruba AP-215s running
on Bertek CAT5 UTP under 200' distances at Gig.  Surprisingly, many
pass CAT5e permanent link certification using Fluke DSX.  Using certified
CAT6 patch cords for cross-connects and it has been stable.  No frame
errors, resets, or AP reboots.Using Aruba OS 6.4.2.12.  I would think
the non-virtual controller IAP-215 would draw similar loads as the AP-215.
Max load on a Cisco 370watt PoE switch is (~17) AP-215.

As stated previously, check Cisco/Aruba logs and settings.  If possible,
re-certify the problem horizontal runs.

-Lionel


Lionel Shigemura
UH - Leeward Community College
Information Technology Group
(808) 455-0486

CONFIDENTIALITY NOTICE: The contents of this email message and any
attachments are intended solely for the addressee(s) and may contain
confidential and/or privileged information and may be legally protected
from disclosure. If you are not the intended recipient of this message or
their agent, or if this message has been addressed to you in error, please
immediately alert the sender by reply email and then delete this message
and any attachments. If you are not the intended recipient, you are hereby
notified that any use, dissemination, copying, or storage of this message
or its attachments is strictly prohibited.

On Mon, Sep 14, 2015 at 5:37 AM, Ronald Loneker  wrote:

> Good Morning -
>
> (forgive cross-postings - a member of the NETMAN list suggested this might
> be the place to post this question)
>
> We just had close to 90 new Aruba Instant IAP-215 wireless access points
> installed in our residence halls to upgrade our wireless network.  Another
> building is soon to be underway, and I'm managing this project.
>
> Over the last couple of weeks, it seems like random access points are
> shutting down wireless access.  They are not all connected to the same
> Cisco switch (various Cisco POE switches in two residence halls).  The
> access point is not ping-able, the MAC address is not found in the virtual
> controller's table, the switch port is up and power is being supplied to
> the access point.  The only way we seem to get an access point back up is
> to do a shut/no shut on the switch port to which it is connected.
>
> The vendor who configured the access points hasn't been able to determine
> why this is happening and before we initiate an Aruba support call, I was
> wondering if anyone had any similar experiences like this and what you
> determined was the cause of the issue.  We are running into walls here.
>
> Thanks in advance for any thoughts or ideas.
>
> Ron Loneker, Jr.
> Director of Media Services
> College of Saint Elizabeth
> Mahoney Library
> 2 Convent Road
> Morristown, NJ  07960
>
> Phone:  973-290-4229
>
> e-mail:  rlone...@cse.edu
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Sanity check- spontaneously changing WLC configs- is it just us?

[Jason Cook]

Haven't seen any of those Having said that it might have happened and we 
just haven't noticed. What code?

I blame Prime, because.. well I probably don't need to explain.
Ok so jokes aside

The most recent random issue for us
Upgrading AP's (8.0.110. 0 to 8.0.110.20, but also 7.6.130.0 to  8.0.110.)
Some AP's (upto 25 out of 1500) seem to get stuck in the upgrade process and 
don't come up. Every single one had no easy console access to actually 
investigate. All POE though and shutting down that port and re-enabling would 
fix it. Annoyingly enough some AP's would be fixed with 1 reboot, however some 
took 10 with the rest making up numbers in the middle. Sometimes perseverance 
does pay off even when logic says there's no point.


--
Jason Cook
The University of Adelaide, AUSTRALIA 5005
Ph: +61 8 8313 4800

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, 15 September 2015 4:54 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is it 
just us?

Not so much looking for a solution here, but wondering if anyone else has seen 
similar. Having been on the Cisco thin thrill ride for almost a decade now, 
I've always been of the mind that gremlins like to make odd little config 
changes over time in the WLCs. Lately I've found:

* APs renaming themselves
* Clean Air getting wholesale disabled on a controller
* APs that way back when were config'd with static IP addresses, but 
that have been using DHCP for years, going back to showing static IPs configs
* APs taking themselves out of a given AP group to default

The odd thing is lack of pattern. An AP or two from a controller or a building, 
but not others from the same general grouping. Basically configs that have been 
in place for months or years and several code versions just changing on a small 
percentage of APs with no seeming rhyme or reason. Very few hands are allowed 
anywhere near the important parts of the soup, and I know it's not a matter of 
human error.

Does anyone else experience anything like this?

-Lee

Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Howard, Christopher]

It’s been a while, but we had a similar issue with Cisco 2960S and Aruba APs 
(the regular version) a couple years.  There was a bug in the Aruba code that 
caused the AP to request more power than the switch could deliver (>30 watts).  
The switch would bug out and not deliver enough power.  I don’t recall offhand 
what version of code that was on, and I know it was fixed.  Perhaps it has 
re-appeared again?  It seemed to only affect Cisco switches as our Brocade 
switches would still send out what was required to run the AP.

-Christopher

On Sep 14, 2015, at 10:58 PM, Lionel Shigemura 
> wrote:

Using WS-C2960S-48LPS-L & WS-C2960X-48LPD-L
With lldp transmit enabled (default), non-IAP model PoE consumption on Cisco 
switches below:
AP-135 draws 15.4 watts
AP-215 draws 21.4 watts
AP-225 draws 22.4 watts
AP-275 draws 30.0 watts

Although not standard and recommended, we have some Aruba AP-215s running on 
Bertek CAT5 UTP under 200' distances at Gig.  Surprisingly, many pass CAT5e 
permanent link certification using Fluke DSX.  Using certified CAT6 patch cords 
for cross-connects and it has been stable.  No frame errors, resets, or AP 
reboots.Using Aruba OS 6.4.2.12.  I would think the non-virtual controller 
IAP-215 would draw similar loads as the AP-215.  Max load on a Cisco 370watt 
PoE switch is (~17) AP-215.

As stated previously, check Cisco/Aruba logs and settings.  If possible, 
re-certify the problem horizontal runs.

-Lionel


Lionel Shigemura
UH - Leeward Community College
Information Technology Group
(808) 455-0486

CONFIDENTIALITY NOTICE: The contents of this email message and any attachments 
are intended solely for the addressee(s) and may contain confidential and/or 
privileged information and may be legally protected from disclosure. If you are 
not the intended recipient of this message or their agent, or if this message 
has been addressed to you in error, please immediately alert the sender by 
reply email and then delete this message and any attachments. If you are not 
the intended recipient, you are hereby notified that any use, dissemination, 
copying, or storage of this message or its attachments is strictly prohibited.

On Mon, Sep 14, 2015 at 5:37 AM, Ronald Loneker 
> wrote:
Good Morning -

(forgive cross-postings - a member of the NETMAN list suggested this might be 
the place to post this question)

We just had close to 90 new Aruba Instant IAP-215 wireless access points 
installed in our residence halls to upgrade our wireless network.  Another 
building is soon to be underway, and I'm managing this project.

Over the last couple of weeks, it seems like random access points are shutting 
down wireless access.  They are not all connected to the same Cisco switch 
(various Cisco POE switches in two residence halls).  The access point is not 
ping-able, the MAC address is not found in the virtual controller's table, the 
switch port is up and power is being supplied to the access point.  The only 
way we seem to get an access point back up is to do a shut/no shut on the 
switch port to which it is connected.

The vendor who configured the access points hasn't been able to determine why 
this is happening and before we initiate an Aruba support call, I was wondering 
if anyone had any similar experiences like this and what you determined was the 
cause of the issue.  We are running into walls here.

Thanks in advance for any thoughts or ideas.

Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

e-mail:  rlone...@cse.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

3rd party wireless troubleshooting tools

[Jason Cook]

As per usual there's been a few discussion on this path in the past.

Interested to know what people have used to either troubleshoot issues on the 
network and/or review performance And how much success have they had.

7Signal promote themselves quite well (though currently unavailable in Aus,). 
Those that have implemented their Eye's, have they worked at identifying issues 
that weren't picked up in other ways? Also their optimization service if anyone 
has used it. did you find noticeable improvements?

Then I guess other tools, has anyone used Metageek's Eye PA to any success?

Or any other similar tools/services that have been used

We do use Ekahau ESS and Chanalyzer  for coverage and interference, so I guess 
interested to know about tools that can help with improvements in other aspects 
of the network. There's no specific issues/problems we have identified that 
need looking but interested to know if it's worth looking into other tools that 
could help improve our service or enable us to be ready for "situation X". 
There's always a few situations where you get reported on-off issues and it 
would be good to have something we could leave in locations for monitoring.

Cisco shop as an FYI

--
Jason Cook
Technology Services
The University of Adelaide, AUSTRALIA 5005
Ph: +61 8 8313 4800
JabberCall 
Me

browser-based video chat

e-mail: 
jason.c...@adelaide.edu.au>

CRICOS Provider Number 00123M
---
This email message is intended only for the addressee(s) and contains 
information which may be confidential and/or copyright.  If you are not the 
intended recipient please do not read, save, forward, disclose, or copy the 
contents of this email. If this email has been sent to you in error, please 
notify the sender by reply email and delete this email and any copies or links 
to this email completely and immediately from your system.  No representation 
is made that this email is free of viruses.  Virus scanning is recommended and 
is the responsibility of the recipient.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is it just us?

[Danny Eaton]

Nothing like that here Lee, sorry.

 

  

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Monday, September 14, 2015 2:24 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Sanity check- spontaneously changing WLC configs- is
it just us?

 

Not so much looking for a solution here, but wondering if anyone else has
seen similar. Having been on the Cisco thin thrill ride for almost a decade
now, I've always been of the mind that gremlins like to make odd little
config changes over time in the WLCs. Lately I've found:

 

. APs renaming themselves

. Clean Air getting wholesale disabled on a controller

. APs that way back when were config'd with static IP addresses, but
that have been using DHCP for years, going back to showing static IPs
configs

. APs taking themselves out of a given AP group to default

 

The odd thing is lack of pattern. An AP or two from a controller or a
building, but not others from the same general grouping. Basically configs
that have been in place for months or years and several code versions just
changing on a small percentage of APs with no seeming rhyme or reason. Very
few hands are allowed anywhere near the important parts of the soup, and I
know it's not a matter of human error.

 

Does anyone else experience anything like this?

 

-Lee

 

Lee Badman | Network Architect

Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   f 315.443.4325   e  
lhbad...@syr.edu w its.syr.edu

SYRACUSE UNIVERSITY
syr.edu

 

 

 

!DSPAM:911,55f71f0d63958840310082! 

** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/. 


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Ronald Loneker]

Thank you for the suggestion - we will check this.

Ron
---
Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

FAX:  973-290-4246

e-mail:  rlone...@cse.edu



*CSE's IT department will never ask for your password, social security
number or other personal information in an e-mail message.*
*Please do not share any information with others!*




On Mon, Sep 14, 2015 at 1:25 PM, Williams, Matthew 
wrote:

> Make sure you aren’t over-running the available PoE on the switch.
>
>
>
> Respectfully,
>
>
>
> Matthew Williams
>
> Manager, Network and Telecommunications Services
>
> Kent State University
>
> Office: (330) 672-7246
>
> Mobile: (330) 469-0445
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Muraca, Peppino P.
> *Sent:* Monday, September 14, 2015 12:40 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points
>
>
>
> Make sure you have it plugged eth0
>
>
>
> Peppino Muraca
>
> Sr. Network Administrator
>
> Stonehill College
>
> 508-565-1193
>
> pmur...@stonehill.edu
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Ronald Loneker
> *Sent:* Monday, September 14, 2015 11:38 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points
>
>
>
> Good Morning -
>
> (forgive cross-postings - a member of the NETMAN list suggested this might
> be the place to post this question)
>
>
>
> We just had close to 90 new Aruba Instant IAP-215 wireless access points
> installed in our residence halls to upgrade our wireless network.  Another
> building is soon to be underway, and I'm managing this project.
>
> Over the last couple of weeks, it seems like random access points are
> shutting down wireless access.  They are not all connected to the same
> Cisco switch (various Cisco POE switches in two residence halls).  The
> access point is not ping-able, the MAC address is not found in the virtual
> controller's table, the switch port is up and power is being supplied to
> the access point.  The only way we seem to get an access point back up is
> to do a shut/no shut on the switch port to which it is connected.
>
> The vendor who configured the access points hasn't been able to determine
> why this is happening and before we initiate an Aruba support call, I was
> wondering if anyone had any similar experiences like this and what you
> determined was the cause of the issue.  We are running into walls here.
>
> Thanks in advance for any thoughts or ideas.
>
>
> Ron Loneker, Jr.
> Director of Media Services
> College of Saint Elizabeth
> Mahoney Library
> 2 Convent Road
> Morristown, NJ  07960
>
> Phone:  973-290-4229
>
> e-mail:  rlone...@cse.edu
>
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Sanity check- spontaneously changing WLC configs- is it just us?

[Lee H Badman]

Not so much looking for a solution here, but wondering if anyone else has seen 
similar. Having been on the Cisco thin thrill ride for almost a decade now, 
I've always been of the mind that gremlins like to make odd little config 
changes over time in the WLCs. Lately I've found:

-   APs renaming themselves
-   Clean Air getting wholesale disabled on a controller
-   APs that way back when were config'd with static IP addresses, but that 
have been using DHCP for years, going back to showing static IPs configs
-   APs taking themselves out of a given AP group to default

The odd thing is lack of pattern. An AP or two from a controller or a building, 
but not others from the same general grouping. Basically configs that have been 
in place for months or years and several code versions just changing on a small 
percentage of APs with no seeming rhyme or reason. Very few hands are allowed 
anywhere near the important parts of the soup, and I know it's not a matter of 
human error.

Does anyone else experience anything like this?

-Lee


Lee Badman | Network Architect
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu

SYRACUSE UNIVERSITY
syr.edu




**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.