RE: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

2021-07-26 Thread Steve J Wenger 
We learned that FT "Adaptive Enabled" was on by default when we deployed IOS-XE 
17.3.  Certain Motorola cell phones had difficulty connecting intermittently, 
regardless if the phones were Android 10 or 11.  When we set FT to "disabled", 
the Android clients in question were able to connect and roam between AP's and 
buildings without problems.  Discovered this only after reading about the Cisco 
bug CSCvu24770.  Have not tried to set FT to "enabled" to experiment yet.

Thanks,

Steve Wenger
Viterbo University
Wi-Fi / Telecom Administrator | Instructional and Information Technology
608-796-3950
[EmailSignatureLogo]
www.viterbo.edu | 900 Viterbo Drive, La Crosse, WI  
54601

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Jason Mallon
Sent: Monday, July 26, 2021 1:46 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

EXTERNAL: This email originated from a sender outside of Viterbo. Use caution 
when clicking on links or opening attachments.
We have FT enabled on ours, and it allowed the Andorid devices to connect that 
were unable to while we had FT adaptive.  I have not heard, up to this point, 
of any devices failing to connect since we made the swap a couple months ago.


Jason Mallon
Network Engineer
Office of Information Technology
The University of 
Alabama
jemal...@ua.edu
[The University of Alabama stacked logo with box 
A]



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Dennis Xu mailto:d...@uoguelph.ca>>
Date: Monday, July 26, 2021 at 1:19 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable
Hi,


Has anyone set Fast Transition to enable for Cisco WLCs? Have you had any 
compatibility issues with client devices with FT enabled? I am asking because 
of the Android bug CSCvu24770 which caused some Android devices not able to 
connect with adaptive FT.



Thanks.

Dennis

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

2021-07-26 Thread Jason Mallon 
We have FT enabled on ours, and it allowed the Andorid devices to connect that 
were unable to while we had FT adaptive.  I have not heard, up to this point, 
of any devices failing to connect since we made the swap a couple months ago.


Jason Mallon
Network Engineer
Office of Information Technology
The University of Alabama
jemal...@ua.edu
[The University of Alabama stacked logo with box A]



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Dennis Xu 
Date: Monday, July 26, 2021 at 1:19 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable
Hi,


Has anyone set Fast Transition to enable for Cisco WLCs? Have you had any 
compatibility issues with client devices with FT enabled? I am asking because 
of the Android bug CSCvu24770 which caused some Android devices not able to 
connect with adaptive FT.



Thanks.

Dennis

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Fast Transition Enable

2021-07-26 Thread Dennis Xu 
Hi,


Has anyone set Fast Transition to enable for Cisco WLCs? Have you had any 
compatibility issues with client devices with FT enabled? I am asking because 
of the Android bug CSCvu24770 which caused some Android devices not able to 
connect with adaptive FT.



Thanks.

Dennis

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Aruba and SAML SSO

2021-07-26 Thread Martin MacLeod-Brown 
That is interesting Tim, let me investigate this further as this is new news to 
me...

Thx

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: 26 July 2021 15:19
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba and SAML SSO

CPPM will parse out the SAML assertion attributes as long as you add them to 
the SSO dictionary in CPPM. You can then use them in role mapping or 
enforcement in an application authorization service.



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Martin MacLeod-Brown 
mailto:mmacl...@london.edu>>
Sent: Monday, July 26, 2021 10:13:15 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [WIRELESS-LAN] Aruba and SAML SSO


Hi Everyone



Just reaching out here to see if anyone has managed this using Aruba 
technologies?



We have a B2B client who enrols onto one of our Open Courses, using an email 
address of their choice.

We capture that email address in AAD and they will be sent an invite to join 
the relevant Teams/O365 resources that apply to them and to reset their initial 
password.

When these clients arrive at campus they connect to our guest Wi-Fi where they 
self register via our Captive Portal

Is there a way that they can use their B2B details that they signed up with 
originally to log into the guest Wi-Fi?



I know last time I looked at this, I could get Clearpass and AAD talking 
however the authentication token that AAD was sending back after a successful 
login was just some simple hashed text and I couldn't work out how to intercept 
that or craft a service/role around it.



Has anyone done something like this?



Martin





**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Re: Aruba and SAML SSO

2021-07-26 Thread Tim Cappalli 
CPPM will parse out the SAML assertion attributes as long as you add them to 
the SSO dictionary in CPPM. You can then use them in role mapping or 
enforcement in an application authorization service.



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Martin MacLeod-Brown 

Sent: Monday, July 26, 2021 10:13:15 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: [WIRELESS-LAN] Aruba and SAML SSO


Hi Everyone



Just reaching out here to see if anyone has managed this using Aruba 
technologies?



We have a B2B client who enrols onto one of our Open Courses, using an email 
address of their choice.

We capture that email address in AAD and they will be sent an invite to join 
the relevant Teams/O365 resources that apply to them and to reset their initial 
password.

When these clients arrive at campus they connect to our guest Wi-Fi where they 
self register via our Captive Portal

Is there a way that they can use their B2B details that they signed up with 
originally to log into the guest Wi-Fi?



I know last time I looked at this, I could get Clearpass and AAD talking 
however the authentication token that AAD was sending back after a successful 
login was just some simple hashed text and I couldn’t work out how to intercept 
that or craft a service/role around it.



Has anyone done something like this?



Martin





**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Aruba and SAML SSO

2021-07-26 Thread Martin MacLeod-Brown 
Hi Everyone

Just reaching out here to see if anyone has managed this using Aruba 
technologies?

We have a B2B client who enrols onto one of our Open Courses, using an email 
address of their choice.
We capture that email address in AAD and they will be sent an invite to join 
the relevant Teams/O365 resources that apply to them and to reset their initial 
password.
When these clients arrive at campus they connect to our guest Wi-Fi where they 
self register via our Captive Portal
Is there a way that they can use their B2B details that they signed up with 
originally to log into the guest Wi-Fi?

I know last time I looked at this, I could get Clearpass and AAD talking 
however the authentication token that AAD was sending back after a successful 
login was just some simple hashed text and I couldn't work out how to intercept 
that or craft a service/role around it.

Has anyone done something like this?

Martin



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community