Re: [WIRELESS-LAN] ISE version
ISE 3.0 is a major licensing change so I'd talk to your SE for the details. I believe your current base licenses "which are owned" will expire after a certain period of time and you are forced to buy new ones. I'd stick with 2.7 for the awhile as it seems to be stable Craig On Thu, Dec 10, 2020 at 10:27 AM Ethan Grinnell wrote: > I asked one of our Cisco reps if he had any idea when we should consider > upgrading to 3.0. He'd been told that 2.7 is supposed to be a long lived > release. I think we'll be safe there for a while. He also said that they > like to only have 3 release trains in development. > > I havent tried 3.0 yet, but 2.7 has been good so far. > > Ethan Grinnell > CCIE R&S #39723, BS CmpE > Network Engineer > Office of Information Technology, Technology Infrastructure, Networking > Portland State University > 503-725-3205 > > On Thu, Dec 10, 2020, 8:33 AM Christina Klam wrote: > >> All, >> We are running 2.6.0.156 version of ISE.We are scheduled to upgrade >> it over the Winter Break. >> >> I see that 3.0 is out. The demos of it look great. But it is not Safe >> Harbor yet. 2.7 is still the preferred version in cisco.com. We do >> not want to upgrade to 2.7 to only have to do it again in a month or so. >> But we also cannot risk to go bleeding edge and have eduroam stop working. >> >> >> Has anyone upgrade to 3.0 and can share their experience? >> >> Christina Klam >> Network Engineer >> Institute for Advanced Study >> 1 Einstein Dr >> Princeton, NJ 08540 >> (m) +1 609-751-7899 >> (o) +1 609-734-8154 >> ck...@ias.edu >> >> ** >> Replies to EDUCAUSE Community Group emails are sent to the entire >> community list. If you want to reply only to the person who sent the >> message, copy and paste their email address and forward the email reply. >> Additional participation and subscription information can be found at >> https://www.educause.edu/community >> > ** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" MRU IT Services will NEVER ask you for your password or to update or verify your email account through an email. DO NOT click any links in an email asking you to update or verify your email account. ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] ISE 2.7 Patch Level
Bruce, I just updated to patch 2 yesterday (due to CSCvs42441 that our security team wanted patched) and everything seems to be working well. There are a number of bugs fixed between patch 1 and patch 2 but 99.9% won't affect most people. Craig On Wed, Aug 12, 2020 at 11:58 AM Bruce Boardman < 00f864c74f72-dmarc-requ...@listserv.educause.edu> wrote: > Anybody on ise 2.7 run either of patches? Cisco wants everything to the > latest and so called greatest, but I don’t see a technical reason to move > just yet. This caught my eye CSCvn12644 > <https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn12644> ‘ISE Crashes > during policy evaluation for AD attributes’ but it’s short on details. > Wondering > if I missing something. Thanks > > ** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" MRU IT Services will NEVER ask you for your password or to update or verify your email account through an email. DO NOT click any links in an email asking you to update or verify your email account. ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] More client weirdness
Sean, What version of controller software are you running? Craig Eyre On Wed, Jan 31, 2018 at 11:17 AM, Gray, Sean wrote: > Hi Everyone, > > > > I just wanted to throw this weirdness out to the group to see if anyone > has experienced the same issue and has found a solution or work around. > > > > We have a student on campus who intermittently cannot connect to our > 802.1x Student WLAN when trying to connect to a Cisco 702w access point > installed nearby. They can connect to our open Guest WLAN. I should say > that they are fail to connect to Student more times than they succeed when > in their Student Residence. On campus they are able to connect to Student. > > > > I recently brought them down to my office to have them try and connect to > a 702w that I had set up specially for the purpose of this test. > > > > *Client Details:* > > > > · Acer Aspire F5-571T Laptop > > · NIC: Qualcomm Atheros QCA9377 > > · Driver Version 12.0.0.309 > > · O/S: Windows 10 Home > > > > Client has Symantec Anti-virus installed > > > > Windows updates and driver versions were all validated. > > > > > > During testing I noticed that the client completes the AUTH phase and > enters RUN state. At this point it frequently seems to stall and doesn’t > make it into the DHCP Socket Task portion of the client/WLC/DHCP exchange. > > > > The only thing that the testing proved to me is that the client doesn’t > like Cisco 702w APs, as I saw the same results in my office as I saw from > them in Student Residence. Of note is that the problem seems to become > particular pronounce when they roam from Guest to Student or vice versa. > Disabling the Symantec firewall seemed to improve, but not fully resolve > the issue. > > > > I should also point out that due to the unique way that our Residence > townhomes were constructed wall mount APs are our only option. > > > > So this one has me beat! > > > > Thanks > > > > Sean > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at http://www.educause.edu/ > discuss. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" MRU IT Services will NEVER ask you for your password or to update or verify your email account through an email. DO NOT click any links in an email asking you to update or verify your email account. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Non penetrating roof mounted WiFi antenna
We use those mounts on all our installs with a rubber mat underneath and 4 cinder blocks holding it down and they don't move at all. I agree with the other comments of lightning arrestors, power protection, appropriate weather prevention for cabling coming through the ceiling. We don't run fiber to ours but that's another good idea. The only question I have is that antenna outdoor nema rated? Craig Eyre On Mon, Aug 8, 2016 at 4:30 PM, Mattson, III, Ken V < kenmatt...@creighton.edu> wrote: > Has anyone roof mounted an AIR-ANT2588P3M-N antenna? Do you have pictures > of the installation that you could share? How high did you mount it? How > much weight did you put on the base? We plan on putting it as high at 8-10 > ft. on something like this: > > http://www.cableandwireshop.com/non-penetrating-roof- > mount-with-166-x-120-mast.html > > > > Any gotchas we should be aware of? > > > > Thanks for any assistance, > > > > Kenneth V. Mattson III > Director - Network and Data > DoIT > Creighton University > 402-280-2743 > 402-981-1140 > > A password is like a toothbrush: > Choose a good one, change it regularly and don't share it. > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at http://www.educause.edu/ > groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" MRU IT Services will NEVER ask you for your password or to update or verify your email account through an email. DO NOT click any links in an email asking you to update or verify your email account. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket
I just used L brackets similar to these. They're only a couple dollars and you can get different colors. Once you mount the AP on it, you can barely see the L bracket. http://www.lowes.com/pd_582850-56240-BKTM02X12X12HACRS_1z0yk8u__?productId=50135992&pl=1 Craig On Fri, Sep 11, 2015 at 1:20 PM, Dorshimer, Michael wrote: > Dan, I found these for about $50 > > http://www.oberonwireless.com/products/surface-mount-wall-hard-ceiling-enclosures-mounts/1109-1009-00 > > - Mike > > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dan Brisson > Sent: Friday, September 11, 2015 3:12 PM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: Re: [WIRELESS-LAN] Cisco AP Horizontal Mounting Bracket > > Just to clarify, the type of bracket shown here is what I'm looking for: > > > http://www.terra-wave.com/shop/compact-horizontal-wall-mount-w-cover-and-universal-tbar-mounting-plate-p-3697.html?utm_source=et.ventev.com&utm_medium=email&utm_campaign=VA78 > > -dan > > Dan Brisson > Network Engineer > University of Vermont > > > > On 9/11/15 3:03 PM, Dan Brisson wrote: > > I'm wondering if anyone out there can recommend a horizontal mounting > > bracket for Cisco APs. Ventev TerraWave has a new model out and > > Oberon has had them for a while. The TerraWave model looks good but > > comes in at around $100, which is bit pricy for me. > > > > The ideal bracket would be able to be screwed to a standard single > > gang electrical box. > > > > Anybody have any other recommendations? > > > > Thanks, > > -dan > > > > > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] troubleshooting wireless issues
This is a great topic and is always the most difficult part of being involved in wireless. I like everyone's ideas and just want to add the one thing we try and do each year, about halfway through semester is to run a survey. It isn't a true troubleshooting technique but it helps pinpoint either bad areas or a bad group of device types. In the past I've used the following question. Most are multiple choice. 1. Is there a certain area that seems to cause you the most problems 2. What type of device do you have and if you know the OS level (iphone, surface, macbook etc) 3. Would you like the Helpdesk to contact you for further assistance, if so leave your student email account and we can contact you (90% of wifi issues are related to the end device I find and we don't control most of them in any way. There are many questions you could ask but I keep it fairly short as most people just wanna get connected without being bothered. Normally I just set the webauth redirect page to the survey site but I haven't figured out a way to push users to a webpage (survey) from our WPA2 Ent SSID without a 3rd party app like SecureW2 or Cloudpath. You could email all the students but that seems to be a frowned apoun thing at alot of places. Craig Eyre On Fri, Apr 3, 2015 at 8:58 AM, brian cors wrote: > > Great topic, and one that I deal with every day. > > We are actively scanning Twitter and proactively reaching out to students > who voice dissatisfaction about WiFi services. > > As we all know, WiFi is a lot like weather. A specific condition at a > specific time in a specific location. The location piece is a big part of > that equation. > > You absolutely want to prevent public disclosure of private information - > particularly the geolocation of a student. Therefore, we attempt to engage > with them and endeavor to mutually follow each other on Twitter. By doing > mutually following each other on Twitter, a private channel can then be > established to talk about what's going on. > > Once that private channel is established - we ask the student a few quick > triage questions [device/OS/location, etc.] We also ask them to use our > WiFi onboarding tool, which seems to take care of a majority of the issues. > We're currently using SecureW2 JoinNow for that task. It's been working > very well for our needs. > > Once we have answers to the triage questions and have asked the student to > run the onboarding tool - we create a service center incident and hand it > off to them for further action. We make it clear to the student that > follow-up will happen via e-mail. > > The service center incident is created using a template specific to > information gained from social media. We include the initial complaint and > conversation from Twitter in the work notes of the incident to give context > and clarify next actions needed. We may reach out to the student again via > Twitter to confirm resolution if the service center elicits no response or > further communication via e-mail. > > *IMPORTANT!* > Some students merely want to vent. Face it, we all want (and need) to do > that sometimes! > > When trying to establish engagement - you may get different reactions. > Many students are ecstatic that their complaint was noticed. Other students > ignore any attempt to reach out to them. Fewer react negatively - and some > realize that public tweets are actually seen and sometimes acted on. > > > Hope that helps! > [b] > > > *brian cors* > Client Experience Analyst > University of Michigan | Information and Technology Services > Communications Systems and Data Centers > http://its.umich.edu/csdc > > > On Thu, Apr 2, 2015 at 9:48 PM, Frank Sweetser wrote: > >> As others have noticed, this is a pretty tough nut to crack. Due to some >> odd quirk of human nature, many students will put quite a bit of effort >> into complaining to their friends or on forums, but can't be bothered to >> actually tell anyone who can make a difference. Here's the collection of >> approaches we use: >> >> - Good predictive modelling, followed up by a site survey. Not much you >> can do if you have gaps in your coverage or capacity. This plus a good >> knowledge of where your clients clump up should give you a much stronger >> starting point. >> >> - Know your wireless management platform, and which metrics correlate >> with user visible problems. For example, high levels of channel >> utilization, or a heavy noise floor point to problem areas you can attack. >> >> - Synthetic transactions are like your favorite user, the one who can >> give you tons of objective metrics on both what went right and wrong. >> We've
Re: [WIRELESS-LAN] Client Roaming (or, Actually, Lack Thereof)
Have you looked into modifying the client roaming parameters under the wireless tab on your wism/wlc (they are usually default from what I've seen in most cases). Also, you could leverage 802.11k assisted roaming to help your devices make better roaming decisions. I haven't adjusted my client roaming parameters but have been looking into the 802.11k info more recently. Like most things, not all devices support 802.11k but it could help in your case. Another thing to look at (especially with smartphones) is the channels that your ap's are using. Are the clients not roaming because the ap is using a 5ghz channel they are unfamiliar with. I'm sure we're all aware that just because a device works in 5ghz doesn't mean it supports every 5ghz channel. Just me thinking aloud but sometimes that's the best thing :>) Craig On Tue, Nov 4, 2014 at 2:22 PM, Watters, John wrote: > > > We have a continuing problem with clients devices which refuse to move to > an AP that provides a much better signal. For example, students entering a > classroom typically have at least one WiFi device active when they enter > the room (e.g., their phone) and maybe more (e.g.,, tablet, laptop, etc). > As has been the case for years, the default client behavior seems to > continue to be to hold on to the original AP association until it becomes > unusable, then move to the best signal for where they currently are. I know > that recent Windows machines have settings to control how aggressive the > radio is in moving to a better AP. Surely UNIX-based machines can also do > the same. We encourage our laptop users to take advantage of a more > aggressive setting. And, we use the Cisco load-balancing stuff to also try > to help. > > > > But, we still see the problem. > > > > Now, we are getting complaints about phones (iPhones & Android). users > cannot infinitely wander around a residence hall or Greek house without > getting small breaks in service (about 1 second or less) when they finally > move from one AP to one with a much stronger (and clearer) signal. > > > > Does anyone know anything else we can try to encourage client devices > (tablets, laptops, and phones) to change APs more aggressively? > > > > We are a Cisco shop using WiSM2 controllers (7.6.120.0 & 7.6.130.0) with > 5,000 APs of various models (1131, 1142, 2602, 2702, and a few 3502 & > 3602s). > > > > > > Thanks for any help/advice you can offer. > > > > > > -jcw > [image: UA Logo] > > > > > John Watters The University of Alabama > > Office of Information > Technology > > 205-348-3992 > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] iOS 8 drops tomorrow
alf Of *Jeffrey > > > Sessler > > > *Sent:* Tuesday, September 16, 2014 2:57 PM > > > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > > > *Subject:* Re: [WIRELESS-LAN] iOS 8 drops tomorrow > > > > > > For those of you impacted by such things, have you considered asking > > > Akamai to install a local caching appliance on your campus? We did a > > > number of years ago, it was free, and greatly reduces the impact on > > > our commodity internet while boosting update speeds significantly. > > > > > > I know Apple is starting to roll out their own CDN, but for now, there > > > are a lot of companies besides Apple using Akamai, so it's worth it. > > > > > > We also just established free direct peering with Netflix. Big > > > improvement there too. > > > > > > Jeff > > > > > >>>> On Tuesday, September 16, 2014 at 10:31 AM, in message > > >>>> <1dc7671d-3395-41d4-907c-fb06281ad...@uiowa.edu > > > <mailto:1dc7671d-3395-41d4-907c-fb06281ad...@uiowa.edu > <1dc7671d-3395-41d4-907c-fb06281ad...@uiowa.edu>>>, "Johnson, > > > Neil M" mailto:neil-john...@uiowa.edu>> wrote: > > > > > > > > > We've add some additional bandwidth to the links between our wireless > > > nets and campus in anticipation of heavy traffic tomorrow. > > > > > > -Neil > > > > > > -- > > > Neil Johnson > > > Network Engineer > > > The University of Iowa > > > Phone: 319 384-0938 > > > Fax: 319 335-2951 > > > E-Mail: neil-john...@uiowa.edu <mailto:neil-john...@uiowa.edu > > > > > > > > > > > > > > > > > ** > > > Participation and subscription information for this EDUCAUSE > > > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > > <http://www.educause.edu/groups/> > > > > > > ** Participation and subscription information for this > > > EDUCAUSE Constituent Group discussion list can be found at > > > http://www.educause.edu/groups/. > > > > > > > ** > > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > > > ** > > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco AVC- anyone using it for real in prod?
We use it to drop certain traffic but not P2P as it will just morph into different ports. We just mark and control the bandwidth for all the P2P stuff to "try" and make it unusable for users. Craig On Tue, Aug 12, 2014 at 9:44 AM, Ciesinski, Nick wrote: > Lee, > > We have been doing AVC for a few years now to drop P2P. We are doing it > on a ASR1k though not the WLC. We used to use a SCE engine to do it which > is where the AVC/NBAR2 stuff came from. We find we don't need to update > protocol packs that often. > > Nick Ciesinski > > From: Chad Burnham mailto:cburn...@du.edu>> > Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> > Date: Tuesday, August 12, 2014 10:40 AM > To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" <mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> > Subject: Re: [WIRELESS-LAN] Cisco AVC- anyone using it for real in prod? > > HI Lee, > > Getting it humming this month – on a pair of ASR 1006 Routers (sorry not > in Wireless). > We have Prime Infrastructure (2.1) managing it. > > We removed our Anagrans this summer to move to this. > > We just upgraded ASR this AM to support it. Will let you know in a month. > I am scheduled to talk/present @ WestNet about our experiences in January. > > Signatures = Protocol Packs. You can update them without rebooting the > router. > > CB > > From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman > Sent: Tuesday, August 12, 2014 9:28 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> > Subject: [WIRELESS-LAN] Cisco AVC- anyone using it for real in prod? > > > We are "using" Cisco's WLAN application visibility, but doing little with > it beyond the occasional looking in. Elsewhere, we use Palo Alto boxes to > shape traffic, but are interested in getting the controllers more involved > in a prod role. > > > > Is anyone relying on AVC to drop traffic like P2P in prod? Is it working > well for you? How often do you find signature updates available? Any other > thoughts/comments on experiences, successes, or frustrations with using AVC > for real- especially on large networks? > > > > Thanks- > > > > Lee Badman > > > > > Lee H. Badman > Network Architect/Wireless TME > ITS, Syracuse University > 315.443.3003 > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Replacing ageing APs
Disregard wrong post :>) Craig On Tue, Aug 12, 2014 at 12:10 PM, Craig Eyre wrote: > We use it to drop certain traffic but not P2P as it will just morph into > different ports. We just mark and control the bandwidth for all the P2P > stuff to "try" and make it unusable for users. > > > Craig > > > On Tue, Aug 12, 2014 at 11:22 AM, Gavin Pyle wrote: > >> We petition our tech fee council for money to perform wireless >> upgrades. Students consider having the latest WiFi technologies essential >> so they have yet to turn down a request. We upgrade APs in the areas that >> serve mostly students using this money and the older APs usually get >> trickled to faculty areas, until they are really old and then get sent to >> surplus. >> >> >> >> -- >> >> Gavin Pyle >> >> Network Engineer >> >> Green River Community College >> >> gp...@greenriver.edu >> >> >> >> *Breathe easy – Green River is now tobacco-free! >> <http://www.greenriver.edu/about-grcc/policies-and-procedures/new-policies/ga-02-tobacco-use.htm>* >> >> >> >> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: >> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Oliver Elliott >> *Sent:* Thursday, August 7, 2014 1:01 AM >> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> *Subject:* [WIRELESS-LAN] Replacing ageing APs >> >> >> >> Hi all >> >> >> >> I've been looking into EOLs and end of software support for some of our >> older APs and was wondering what other institutions do to keep their estate >> up to date. Up to now we've had very sparse funding for wireless as it was >> always viewed as an add on service. A recent outage (caused by buggy >> 7.6.120 code) has shown just how important Wifi has become. Up to now APs >> have been largely installed on an ad-hoc basis with funding from >> departments or projects but this doesn't tend to account for EOL >> replacement. >> >> >> >> We're looking to apply for a formal replacement project based on either >> rolling yearly replacement budget or a big bang approach every few years. >> >> >> >> So, how do you guys handle this problem? >> >> >> >> Oli >> >> -- >> >> Oliver Elliott >> Network Specialist >> IT Services >> University of Bristol >> e: oliver.elli...@bristol.ac.uk >> t: 0117 92 (87861) >> >> ** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> > > > > -- > Craig Eyre > Network Analyst > IT Services Department > Mount Royal University > 4825 Mount Royal Gate SW > Calgary AB T2P 3T5 > > P. 403.440.5199 > E. ce...@mtroyal.ca > > "The difference between a successful person and others is not a lack of > strength, not a lack of knowledge, but rather in a lack of will." Vincent > T. Lombardi" > > "MRU IT Services or any legitimate organization will *NEVER* ask for your > password. Never email or share your password with anyone.". > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Replacing ageing APs
We use it to drop certain traffic but not P2P as it will just morph into different ports. We just mark and control the bandwidth for all the P2P stuff to "try" and make it unusable for users. Craig On Tue, Aug 12, 2014 at 11:22 AM, Gavin Pyle wrote: > We petition our tech fee council for money to perform wireless > upgrades. Students consider having the latest WiFi technologies essential > so they have yet to turn down a request. We upgrade APs in the areas that > serve mostly students using this money and the older APs usually get > trickled to faculty areas, until they are really old and then get sent to > surplus. > > > > -- > > Gavin Pyle > > Network Engineer > > Green River Community College > > gp...@greenriver.edu > > > > *Breathe easy – Green River is now tobacco-free! > <http://www.greenriver.edu/about-grcc/policies-and-procedures/new-policies/ga-02-tobacco-use.htm>* > > > > *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Oliver Elliott > *Sent:* Thursday, August 7, 2014 1:01 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* [WIRELESS-LAN] Replacing ageing APs > > > > Hi all > > > > I've been looking into EOLs and end of software support for some of our > older APs and was wondering what other institutions do to keep their estate > up to date. Up to now we've had very sparse funding for wireless as it was > always viewed as an add on service. A recent outage (caused by buggy > 7.6.120 code) has shown just how important Wifi has become. Up to now APs > have been largely installed on an ad-hoc basis with funding from > departments or projects but this doesn't tend to account for EOL > replacement. > > > > We're looking to apply for a formal replacement project based on either > rolling yearly replacement budget or a big bang approach every few years. > > > > So, how do you guys handle this problem? > > > > Oli > > -- > > Oliver Elliott > Network Specialist > IT Services > University of Bristol > e: oliver.elli...@bristol.ac.uk > t: 0117 92 (87861) > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Printing
We don't allow wireless printers but allow printing via wireless with a product called PrinterOn. Seems to work well and have only deployed in areas with high byod like a library and a few others. You just connect to a webpage and then select the printer in your area. Craig On Thu, Jul 31, 2014 at 1:18 PM, Vlade Ristevski wrote: > What we did last year, was have them connect to our MultimediaDevices > SSID which is "secured" by mac filtering and is set up for game consoles > devices that can't do 802.1x. They would have to register the printer on > our home grown device registration page. > > A problem that crept up with this approach, is that if some students > turned their printer off long enough it got a different IP address and > their client software would try to print to the old IP. I was thinking > about having our registration page give them a fixed address in DHCP but > the problem only came up on one or two occasions so I didn't think it > warranted the development time. The other option would be to email them the > DDNS name after registration with instructions. > > The other possible issue is students printing to each others printers by > accident or as a prank. We did not receive any helpdesk calls reporting > this but I'm going to assume it happens. > > > On 7/31/2014 3:01 PM, Legge, Jeffry wrote: > > We are getting a great deal of pressure to provide wireless printing for > students in residence halls. Do you allow wireless printing? How are you > doing it? > > > > Jeff Legge > > Network Services > > Radford University > > (540)-831-7727 > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco Controller Code
1131's will work fine, I have a few of them holding on. 7.6.120.0 has worked good for us as well, no hiccups to be seen yet. Craig On Thu, Jul 31, 2014 at 9:00 AM, Danny Eaton wrote: > We’ve been running it for over a month. I’ve seen one primary issue with > cluster failover (Active controller failed), and have an active TAC case > opened on it. I just received 7.6.122.12 from TAC and will be putting it > on my lab test cluster today. The users have not seen any issues, because > the HA works really well – fortunately. Other than the GLBP/Macintosh > Maverick issue, we’re happy with it (running 1252’s, 1142’s, 3502’s and > 3702’s). You may need to check the 1131’s to see if they are supported on > 7.6.120.0, though. > > > > *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Tom Klimek > *Sent:* Thursday, July 31, 2014 9:47 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* [WIRELESS-LAN] Cisco Controller Code > > > > We need to upgrade our 5508 controller code to support the 2702i > AP's(Currently at 7.3.101.0). We have a lot of 2600, 3500 series AP's and > some legacy 1142 and 1131's. We are thinking about moving to 7.6.120.0. Has > anyone had experience with this version ? Any issues? recommendations? > > > > > > Thanks, > > Tom Klimek > > University of Notre Dame > > > > > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > !DSPAM:911,53da570663332191220525! > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Radios Shutdown After WLC Upgrade
to 7.6.120.6 about 3% (~100) >>> of our AP's joined the WLC but both radios are shut down. If you try to >>> re-enable the radios via the WLC or directly SSH'ed to the AP they >>> auto-disable again. Disabling, and re-enabling the switchport does >>> nothing, and rebooting the AP does nothing. Intentionally disabling one >>> radio on the AP does not help either. The switch shows it is providing >>> 15.4 watts of PoE. >>> >>> We are split evenly between 1142's, 3500's, and 3600's and have mostly >>> Cisco switches, but have only seen the issue on some 1142 series AP's, and >>> some Foundry PoE switches. In some cases another 1142 is working fine on >>> the same switch, and if we walk over and connect another 1142 it works fine >>> on the same port. The current work-around is to move AP's back to a WLC on >>> 7.4 code. >>> >>> I have a TAC case open, and 7.6.120.6 is a special build but we were >>> encouraged to go to it in order to avoid the catastrophic web-auth, and >>> severe RADIUS-NAC bugs. >>> >>> Let me know if you have any suggestions. >>> >>> Thanks, >>> >>> Curtis Larsen >>> University of Utah >>> Wireless Network Engineer >>> >>> >>> ** >>> Participation and subscription information for this EDUCAUSE Constituent >>> Group discussion list can be found at http://www.educause.edu/groups/. >>> >>> ** >>> Participation and subscription information for this EDUCAUSE Constituent >>> Group discussion list can be found at http://www.educause.edu/groups/. >>> >>> !DSPAM:911,53c6fd8e123908915719284! >>> >>> >>> ** Participation and subscription information for this EDUCAUSE >>> Constituent Group discussion list can be found at >>> http://www.educause.edu/groups/. >>> >>> ** >>> Participation and subscription information for this EDUCAUSE Constituent >>> Group discussion list can be found at http://www.educause.edu/groups/. >>> >> >> >> >> -- >> Alan Nord, CCNA >> Infrastructure Manager >> Information Technology Services >> Macalester College >> 1600 Grand Avenue >> St. Paul, MN 55105 >> ** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> >> ** Participation and subscription information for this >> EDUCAUSE Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> >> > > > -- > Joe Roth > Network Manager > Binghamton University > Ph. 607-777-7528 > Fax 607-777-4009 > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Presentations at CiscoLive...
I liked BRKEWN-3010 - Improve Enterprise WLAN Spectrum Quality using Advanced RF features by Jim Florwick. He's one the best wireless people I've come across in a while. Craig On Tue, May 27, 2014 at 7:40 AM, McClintic, Thomas < thomas.mcclin...@uth.tmc.edu> wrote: > I highly recommend BRKRST-2515 - QoS Design for Wireless LANs (2014 San > Francisco). It was very informative and there is a quick student reference > guide that is wonderful. > > Does anyone else have a session they found particularly helpful? > > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hector J Rios > Sent: Tuesday, May 27, 2014 8:16 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: [WIRELESS-LAN] Wireless Presentations at CiscoLive... > > Some interesting (and useful) presentations I attended at Cisco Live: > > BRKEWN-3011 - Troubleshooting Wireless LANs (2014 San Francisco) > BRKEWN-2017 - Understanding RF Fundamentals and the Radio Design of > Wireless Networks > > There are tons more, and not just on wireless. And I believe the > recordings for some of them will be made available soon. Take advantage of > this great resource! > > Regards, > > Hector Rios > Louisiana State University > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at > https://urldefense.proofpoint.com/v1/url?u=http://www.educause.edu/groups/&k=yYSsEqip9%2FcIjLHUhVwIqA%3D%3D%0A&r=eHsexY0U6WY24UhDK4eLQbvXOPzMySRoCq87DX3WV5M%3D%0A&m=1DEERHAO7CutlVCW%2FQV0S9AYRzxl79KDI8maOBWCRc4%3D%0A&s=db47a0862a6cb3de96cfcf08e68fb7ea85b8330aa055894c0ec01ae231e9ca53 > . > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > -- Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi" "MRU IT Services or any legitimate organization will *NEVER* ask for your password. Never email or share your password with anyone.". ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Stadium WiFi
Looks like they have one called a MR500 that does dual band but I can't find it on their site. I only read about it in one of their success stories. Craig On Thu, May 8, 2014 at 4:41 PM, John Kaftan wrote: > I reached out to them and they replied that they're going to have dual > band devices soon. > On May 8, 2014 6:06 PM, "Jeff Kell" wrote: > >> They apparently have OpenMesh here at the St Lious Hilton (Educause >> SPC). Just noticed from the BSSID OID identifier. >> >> Jeff >> >> On 5/8/2014 5:35 PM, Hanset, Philippe C wrote: >> >> >> On May 8, 2014, at 5:27 PM, John Kaftan wrote: >> >> I find this solution intriguing. I plan to deploy it small scale for a >> side job (only about 5-6 APs). The cost is very low. I wonder if it could >> scale to a stadium deployment. >> >> http://www.open-mesh.com/ >> >> >> >> I looked into it for some cheap designs. >> 2.4 GHz only. That is pretty limiting for a stadium! >> >> >> >> Also, Enterasys\Extreme has has some success building out stadiums. >> >> >> http://www.bizjournals.com/sanjose/news/2014/01/15/extreme-networks-chosen-as-official.html?page=all >> >> >> http://www.citeworld.com/article/2115627/mobile-byod/philadelphia-eagles-wifi-enterasys.html >> >> >> On Thu, May 8, 2014 at 11:52 AM, Osborne, Bruce W (Network Services) < >> bosbo...@liberty.edu> wrote: >> >>> Erik, >>> >>> >>> >>> Our data agrees with Mike’s statements. >>> >>> We recently ran a survey polling our students. The results were >>> positive. But in order to have a successfully deployment you want to have >>> both a DAS and an engineered 802.11 wireless infrastructure. Because of the >>> many variables the channels need to be statically set and have to overlap >>> perfectly. Physics plays a bigger role more than ever in a stadium >>> deployment because of the scale and open air. Airtime is key! >>> >>> >>> >>> We are currently looking at DAS solutions and Aruba Network’s Wi-Fi >>> recommendations to improve our Stadium wireless experience. >>> >>> >>> >>> >>> >>> *Bruce Osborne* >>> >>> *Network Engineer – Wireless Team* >>> >>> *IT Network Services* >>> >>> >>> >>> *(434) 592-4229 <%28434%29%20592-4229>* >>> >>> >>> >>> *LIBERTY UNIVERSITY* >>> >>> *Training Champions for Christ since 1971* >>> >>> >>> >>> *From:* Ball, Erik [mailto:b...@xavier.edu] >>> *Sent:* Wednesday, May 7, 2014 3:24 PM >>> *Subject:* Stadium WiFi >>> >>> >>> >>> It’s been about a year since Stadium WiFi has come up on this list, so I >>> wanted to see if there has been any movement towards a large scale stadium >>> WiFi deployment by anyone? We looked into this a little less than a year >>> ago, and it would be quite pricey given that it would be really only >>> utilized 1 season of the year. However, the topic is coming up again (as >>> part of envisioning the perfect fan experience), and it would be nice to >>> see where other people stood on this. >>> >>> >>> >>> If so, can you share where you are at in the process, and the vendor >>> that you selected? >>> >>> >>> >>> However, it sounds like working through cellular/DAS arrangements has >>> been more popular/widespread than bothering with stadium WiFi. If you >>> chose DAS, without bothering with 802.11 coverage, did that satisfy people? >>> >>> >>> >>> Thanks, >>> Erik >>> >>> >>> >>> >>> >>> >>> >>> ** Participation and subscription information for this EDUCAUSE >>> Constituent Group discussion list can be found at >>> http://www.educause.edu/groups/. >>> ** Participation and subscription information for this >>> EDUCAUSE Constituent Group discussion list can be found at >>> http://www.educause.edu/groups/. >>> >>> >> >> >> -- >> John Kaftan >> IT Infrastructure Manager >> Utica College >> >> ** Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. >> >> &
Re: [WIRELESS-LAN] Broadcom Win8.1 clients not accepting DHCP offer
We've seen this on alot of Lenovo laptops after they upgraded to Windows 8.1 and we just roll back the driver to a version around 5.30 and it seems to solve the problem. The comment is that they can connect at home but cannot connect to anything enterprise level. Cannot comment on the Ubuntu portion. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi Tristan Gulyas ---03/26/2014 11:26:30 PM---Hi all, We’ve seen several occurrences of an issue where wireless clients would not accept an IP add From: Tristan Gulyas To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 03/26/2014 11:26 PM Subject: [WIRELESS-LAN] Broadcom Win8.1 clients not accepting DHCP offer Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv Hi all, We’ve seen several occurrences of an issue where wireless clients would not accept an IP address from our DHCP server after authenticating. This seems to be limited to Broadcom devices running either Windows 8.1 or Ubuntu Linux (seen this on 12.04). Our infrastructure is Cisco based (derivative of 7.2.111.3 firmware) on 3600 series APs. Has anybody else seen something similar? Cheers, Tristan Tristan Gulyas Wireless Network Engineer Network Operations eSolutions | Monash University 738 Blackburn Road Clayton 3800 www.monash.edu | tristan.gul...@monash.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Re: [WIRELESS-LAN] WiFi planning
As a good example I was down in an area just yesterday that mentioned of poor signal and I initially went down with my nexus 7 and my analyzer program and could barely get -80 dbm. I found it very odd so I went back and got my laptop with Ekahau and my ekahau usb-300(?) nic and was easily getting 65-68 dbm. I too should have surveyed with a lower power setting on my nic. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi Jason Watts ---12/12/2013 12:07:53 PM---This blog post at aerohive has good info on determining transmit power on devices. Interesting that From: Jason Watts To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 12/12/2013 12:07 PM Subject: Re: [WIRELESS-LAN] WiFi planning Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv This blog post at aerohive has good info on determining transmit power on devices. Interesting that the report lists different power levels at different frequencies. http://blogs.aerohive.com/blog/the-network-revolution/apple-ipad-3-and-other-mobile-device-wi-fi-output-power -- Jason Watts Pratt Institute, Academic Computing Senior Network Administrator Sent from my iPhone On Dec 12, 2013, at 1:54 PM, "Turner, Ryan H" <rhtur...@email.unc.edu> wrote: Things like iPhones are a lot lower than 25 mW. Closer to 17. Ryan H Turner Senior Network Engineer The University of North Carolina at Chapel Hill CB 1150 Chapel Hill, NC 27599 +1 919 445 0113 Office +1 919 274 7926 Mobile From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dan Brisson Sent: Thursday, December 12, 2013 1:39 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] WiFi planning Coming in a little late on this thread, but Tristan brings up an excellent point. We are dealing with multiple areas in our dorms where AirMagnet Survey with the AirMagnet a/b/g/n card had a much better RSSI/SNR than the student with an iPad or iPhone has. What we should have done when surveying was to turn down the TX power to something like 25mW, which would more closely mimic a tablet or smartphone. We are in need of a survey tablet upgrade and currently looking at a Dell XPS with the built-in Intel® Dual Band Wireless-AC 7260 since that appears to have direct support within AirMagnet. But I'm considering also purchasing something like a Nexus 5 smartphone and using that along with the tablet to check RSSI. I would prefer to use an iPhone since that's what the majority of students have, but from what I can tell there's still no decent App that will give RSSI values. Curious what folks think of that strategy. Hopefully this is close enough to the main topic to not be considered hijacking. I had been meaning to get an email out on this topic. Thanks, -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 12/11/13, 5:38 PM, Tristan Gulyas wrote: Hi all, What device or test equipment is being used for the RSSI value? If we see -65dBm on a Fluke AirCheck, we’re lucky to get -72dBm on an Intel 5100 in an HP laptop, as an example. We’d like to pick a specific device, eg, an iPad and create standard measurements on such a device so the customer is empowered to report a fault based on data they have available. Tristan On 12 Dec 2013, at 8:27 am, Barros, Jacob <jkbar...@grace.edu> wrote: We are going into dorm rooms over winter break to review ap placement. Do any of you have a policy (written or unwritten) that sets a minimum RSSI for a space? For example, if the RSSI is -65 or lower then you shuffle or add an ap to the area? Jake Barros | Network Administrator | Office of Information Technology Grace College and Seminary | Winona Lake, IN | 574.372.5100 x6178 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Re: [WIRELESS-LAN] Windows 8 and Broadcom wireless cards
I had a user just the other day upgrade from Windows 8 to 8.1 and it broke all of the stuff you mentioned. I rolled back the driver from version 6.30?? to 5.30 for their Broadcom 802.11n network adapter and all was well after that. The 5.30 driver was already on their computer listed under the device manager options. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi "T. Shayne Ghere" ---12/04/2013 10:35:15 AM---Good morning, I was wondering if any other school is having issues with the Broadcom From: "T. Shayne Ghere" To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 12/04/2013 10:35 AM Subject: [WIRELESS-LAN] Windows 8 and Broadcom wireless cards Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv Good morning, I was wondering if any other school is having issues with the Broadcom Wireless network cards running Windows 8/8.1 pro on a WPA2/AES network? We have students that are upgrading their Dell computers from Windows 7 to Windows 8 and the cards stop working on our secure network. They are prompted for 802.1x credentials, and the ACS server authenticates them as well as the DHCP server handing out an IP address, but the computer always states limited or no connectivity. What is really weird is that we have a 1232AG radio and the card will connect ONLY to the A radio, but not to the 1142N-A radio. We are running 7.0.253.5 code because of the older AP’s on campus. We did purchase a separate controller for a test environment which we have running 7.4.110.0 now and it still won’t connect to the 1142n-a radios. Trying to back the driver down to Windows 7-64 bit doesn’t work (won’t allow it to be installed). Any ideas? Thanks Shayne - Bradley University T. Shayne Ghere, CCNA Network Engineer 1501 W. Bradley Ave. Morgan Hall, Suite 205 Peoria, IL 61625 sgh...@bradley.edu (309) 677-3094 ofc. (309) 677-3460 fax Class 2011 FBI CA Graduate ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Re: [WIRELESS-LAN] Problem with WPS2 and new IOS 7.0.4 Upgrade
I upgrade my iphone 5 to 7.0.4 recently and haven't had an issue WPA2/AES PEAP. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi "Turner, Ryan H" ---11/21/2013 01:47:08 PM---Still working for me. What EAP Method are you using? Ryan H Turner From: "Turner, Ryan H" To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 11/21/2013 01:47 PM Subject: Re: [WIRELESS-LAN] Problem with WPS2 and new IOS 7.0.4 Upgrade Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv Still working for me. What EAP Method are you using? Ryan H Turner Senior Network Engineer The University of North Carolina at Chapel Hill CB 1150 Chapel Hill, NC 27599 +1 919 445 0113 Office +1 919 274 7926 Mobile From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Turner, Ryan H Sent: Thursday, November 21, 2013 3:40 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Problem with WPS2 and new IOS 7.0.4 Upgrade I haven’t upgraded my phone, but now you’ve inspired me. I haven’t heard any complaints, however. I’ll let you know. Ryan H Turner Senior Network Engineer The University of North Carolina at Chapel Hill CB 1150 Chapel Hill, NC 27599 +1 919 445 0113 Office +1 919 274 7926 Mobile From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Thursday, November 21, 2013 3:38 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Problem with WPS2 and new IOS 7.0.4 Upgrade Since the IOS 7.0.4 upgrade came out a couple of days ago all iPhones & iPads on our campus have quite working with our WPA2 SSID. The problem seems to be with accepting the certificate (it hasn’t changed but the iDevice seems to think it has). Has anyone else seen this problem? And, do you have a fix? THANKS. -jcw John Watters The University of Alabama Office of Information Technology 205-348-3992 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <><>
Re: [WIRELESS-LAN] Horizontal AP mounting options
We just used an L bracket and attached it to the original mounting plate that came with the ap. Cheap/Easy and can barely see the L bracket when installed. (See attached file: l bracket.jpg) Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi Scott Allen ---10/23/2013 08:55:43 AM---We are using the Model 1029-00 to meet horizontal/height requirements for the Cisco 3500/3600 APs an From: Scott Allen To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 10/23/2013 08:55 AM Subject: Re: [WIRELESS-LAN] Horizontal AP mounting options Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv We are using the Model 1029-00 to meet horizontal/height requirements for the Cisco 3500/3600 APs and are very happy with it. Simple and low profile. -Scott On Wed, Oct 23, 2013 at 10:32 AM, Vlade Ristevski wrote: > Hello All, > > I was doing a little research on Cisco's site about mounting options and > came across this guide: > http://www.cisco.com/en/US/docs/wireless/technology/apdeploy/Cisco_Aironet.html > . > > We are deploying a bunch of 1602's and 2602's and they recommend mounting > them horizontally. There are areas where they need to be wall mounted and > none of the ceiling mounts or brackets are an option. They recommend the > Oberon P/N 1029-00, . It looks a bit overpriced for what it is and ugly IMO. > > http://www.oberonwireless.com/hard-lid_wall-mounted-access-point-enclosures.php > > http://www.provantage.com/oberon-1029-00~7OBER009.htm > <http://www.provantage.com/oberon-1029-00%7E7OBER009.htm> > > Does anyone know of any other options? > > Thanks, > > -- > Vlad Ristevski > Network Manager > Ramapo College > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. -- Scott Allen Director, Network Services Georgetown University sc...@georgetown.edu mobile - 202-309-5739 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <><>
Re: [WIRELESS-LAN] Multi-tenant wireless question
Nathan, I haven't tested this but could you define the ports on the 7510 to primary/secondary with LAG disabled and then define your interfaces to use separate ap-manager interfaces ( I know you don't have to use ap-manager interfaces anymore) but I think it would work in this scenario. After that, you might have to do a route or 2 on the controller and it could work. Another idea is to configure 3 of the 1042's in autonomous mode and isolate them that way. :>) (a bit dirty but easy for 3 ap's) Like I said, I haven't tested this but just throwing out some ideas that other people may get some ideas. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi Nathan Hay ---10/23/2013 08:18:56 AM---We have an interesting design problem that I thought I would toss out for ideas. Using 1042 and 160 From: Nathan Hay To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 10/23/2013 08:18 AM Subject: [WIRELESS-LAN] Multi-tenant wireless question Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv We have an interesting design problem that I thought I would toss out for ideas. Using 1042 and 1602 APs with a single 7510 controller. We have two of our companies sharing building space (the spaces are inter-mingled, not separate suites), however they have separate routers and ISPs and they are not routed between each other back at our core. I can cover the space with 3 wireless access points, but I need to have different SSIDs and keep their wireless completely separate, connected back to each companies respective routers. My current best option is to deploy 6 APs (3 for each) and use RF profiles to keep them from turning their power down too low since each pair will be 10 feet apart or so. This also costs me twice as much. Another option we are tossing around is connecting a cable between the two router/switch setups to allow us to map the SSIDs to a VLAN on each router. This causes future support issues though and if this connecting cable is every moved (very likely to happen) it could cause issues. Also, all the authentication/management traffic would go out one of the routers, so if that one goes down, the other company loses their wireless as well. Anyone have any creative ideas? Nathan Hay Network Engineer | NOC WinWholesale Inc. 888-225-5947 * This email message and any attachments is for use only by the named addressee(s) and may contain confidential, privileged and/or proprietary information. If you have received this message in error, please immediately notify the sender and delete and destroy the message and all copies. All unauthorized direct or indirect use or disclosure of this message is strictly prohibited. No right to confidentiality or privilege is waived or lost by any error in transmission. * ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Re: [WIRELESS-LAN] Cisco WLC dynamic channel assignment (DCA) interval
I sent ours to change once every 24 hours but made sure I set it at 5am. This way the channels will change at 5am when there is less likelihood of affecting anyone. Depending on your channel sensitivity you could see alot of ap's flipping channels throughout the day if its set for 10 minutes but I could be mistaken. I understand there will be alot less "random" access points at 5am as well but I'm more concerned about the rogues/surrounding area permanent ones. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi Mark Duling ---10/03/2013 11:59:57 AM---A long time ago I increased the interval for this up to a pretty high setting from the default (I th From: Mark Duling To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 10/03/2013 11:59 AM Subject: [WIRELESS-LAN] Cisco WLC dynamic channel assignment (DCA) interval Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv A long time ago I increased the interval for this up to a pretty high setting from the default (I think it was 10 min) at the suggestion of TAC engineer to stop them from changing channels so frequently. 802.11x > RRM > Dynamic Channel Assignment (DCA) I have no evidence that there is any issue with it, but a lot has changed since then. What intervals do others use for DCA? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Handheld scanners
Hey All, We have been using some Motorola MC55 handheld ticket scanners (unsure of Windows version right now) for the past couple years and they seem to be a bit flaky according to the end users (only told us a couple months ago). We use them to confirm tickets outside our theaters on campus. From my end I see them connected almost all day long but when they go to use them they have hiccups. The word I get is that they try and scan a ticket and if it doesn't work instantly they grab a spare one and keep going. I am going to stand with them one of these nights to see the actual process but haven't had the time lately so can't confirm how they are running them. We are building a new conservatory and I want to get the handheld piece figured out prior to deployment in that building. Config Cisco 5508's, 2600/3500/3600 ap's WPA2/AES enterprise (tried just tkip for a while and no dice) broadcasting I'm just curious as to what models of scanners everyone else uses and what issues/remedies they have come across. Does anyone else run the motorola MC55? It doesn't have to be on a Cisco infrastructure as alot of the settings from other vendors are comparable. I didn't want to type out the whole infrastructure, so if you have a question/idea please let me know. Thanks, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed.** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco WiSM2 7.4 stability issues?
Hey All,
I ran 7.4 code on our 5508's when it came out and noticed that my coverage
area was drastically reduced. I had to roll back to 7.3 after I found this
bug. It mentions only affecting the 5508 but I've seen many bugs affect
platforms that weren't listed. Thought I would add that into the mix for
everyone.
TPC in 7.4 reduces transmit power to lower than expected values.
Symptom:
In 7.4, primarily in high density setups, neighbor rssi is much higher
than prior code versions. This causes the transmit power to be lowered.
Conditions:
Workaround:
Setup min - max power levels for TPC, so that the power levels do not
fall below the expected value
Craig Eyre
Network Analyst
IT Services Department
Mount Royal University
4825 Mount Royal Gate SW
Calgary AB T2P 3T5
P. 403.440.5199
E. ce...@mtroyal.ca
"The difference between a successful person and others is not a lack of
strength, not a lack of knowledge, but rather in a lack of will." Vincent
T. Lombardi
From: Jeffrey Sessler
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU,
Date: 04/25/2013 05:19 PM
Subject:Re: [WIRELESS-LAN] Cisco WiSM2 7.4 stability issues?
Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv
The AP and code download issue, at least the bug mentioned, was a problem
with the code loaded at manufacturing on some WiSM2 cards. The installed
code was missing some of the AP boot code, and without the AP boot code,
AP's never got what they needed. Re-installing the same code and/or newer
fixed it. That's not really a bug out of development - it's a problem with
manufacturing.
As for rebooting AP's - It could be a fringe case that's causing it. We had
a heck of a time with the original 1252 AP's occasionally rebooting/locking
a radio, and the wireless business unit worked directly with us on
resolving the issues. In just about every case, the issue was something
unexpected from a client, and once identified, Cisco coded around it.
If you'd like to pass on specific issues, I'd be happy to raise them via my
channels. My local team seems to get a pretty fast response from the
wireless business unit.
Jeff
>>> On Thursday, April 25, 2013 at 3:35 PM, in message
<943da0e70434ca499ad0088fb90eaadebd8...@suex10-mbx-05.ad.syr.edu>, Lee H
Badman wrote:
Hi Jeff,
Agreed on client stuff, but not on rebooting APs and code downloads that
hang. Its just too much in line with Cisco's long bug train a' running...
Would be different if this wasnt premium equipment.
Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
Bandwidth for your wireless network
Hi Everyone, I'm just curious to know how big of Internet pipe your organization has for your wireless network (5000 users and above) and is it dedicated to strictly wireless or is it combined with your production employee network? Also, how do you shape your traffic, is it a per user, per group, "penalty box" type of scenario when people exceed daily limits? Do you shape all Internet traffic or just http, YouTube, P2P? I know its kind of a broad question but I'm interested in what other places are doing. Thanks and have a great day. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed.__ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco Wireless Interface Groups
We've been using interface groups for some time and like most people on here you'll notice that the same mac address will show up in dhcp table. We initially setup our dhcp (linux) for 8 hour leases and then quickly realized that we would exhaust the scopes. We tuned them down to 1 hour and seems to be good now. I talked with a Cisco wireless employee and he feels very comfortable using 20 minute lease times for "most" wlans. Also there is a command on the wlc that allows you to view which interfaces are "dirty" and won't allow dhcp requests for 30 minutes I believe. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Vikki Cutrone To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 02/15/2013 12:13 PM Subject:[WIRELESS-LAN] Cisco Wireless Interface Groups Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Hello All, I recently configured multiple /24 subnets into a wireless interface group on my controllers, in an effort to cut down on multicast as well as increase the IP address space. It seems to be working but DHCP addresses are still being consumed at an alarming rate. Is anyone else using the interface group feature? and if so is it working as expected? Thank you in advance! -- Vikki Cutrone Network Administrator Vassar College, Box 13 124 Raymond Ave Poughkeepsie, NY 12604-0013 845-437-7231 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.__ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Re: [WIRELESS-LAN] Wireless and health issues
Thanks everyone for the great information. I like the idea of the web page with links to different safety resources. That way we can just point all our users in that direction. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Christina Klam To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 01/08/2013 08:33 AM Subject:[WIRELESS-LAN] Wireless and health issues Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv As we get requests every semester to remove wireless access points from apartments and office due to a fear of radiation, I have added this link to our general computing website: http://web.princeton.edu/sites/ehs/radiation/nirad.htm The link is from Princeton University. We found it to be well researched and written. Hope this helps, <http://web.princeton.edu/sites/ehs/radiation/nirad.htm> -- Christina Christina Klam Network Administrator Institute for Advanced Study Email: ck...@ias.edu Einstein Drive Telephone: 609-734-8154 Princeton, NJ 08540 Fax: 609-951-4418 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. __ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. <>
Wireless and health issues
Hi All, I recently had a staff member ask for a report or document stating how dangerous wireless is to their health. Has anyone else been asked this before and can you direct me or send me the info that you provided to that person or department? Thanks for any help or info on this subject. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed.__ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities
Have you tried to debug the mac address from the WLC and see what errors or stage you are getting to with the Kindle? Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: "Eric T. Barnett" To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 11/27/2012 03:07 PM Subject:Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Hmm. I'm running Cisco 5508's and I've tried three different sets of code including Ryan's and I still can't get the Kindle Fire to work. I've tried 1, 2, 5.5, 11, 6 & 9 off with 12 Mandatory and all others supported as well as 6 & 9 enabled with 6 Mandatory. No luck. It only works if I have all four B data rates on. I AM using RF profiles on the WLAN groups. Don't know if there's another way to do this, but I can't do this campus-wide just yet thanks to some legacy devices. Anybody got any other ideas? Thanks so much so far. --Eric -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eric T. Barnett Sent: Tuesday, November 27, 2012 10:27 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities I'll need to do some more testing, but it sounds like my Mandatory rates may be causing the issue. Thanks everyone for the input! I'll update as soon as I can get my hands on a Kindle again. --Eric -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Ryan Sent: Tuesday, November 27, 2012 10:25 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities We ran into the Kindle Fire issue after disabling 802.11b rates as well. Marking 6Mbps as Mandatory and leaving the other 802.11g rates as supported allowed the device to connect. We are using Cisco WiSM2s running 7.2.111.3 code. Cheers, Ryan Sullivan Datacommunications ACT, UCSD rasulli...@ucsd.edu 858-822-5602 On Nov 27, 2012, at 8:09 AM, Dennis Xu wrote: > 12M: Mandatory > 1,2,5.5,11M: Disabled > All other data rates: Supported > > --- > Dennis Xu > Network Analyst, Computing and Communication Services University of > Guelph > 5198244120 x 56217 > > - Original Message - > From: "Eric T. Barnett" > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Sent: Tuesday, November 27, 2012 11:05:17 AM > Subject: Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities > > Interesting. I've tried with the 6 & 9 on as well, with the B rates off. Still no luck. What mandatory rates are you folks using? > > Thanks for the quick response, this is a real head scratcher. > > --Eric > > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dennis Xu > Sent: Tuesday, November 27, 2012 10:02 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities > > We have disabled B for several years. But we did not disable 6 & 9 for G. We haven't seen any issues. Kindle Fire definitely works here. > > I think the issue is related to the disable of 6 & 9. > > --- > Dennis Xu > Network Analyst, Computing and Communication Services University of > Guelph > 5198244120 x 56217 > > - Original Message - > From: "John Watters" > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Sent: Tuesday, November 27, 2012 10:59:04 AM > Subject: Re: [WIRELESS-LAN] Turning off 802.11B and Android oddities > > > > > The University of Alabama has had the B rates disabled for several years now (at least 3) and have had only one complaint. Our athletic ticketing folks were using B-only handheld ticket scanners for event admissions. I turned B back on for 3 months for just their APs until they could replace their units. No other problems have turned up. > > > > > > -jcw > > - > John Watters UA: OIT 205-348-3992 > > > > > > > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eric T. > Barnett > Sent: Tuesday, November 27, 2012 9:33 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: [WIRELESS-LAN] Turning off 802.11B an
Re: [WIRELESS-LAN] MAcbooks dropping off wireless network
I don't believe you can disable IPv6 in the newest version of OS X but if someone has a way please pass it along. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Christopher Wieringa To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 10/26/2012 09:06 AM Subject:Re: [WIRELESS-LAN] MAcbooks dropping off wireless network Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv We have been having issues with certain Macs dropping off our wireless network as well this semester, and have tried a variety of things to resolve it. 1. (As Lee mentioned) Disable IPv6 if you aren't running it on your wireless network. 2. Make sure that MCS rate 0 is not disabled for 802.11n (both 5ghz and 2.4ghz) ( http://tinyurl.com/8boy3dp ) 3. Tune the aggressiveness down of Client Load Balancing or disable it altogether The one thing that made the most difference was #1; disabling IPv6 on the end-user machines have cleared up almost every one of my complaints. I've played with options 2 and 3 pretty extensively, but I couldn't see any noticeable change for our end-users by adjusting them. Chris >>> On 10/26/2012 at 10:30 AM, Lee H Badman wrote: > Though it can come across as a cop-out, have you disabled IPv6 on the clients? > > > > > > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Healy > Sent: Friday, October 26, 2012 10:22 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: Re: [WIRELESS-LAN] MAcbooks dropping off wireless network > > On Oct 25, 2012, at 10:04 AM, "Legge, Jeffry" wrote: > >> Can someone direct me to articles that discuss possible fixes for this? > > We're an all-Apple campus, so I may have some suggestions depending on the > exact symptoms. > > There is one issue we're having that we haven't been able to fix with our > Aruba AP65s. "Something" triggers a condition where many of our users can't > stay associated with the AP (they connect for about 10 seconds, then > disassociate, then re-connect for 10 seconds again.). > > Aruba tells us this is a "vendor compatibility issue", but despite hours of > troubleshooting and packet captures they haven't given us any more than that. > The issue is still happening (just happened in one building yesterday). > Very frustrating, as this has been going on for months. > > Jason > > -- > Jason Healy|jhe...@logn.net| http://www.logn.net/ > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. -- -- Chris Wieringa cwier...@calvin.edu Sr. Systems Engineer Calvin Information Technology ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. __ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Client Subnet sizing
We use vlan pooling with 16 /24's on our network but we tuned down the dhcp lease times to 1 hour as we found that many users don't need their ip for very long. They just connect, check some mail and maybe some "class" stuff and then disconnect. Next time they connect (within your dhcp lease time scope) or lose connectivity due to poor roaming they might (likely) connect on another vlan and then chew up another ip address. We initially had 7 hour leases (and poor roaming) and found that our ip's were getting eaten up pretty quick. After we changed it to an hour, it seems to be pretty good. The /24's work good for us and I've read every Cisco wireless design doc and everyone mentions a different size for scopes. A couple years back it was "try and make them as small as possible to keep the broadcast domain small", now it seems to be creeping back up to /21's. I hope this helps a bit. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: "Osborne, Bruce W" To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU, Date: 08/02/2012 05:51 AM Subject:Re: [WIRELESS-LAN] Wireless Client Subnet sizing Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv FYI, Aruba Networks has their knowledgebases and documentation freely available too. No registration required.` Documentation: http://support.arubanetworks.com/DOCUMENTATION/tabid/77/Default.aspx Tools & Resources: http://support.arubanetworks.com/TOOLSRESOURCES/tabid/76/Default.aspx ArubaOS KB: http://support.arubanetworks.com/ArubaOSKB/tabid/111/Default.aspx AirWave KB: http://support.arubanetworks.com/AirWaveKB/tabid/115/Default.aspx Amigopod KB: http://support.arubanetworks.com/AmigopodKB/tabid/128/Default.aspx ClearPass KB: http://support.arubanetworks.com/ClearPassKB/tabid/127/Default.aspx Bruce Osborne Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 From: Tristan Rhodes [mailto:tristanrho...@weber.edu] Sent: Wednesday, August 01, 2012 5:13 PM Subject: Re: Wireless Client Subnet sizing Like it was mentioned by Anders, this excellent material is freely available after a registration. Funny though, it seems that you can access the file directly: Design and Deployment of Enterprise WLANs (BRKEWN-2010) http://d2zmdbbm9feqrf.cloudfront.net/2012/usa/pdf/BRKEWN-2010.pdf Cisco has the most technical content available, compared to any other network vendor that I am aware of. Cheers! Tristan -- Tristan Rhodes Network Engineer Weber State University (801) 626-8549 >>> On 7/31/2012 at 5:01 PM, in message < CAP8VL9hbfk669TT=XGMu5WdMt25_eopDZ=xvcvceohabjrr...@mail.gmail.com>, Mark Duling wrote: Luke, it looks like that presentation isn't public. Can you say more about Cisco's recommendations on that? Or are they simply saying /21 is the maximum recommended size? I'd also be interested in anything they said about mcast as it relates to size. I've setup vlan select on a test WLAN with the intent of breaking up my /21 into smaller pieces for the fall, but I've had no problems with it (though mcast is off). But I thought I would use smaller subnets since our wireless use has gone up quite a bit in recent years and doing it is so simple to do now. I've heard conflicting info, and to my surprise one time a TAC engineer suggested they should be no larger than /24, which I think is erroneous. Mark
Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors.
One of the scenarios I've been looking at is streaming/mirroring directly to the video projector and bypass buying another device. I'm not sure if people are asking to connect the appleTV to a projector or TV. Most projectors these days come with wired/wireless NICs built into them and you may be able to leverage that in some way. Take NEC for example (thats what we have) they have an image capture utility that can be installed on a PC or MAC and it completely mirrors the desktop of the device. So you could wire/wireless connect the projector and have your laptop on wifi and mirror your desktop. The NEC projectors support the latest enterprise authentication and encryption which is good as most of the other 3rd party steaming boxes only support personal authentication. This doesn't fix the whole ipad/tablet world but there are some apps out there like mobishow that could prove useful in getting these devices connected in a classroom environment. AppleTV only solves 1/2 the users concerns in my world and I know for a fact that if someone with another brand of tablet sees appletv, they'll want another solution. >From what I've heard, most people want desktop mirroring to a tv/projector not just streaming. This is just some thoughts/notes from some preliminary testing. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Jeff Kell To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 02/22/2012 07:29 PM Subject:Re: [WIRELESS-LAN] You knew it was coming...Airplay/Apple TV support for instructors. Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv On 2/22/2012 9:21 PM, Joel Coehoorn wrote: > > I just heard an interesting solution for this. Since AppleTV is already consumer tech and does not need Internet (their classroom use is pretty much just AirPlay), the person went out and bought a cheap $30 wireless router off the shelf at Walmart for each AppleTV. Each device is now on its own unrouted subnet, and bonjour can do what it wants in that space. We considered that, but one or both of them (TV or instructor device) is going to want "internet too" but can only connect to one SSID, and you're adding to the unmanaged RF interference in a potentially noisy area already. Jeff ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. __ This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal, and or privileged information. Please contact the sender immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session
Dan, What time is your controller showing? From your log messages it looks like its 2:16pm there? AP's have issues when the time is off between the controller and the ap's. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Dan Brisson To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 02/01/2012 09:32 AM Subject:Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv This what we see on the AP at the time the AP disjoins: *Feb 1 14:16:25.174: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.246.207.214:5246 *Feb 1 14:16:25.227: %WIDS-5-DISABLED: IDS Signature is removed and disabled. *Feb 1 14:16:25.227: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Feb 1 14:16:25.227: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Feb 1 14:16:25.293: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down *Feb 1 14:16:25.293: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down *Feb 1 14:16:25.299: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset *Feb 1 14:16:25.309: status of voice_diag_test from WLC is false *Feb 1 14:16:25.309: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up *Feb 1 14:16:25.318: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 2/1/2012 10:30 AM, Mike Goebel wrote: > Dan, have you tried logging into the AP itself and checking the logs > by chance? > > Mike > > On 2/1/2012 10:03 AM, Dan Brisson wrote: >> It does seem as though I've grabbed some folks attention. I sure hope it >> turns out to not be something simple. :) >> >> I could certainly try moving the APs around...easy enough to do, >> although from what we've seen, the pattern of AP drops is so totally >> random, hard to say if I'll see anything. At this point though, it's >> worth a shot. >> All interfaces clean and no QoS in place. >> >> Not sure if this will come through for everyone, but here's an example >> of what I see after an AP drops. This is from the controller, on the >> General tab for an AP: >> >> >> >> Thanks, >> -dan >> >> Dan Brisson >> Network Engineer >> University of Vermont >> (Ph) 802.656.8111 >> dbris...@uvm.edu >> >> >> On 2/1/2012 9:26 AM, Garry Peirce wrote: >>> I think you have some of us all getting curious! ;-) >>> >>> Could you put a historically stable admin AP onto the 5508 and >>> vice-versa to >>> see if behaviors change? >>> Do we assume that all switchports in the path are showing they're >>> running >>> clean? >>> Any QoS config in place on the switches? >>> >>> >>> -Original Message- >>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv >>> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dan Brisson >>> Sent: Wednesday, February 01, 2012 9:09 AM >>> To:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >>> Subject: Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session >>> >>> Good to know. >>> >>> The trunks are actually all 10Gig links, or 90% of them are, so >>> utilization >>> is most likely not the case, which I'm able to verify from Cacti >>> graphs. >>> The APs are connected to 3560Xs PoE switches that then uplink into >>> either a >>> 3560E-12D or directly into a 4900M where the 5508s are connected. >>> Certainly >>> can't rule out physical layer issue somewhere, although it's so wide >>> spread >>> across 2 different 5508s that we would need to have multiple issues. >>> The other interesting thing for us is that the 500 or so APs on our >>> admin >>> side that do not lose their CAPWAP session, join to WiSMs, not 5508s. >>> >>> Thanks, >>> -dan >>> >>> Dan Brisson >>> Network Engineer >>> University of Vermont >>> (Ph) 802.656.8111 >>> dbris...@uvm.edu >>> >>> >>> On 1/31/2012 8:44 PM, Garry Peirce wrote: >>>> We have ~1400 (1240s->3502's) running 7.0.116 and have no such issues. >>>> >>>> I would guess at packet loss as w
Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session
Dan, That is correct, it usually limits the power to the radio but I'll see if I can find the doc about what I mentioned. I'd assume that most or some of your admin ap's are NOT 3502's as you are running 3550 switches and they don't support the recommended power. Did you happen to enable data encryption on the advanced tab of your ap details? If its happening during peak times the higher encryption could be limiting the throughput and causing the capwap packets to get dropped. You could always pull out trusty old wireshark and mirror an ap port for a better indication. I'm curious as well so I'm just thinking out loud. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Dan Brisson To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 02/01/2012 07:29 AM Subject:Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Craig, Interesting. The admin APs are connected to a wide variety of 3550/3560 models. A good number of them use power injectors due to one department at a time wanting wireless in their area. When we've done larger projects we'll use PoE. I'm somewhat familiar with the power limiting some functionality for an AP. I thought that was mostly how much power would be supplied to radios, though. Thanks, -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 2/1/2012 9:20 AM, Craig Eyre wrote: > Dan, > > Do your admin ap's also connect to 3560 switches or another model? I know > you mentioned that the uptime was good but the capwap session was > restarted. I've read that when enough power isn't given that certain > features may not work correctly, may want to look in that direction as it > seems everyone else has noted what I would normally check. > > Regards, > > > Craig Eyre > Network Analyst > IT Services Department > Mount Royal University > 4825 Mount Royal Gate SW > Calgary AB T2P 3T5 > > P. 403.440.5199 > E. ce...@mtroyal.ca > > "The difference between a successful person and others is not a lack of > strength, not a lack of knowledge, but rather in a lack of will." Vincent > T. Lombardi > > > > > From: Dan Brisson > To:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Date: 02/01/2012 07:11 AM > Subject: Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session > Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv > > > > > Good to know. > > The trunks are actually all 10Gig links, or 90% of them are, so > utilization is most likely not the case, which I'm able to verify from > Cacti graphs. The APs are connected to 3560Xs PoE switches that then > uplink into either a 3560E-12D or directly into a 4900M where the 5508s > are connected. Certainly can't rule out physical layer issue somewhere, > although it's so wide spread across 2 different 5508s that we would need > to have multiple issues. > The other interesting thing for us is that the 500 or so APs on our > admin side that do not lose their CAPWAP session, join to WiSMs, not 5508s. > > Thanks, > -dan > > Dan Brisson > Network Engineer > University of Vermont > (Ph) 802.656.8111 > dbris...@uvm.edu > > > On 1/31/2012 8:44 PM, Garry Peirce wrote: >> We have ~1400 (1240s->3502's) running 7.0.116 and have no such issues. >> >> I would guess at packet loss as well - some things you might look at: >> Are the trunks carrying user/AP traffic seem congested when the APs drop? >> Have you verified there are no duplex issues? It may exhibit itself more > as >> traffic levels rise. >> ResHall switching significantly different than on the admin side? >> >> Probably need further topology, version, config info, but as you've a > case >> open, the TAC will likely ask the same and help find the culprit(s) for > you. >> >> -Original Message- >> From: The EDUCAUSE Wireless Issues Constituent Group Listserv >> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dan Brisson >> Sent: Tuesday, January 31, 2012 8:30 AM >> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> Subject: [WIRELESS-LAN] Cisco APs losing CAPWAP session >> >> I'm curious if any Cisco users out there are experiencing or have >> experienced what we're seeing on our campus. T
Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session
Dan, Do your admin ap's also connect to 3560 switches or another model? I know you mentioned that the uptime was good but the capwap session was restarted. I've read that when enough power isn't given that certain features may not work correctly, may want to look in that direction as it seems everyone else has noted what I would normally check. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Dan Brisson To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 02/01/2012 07:11 AM Subject:Re: [WIRELESS-LAN] Cisco APs losing CAPWAP session Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Good to know. The trunks are actually all 10Gig links, or 90% of them are, so utilization is most likely not the case, which I'm able to verify from Cacti graphs. The APs are connected to 3560Xs PoE switches that then uplink into either a 3560E-12D or directly into a 4900M where the 5508s are connected. Certainly can't rule out physical layer issue somewhere, although it's so wide spread across 2 different 5508s that we would need to have multiple issues. The other interesting thing for us is that the 500 or so APs on our admin side that do not lose their CAPWAP session, join to WiSMs, not 5508s. Thanks, -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 1/31/2012 8:44 PM, Garry Peirce wrote: > We have ~1400 (1240s->3502's) running 7.0.116 and have no such issues. > > I would guess at packet loss as well - some things you might look at: > Are the trunks carrying user/AP traffic seem congested when the APs drop? > Have you verified there are no duplex issues? It may exhibit itself more as > traffic levels rise. > ResHall switching significantly different than on the admin side? > > Probably need further topology, version, config info, but as you've a case > open, the TAC will likely ask the same and help find the culprit(s) for you. > > > -Original Message- > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dan Brisson > Sent: Tuesday, January 31, 2012 8:30 AM > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > Subject: [WIRELESS-LAN] Cisco APs losing CAPWAP session > > I'm curious if any Cisco users out there are experiencing or have > experienced what we're seeing on our campus. This past summer we installed > 3502i's in all of our residence halls - approximately 500 total. Ever since > the students have moved in, we will get messages from WCS stating that "AP > XYZ" is down and disassociated from the controller. When I check out the > AP, the uptime is fine, but the "CAPWAP join time" is for like 30 seconds, > or however long it took me to check. > > We've tracked this and it is totally random as to what AP will drop, which > makes troubleshooting this very tough. The log on the AP isn't helpful. > I'm working with TAC who suggests that keepalives are getting missed. I'm > not sure why that would be the case since we have another > 500 or so APs on the admin side that very rarely drop. Adding to that, when > the students left for break, the AP drops stopped. They came back, and sure > enough, the drops start up again. > > I will say that the AP always joins back immediately, but for the time that > it does drop A) I'm sure connectivity is affected in that area and > B) we get an email. > > Anyone experiencing this? > > Thanks, > -dan > > > -- > Dan Brisson > Network Engineer > University of Vermont > (Ph) 802.656.8111 > dbris...@uvm.edu > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > > ** > Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless only dorms, advice?
Hey All, Just keep in mind that there are very few smartphone/tablets that support 802.11n in the 5Ghz and iPhones(at least half of smartphones here) don't even support 5Ghz period (not even 802.11a). I don't look after our dorms wireless but they implemented a "fast" SSID in the 5Ghz 802.11n to allow the people who wish to move ahead with technology a better experience and then an ssid in the 2.4Ghz. Just some ideas for you. Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: "Robertson, Joshua A." To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 01/18/2012 01:17 PM Subject:Re: [WIRELESS-LAN] Wireless only dorms, advice? Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv We purchased a few older apartment buildings which we converted to dorms and are doing wireless only in them. For the wireless we’re using Cisco 1142i and put one per apartment (some apartments are 2 beds, some are 4). As mentioned you definitely want to do PoE on the switches to provide better power visibility and have a good UPS. Since you’re going Cisco as well I’d suggest N+N controller redundancy as this will be their only network connectivity. If I were doing it now I’d go with a 3500 series for CleanAir, but that wasn’t available at the time. The only issue we’ve really ran into are gaming systems which wanted to use lower rates or couldn’t handle our captive portal authentication. Also starting in the Fall in our other residence halls we shut down all wired jacks prior to move in and only activated them upon request (no charge). All the dorms have 802.11n (mostly Cisco 3502i) installed in the hallway (densely) with the exception of a handful with APs in the rooms. I created a couple web-forms for the students to use. One activates the port + creates an 802.1x exception for a gaming device (known gaming OUIs), the other just activates the port for computer usage. While we have had a lot of gaming device activations, we have seen very few activations for computer usage. So as such it seems that our users have pretty much gone wi-fi only for their computers and are just using the wired ports for gaming at this point. But personally if I were in charge of new construction I would still want one cabled drop in addition to the AP in the room and would do activations upon request as Philippe mentioned. Josh Robertson Network Systems Senior Engineer Old Dominion University Office of Computing & Communications Services (757)683-5046 j2rob...@odu.edu http://occs.odu.edu/ (Embedded image moved to file: pic24230.jpg)Description: wifilogoside-small From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Voll, Toivo Sent: Wednesday, January 18, 2012 2:48 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless only dorms, advice? I pretty much second Rick’s comments. We also don’t have wireless-only dorms yet, but the next one will have much less wire than our existing ones. One AP per suite is what we’ve done, but you have to also consider non-RF placement issues – vandalism concerns, maintenance access and residents complaining about blinky lights above their beds. Does the architect have issue with visible APs? If the APs are above ceiling / behind walls, do indeed check the materials and placement of ventilation ducts. Also, plan on PoE switches (and UPSes?) so power-cycling capability and visibility into the gear are improved. Keep in mind that the tiling of 2.4 GHz and 5 GHz doesn’t have to be the same, nor power levels, since the number of non-overlapping channels differs. I’d try to find as many carrots as possible to steer people to 5 GHz. 2.4 GHz is a pain, with game console controllers, microwaves and number of other consumer devices adding to the lack of channels. Depending on your vendor, having a good ability to sniff the air / do spectrum analysis can be helpful in figuring out whether a wing just lost connectivity due to a microwave, misbehaving AP or rogue AP. Other design decisions – do you plan to support broadcast/multicast discovery (wireless printers, time capsules etc.) or legacy devices that require low data rates (i.e. Nintendo). Toivo Voll Network Administrator Information Technology Communications University of South Florida From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Rick Brown Sent: Wednesday, January 18, 2012 13:52 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Wireless only dorms, advice? Sara, We have not moved that way but are looking at i
Re: [WIRELESS-LAN] WAPS seem to die after switch reboot
Vicki, If I remember correctly the power module in the cisco switch controls ports in groups of 4. Try and move one of the dead access points to a port in a group of 4 that does NOT already have an access point in the group. I've seen issues like this before but not on a 3560. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Vikki Cutrone To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 01/11/2012 01:50 PM Subject:Re: [WIRELESS-LAN] WAPS seem to die after switch reboot Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Hi, They are down/down never to come on line again. This is a show power inline-- Fa1/0/33 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/34 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/35 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/36 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/37 auto on 15.4Ieee PD 3 15.4 Fa1/0/38 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/39 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/40 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/41 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/42 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/43 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/44 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/45 auto on 12.2AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/46 auto on 15.4Ieee PD 3 15.4 Fa1/0/47 auto on 15.4Ieee PD 3 15.4 Module Available Used Remaining (Watts) (Watts)(Watts) -- - - 1 370.0 231.0 139.0 2 n/an/a n/a 3 n/an/a n/a 4 n/an/a n/a Did a power inline never power inline auto-- Fa1/0/33 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/34 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/35 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/36 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/37 auto on 15.4Ieee PD 3 15.4 Fa1/0/38 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/39 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/40 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/41 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/42 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/43 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/44 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/45 auto on 15.4AIR-LAP1131AG-A-K9 3 15.4 Fa1/0/46 auto on 15.4Ieee PD 3 15.4 Fa1/0/47 auto on 15.4Ieee PD 3 15.4 Samm result On 1/11/2012 3:32 PM, David Pita wrote: > Do a "show power inline | i AP", this will filter out the APs on the > power inline output. Verify that they are all there, then check cdp > details on each port to make sure they have an IP. > > David Pita > Wireless Network Engineer > UTS Network Management Services > Florida International University > 305.348.3658 > > > On 01/11/2012 02:39 PM, Vikki Cutrone wrote: >> Hello, I am running multiple Cisco 4404 controllers Vers-7.0.116 and >> the majority of the WAPS are CAPWAP 1131's . The issue I seem to be >> having is that lately when I reboot an access layer switch, POE, 3750 >> series, with WAPS attached, I lose some of the WAPS. The WAPS never >> come back on line again and appear to be dead. They were completely >> operational prior to the reboot, but after reloading the switch, no >> switch configuration changes, the WAPS never come back on line. I >> have shut/no shut the interfaces of the switch, and the switches POST >> seems fine. Just wondering if anyone else has seen this issue, I >> have lose about 30 WAPS so far. Thanks!! >> >> Vikki Cutrone >> Network Admin >> Vassar College >> >> ** >> Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at >> http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Problems in the Dorms
Shayne, Nothing jumps out at me, but I do have a couple questions. 1. What version were you running previously? 2. Did you deploy the upgrade with your WCS? The reason I ask about the where you upgraded it from, is because a colleague I know just upgraded 2 WLC's from his WCS and the settings were different for each wlc. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: "Ghere, Shayne" To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 10/22/2011 04:53 PM Subject:[WIRELESS-LAN] Problems in the Dorms Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv Hello, We currently provide wireless for all our Dorms using Cisco 1142N AP’s, 1 WCS and 3 WLC5508’s. We have roughly 375 AP’s in the dorms but more than 450 rogue AP’s that the students brought with them. Since we have no policy to disallow them bringing their own devices, we now have a mess. What we’re seeing are the AP’s either completely rebooting, radios shutting down then coming back up, or if the students are able to connect they get dropped after a few minutes. On the Academic side of the University we don’t see this problem, however all the AP’s are disassociating with the controllers every hour, then reassociating again. The WLC’s are running 7.0.116.0 and the WCS is running 7.0.172.0. It appears that since upgrading the controllers to 7.0.116.0 the problems started with the disassociating/reassociating with no explanation. We are using WS-C2960S-PoE switches fibered to the core (6509) and have spent almost 28 hours on the phone with Cisco Tac looking at logs/packet captures and configuration review. Nothing is misconfigured and the packet captures show the following from one of the AP’s: Oct 19 20:55:54.918: %CAPWAP-3-EVENTLOG: Retransmission Count= 3 Max Re-Transmission Value=3 *Oct 19 20:55:54.918: %CAPWAP-3-EVENTLOG: Max retransmission count exceeded going back to DISCOVER mode. *Oct 19 20:55:54.918: %CAPWAP-3-EVENTLOG: The function which Posted the message to send out of the box is wtpSendEchoReques and of Type=1 ., 1)19 20:55:54.918: %CAPWAP-3-EVENTLOG: Retransmission count for packet exceeded max(CAPWAP_ECHO_REQUEST *Oct 19 20:55:54.918: %CAPWAP-3-EVENTLOG: GOING BACK TO DISCOVER MODE *Oct 19 20:55:54.962: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 136.176.x.x:5246 *Oct 19 20:55:54.962: %CAPWAP-3-EVENTLOG: CAPWAP State: DTLS Teardown. *Oct 19 20:55:54.963: %CAPWAP-3-EVENTLOG: DTLS session cleanup completed. Restarting capwap state machine. *Oct 19 20:55:55.006: %WIDS-5-DISABLED: IDS Signature is removed and disabled. *Oct 19 20:55:55.008: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Oct 19 20:55:55.008: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Oct 19 20:55:55.063: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down *Oct 19 20:55:55.063: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down *Oct 19 20:55:55.065: %CAPWAP-3-EVENTLOG: CAPWAP state not up. Abort sending channel and power levels info.136:176:x.x *Oct 19 20:55:55.074: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset *Oct 19 20:55:55.075: %CAPWAP-3-EVENTLOG: CAPWAP state not up. Abort sending channel and power levels info.136:176:x.x We’re completely at a loss since none of the switch ports, trunk ports or the WLC’s are showing dropped packets. Has anyone run into this problem and found a work around? I would greatly appreciate any help in this matter! Thanks Shayne - Bradley University T. Shayne Ghere, CCNA Network Engineer 1501 W. Bradley Ave. Morgan Hall, Suite 205 Peoria, IL 61625 sgh...@bradley.edu (309) 677-3094 ofc. (309) 677-3460 fax Class 2011 FBI CA Graduate ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Visitor access
Hi All, What type of access are you allowing for your visitors? Just Internet? I'm just trying to figure out what applications you are granting access to, that couldn't just be accessed via their 3/4G cellular connection? Sorry to modify the subject, just curious from an educational perspective. Regards, Craig Eyre Network Analyst IT Services Department Mount Royal University 4825 Mount Royal Gate SW Calgary AB T2P 3T5 P. 403.440.5199 E. ce...@mtroyal.ca "The difference between a successful person and others is not a lack of strength, not a lack of knowledge, but rather in a lack of will." Vincent T. Lombardi From: Jack Vizelter To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: 10/14/2011 01:46 PM Subject:Re: [WIRELESS-LAN] Visitor access Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv We have a similar set-up. We have 2 SSID's being broadcasted. One is for guests - treated as if they're coming from an off-campus connection and one that is secure using WPA2 Enterprise which authenticates against our LDAP giving campus access. -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Matthew Gracie Sent: Friday, October 14, 2011 3:42 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: Visitor access On 10/14/2011 11:39 AM, Entwistle, Bruce wrote: > We are having a increasing number of parents and prospective students > who are visiting to tour the campus requesting access to our wireless > network. I was wondering what other schools are doing to accommodate > these requests. We use Wifidog on a guest-only SSID; it allows for self-registration, and all connections coming from the guest VLAN are treated as "untrusted", as if they were coming in from the Internet at large. -- Matt Gracie (716) 888-8378 Information Security Administrator grac...@canisius.edu Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
