from:"Jeremy Gibbs"

Re: [WIRELESS-LAN] RF Sensitivity

2017-10-17 Thread Jeremy Gibbs

Just turn the AP lights off.. see if the complaints go away ;).




On Tue, Oct 17, 2017 at 6:53 PM, Jason Cook 
wrote:

> We go through one of these very year or 2.
>
>
>
> Like others we refer them to HR/OHS group. This is  a “health” issue on
> not for a technical area to make the decision, makes it easy to respond. We
> worked with HR to help provide information for them to work with, to date
> we haven’t ended up having to do anything to our network. Mostly they seem
> to have been people concerned about potential impact after
> upgrades/changes.
>
>
>
> Below is the core of what we provide. This one was raised after an upgrade
> and an AP appeared in the persons office and they were concerned about the
> proximity but seemed happy with the response as it stopped there.
>
> ---
>
>
>
> New wireless equipment has been recently installed into the 
>  building, this is replacing hardware that has been installed for over 10
> years. The existing hardware was installed in the roof space and
> not-visible, while the new equipment is installed below the roof space and
> visible. The new hardware operates on the same RF frequencies as the old
> (2.4 and 5ghz). All hardware and configuration is to Australian standards.
>
>
>
> I will refer to a statement from the relevant governing bodies in
> Australia which state  "There is no established scientific evidence that
> the low exposure to RF EME from Wi-Fi adversely affects the health of
> children or the general population.”
>
>
>
> Please see the below full statements from the relevant agencies.
>
>
>
> Australian Radiation Protection and Nuclear Safety Agency
>
> -  Who Set the standards for Australian Radio Frequency
>
> http://www.arpansa.gov.au/radiationprotection/factsheets/is_wifi.cfm
>
> Australian Communications and Media Authority
>
> -  Who regulate Radio Frequency Emissions in Australia
>
> http://www.acma.gov.au/Citizen/Spectrum/About-spectrum/EME-hub/eme-and-
> health
>
> World Health Organisation
>
> -  Agency of the United Nations for international public health
>
> http://www.who.int/peh-emf/publications/facts/fs304/en/
>
>
>
>
>
>
>
> --
>
> Jason Cook
>
> Technology Services
>
> The University of Adelaide, AUSTRALIA 5005
>
> Ph: +61 8 8313 4800 <+61%208%208313%204800>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Rick Brown
> *Sent:* Wednesday, 18 October 2017 6:46 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] RF Sensitivity
>
>
>
> Curious to how other universities handle complaints from parents,
> students, staff, or faculty asking for wireless to be turned off in their
> dorm room, workspace, etc.?
>
>
> Studies that you've used to refute these claims would be helpful!
>
> Thanks in advance!
>
> Rick
>
> --
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Two RF Questions

2017-09-26 Thread Jeremy Gibbs

Couldn't have said it better myself.  That is exactly what we do.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Tue, Sep 26, 2017 at 10:33 AM, Rob Harris 
wrote:

> While there are performance gains to be sure (by going to 40, or 80),
> there are other concerns as well. We use 20 in our dorms because of the
> density of APs and users, we need those additional channels (even with dfs
> in use). We use 40 in our public spaces when there’s adequate capacity for
> it, and 80 in our theater area since we designed for it.
>
>
>
> [image: The Culinary Institute of America]
>
>
> *Robert Harris **Manager of Network Services*
>
> *Culinary Institute of America*
>
> 1946 Campus Drive
> 
>
> Hyde Park, NY
> 
> 845-451-1681 <(845)%20451-1681>
>
> www.ciachef.edu
>
> *Food is Life*
>
> *Create and Savor Yours.™*
>
>
>
> *Please consider the environment before printing this e-mail.*
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeffrey D. Sessler
> *Sent:* Tuesday, September 26, 2017 10:20 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>
> *Subject:* Re: [WIRELESS-LAN] Two RF Questions
>
>
>
> It’s surprising to me that anyone would purchase a Lamborghini, then
> disconnect ten of the twelve cylinders and drive it at 25 mph on the
> autobahn.
>
>
>
> When I see static 20 MHz channels, or using 40 MHz in only limited areas,
> I wonder what’s behind the purposeful neutering of the system. If you are a
> Cisco customer running 8.1 or above, and not using DBS (Dynamic Bandwidth
> Selection), then it’s the equivalent of the Lamborghini above running on
> only two cylinders.
>
>
>
> Don’t miss out on the significant advancements in bandwidth management.
> Free those resources spent doing point-in-time simulation and surveys for
> something the software doesn’t already do far better at. I promise, DBS
> won’t hurt a bit and your users will thank you a hundred times over.
>
>
>
> Jeff
>
>
>
>
>
> *From: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU> on behalf of "Street, Chad A" 
> *Reply-To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU>
> *Date: *Tuesday, September 26, 2017 at 6:59 AM
> *To: *"wireless-lan@listserv.educause.edu"  EDUCAUSE.EDU>
> *Subject: *Re: [WIRELESS-LAN] Two RF Questions
>
>
>
> What is your reasoning behind not wanting 40 megahertz channels if you
> have plenty of overhead with your channel utilization?  People saying you
> should or should not do something without Gathering any type of metric
> worry me.
>
>
>
> On Sep 25, 2017 3:28 PM, Chuck Enfield  wrote:
>
> 1.  Enable it in places to check for radar events.  If you get few,
> then yes.  Client devices are almost fully capable now.  Hidden SSID’s are
> the only issue.  Some clients don’t probe on DFS channels, and will only
> respond to beacons.  Make sure 2.4 is usable for the small number of
> incompatible devices.
>
> 2.  No.  Don’t even consider 40MHz unless you’re using almost all the
> DFS channels, but even then you’ll probably have to disable it in some high
> density areas.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *David Blahut
> *Sent:* Monday, September 25, 2017 3:17 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Two RF Questions
>
>
>
> Greetings,
>
> I have two hopefully simple RF related questions:
>
> 1.  Should I enable the extended UNII-2 channels campus wide?
>
> 2.  Should I enable 40Mhz channel width campus wide?
>
> In other words what are you doing on your campus and what is the "best
> practice?
>
>
>
> Our wireless infrastructure:
>
>
>
> 3 Cisco 5508s running 8.2.141.0
>
>
>
> 20 - 3800 APs
>
> 368 - 3700 APs
>
> 414 - 3600 APs
>
> 8 - 3500 APs
>
> 7 - 1810 APs
>
> 32 - 1142 APs
>
>
>
> Prime 3.1.0
>
>
>
> Thanks for your input.
>
> David
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>
>
>
> --
>
>
> This e-mail message (including any attachments) is for the sole use of
> the intended recipient(s) and may contain confidential and privileged
> information. If the reader of this message is not the intended
> recipient, you are hereby notified that any dissemination, distribution
> or copying of this message (including any attachments) is strictly
> prohibited.
>
> If you have received this message in error, please co

Re: [WIRELESS-LAN] Two RF Questions

2017-09-25 Thread Jeremy Gibbs

I have been moving our less AP dense buildings to 40 Mhz channels.  In the
dorms, I stick with 20 Mhz, unless there is little to no CCI when I do my
testing.  I see RADAR events, but they are sparse.  I definitely see an
improvement with the 40 Mhz channels and keeping users connected and happy
in our academic areas.

On Mon, Sep 25, 2017 at 3:27 PM, Chuck Enfield  wrote:

> 1.  Enable it in places to check for radar events.  If you get few,
> then yes.  Client devices are almost fully capable now.  Hidden SSID’s are
> the only issue.  Some clients don’t probe on DFS channels, and will only
> respond to beacons.  Make sure 2.4 is usable for the small number of
> incompatible devices.
>
> 2.  No.  Don’t even consider 40MHz unless you’re using almost all the
> DFS channels, but even then you’ll probably have to disable it in some high
> density areas.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *David Blahut
> *Sent:* Monday, September 25, 2017 3:17 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Two RF Questions
>
>
>
> Greetings,
>
> I have two hopefully simple RF related questions:
>
> 1.  Should I enable the extended UNII-2 channels campus wide?
>
> 2.  Should I enable 40Mhz channel width campus wide?
>
> In other words what are you doing on your campus and what is the "best
> practice?
>
>
>
> Our wireless infrastructure:
>
>
>
> 3 Cisco 5508s running 8.2.141.0
>
>
>
> 20 - 3800 APs
>
> 368 - 3700 APs
>
> 414 - 3600 APs
>
> 8 - 3500 APs
>
> 7 - 1810 APs
>
> 32 - 1142 APs
>
>
>
> Prime 3.1.0
>
>
>
> Thanks for your input.
>
> David
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>


-- 


*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Android phones having strange issues

2017-08-21 Thread Jeremy Gibbs

Good afternoon.  Looks like the Internet is still working after the
eclipse!

Anyway, we have a few users that get "Authentication Error" message on
their Android phone when attempting to connect to wireless (S7 and S8 so
far).  "forgetting" the networks don't help either.

One of the networks "UC_Secure" is a 802.1x network.  The other network is
100% open.

This is the screenshot he provided me:
[image: Inline image 1]

I don't see anything in the logs indicating a problem.

The only thing I do see is this

Radius Accounting Client [60:F1:89:A1:22:AD] on VNS [UC_Wireless] is
deregistered with termination code: 4 [Idle Timeout]. 3

Other clients/computers are fine.


This is an Extreme Networks deployment on 3935i APs (AC wave 2).  Has
anyone seen a similar issue?  During some testing,
disabling band-steering seemed to help, but it's hit or miss.





*--Jeremy L. Gibbs*
Sr. Network Engineer

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Older Apple devices and issues with 802.11N(2.4Ghz)

2017-07-17 Thread Jeremy Gibbs

What MBR do you have set for the 2.4 Ghz?




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS


On Mon, Jul 17, 2017 at 4:27 PM, Dustin Howard  wrote:

> I'm having an issue with some Apple devices and was wondering if anybody
> has experienced similar or if you have a similar environment and all is
> working well...
>
> My environment is 5508 controllers (8.0.140.17) with 1600 series and 1702i
> APs.  We have 1242 AP so cannot upgrade past 8.0..
>
> I am having an issue with what seems to be only older Apple devices on
> N(2.4Ghz).  The devices authenticate/DHCP just fine but are very slow and
> only seem to work for a few minutes until you have to restart the wireless
> card.  Loading a video is impossible...pings timeout and have very high
> latency.  Most the time the client cannot even ping the gateway.  I have
> been able to recreate this with iPad, 3rd and 4th Generations, an older
> Macbook Pro and an iPhone 5c while using 1602i, 1602e, and 1702i APs.  I
> haven't confirmed any other brands having this problem.
>
> The devices mentioned above work great if I disable the N data rates on
> the AP radio.  I had two users that were crippled with this issue, so I
> disabled the N data rates for one building over the weekend.  The users
> said their devices worked great over the weekend.  They also work well on
> the 5Ghz band but we have areas that rely on the 2.4Ghz coverage. If this
> issue is not resolved before school starts, then I'm afraid will have to
> disable N data rates globally for the 2.4Ghz band.
>
> Appreciate any feedback!
>
> --
> Thanks,
> Dustin Howard
> Network Support Specialist
> Information Technology Services
> Truman State University
> 100 E. Normal Ave.
> Kirksville, MO 63501
> Office - (660) 785-4165
> Cell - (660) 341-7869
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/discuss.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Dynamic vs Static Channel Plans

2017-05-30 Thread Jeremy Gibbs

I made a graph of % of clients that can/can't use what 5 Ghz channel.
[image: Inline image 1]





*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Tue, May 30, 2017 at 11:23 AM, Edward Ip 
wrote:

> Oops my bad…we disable channel 120, 124, and 128 for the weather station
> not 144.
>
>
>
> *Edward Ip*
>
> *Algonquin College* | 1385 Woodroffe Avenue | Room C316 | Ottawa | Ontario
> | K2G 1V8 | Canada
>
> algonquincollege.com
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Edward Ip
> *Sent:* Tuesday, May 30, 2017 11:18 AM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Dynamic vs Static Channel Plans
>
>
>
> I don’t know about your region, but we are located in Ottawa, Canada and
> we have turned off Channel 144 due to a weather radar station located near
> our city. Could be a possible source.
>
>
>
> Regards,
>
> *Edward Ip*
>
> *Algonquin College* | 1385 Woodroffe Avenue | Room C316 | Ottawa | Ontario
> | K2G 1V8 | Canada
>
> algonquincollege.com
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Smith, Todd
> *Sent:* Tuesday, May 30, 2017 11:09 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Dynamic vs Static Channel Plans
>
>
>
> Hello Jon,
>
>
>
> Thanks for the input!  Aruba’s ARM is frequently been cited as the poster
> child for dynamic channel plans.  I am not using Aruba here but it is
> probably my next upgrade choice unless something better comes long.
>
>
>
> Does ARM detect if an AP goes down and adjust TX power and/or channel
> accordingly?
>
>
>
> Were you ever able to identify your DFS source on channel 144?  Our core
> facilities are near a regional airport that also serves the Air National
> Guard and I don’t see DFS timeouts.  I have read that sometimes false
> positives can be generated in DFS channels and channel switches in response.
>
>
>
> Todd
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Jonathan Miller
>
>
>
> Todd,
>
>
>
> We are an Aruba shop using dynamic channel plans.
>
>
>
> We let Aruba's ARM (Adaptive Radio Management) decide on the best channel
> for each radio, and in some cases, give it the ability to turn off a 2.4
> radio if it detects that there's too much co-channel interference in an
> area.  ARM will not switch channels if there is a client associated to a
> radio, except in the case of an emergency (DFS beacon, etc).  We also let
> it pick the Tx power within a range that we specify (typically 12 - 15 EIRP
> on 5GHz, lower on the 2.4).
>
>
>
> ARM has some secret sauce about how it decides which channel is best, and
> has some parameters that we can tune, but we haven't really fiddled with
> the knobs too much.
>
>
>
> We are using DFS channels, but we haven't had complaints about clients
> that can't see them.  I suspect that part of the reason that we haven't had
> complaints about dead spots is that we have a pretty dense deployment, so
> in our res halls, a client should be able to see at 3-4 APs, and the odds
> of all of them running on a channel that a given client does not support
> seems to be slim enough.  Also, it may be that we just got lucky and don't
> have too many older 5GHz radios around that don't support all DFS
> channels.  We have disabled channel 144 because we did see some beacon
> events on it, but all other 5GHz channels are enabled.
>
>
> --
>
> CONFIDENTIALITY NOTICE: The information contained in this message may be
> privileged and confidential. If this e-mail contains protected health
> information, you are hereby notified that any dissemination, distribution
> or copying of this communication is strictly prohibited, except as
> permitted by law. If you have received this communication in error, please
> notify the sender immediately by replying to this message and deleting it
> from your computer. Thank you
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Outdoor PoE injectors

2017-05-03 Thread Jeremy Gibbs

https://www.microsemi.com/products/poe-systems/pd-9001go-outdoor-midspan

That is IP66 rated.






On Wed, May 3, 2017 at 1:37 PM, Benedick, Jason  wrote:

> Anybody have any suggestions for outdoor PoE injectors?
>
>
>
> We had a PoE injector that was in a metal weather resistant box on a pole
> in a parking lot with a wireless WAP and camera on it go bad. This PoE
> injector is a Versa Technology VX-Pi1000ATM it was installed by the company
> that installed the camera system in our one parking lot. So now I need a
> replacement. I could go out and purchase another VX-Pi1000ATM but though
> I’d ask you guys if there’s anything better I should be looking at.
>
>
>
> Just FYI I have a standard 110 receptacle inside of the box on the pole so
> power isn’t an issue.
>
> Also, this power injector need to be able to provide power without network
> plugged into it. I’ve had experience with some injectors that won’t put
> power out the output side without network plugged into the input side.
>
>
>
> Thanks,
>
> Jason R. Benedick
>
> IT Generalist
>
> Thaddeus Stevens College of Technology
>
> Office: (717) 391-6957 Cell: (717) 587-9065
>
>
> *This electronic communication from TSCT is confidential and
> intended solely for use by the individual to whom it is addressed. If you
> are not the named recipient do not forward, propagate or replicate this
> e-mail. Please notify the sender immediately by e-mail if you have received
> this message by mistake and remove from your system. If you are not the
> intended recipient you are notified that disclosing, copying, distributing
> or taking any action dependent upon the contents of this email or
> attachment is strictly prohibited.*
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] 2.4 GHz Interference

2017-03-08 Thread Jeremy Gibbs

Are there any common items near APs?  Such as a light with a ballast?  You
tend to see A LOT of stuff on 2.4, especially if you're in a more urban
environment.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Wed, Mar 8, 2017 at 2:32 PM, Gray, Sean  wrote:

> Hi Everyone,
>
>
>
> I’ve been doing a little spectrum analysis around campus and I keep seeing
> the same interference signature in different buildings. I was wondering if
> anyone had seen anything like this before. It is typically visible for well
> over 10 minutes at a time and then it completely disappears.
>
>
>
> Thanks
>
>
>
> Sean
>
>
>
>
>
> *Sean Gray* | B.Sc (Hons)
>
> Voice, Collaboration & Wireless Network Analyst
>
> ITS, University of Lethbridge
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] 2.4GHz - educating end users about interference

2017-02-16 Thread Jeremy Gibbs

Yes, if anyone has this, please share!  I have been looking for something
similar.  I guess I will be making something if nothing else is available.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Feb 16, 2017 at 5:21 PM, Gray, Sean  wrote:

> Hi Fellow Wireless Wizards!
>
>
>
> This is my first post to the group, so please be gentle.
>
>
>
> Here at the University of Lethbridge we are about to embark on a bit of an
> education drive for all of our wireless users with regards to the 2.4GHz
> spectrum and their impact on it. Does anybody have good examples of
> notices, posters etc. that they would be willing to share, that reference
> the evils of rogues and other interference sources citing the negative
> impact they have on the wireless network. Like everyone else on this list
> we are seeing huge influxes of our friends the wireless printer, Bluetooth
> devices and the like…
>
>
>
> if only we could just turn 2.4GHz off.
>
>
>
> Thanks
>
>
>
> Sean
>
>
>
>
>
> *Sean Gray* | B.Sc (Hons)
>
> Voice, Collaboration & Wireless Network Analyst
>
> ITS, University of Lethbridge
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> discuss.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi?

2016-11-16 Thread Jeremy Gibbs

I only use NPS for Cisco RADIUS auth.  Otherwise, all of our authentication
hits Extreme NAC (uses FreeRADIUS as a backend).  I dislike NPS very much.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Wed, Nov 16, 2016 at 3:29 PM, Mike Atkins  wrote:

> Bruce,
>
> We are using Microsoft Event log view for NPS/security and are also
> exporting security logs daily to another system that we built to massage
> the information in order to get stats and summarize errors.  We have
> Microsoft System Center that I believe can be expanded to do additional
> reporting and alerting but we have been unsuccessful in getting the other
> groups to implement it.
>
>
>
> I used perfmon for a very short period when I was initially looking at way
> to graph rates over a 24 hour period and was quickly discouraged.  I did
> not have a working baseline to compare to and I could not find a published
> spec.  Our identity group opened a ticket with Microsoft and never got a
> solid # on rates.  I believe the response was “depends on your server
> resources.”  I was looking at success and failure rates but the problem at
> the time was NPS just stopped responding to the supplicant.  I did not see
> a counter for something like that.  Maybe I did not look hard enough and
> there is a way to calculate it.  I should probably take another look if you
> find it useful.
>
>
>
> A typical troubleshooting scenario was “everyone in this room was
> disconnected!”  I ask the typical question, “did everyone get disconnected
> at the same time.”  Response is “yes!”  I ask “so everyone got disconnected
> at the very same minute?”  Response, “well no, but during the meeting most
> of us got disconnected.”  I reply “most not everyone?.?.?…..”  J  You
> know how it goes.  In the end I had to look at information far enough back
> that it is/was very difficult to use perfmon.
>
>
>
>
>
>
>
> *Mike Atkins *
>
> Network Engineer
>
> Office of Information Technology
>
> University of Notre Dame
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Bruce Boardman
> *Sent:* Wednesday, November 16, 2016 2:49 PM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi?
>
>
>
> Mike
>
> Regarding the Troubleshooting and debug challenges with NPS are you
> exporting the MS events to a log collector or using the server's native
> event viewer? How useful have you found the PerfMon RADIUS metrics?
>
>
>
>
>
> |Bruce Boardman, Network Engineer, Syracuse University -  315 412-4156
>
> --
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv <
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Mike Atkins <
> matk...@nd.edu>
> *Sent:* Wednesday, November 16, 2016 2:44 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi?
>
>
>
> Lee,
>
> We use Microsoft NPS for radius on dot1x wireless (ND-secure & eduroam.)
> Troubleshooting and getting debug information has been very difficult.
> Finding a deployment guide on expected performance/load is also impossible
> to find.  I think configuration is absolutely key.  My impression is either
> it works great or it does not.
>
>
>
> Dennis,
>
> I think we are doing the realm stripping you are talking about using NPS.
> Our identity management group has two policies configured for eduroam.  The
> first policy says identity @nd.edu authenticate PEAP requests on the
> local server.  The second policy says “@” forward to the two eduroam.us
> “servers.”  There are a couple other policies for off campus users that get
> forwarded from eduroam.us servers.  Maybe not what you are talking about
> but just thought I would chime in just in case.
>
>
>
>
>
>
>
>
>
>
>
> *Mike Atkins *
>
> Network Engineer
>
> Office of Information Technology
>
> University of Notre Dame
>
> Phone: 574-631-7210
>
>
>
>
>
>    .__o
>
>- _-\_<,
>
>---  (*)/'(*)
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Lee H Badman
> *Sent:* Wednesday, November 16, 2016 9:40 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Microsoft NPS as RADIUS for 802.1X Wi-Fi?
>
>
>
> Hello to the awesome group.
>
>
>
> We’ve used Cisco ACS with general satisfaction for many years as the
> RADIUS solution for our very, very large WLAN’s 802.1X authentication. We
> also have Aruba Clearpass in-house for guest wireless, and have poked
> around at ISE a bit. We’re weighing replacing our aging ACS environment,
> but as many of you know times are changing. When you shop for RADIUS, you
> have to wade through the fog of NAC systems because everything is getting
> ever more “feature rich”. For major vendors, RADIUS is just a slice of NAC
> now, and since everybody “is a software company!” lice

Re: [WIRELESS-LAN] Per room wireless

2016-11-05 Thread Jeremy Gibbs

We are almost every other room.  Max power is 15 dB for 5 Ghz and the power
balances around 5 dB for 2.4.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

http://www.utica.edu

On Fri, Nov 4, 2016 at 8:24 PM, Eriks Rugelis  wrote:

> Since August 2013 we have deployed about 1680 AP702W's into undergrad
> residence rooms.   Since we enable and support the wired access ports on
> these APs, we also relocated all outlet boxes to just above desk height.
>
> Eriks Rugelis
> ---
> Manager, Network Development
> York University
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Sony/PlayStation Network Blocks

2016-10-03 Thread Jeremy Gibbs

We have had several issues, from individual IP addressing being blocked
that are PAT (NAT Overload) and just having strict NAT issues.  For this
reason, all game consoles get a public IP address.  We only have a few
/24's for this reason and use NAC/Policy to assign the public IP to the
correct device.  Also, one more possibility that might help, if you can
identify devices on your network using something such as NAC.  You could
have a rule that blocks all traffic to SPN unless you are a game console.
You could probably even do that with DSCP markings and your edge
router/firewall.  This would at least cut down on the chance of a non game
console device from "attacking" the SPN.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Mon, Oct 3, 2016 at 11:34 PM, Bryan Sherwood 
wrote:

> Hi all,
>
>
> NAU is currently fighting repeated blocks from Sony on our residence hall
> network IP addresses. There are a number of PAT'd devices behind these IPs,
> and Sony has so far only provided us with timestamps (no port information
> for us to do a PAT lookup). Each time, we get a notification to our
> ab...@nau.edu inbox, and when we ask them to remove the block they have
> done so (so far). Sony claims they are seeing "account hacking" activity
> coming from the blocked IPs, but we're starting to believe it may just be a
> large number of devices behind a few IPs.
>
>
> This is the first semester we've seen this issue, but it's getting
> frustrating as students are unable to use their PlayStations on ResNet when
> the blocks are in place. Has anyone else had this experience? Any tips or
> tricks in identifying the issue or working with Sony to raise the "allowed
> traffic" from NAT/PAT Pools?
>
>
> Thanks in advance!
>
> Bryan
>
>
> --
> Bryan Sherwood
> End-User Computing Specialist, Sr.
> Student Technology Center
> Information Technology Services
> Northern Arizona University
> (928) 523-6634
> bryan.sherw...@nau.edu
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wireless clients with dup IP address causing issues.

2016-09-01 Thread Jeremy Gibbs

I have gratuitous ARP turned off for this reason.  I have seen this happen
before when a DHCP scope is getting 70% full or more (with microsoft DHCP
starting from 2008 r2 and newer)..

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Thu, Sep 1, 2016 at 2:11 PM, Tufts, Mark  wrote:

> Hi,
>
>
>
> Since the students came back we have has high CPU utilization come and go
> on our core routers.  After much time looking at traffic patterns we have
> seen this traffic coming only from our Aruba IAP VC buildings.  We have
> other building have Juniper wireless with a central controller.  The reason
> for the high CPU appears to be two wireless devices getting the same IP
> address.  Once this happens gratuitous arps flood the uplinks and crush our
> CPUs
>
>
>
> The leases in our DHCP server mark them as bad.  We are using Microsoft
> DHCP.
>
>
>
> Has anyone experienced anything like this?
>
>
>
> Thanks,
>
>
>
> Mark
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at http://www.educause.edu/
> groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] How big are your wireless segments?

2016-08-04 Thread Jeremy Gibbs

Extreme Networks recommends we use a setting of 2 for the DTIM value.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Aug 4, 2016 at 9:34 AM, Jake Snyder  wrote:

> In 60 seconds I was just over 100 (107) arp requests. This is a test
> network.  I can definitely ramp that up to do more testing.
>
> Thanks
> Jake Snyder
>
>
> Sent from my iPhone
>
> > On Aug 4, 2016, at 1:45 AM, James Andrewartha <
> jandrewar...@ccgs.wa.edu.au> wrote:
> >
> > Hi Jake,
> >
> >> On 04/08/16 14:19, Jake Snyder wrote:
> >> Slightly different test, Meraki SSID, with a MBA13 running 10.10.5.
> >
> > Thanks for giving it a test.
> >
> >> I did a packet capture on the AP filtered for arp and used wireshark on
> the Mac with the same capture filter.  I'm only tracking arp requests,
> since that's all I should see on the MBA.  100% arp requests sent OTA from
> the AP were seen by the MBA.  But this is an older 11n MBA.  I'll get my
> hands on an 11ac device tomorrow and rerun the test.
> >
> > How many ARP requests were on the network? In one case in 75 seconds I
> > saw 598 on the 10.9.5 laptop, with the 10.11.5 laptop seeing 184.
> > Filtered with (arp.opcode==1) && (eth.addr==ff:ff:ff:ff:ff:ff).
> >
> > Filtering just on eth.addr==ff:ff:ff:ff:ff:ff I see 1863 vs 564 packets,
> > roughly evenly split between NBNS, NetBIOS Browser and ARP requests with
> > a touch of Dropbox LAN Sync and BOOTP (DHCP). Extending it out to
> > eth.ig==1 (all broadcast/multicast traffic) it's 4353 vs 1310, with the
> > addition of mDNS and IPv6.
> >
> >> Is it possible you are in promiscuous mode in Windows?  You shouldn't
> see the arp responses for anything that client didn't send, or in responses
> to the clients request unless promiscuous mode is enabled.  which then
> isn't a fair test of what the laptop did or did not hear.
> >
> > My baseline hardware was a 15" Mid-2012 rMBP running 10.9.5, which is
> > only 11n capable. When rebooted into 10.11 it also exhibits the problem.
> >
> > Thanks,
> >
> > --
> > James Andrewartha
> > Network & Projects Engineer
> > Christ Church Grammar School
> > Claremont, Western Australia
> > Ph. (08) 9442 1757
> > Mob. 0424 160 877
> >
> > **
> > Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] RADIUS Servers Load Balancing

2016-07-06 Thread Jeremy Gibbs

We are using 6 RADIUS servers behind a SLB setup.  We haven't run this
during the semester, so this will be the first semester where all of the NAC
appliances / RADIUS is LB.  We are using our Enterasys S4 core to do this
and a feature they call "Server Load Balancing" which is based on LSNAT.  I
believe we have stickiness turned on because that is required for our
setup, although it is only sticky for that session.  We LB based on
concurrent connections to each server.

Currently, I have one of the servers out of the SLB group.  But SLB does a
good job so far.

[image: Inline image 1]




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Wed, Jul 6, 2016 at 11:33 AM, Curtis K. Larsen 
wrote:

> We have 10 back-end FreeRADIUS VM's (5 in each data center) and two
> front-end FreeRADIUS Load
> balancers (1 in each DC).  We've used this config successfully for about 6
> years.  FreeRADIUS
> natively load balances quite well and we do it based on calling-station-id
> so it is sticky and
> balanced very evenly.  In fact, we tried at one point to use Netscalers
> and found that FreeRADIUS
> handled the health-checking aspects a little better and provided better
> visibility with graphs
> using graphite/tessera , radsniff, etc.  We normally do about 300
> requests/sec as well, but I've
> seen it as high as 1,000 the first two weeks of school.
>
> We get commercial support from PacketFence/Inverse on this configuration.
>
>
> Thanks,
>
> --
> Curtis K. Larsen
> Senior Network Engineer
> University of Utah IT/CIS
>
>
>
> On Wed, July 6, 2016 9:07 am, Joe Rogers wrote:
> >
> > We're running a cluster of 8 FreeRADIUS servers behind two pairs of
> > Citrix Netscaler's in different data centers which inject two anycast-IP
> > VIPs into our backbone routing tables.  This has worked very well in our
> > environment for many years.  If a Netscaler fails or the member servers
> > behind it fail, the route is simply withdrawn and traffic switches over
> > to the other data center's Netscalers.  We made sure to keep sessions
> > 'sticky' to a given server as long as everything is operating normally.
> > We use the NAS IP addr for persistence.  It doesn't provide perfectly
> > even load-balancing over the servers (some NAS' are busier than
> > others).  But, it worked well enough for us.  The servers generally see
> > around 300 requests/sec (auth and acct combined) during a normal
> semester.
> >
> > *Joe Rogers*
> > Associate Director, Network Engineering
> >
> > University of South Florida – Information Technology
> > 4202 E. Fowler Avenue, SVC4010, Tampa, FL, 33620
> > j...@usf.edu | Tel: (813) 974-7369
> > www.usf.edu/it | Facebook: /USF Information Technology | Twitter: @
> USF_IT
> >
> > On 07/06/2016 09:16 AM, Dennis Xu wrote:
> >> Hello,
> >> Has anyone had success stories about deploying RADIUS servers behind
> >> load balancers to support large number of concurrent 802.1X users? We
> >> just deployed 5 FreeRADIUS servers behind Cisco ACE and observed
> >> packets drop issues at ACE. By far, I suspect the issue was caused by
> >> the RADIUS stickiness(by calling-station-ID). Has anyone deployed
> >> RADIUS load balancing without using stickiness?
> >>
> >> Thanks.
> >>
> >>
> >> Dennis Xu, MASc, CCIE #13056
> >> Analyst 3, Network Infrastructure
> >> Computing and Communications Services(CCS)
> >> University of Guelph
> >>
> >> 519-824-4120 Ext 56217
> >> d...@uoguelph.ca
> >> www.uoguelph.ca/ccs
> >>
> >> ** Participation and subscription information for this
> >> EDUCAUSE Constituent Group discussion list can be found at
> >> http://www.educause.edu/groups/.
> >>
> >
> >
> > **
> > Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can
> > be found at http://www.educause.edu/groups/.
> >
> >
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] 802.11b data rates disabled?

2016-06-20 Thread Jeremy Gibbs

Gone for 2 years.  We have had only a handful of people complain, mostly
about the Wii.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Mon, Jun 20, 2016 at 11:57 AM, Britton Anderson 
wrote:

> We have had them disabled now for about two years now. When we were
> planning this, we had about 10 routine clients that were associating at
> .11b rates routinely on our guest network--so we couldn't identify them,
> just where they were connecting. When we pitched this, we thought it best
> to invest in a couple dozen low profile USB wifi NICs that we were certain
> worked with Windows 2000 that we could hand out to clients that requested
> them. I think we bought 20 total of a couple different models, and I still
> have a handful left.
>
> Could be a possible avenue for you. Good luck.
>
>
>
> Britton Anderson  |  Senior Network
> Communications Specialist |  University of Alaska
>  |  907.450.8250
>
> On Mon, Jun 20, 2016 at 7:49 AM, Todd M. Hall  wrote:
>
>> Do you have all of the 802.11b data rates disabled?  If so, how long have
>> they been disabled?  Did you have many complaints when you disabled them?
>> Were there any particular devices that could not connect as a result?
>>
>> I'm hoping this information will help us move towards disabling these old
>> rates. Thank you for your feedback.
>>
>> --
>> Todd M. Hall
>> Sr. Network Analyst
>> Information Technology Services
>> Mississippi State University
>> t...@msstate.edu
>> 662-325-9311 (phone)
>>
>> **
>> Participation and subscription information for this EDUCAUSE Constituent
>> Group discussion list can be found at http://www.educause.edu/groups/.
>>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wi-Fiber experince

2016-06-16 Thread Jeremy Gibbs

You know, I needed a laugh today and someone delivered, thanks!

In all seriousness, are you referring to Ubiquiti Airfiber
<https://www.ubnt.com/airfiber/airfiber5/>?




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Jun 16, 2016 at 9:40 PM, Samuel Clements 
wrote:

> 802.11bh ?
>
> This email sent from a mobile computing device. Please excuse typos and
> brevity.
>
> On Jun 16, 2016, at 8:25 PM, Jeremy Gibbs  > wrote:
>
> Yup, googled it and came up with Wisconsin Sheep and Wool Festival
> <http://www.wisconsinsheepandwoolfestival.com/>.  I don't think that's
> right..
>
>
>
>
> *--Jeremy L. Gibbs*
> Sr. Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
> F: (315) 792-3814
> E: jlgi...@utica.edu
> http://www.utica.edu
>
> On Thu, Jun 16, 2016 at 6:36 PM, Jason Watts  wrote:
>
>> That doesn't appear to be a real website
>>
>> On 6/16/2016 4:19 PM, Davidoff, Michel wrote:
>>
>> I would like to know if you have heard or if you are using products from
>> wi-fiber.com for inside or outside deployment.
>>
>>
>>
>>
>>
>>
>>
>> Michel Davidoff
>>
>> Director CyberInfrastructure
>>
>> California State University, Chancellor's Office
>>
>> Tel  562 951 8419
>>
>> Cell 707 481 1084
>>
>>
>>
>> We all work better when we work together!
>>
>>
>>
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> <http://www.educause.edu/groups/>http://www.educause.edu/groups/.
>>
>>
>> 
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wi-Fiber experince

2016-06-16 Thread Jeremy Gibbs

Yup, googled it and came up with Wisconsin Sheep and Wool Festival
.  I don't think that's
right..




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Jun 16, 2016 at 6:36 PM, Jason Watts  wrote:

> That doesn't appear to be a real website
>
> On 6/16/2016 4:19 PM, Davidoff, Michel wrote:
>
> I would like to know if you have heard or if you are using products from
> wi-fiber.com for inside or outside deployment.
>
>
>
>
>
>
>
> Michel Davidoff
>
> Director CyberInfrastructure
>
> California State University, Chancellor's Office
>
> Tel  562 951 8419
>
> Cell 707 481 1084
>
>
>
> We all work better when we work together!
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
> 
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Access Point Failure Rate

2016-04-27 Thread Jeremy Gibbs

5 years, 315 APs, 0 failures. Extreme Networks / Enterasys




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Wed, Apr 27, 2016 at 5:10 PM, Thomas Carter 
wrote:

> 275 Trapeze/Juniper wireless APs. 0 failures in the last 2 years. 3 years
> ago we had about 5-7 failures due to a known flaw in the AP. Their older
> a/b/g model (MP-422 for those in the Trapeze/Juniper boat) had a problem of
> burning out the signal amplifier if the power was turned up too much.
> Before I arrived all the APs were cranked to the max; after setting more
> reasonable power levels, we’ve had no other problems.
>
>
>
> Thomas Carter
>
> Network & Operations Manager
>
> Austin College
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Trinklein, Jason R
> *Sent:* Wednesday, April 27, 2016 2:10 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Access Point Failure Rate
>
>
>
> I’m curious to know other institutions’ equipment failure rate for access
> points.
>
>
>
> School: College of Charleston
>
> Brand: Xirrus
>
> Access Point Count: 692
>
> RMA Replacements in the last year: 36
>
> Failure rate: 5%
>
>
>
> What do you observe?
>
> --
>
> *Jason Trinklein*
>
> *Wireless Engineering Manager*
>
> College of Charleston
>
> 81 St. Philip Street | Office 311D | Charleston, SC 29403
>
> trinkle...@cofc.edu | (843) 300–8009
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID?

2016-04-08 Thread Jeremy Gibbs

[image: Inline image 1]

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Fri, Apr 8, 2016 at 8:17 AM, Danny Eaton  wrote:

> Just as a help, here's our client distribution - none on B, but we do have
> a few G, and lots of 2.4 N.  We’ve disabled the lower 2.4G data rates
> (completely disabled 1 Mbps, 2 Mbps, and 5.5, 6 and 9 as supported).
>
>
>
> [image: cid:image001.png@01D190E1.673F5460]
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Turning off 2.4 on a select SSID?

2016-04-06 Thread Jeremy Gibbs

I find the opposite to be true with band steering.  If we turn it off, the
majority of our clients won't connect to 5 Ghz, even if they are right
above an AP.  This causes lots of disconnect problems and congestion in the
2.4 Ghz spectrum.  Turning band steering on fixes the problem for us.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Wed, Apr 6, 2016 at 1:18 PM, Turner, Ryan H 
wrote:

> All,
>
>
>
> This is probably a fool’s errand, but we are debating experimenting with
> turning off the 2.4 spectrum on our eduroam SSID on parts of campus that
> have a dense 5 gig coverage.  We’ve always positioned eduroam as the
> premium SSID, and left a WPA2-PSK SSID for all the rest that don’t support
> advanced EAP methods.  We are debating trying this in just the IT building
> to start (see how many people scream).  Has anyone done anything like
> this?  The goals would be to continually remove traffic from the garbage
> bands, hopefully increasing client performance.  Band steering isn’t very
> good.
>
>
>
> Thanks,
>
> Ryan Turner
>
> The University of North Carolina at Chapel Hill
>
> r...@unc.edu
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED

2016-04-04 Thread Jeremy Gibbs

Can we just make a google doc for this and allow people to update the
results?  That way we can automatically recalculate stats based on new
entries and we won't have to put all the burden on one person.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Mon, Apr 4, 2016 at 3:47 PM, Watters, John  wrote:

>
>
> Updated spreadsheet attached.
>
>
>
> Will gather any updates, update the spreadsheet and send it back out
> mid-week. I need to take care of some work around here for a while.
>
>
>
> I added several columns per suggestions from the group. However, only very
> few responses for them. If we don’t get better responses it may not be work
> keeping those columns, particularly the one pertaining to the EDUCAUSE SSID
> being your primary SSID.
>
>
>
>
>
> Thanks to all who have sent information.
>
>
>
>
>
>
>
>
>
> -jcw
> [image: UA Logo]
>
>
>
>
> John Watters   The University of Alabama
>
> Office of Information
> Technology
>
> 205-348-3992
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED

2016-04-01 Thread Jeremy Gibbs

Utica College - Utica NY
2,000 - 3,000 wireless users a day
315 Extreme 3825i APs all wireless AC
2x Extreme 5210 wireless controllers
2 SSIDs (UC_Secure and UC_Wireless)

UC_Secure -> 802.1X
UC_Wireless -> open with captive portal




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Fri, Apr 1, 2016 at 11:21 PM, Jess Walczak  wrote:

> University of Saint Thomas - Saint Paul, Minnesota USA
> 7500 concurrent wireless and ~7000 concurrent wired on normal day
> ~1100 Cisco APs (counts of 216 b/g, 501 g/n, and 389 ac); 214 Cisco
> switches --> Rolling upgrade cycle
> Cisco 8510 HA Controller Pair for large campus, Cisco 5508 HA Controller
> Pair for small campus, single 5508 test controller
> ISE for both 802.1x SSID and Guest SSID via web auth, unencrypted,
> click-to-accept AUP.  Soon to add Eduroam
> Prime 2.2.0.0.158
>
> Jess Walczak
> Senior Network Analyst
> Information Technology Services
> jwwalc...@stthomas.edu
> University of St. Thomas | stthomas.edu
>
>
> On Fri, Apr 1, 2016 at 8:52 PM, Michael Hulko  wrote:
>
>> The University of Western Ontario, Canada
>>
>> 28-30k concurrent devices
>> 4000 Aruba APs
>> Aruba Controllers :  Master - Local with redundancy
>> Guest Access : Clearpass portal
>> Airwave monitoring
>>
>> currently refreshing to ‘AC’ compatible APs.
>>
>> Mike H
>>
>> On Apr 1, 2016, at 6:15 PM, Watters, John  wrote:
>>
>> I was going to give time for other questions to be suggested. However, it
>> seems that folks have started replying very quickly.
>>
>> I will tally this up & send it back out, maybe even tonight (though
>> probably not).
>>
>>
>>
>>
>>
>>
>>
>> -jcw
>>  
>>
>>
>> John Watters   The University of Alabama
>> Office of Information
>> Technology
>> 205-348-3992
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
>>
>> Michael Hulko
>> Network Analyst
>>
>> Western University Canada
>> Network Operations Centre
>> Information Technology Services
>> 1393 Western Road, SSB 3300CC
>> London, Ontario  N6G 1G9
>>
>> tel: 519-661-2111 x81390
>> e-mail: mihu...@uwo.ca
>>
>>
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who wifi vendors does everyone use?

2016-03-31 Thread Jeremy Gibbs

I am sort of surprised at the low number of people using Extreme Networks.
Then again, maybe I shouldn't be.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Thu, Mar 31, 2016 at 12:55 PM, Norman Mourtada 
wrote:

> We are all Aruba for wireless just under a 1000 APs, with Clearpass and
> Airwave and Extreme/Enterasys for wired.
>
>
>
> Norm Mourtada
>
> Suffolk University
>
> Boston, MA 02108
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Watters, John
> *Sent:* Thursday, March 31, 2016 12:44 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Who wifi vendors does everyone use?
>
>
>
> Cisco -- just under 6K APs right now.
>
>
>
>
>
>
>
>
>
> -jcw
> [image: UA Logo]
>
>
>
>
> John Watters   The University of Alabama
>
> Office of Information
> Technology
>
> 205-348-3992
>
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who wifi vendors does everyone use?

2016-03-30 Thread Jeremy Gibbs

Here is a straw poll.

https://strawpoll.me/7228156






*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Wed, Mar 30, 2016 at 11:22 AM, Julian Y Koh 
wrote:

> On Wed Mar 30 2016 10:20:03 CDT, Jeremy Gibbs  wrote:
> >
> > Utica College - We use Extreme Networks for WiFi, formerly known as
> Enterasys IdentiFi Wireless.
> >
>
> In the interest of not having a zillion replies, might I suggest some kind
> of web-based poll to gather and aggregate this information?  :)
>
>
>
> --
> Julian Y. Koh
> Associate Director, Telecommunications and Network Services
> Northwestern Information Technology
>
> 2001 Sheridan Road #G-166
> Evanston, IL 60208
> +1-847-467-5780
> NUIT Web Site: <http://www.it.northwestern.edu/>
> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Who wifi vendors does everyone use?

2016-03-30 Thread Jeremy Gibbs

Utica College - We use Extreme Networks for WiFi, formerly known as
Enterasys IdentiFi Wireless.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS
On Wed, Mar 30, 2016 at 11:17 AM, Dan Lauing  wrote:

> MC has been Aerohive now for a few years.
>
> On Wed, Mar 30, 2016 at 10:15 AM, Mark Reboli 
> wrote:
>
>> MU currently utilizes Cisco
>>
>>
>>
>> M
>>
>> [image: Description: MU Arches]
>>
>> Mark Reboli
>>
>> Network/Telecom Manager
>>
>> Misericordia University
>>
>> (570) 674-6753
>>
>>
>>
>>
>>
>>
>>
>> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Schuette, David
>> *Sent:* Wednesday, March 30, 2016 11:08 AM
>> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> *Subject:* [WIRELESS-LAN] Who wifi vendors does everyone use?
>>
>>
>>
>> MSU Denver is an Aerohive shop
>>
>>
>>
>>
>>
>>
>>
>> Sent from my Verizon Wireless 4G LTE smartphone
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
>
>
> --
>
> *dan b. lauing ii*
> *Wireless Network Administrator*
> *Mississippi College*
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] WLC 5508 logging authentications

2016-03-03 Thread Jeremy Gibbs

John,

A long time ago, I used splunk universal forwarder to export logs from a
windows server to my syslog server.  I am not sure if it is still possible,
but it was always free to do and worked well.  I haven't touched it in 4
years since I stopped collecting windows logs, so I am unsure if that is
still a possible solution.  Anyway, it might be worth looking into.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Mar 3, 2016 at 4:16 PM, John York  wrote:

> Ah, one of my problems was that I didn’t have accounting properly
> configured on the Windows NPS box.  It only logs to SQL or a text file tho,
> no syslog (at least without a 3rd party client.)  Perhaps I could
> schedule a task with PowerShell…
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Dennis Xu
> *Sent:* Thursday, March 3, 2016 3:49 PM
>
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> It depends on what Radius logs you are looking at. In Radius
> authentication logs, yes CallingStationID field contains client MAC
> address(because WLC does not know client's IP address at this stage). But
> if you look at Radius accounting logs, you should see client IP addresses
> in CallingStationID. We search in accounting logs because those give us the
> session start and stop times.
>
>
>
>
> Dennis Xu, MASc, CCIE #13056
> Analyst 3, Network Infrastructure
> Computing and Communications Services(CCS)
> University of Guelph
>
>
>
> 519-824-4120 Ext 56217
> d...@uoguelph.ca
> www.uoguelph.ca/ccs
>
>
> --
>
> *From: *"John York" 
> *To: *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Sent: *Thursday, March 3, 2016 3:28:42 PM
> *Subject: *Re: [WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> I have the stuff in a SIEM, but not correlated ;-(
>
>
>
> My Windows NPS logs have the IP of the WLC in the ClientIPAddress field.
> Rats.  Client MAC is in CallingStationID, though.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Dennis Xu
> *Sent:* Thursday, March 3, 2016 3:04 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> We have the similar process here. But I think once you get the inside IP
> and time, you can lookup the username from the Radius auth logs(skip the
> DHCP lookup).
>
>
>
> We are currently implanting SIEM. We hope by dumping logs to SIEM from all
> systems, we can just do a simple lookup from SIEM.
>
>
>
>
> Dennis Xu, MASc, CCIE #13056
> Analyst 3, Network Infrastructure
> Computing and Communications Services(CCS)
> University of Guelph
>
>
>
> 519-824-4120 Ext 56217
> d...@uoguelph.ca
> www.uoguelph.ca/ccs
>
>
> --
>
> *From: *"John York" 
> *To: *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Sent: *Thursday, March 3, 2016 2:53:57 PM
> *Subject: *Re: [WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> We have Win NPS running Radius.  It takes several lookups to get what I
> want and I was hoping to shorten the process.  A typical one goes like this:
>
>
>
> Receive:  outside IP, port, and time
>
> Lookup in firewall NAT logs
>
> Output:  inside IP, time
>
> Lookup IP in DHCP logs
>
> Output:   MAC address, time
>
> Lookup MAC in NPS logs
>
> Output:  username
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Dennis Xu
> *Sent:* Thursday, March 3, 2016 12:08 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> Hi John,
>
>
>
> You are right that WLCs do not log authentication sessions in syslog. Do
> you have Radius servers to authenticate wireless users? Radius server is
> the better place to collect authentication logs.
>
>
>
> Regards,
>
>
> Dennis Xu, MASc, CCIE #13056
> Analyst 3, Network Infrastructure
> Computing and Communications Services(CCS)
> University of Guelph
>
>
>
> 519-824-4120 Ext 56217
> d...@uoguelph.ca
> www.uoguelph.ca/ccs
>
>
> --
>
> *From: *"John York" 
> *To: *WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Sent: *Thursday, March 3, 2016 11:29:56 AM
> *Subject: *[WIRELESS-LAN] WLC 5508 logging authentications
>
>
>
> Hi
>
> We have one 5508 (soon to be a failover pair) and don’t run PI. Our users
> connect either through 802.1x or an open SSID with a webauth portal from
> the 5508.  I need to be able to log authentications so I can track down
> users who have annoyed DMCA or our security department.  I’m finding that
> 5508 syslog outputs a huge amount of stuff, but doesn’t include successful
> authentications.  I’ve found some posts that indicate that info is only
> available through SNMP traps,

802.1x causing Android phone to reboot

2016-03-02 Thread Jeremy Gibbs

Hello everyone,

I have a very interesting problem.  When a faculty members Samsung Galaxy
J1 joins our UC_Secure (802.1x) network, her phone reboots after 2-5
minutes regardless of usage.  Right before the phone reboots, it locks up
for 4-5 seconds.

This particular phone is running Android 5.1.1 kernel version 3.10.49 on
Verizon.

We can leave the phone on a non 802.1x network and it will NEVER reboot.  A
coworker of mine captured the logs of the phone during one of these
reboots.  Nothing ever showed up in the log.  However, the fact that it
doesn't happen on her home wireless network and that it also doesn't happen
on our unsecure network, makes me believe it is a bug with 802.1x.

Has anyone else ever run across this issue?  I haven't heard of anyone else
complaining about this.  So maybe it's just an isolated hardware issue.

Thanks



*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba Contact

2016-02-29 Thread Jeremy Gibbs

William,

The VP of sales for the west coast has been made aware of this. Look for an
email tomorrow from Aruba.

On Monday, February 29, 2016, Friskney, Doyle  wrote:

> HP now owns Aruba, I would reach out to my local var that sells you
> computer and networking equipment and have them establish a meeting with
> yourself and Aruba.  If you do not get a meeting after three attempts I
> would doubt future support.
>
> Doyle
>
> On 2/29/16, 5:01 PM, "The EDUCAUSE Wireless Issues Constituent Group
> Listserv on behalf of William Doyle"  
> on behalf of wdo...@berkeley.edu > wrote:
>
> >Good Day,
> >
> >We are in the process of evaluating a replacement for our existing
> >wireless network. I would be remiss if I did not include Aruba in this
> >process but in spite of reaching out several times in the last few weeks
> >I cannot get a response.
> >
> >If anyone has a contact they could share, on or off list, I would
> >appreciate it. (we are in California)
> >
> >Thank You,
> >
> >William Doyle
> >International House Berkeley
> >
> >**
> >Participation and subscription information for this EDUCAUSE Constituent
> >Group discussion list can be found at http://www.educause.edu/groups/.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>


-- 


*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Naming conventions for WLAN devices

2016-02-02 Thread Jeremy Gibbs

We use building name--room number and we put an 'r' at the end if it's
actually in that room (Bell-404r would be AP in Bell Hall inside of room
404, without the r, I would assume the AP is outside of 404).  We only have
320 APs and usually only one network closet per building, sometimes a
second smaller one.  We also use LLDP on our APs/switches, so I can just
run show lldp port remote-info and quickly see what port the AP is on,
power levels, it's name, serial etc... Of course I could see this info in
OneView, but sometimes it's easier just doing it right from the CLI (I type
much faster than I click).




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Tue, Feb 2, 2016 at 1:40 PM, Danny Eaton  wrote:

> We currently use ap-BLDG-ROOM (and if it’s a Cisco 702W, we use
> ap-BLDG-ROOM-702W).  Room is the closest room – if it’s in the hallway, if
> it’s in a room – then obvious.  The building abbreviation is what we use
> for the wired switch names as well (mud-230-a-1, Mudd Computer Lab, room
> 230, Access, #1, so AP’s would be ap-mud-208, ap-mud-201, etc.).
>
>
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Manon Lessard
> *Sent:* Tuesday, February 02, 2016 12:20 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Naming conventions for WLAN devices
>
>
>
> Hi
>
>
>
> We don’t actually have room numbers in our names because there’s often
> renovation work which might change the numerotation of the rooms.
>
> We use the id of the building, closet number+ Letter for purpose +
> sequential number.
>
> We use the same recipe for cameras, switches and the like changing the 2nd
> to last letter based on type of device.
>
>
>
> Cheers,
>
>
>
> *Manon Lessard*
> Technicienne en développement de systèmes CCNP
>
> Direction des technologies de l'information
>
> Pavillon Louis-Jacques-Casault
> 1055, avenue du Séminaire
> Bureau 0403
> Université Laval, Québec (Québec)
>
> G1V 0A6, Canada
>
> 418 656-2131, poste 12853
> Télécopieur : 418 656-7305
>
> manon.less...@dti.ulaval.ca
> www.dti.ulaval.ca
>
> Avis relatif à la confidentialité | Notice of Confidentiality
> 
>
>
>
> [image: Description: Description : Description : Description :
> Description : Description : Description : Description : Description :
> Description : Description : Description : Description : Description :
> Description : Description : Description : Description : Description :
> Description : Logo de l'Université Laval]
>
>
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Norman Chu
> *Sent:* 2 février 2016 12:38
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Naming conventions for WLAN devices
>
>
>
> We’re looking for ideas to improve our current naming convention for
> network devices.
>
>
>
> For an access point, it currently consists of:
>
> --ap
>
> e.g. burnside-1-ap24
>
>
>
> For controllers, we use:
>
> wireless--wmc
>
> e.g. wireless-local1-wmc
>
> (wmc = wireless mobility controller)
>
>
>
> For access points, we’re thinking of adding location info instead of the
> arbitrary number, so something like: burnside-1-ap101a where 101a is the
> first AP in room 101 (101b would be the second AP, etc.)
>
>
>
> Switches: burnside-sw1, burnside-sw2
>
> UPS’s: burnside-ups-1, burnside-ups2-1
>
> PoE midspans: burnside-poe-1, burnside-poe2-1
>
>
>
> What do other organizations use for naming conventions for their network
> devices?
>
>
>
> Thanks.
>
>
>
> Norman Chu
>
> Network Analyst – Network Infrastructure group
>
> Systems Engineering – McGill NCS
>
> (514) 398-7299
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> !DSPAM:911,56b0f6d213515793014824!
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

wireless-lan@listserv.educause.edu

2016-01-19 Thread Jeremy Gibbs

We are not outright telling people to use it, however we are also not
blocking it.  E911 is up to the user to keep up-to-date and they have an
agreement with their provider (at least AT&T).  We don't apply any QoS to
this traffic and treat it like all other bulk Internet traffic.  If we see
a big outcry for it's use, we might reconsider how we treat the traffic.

*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

On Fri, Jan 15, 2016 at 11:14 AM, Becker, Jason  wrote:

> Is anyone promoting using the wifi option for making calls on iphones6 or
> better cell phones with AT&T?
>
> If so how are you dealing with E911?
>
>
>
> Thanks,
> Jason
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

2015-11-20 Thread Jeremy Gibbs

In my testing so far (limited), it appears to work better then disabling
various data rates.  But for now I am just testing in a few small areas
with high AP density.  My worry is clients who are on the fringe of all APs
would end up being bounced around, creating a worse problem than poor data
rates or low signal strength.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Fri, Nov 20, 2015 at 3:48 PM, Hinson, Matthew P <
matthew.hin...@vikings.berry.edu> wrote:

> Disabling the data rates is the preferred method of doing this. A few WLAN
> vendors (Aerohive and Ubiquiti are the ones I know of for sure) allow you
> to set a Min RSSI value. If a client’s SNR drops too low for X number of
> TU’s, then AP will deauth the client to…persuade them to pick a different AP
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeremy Gibbs
> *Sent:* Friday, November 20, 2015 3:31 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and
> Probe Suppression
>
>
>
> This is the GTAC solution guide to probe suppression.  I will report if it
> helps with sticky clients or not.  This is assuming there is enough RF from
> surrounding AP's.
>
>
>
>
> https://gtacknowledge.extremenetworks.com/articles/Solution/Issues-with-clients-staying-with-an-Access-Point-that-has-bad-signal-Sticky-Clients
>
>
>
>
>
> *-- Jeremy L. Gibbs*
>
> Sr. Network Engineer
> Utica College IITS
>
>
>
> On Fri, Nov 20, 2015 at 2:49 PM, Jim Glassford  wrote:
>
> Hi,
>
> Jeremy, we have not used probe suppression but Chris thanks for the
> opening on, disabling lower data rates.
>
> This Cisco best practice, last updated Jan 2015, page 18 shows 2.5GHz
> disabled up to 12Mbps and 5GHz disabled up to 24Mbps
>
> <http://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/82463-wlc-config-best-practice.pdf>
> <http://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/82463-wlc-config-best-practice.pdf>
>
> Curious if any have taken this many lower speeds off line?
>
> We have disabled 1, 2, 5.5, and 11 on 2.5GHz.
> Just started toying a little disabling 6 and 9 on 2.5 and 5GHz.
>
> thanks!
> jim
>
>
>
> On 11/20/2015 2:07 PM, Chris Adams (IT) wrote:
>
> We have typically achieved this by disabling lower data rates available
> per SSID.
>
>
>
>
>
> Thanks,
>
>
>
> Chris Adams
>
>
>
> Director, Network & Telecom Services
>
> Division of Information Technology
>
> University of North Georgia
>
> E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Jeremy Gibbs
> *Sent:* Friday, November 20, 2015 2:05 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Sticky Clients and Probe Suppression
>
>
>
> Has anyone ever used probe suppression and force dissociation of clients
> at a particular RSS value?  This feature was just introduced and we have a
> lot of "sticky" clients that don't like to roam even though there are more
> desirable AP's in the area.
>
>
>
> I have enabled it on a handful of AP's for testing, but would like to hear
> what others have experienced.
>
>
>
> Thanks
>
>
>
>
> *-- Jeremy L. Gibbs*
>
> Sr. Network Engineer
> Utica College IITS
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] [Ext] Re: [WIRELESS-LAN] Sticky Clients and Probe Suppression

2015-11-20 Thread Jeremy Gibbs

This is the GTAC solution guide to probe suppression.  I will report if it
helps with sticky clients or not.  This is assuming there is enough RF from
surrounding AP's.

https://gtacknowledge.extremenetworks.com/articles/Solution/Issues-with-clients-staying-with-an-Access-Point-that-has-bad-signal-Sticky-Clients




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS



On Fri, Nov 20, 2015 at 2:49 PM, Jim Glassford  wrote:

> Hi,
>
> Jeremy, we have not used probe suppression but Chris thanks for the
> opening on, disabling lower data rates.
>
> This Cisco best practice, last updated Jan 2015, page 18 shows 2.5GHz
> disabled up to 12Mbps and 5GHz disabled up to 24Mbps
>
> <http://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/82463-wlc-config-best-practice.pdf>
> <http://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/82463-wlc-config-best-practice.pdf>
>
> Curious if any have taken this many lower speeds off line?
>
> We have disabled 1, 2, 5.5, and 11 on 2.5GHz.
> Just started toying a little disabling 6 and 9 on 2.5 and 5GHz.
>
> thanks!
> jim
>
>
>
> On 11/20/2015 2:07 PM, Chris Adams (IT) wrote:
>
> We have typically achieved this by disabling lower data rates available
> per SSID.
>
>
>
>
>
> Thanks,
>
>
>
> Chris Adams
>
>
>
> Director, Network & Telecom Services
>
> Division of Information Technology
>
> University of North Georgia
>
> E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Jeremy Gibbs
> *Sent:* Friday, November 20, 2015 2:05 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Sticky Clients and Probe Suppression
>
>
>
> Has anyone ever used probe suppression and force dissociation of clients
> at a particular RSS value?  This feature was just introduced and we have a
> lot of "sticky" clients that don't like to roam even though there are more
> desirable AP's in the area.
>
>
>
> I have enabled it on a handful of AP's for testing, but would like to hear
> what others have experienced.
>
>
>
> Thanks
>
>
>
>
> *-- Jeremy L. Gibbs*
>
> Sr. Network Engineer
> Utica College IITS
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> <http://www.educause.edu/groups/>http://www.educause.edu/groups/.
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Sticky Clients and Probe Suppression

2015-11-20 Thread Jeremy Gibbs

Has anyone ever used probe suppression and force dissociation of clients at
a particular RSS value?  This feature was just introduced and we have a lot
of "sticky" clients that don't like to roam even though there are more
desirable AP's in the area.

I have enabled it on a handful of AP's for testing, but would like to hear
what others have experienced.

Thanks



*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wireless Options in Athletic Buses

2015-11-18 Thread Jeremy Gibbs

I know people may snicker at this but take a look at the offerings from
Aerohive for this.  I demoed a solution that was VERY slick.  I think it
would work very well for you.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Wed, Nov 18, 2015 at 2:01 PM, Adam T Ferrero  wrote:

>
>
>   We put some gear on our shuttle buses that travel between campuses a few
> years ago.  Basically a Cradlepoint router (Verizon LTE cellular backhaul
> with an ethernet hand off).  That ethernet hand off goes to a wifi access
> point that is able to do dns lookup and find its controller (happens to be
> Meru but I know Aruba does supports similar mechanisms).  Everything is
> tunneled back encrypted through the controller.
>
>
>
>   This has served us well for those students that enjoy a 45 minute
> commute between campuses.
>
>
>
>   Adam
>
>
>
> [image: Adam T Ferrero]
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Daniel Wurst
> *Sent:* Wednesday, November 18, 2015 12:57 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Wireless Options in Athletic Buses
>
>
>
> Hi,
>
>
>
> This is my first post in this group.  I have really enjoyed being a part
> of this group and have learned quite a bit so you thank you to all members.
>
>
>
> Recently I was asked If there was a way we could supply wireless
> connectivity in our athletic buses for student athletes as they travel to
> sporting events.  My thoughts would be some kind of cellular network hot
> spot that the students could log into with their devices.
>
>
>
> I was wondering if other Universities have attempted anything like this or
> have any hot spot devices they would recommend for this use.
>
>
>
> Appreciate any feedback on this topic.
>
>
>
> Thank you,
>
>
>
> --
>
> Daniel Wurst
>
> Network Engineer II
>
> Denison University
>
> Fellows 003B
>
> wur...@denison.edu
>
> 740-587-6229
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco Small Cell Solution

2015-11-17 Thread Jeremy Gibbs

I believe WiFi calling will be the future and these "small cell" systems
will be phased out.  I know a network engineer at AT&T and they are really
pushing the WiFi calling for these situations.




On Tue, Nov 17, 2015 at 11:28 AM, Smith, Todd  wrote:

> Hello,
>
> I know that there are many Cisco wireless networks on this list and I
> wanted to see if anyone is using the Small Cell Solution with their
> existing Cisco wireless network.  Here at the Charleston Area Medical
> Center, we are an Extreme shop and have been happy with it for years, but
> increasing cellular issues and outright refusal of wireless carriers to
> participate in a DAS has let us few choices.
>
> One partial solution was discussed on the list, a couple of weeks ago
> under the topic of Wi-Fi Calling.  This is another approach which is
> possibly replace our existing wireless network with a combined
> Wi-Fi/Cellular system.  I am asking the list if anyone is currently running
> such a solution and how it works for them, both the good and the bad.
>
> I will summarize for the list if respondents want to remand anonymous, but
> I am looking to try to get some honest feedback on what will probably be a
> difficult install.  Even if it works perfectly, none of my network
> management solutions and purchase/service agreements will work and it would
> all be brand new.  Brand new is not a show-stopper but it is also not
> trivial either.
>
> Todd
>
>
>
> ==
>
> CONFIDENTIALITY NOTICE: The information contained in this
> message may
> be privileged and confidential. If this e-mail contains protected
> health information, you are hereby notified that any dissemination,
> distribution or copying of this communication is strictly prohibited,
> except as permitted by law. If you have received this communication in
> error, please notify the sender immediately by replying to this message
> and deleting it from your computer. Thank you.
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Multi Vendor environments in WiFi space

2015-10-16 Thread Jeremy Gibbs

>From my experience, you just have to keep beating up Cisco.  Every time
they say "we can't do lower pricing", don't believe them.  They absolutely
can do lower pricing.  Also make sure you indicate that changing vendors
will mean your following suit with the rest of the hardware when it comes
EOL.  That should make them dig out some deeper discounts.  If they are
unwilling to come down in price to be more competitive, maybe it's a good
time to start moving on to other vendors.

Take a look at Extreme Networks.  They have some great products and usually
beat the pants off of Cisco when it comes to pricing (especially wireless).





*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Fri, Oct 16, 2015 at 4:25 AM, Oliver Elliott <
oliver.elli...@bristol.ac.uk> wrote:

> Jeff
>
> How did you achieve that discount, was it a significant bulk order? We
> tend to buy large amounts of switches and APs separately, if we can save a
> lot of money buying them together that would be nice!
>
> Oli
>
> On 15 October 2015 at 19:15, Jeffrey D. Sessler 
> wrote:
>
>> I think it's always wise to look at other vendors when you're about to
>> replace that amount of equipment, but unless you are unhappy, it's unlikely
>> that the alternative will come out less expensive i.e. hardware purchase,
>> plus learning/supporting another vendor.
>>
>> If you're happy, work with your incumbent vendor to see what they'll do
>> to keep you in the family.
>>
>> For Cisco, right now there is a deal where you can get substantial
>> additional discounts on wireless if it's paired with switching (which also
>> gets extra discounts), and these stack on top of the discount you get
>> normally. Let's just say that 70%-ish off is not difficult. I took
>> advantage of the discount last year and the cost for a 3702i was pretty
>> amazing.
>>
>> Jeff
>>
>>
>> -Original Message-
>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
>> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Oliver, Jeff
>> Sent: Thursday, October 15, 2015 9:42 AM
>> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> Subject: [WIRELESS-LAN] Multi Vendor environments in WiFi space
>>
>> All,
>>
>> This is probably an old topic, but I have not seen anything in a while on
>> it.
>>
>> At present we are a Cisco shop with regard to our wireless deployment,
>> and we are looking at changing out a substantial number (250) of our AP's
>> (1131 to 3702). These AP's represent about 30% of our deployment so is a
>> substantial investment, and as such our CIO has asked us to look at other
>> solutions.
>>
>> I am wondering if any of you are running multi vendor environments and if
>> so, what the UX is like? What are the toolsets like regarding management of
>> two disparate systems?
>>
>>
>>
>> Cheers,
>> Jeff
>>
>> ---
>>
>> Jeffrey L. Oliver
>> Sr. Network Analyst
>> Information Technology Services
>> The University of Lethbridge
>> 4401 University Drive, Lethbridge, Alberta, T1K 3M4
>>
>> Tel:403.329.5162
>> Mob:403.315.4461
>> Fax:403.382.7108
>>
>> URI:jeff.oli...@uleth.ca
>>
>> **
>> Participation and subscription information for this EDUCAUSE Constituent
>> Group discussion list can be found at http://www.educause.edu/groups/.
>>
>>
>> **
>> Participation and subscription information for this EDUCAUSE Constituent
>> Group discussion list can be found at http://www.educause.edu/groups/.
>>
>>
>
>
> --
> Oliver Elliott
> Senior Network Specialist
> IT Services
> University of Bristol
> e: oliver.elli...@bristol.ac.uk
> t: 0117 39 (41131)
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Measuring RADIUS Auths

2015-10-15 Thread Jeremy Gibbs

I am surprised there are no statistics to be had from the controller.  I am
assuming you have gone down that avenue already.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Oct 15, 2015 at 5:35 PM, Charles Rumford 
wrote:

> That is my first thought also. I might put two smaller boxes out on select
> controllers and do selective port mirroring from the actual controller to
> reduce the flood of traffic. More thinking and planning needed.
>
> --
> Charles Rumford
> Network Engineer/Senior Wireless Engineer
> ISC Network Operations
> University of Pennsylvania
> OpenPGP Key ID: 0xF3D8215A
> (p) 215-746-2808
>
> Sent from my phone
>
> On Oct 15, 2015, at 17:29, Jeremy Gibbs  > wrote:
>
> Hmm, I am interested to hear how you might accomplish that.  My first
> instinct is to port mirror the controller to a large enough box to handle
> the traffic and have a filter looking for port 1645/1812 (whatever your
> RADIUS AUTH port is) so you only capture that traffic (I would use
> tcpdump).  Then you might be able to do some stats on it if you capture for
> an hour or so.
>
>
>
>
> *-- Jeremy L. Gibbs*
> Sr. Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
> F: (315) 792-3814
> E: jlgi...@utica.edu
> http://www.utica.edu
>
> On Thu, Oct 15, 2015 at 5:13 PM, Charles Rumford 
> wrote:
>
>> We are using FreeRADIUS, but I want to measure independent of the RADIUS
>> server.
>>
>> --
>> Charles Rumford
>> Network Engineer/Senior Wireless Engineer
>> ISC Network Operations
>> University of Pennsylvania
>> OpenPGP Key ID: 0xF3D8215A
>> (p) 215-746-2808
>>
>> Sent from my phone
>>
>> On Oct 15, 2015, at 17:12, Jeremy Gibbs > > wrote:
>>
>> What are you using for a RADIUS server?
>>
>>
>>
>>
>> *-- Jeremy L. Gibbs*
>> Sr. Network Engineer
>> Utica College IITS
>>
>> T: (315) 223-2383
>> F: (315) 792-3814
>> E: jlgi...@utica.edu
>> http://www.utica.edu
>>
>> On Thu, Oct 15, 2015 at 5:08 PM, Charles Rumford 
>> wrote:
>>
>>> I’m currently embarking on a project to determine the number of RADIUS
>>> auths per minute each one of my controllers is generating to plan for the
>>> capacity I need for my RADIUS servers.
>>>
>>> I was curious if anyone has embarked on a similar journey and tried to
>>> measure auth rates coming from their controllers?
>>>
>>> I have a couple of ideas that I’m up for sharing, but I wanted to see if
>>> anyone else has done this.
>>>
>>> Thanks!
>>>
>>> 
>>> Charles Rumford
>>> Network Engineer/Senior Wireless Engineer
>>> ISC Network Operations
>>> University of Pennsylvania
>>> OpenPGP Key ID: 0xF3D8215A
>>> (p) 215-746-2808
>>>
>>>
>>> **
>>> Participation and subscription information for this EDUCAUSE Constituent
>>> Group discussion list can be found at http://www.educause.edu/groups/.
>>>
>>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Measuring RADIUS Auths

2015-10-15 Thread Jeremy Gibbs

Hmm, I am interested to hear how you might accomplish that.  My first
instinct is to port mirror the controller to a large enough box to handle
the traffic and have a filter looking for port 1645/1812 (whatever your
RADIUS AUTH port is) so you only capture that traffic (I would use
tcpdump).  Then you might be able to do some stats on it if you capture for
an hour or so.




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Oct 15, 2015 at 5:13 PM, Charles Rumford 
wrote:

> We are using FreeRADIUS, but I want to measure independent of the RADIUS
> server.
>
> --
> Charles Rumford
> Network Engineer/Senior Wireless Engineer
> ISC Network Operations
> University of Pennsylvania
> OpenPGP Key ID: 0xF3D8215A
> (p) 215-746-2808
>
> Sent from my phone
>
> On Oct 15, 2015, at 17:12, Jeremy Gibbs  > wrote:
>
> What are you using for a RADIUS server?
>
>
>
>
> *-- Jeremy L. Gibbs*
> Sr. Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
> F: (315) 792-3814
> E: jlgi...@utica.edu
> http://www.utica.edu
>
> On Thu, Oct 15, 2015 at 5:08 PM, Charles Rumford 
> wrote:
>
>> I’m currently embarking on a project to determine the number of RADIUS
>> auths per minute each one of my controllers is generating to plan for the
>> capacity I need for my RADIUS servers.
>>
>> I was curious if anyone has embarked on a similar journey and tried to
>> measure auth rates coming from their controllers?
>>
>> I have a couple of ideas that I’m up for sharing, but I wanted to see if
>> anyone else has done this.
>>
>> Thanks!
>>
>> 
>> Charles Rumford
>> Network Engineer/Senior Wireless Engineer
>> ISC Network Operations
>> University of Pennsylvania
>> OpenPGP Key ID: 0xF3D8215A
>> (p) 215-746-2808
>>
>>
>> **
>> Participation and subscription information for this EDUCAUSE Constituent
>> Group discussion list can be found at http://www.educause.edu/groups/.
>>
>>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Measuring RADIUS Auths

2015-10-15 Thread Jeremy Gibbs

What are you using for a RADIUS server?




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Thu, Oct 15, 2015 at 5:08 PM, Charles Rumford 
wrote:

> I’m currently embarking on a project to determine the number of RADIUS
> auths per minute each one of my controllers is generating to plan for the
> capacity I need for my RADIUS servers.
>
> I was curious if anyone has embarked on a similar journey and tried to
> measure auth rates coming from their controllers?
>
> I have a couple of ideas that I’m up for sharing, but I wanted to see if
> anyone else has done this.
>
> Thanks!
>
> 
> Charles Rumford
> Network Engineer/Senior Wireless Engineer
> ISC Network Operations
> University of Pennsylvania
> OpenPGP Key ID: 0xF3D8215A
> (p) 215-746-2808
>
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Multi Vendor environments in WiFi space

2015-10-15 Thread Jeremy Gibbs

Tried running our Extreme wireless network alongside a Cisco PoC.  I would
NEVER do it again.



On Thu, Oct 15, 2015 at 12:42 PM, Oliver, Jeff  wrote:

> All,
>
> This is probably an old topic, but I have not seen anything in a while on
> it.
>
> At present we are a Cisco shop with regard to our wireless deployment, and
> we are looking at changing out a substantial number (250) of our AP's (1131
> to 3702). These AP's represent about 30% of our deployment so is a
> substantial investment, and as such our CIO has asked us to look at other
> solutions.
>
> I am wondering if any of you are running multi vendor environments and if
> so, what the UX is like? What are the toolsets like regarding management of
> two disparate systems?
>
>
>
> Cheers,
> Jeff
>
> ---
>
> Jeffrey L. Oliver
> Sr. Network Analyst
> Information Technology Services
> The University of Lethbridge
> 4401 University Drive, Lethbridge, Alberta, T1K 3M4
>
> Tel:403.329.5162
> Mob:403.315.4461
> Fax:403.382.7108
>
> URI:jeff.oli...@uleth.ca
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] iPads and sleep issues

2015-10-13 Thread Jeremy Gibbs

May I ask, who is your wireless vendor?




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

On Tue, Oct 13, 2015 at 2:32 PM, Butler, Christopher <
cbut...@stjohnsprep.org> wrote:

> I'm looking to collect some other information to help inform our process
> to resolve an issue we are experiencing on our wireless infrastructure.  I
> have an open incident with my vendor and they are working on a resolution,
> but I'm trying to determine if we are the only ones dealing with this.
>
> We have a large deployment of iPads (1500) on our campus. somewhat evenly
> distributed across iPad Air 2, iPad Air, iPad 4 and iPad 3 and almost all
> are running iOS 8.x.
>
> We had an issue crop up this fall when a group of iPads all connected to
> the same access point all go to sleep at the same time.  The access point
> seems to lose track of which devices are asleep and which aren't and it
> ends up overwhelming the RF space with RTS packets to iPads that don't
> respond, thus rendering every other client on the access point almost
> non-functional.
>
> Has anyone seen wireless transmit issues related to iOS "sleep" mode? The
> packet captures indicate that the iPads seem to oscillate quickly between
> "sleep" and "awake" and eventually end up asleep will the AP thinks that
> they are still awake.
>
> Obviously, I'm in the middle of a bit of finger pointing between the
> wireless vendor and Apple and other data points can only help.
>
> Thanks,
> Christopher
>
> Christopher Butler
> Assistant Head of School. Information Services
> St. John's Preparatory School
> http://www.stjohnsprep.org
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Smart TVs and other "smart" devices

2015-09-15 Thread Jeremy Gibbs

We are having the same issue.  So many people with these WiFi direct
devices.  It is causing serious performance problems with our WiFi network,
especially the people who can't connect at 5 Ghz.

On Mon, Sep 14, 2015 at 10:35 AM, Lee H Badman  wrote:

> There is a glaring element of cluelessness here- is amazing.
>
>
>
> *Lee Badman* | Network Architect
>
> Information Technology Services
> 206 Machinery Hall
> 120 Smith Drive
> Syracuse, New York 13244
>
> *t* 315.443.3003  * f* 315.443.4325   *e* lhbad...@syr.edu *w* its.syr.edu
>
> *SYRACUSE UNIVERSITY*
> syr.edu
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Osborne, Bruce W
> (Network Services)
> *Sent:* Monday, September 14, 2015 7:27 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Smart TVs and other "smart" devices
>
>
>
> And the enterprise Wi-Fi vendors choose to ignore Wi-Fi Direct.
>
>
>
> A while ago when the specification was approved, I asked our vendor how
> they were going to deal with this. They could not see how this home
> technology would impact the enterprise network.
>
> 
>
>
>
> *Bruce Osborne*
>
> *Wireless Engineer*
>
> *IT Infrastructure & Media Solutions*
>
>
>
> *(434) 592-4229 <%28434%29%20592-4229>*
>
>
>
> *LIBERTY UNIVERSITY*
>
> *Training Champions for Christ since 1971*
>
>
>
> *From:* Thomas Carter [mailto:tcar...@austincollege.edu
> ]
> *Sent:* Monday, September 7, 2015 6:04 PM
> *Subject:* Re: Smart TVs and other "smart" devices
>
>
>
> Yes, wiFi direct is growing in use – Playstation 4s broadcast wifi direct
> to connect to Playstation portables. Some Roku players use wifi direct for
> remote controls. We have a blanket statement disallowing anything that we
> deem interference with the campus wireless.  As a smaller private
> institution, we work with the students to remove the wireless network. It’s
> no different than most HP wireless printers that broadcast a wireless
> network for setup.
>
>
>
> Thomas Carter
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On Behalf Of *Jeremy Gibbs
> *Sent:* Monday, September 7, 2015 2:26 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Smart TVs and other "smart" devices
>
>
>
> I have been seeing more and more students coming to campus with "smart"
> tv's.  We allow them to register the TV on our wireless network.  Recently,
> I have been seeing a lot of "Hidden" networks when doing some WiFi scans.
> Turns out, many of these TVs are broadcasting their own SSID, some hidden
> and some not.  This is obviously causing interference with our production
> wireless network in the dorms.  Also, I have seen xbox one devices
> broadcasting their own SSID, hidden but it is broadcasting.
>
>
>
> On many of these "Smart" TVs and devices, I cannot find a way to turn off
> the broadcast of these networks.
>
>
>
> Anyone have any experience mitigating problems like these?  It just
> appears that every new device these days broadcasts some sort of 2.4 Ghz
> network.
>
>
>
> Thanks
>
>
>
>
>
>
>
> *-- Jeremy L. Gibbs*
>
> Sr. Network Engineer
> Utica College IITS
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>


-- 


*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Smart TVs and other "smart" devices

2015-09-07 Thread Jeremy Gibbs

I have been seeing more and more students coming to campus with "smart"
tv's.  We allow them to register the TV on our wireless network.  Recently,
I have been seeing a lot of "Hidden" networks when doing some WiFi scans.
Turns out, many of these TVs are broadcasting their own SSID, some hidden
and some not.  This is obviously causing interference with our production
wireless network in the dorms.  Also, I have seen xbox one devices
broadcasting their own SSID, hidden but it is broadcasting.

On many of these "Smart" TVs and devices, I cannot find a way to turn off
the broadcast of these networks.

Anyone have any experience mitigating problems like these?  It just appears
that every new device these days broadcasts some sort of 2.4 Ghz network.

Thanks




*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Exclusive 2.4 Ghz and 5 Ghz SSIDs

2015-08-12 Thread Jeremy Gibbs

Does anyone employ band-steering?  When we enabled it, we saw a massive
jump of users connecting at 5ghz. Obviously if the client doesn't support
5ghz or it just prefers 2.4 because of various factors it can stay on 2.4.
I have only seen it improve throughput for everyone. Any opinions on this?
We are an extreme network shop, but our wireless is the enterasys (chantry)
solution with new 3825i 3x3.

On Wednesday, August 12, 2015, Jeffrey D. Sessler 
wrote:

> Single SSID – anything else just adds confusion for the end-user. Then
> again, I was recently visited a spot where they had a different SSID for
> every building. :)
>
> Thinking more about this…
>
> If residence halls (academic buildings too) are well designed around 5 GHz
> and use in-room AP placement, the issues with 2.4 tend to melt away (or you
> can ignore them), with clients only falling back to 2.4 when they
> transition outside of a building.
>
> If you’re a Cisco shop (I assume Aruba has something similar), their
> automatic RRM (radio resource management) and TPC (Transmit Power Control)
> tend to result in very tiny cells where there is a lot of 2.4 radios
> talking (which is a good thing - tiny cells).  Of course, this can be
> really problematic if the AP layout design is not-optimal such as in a
> typically budget-driven “down the center of the hallway” methods of
> deployment where adjacent AP’s tend to have clear line-of-sight of each
> other. In cases such as these, the reduction in radio output to reduce AP
> channel overlap can result in client connection troubles i.e. The clients
> are probably behind fire–proof metal clad doors, brick walls, etc. Coupled
> with coverage hole detection (where AP power is increased for client
> connectivity), you now have an environment that’s in constant chaos, where
> someone has to do a lot of manual adjusting of AP radios or disable the
> auto-adjusting.
>
> On the other hand, if AP layout is optimal where you’re deploying AP’s
> in-room, lower on the wall, avoiding line-of-sight, etc. then you get the
> benefit of the room’s construction (doors, floors, walls, what inside the
> walls, bed, desks, etc.). All of which help promote small cell isolation
> and reduce the number of adjacent neighbor AP’s you’ll see, resulting in
> less 2.4 GHz channel overlap.
>
> Now then, the same issues can crop up in 5 GHz, but it doesn’t propagate
> as far, so if you're using the in-room deployment method, it’s likely not
> as big of an issue even in dense deployments. That said, if you do have
> dense 5 GHz deployments, Cisco’s 8.1 code introduces 5 GHz dynamic
> channel-width allocation, somewhat eliminating the issue by dynamically
> moving between 20, 40, and 80 MHz channels.
>
> In my opinion, 2.4 GHz is slowly marching to its demise, and I’m focusing
> all of my attention on 5 GHz. We have the luxury of of a robust Mac
> population (~80% of the students), and Apple laptops and desktops have long
> since had access to 5GHz, so I’m not sure how much effort should be put
> into maintaining 2.4 if it’s ultimately only being used by old phones,
> devices that move little data, or have alternative data paths such as
> cellular, why expend a lot of effort on it?
>
> Jeff
>
>
>
> From: "wireless-lan@listserv.educause.edu
> " on
> behalf of Stephen Oglesby
> Reply-To: "wireless-lan@listserv.educause.edu
> "
> Date: Wednesday, August 12, 2015 at 9:41 AM
> To: "wireless-lan@listserv.educause.edu
> "
> Subject: Re: [WIRELESS-LAN] Exclusive 2.4 Ghz and 5 Ghz SSIDs
>
> Paul,
>
> We're an Aruba shop and, as Bruce of Liberty mentioned, for dense
> deployments we turn 2.4 ghz radios off on every other AP (typically edge of
> building APs). Our main performance issues were due to interference and
> channel utilization on the 2.4 ghz spectrum. We attempted reducing 2.4 ghz
> (20 mhz channel)  transmit power but still had issues.
>
> I also agree with keeping to the simplicity of a single SSID if at all
> possible.  I can't imagine the number of issues that would be reported to
> me simply because the user exited the ideal range for 5ghz spectrum. Our
> student and staff networks support a wide range of client wireless cards,
> antenna configurations, and spectrum compatibility (many are including
> 2.4ghz only). Having users manually switch networks as needed may cause
> HelpDesk to become very popular.
>
> Good Luck,
>
> Stephen Oglesby
> Network and Telecommunications Architect
> Aims Community College
> 5401 W. 20th Street
> Greeley, CO 80634
> 970.339.6350 (Office)
> stephen.ogle...@aims.edu
> 
>
>
>
> *IT staff will never ask you for your username and password. Always decline 
> to provide the information and report such attempts to the help desk (x6380).*
>
>
> On Wed, Aug 12, 2015 at 8:24 AM, Philippe Hanset  > wrote:
>
>> Paul,
>>
>> Dorm design is an animal of itself and each school has its own set of
>> challenges based on
>> locations and policies. As much as I agree that 2.4 GHz and 5 GHz
>> shouldn’t be on sep

Re: [WIRELESS-LAN] Apple Remote Desktop over Wireless

2015-06-03 Thread Jeremy Gibbs

Have you tried a continuous ping while using ARD?  I find ARD is finicky,
slow and has a multitude of problems.  I do however use it on our wireless
network several times a week and have no issues with it.

On Tue, Jun 2, 2015 at 8:38 PM, Somchay Vongsena 
wrote:

>   Does anyone have users experiencing problems using Apple Remote Desktop
> (ARD) over wireless?  The problem is inconsistent and when it does occur,
> seems like switching to wired then back to wireless fixes the problem.  Any
> Workaround?  Solution?  Or could it be just an issue with Apple Remote
> Desktop itself?  Any information would be helpful.
>
>
>
> · Windows to Windows over wired or wireless works fine no issues
>
>
>
> · Mac to Mac over wired works fine no issues
>
>
>
> · Mac to Mac over wireless does not seem to work well using Apple
> Remote Desktop
>
>
>
> · Combination of Mac to Mac (wireless to wired or wired to
> wireless) does not seem to work well using Apple Remote Desktop as well
>
>
>
>
>
> Thanks,
>
>
>
> *--*
>
> *Somchay Vongsena*
>
> Network Engineer II
>
> Pacific Technology
>
> University of the Pacific
>
> (209) 946-7671 | svongs...@pacific.edu
>
>
>  ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>


-- 


*--Jeremy L. Gibbs*
Sr. Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] To provide (wireless) service, or not to provide (wireless) service...

2015-05-01 Thread Jeremy Gibbs

Not sure if this will make a difference, but if you haven't read this, take
a look.  It has some very useful data about ResNet/Wireless/Bandwidth
etc...

https://www.acuta.org/acuta/pdf/041715b.pdf



On Fri, May 1, 2015 at 3:32 PM, Lee H Badman  wrote:

>  If wiring costs are the main issue, I’d go with wallplate APs  on
> existing cabling (even if not 11ac- just n). To not provide Wi-Fi is pretty
> backwards at this point and to say “bring your own” with the expectation
> that your group will somehow support that is the stuff of nightmares for
> all parties.
>
>
>
> Not sure how 4G helps in this case- bad assumption that all devices can
> use it.
>
>
>
> Also not understanding what “as a service” amounts to.
>
>
>
>
>
> The more gimmicky it gets, the worse the suck factor will be.
>
>
>
> -Lee
>
>
>
>
>
> Lee Badman
>
> Wireless/Network Architect
>
> ITS, Syracuse University
>
> 315.443.3003
>
> (Blog: http://wirednot.wordpress.com)
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Brian Helman
> *Sent:* Friday, May 01, 2015 11:23 AM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] To provide (wireless) service, or not to
> provide (wireless) service...
>
>
>
> A few weeks ago we made a pitch for funding to upgrade our res halls to
> 802.11ac.  This request for funding has had an unforeseen effect.  I’m not
> being asked to investigate NOT providing wireless networking in our res
> halls.  Here are the options, as it has been described to me:
>
>
>
> -No institutional wireless.  Let the students bring in their own AP’s
>
> -Some kind of managed service (wireless as a service) with 802.11
>
> -Some kind of institutionally owned/leased mobile wireless (e.g we provide
> our own 4G)
>
> -Hybrid
>
> -Continue with 802.11n 2.4GHz and fill in holes as they pop up
>
>
>
> I’m not going to put my thoughts up here just yet.  These are the
> options/thoughts as presented by the levels above me.
>
>
>
> Let the discussion begin….
>
>
>
>
>
>
>
>
>
> 
> *Brian Helman, M.Ed *|*  Director, ITS/Networking Services | *(: *978.542.7272
> <978.542.7272>*
>
> *Salem State University, 352 Lafayette St., Salem Massachusetts 01970*
>
> *GPS: 42.502129, -70.894779*
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>  ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>


-- 


*--Jeremy L. Gibbs*
Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: Extreme 3610 AP problems

2015-03-27 Thread Jeremy Gibbs

I received this response off the list by the kind gentleman, Paul Miklas.
He said he tried to post it to the listserv but for some reason it didn't
work. So, it seems like other people are having some issues so I will post
what he said to me.


"I've been running into the same issue after we upgraded to that version
during spring break.  A call to GTAC identified an issue with the 3610s and
I was giving a new version of firmware for the 3610s to apply.  We updated
a few APs for testing and so far looks good.  Tomorrow morning
 I'll apply to the rest of the 3610s that we
have.  The new version of AP firmware is  9.15.05.0006.

The ap.log file showed this message:

kernel: ieee80211_node.c:1433-ieee80211_tmp_node()-Temp node alloced for
04:E5:36:10:B9:1C

This was the clue according to GTAC that there is an issue.

Fingers crossed that the upgrade goes well and this issue is resolved.  I
suggest you call GTAC and get the issue escalated."

Hope this helps some people out and thanks for the heads up Paul.

On Friday, March 27, 2015, River R. Perry  wrote:

> We weren't either at 9.12. I believe we have the 9.15 as well. G
>
>
>
> On Mar 27, 2015, at 7:13 PM, Jordan Sage  > wrote:
>
>  I’m on 9.12 and not experiencing the issues you are explaining.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On
> Behalf Of *River R. Perry
> *Sent:* Friday, March 27, 2015 4:53 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> 
> *Subject:* Re: [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> We upgraded to the newest firmware not sure of the exact version # right
> now and this first week of school users in 3610 areas on campus have had a
> horrible experience. Sent traces of known troublesome 3610 coverage areas
> and there is a known issue with 3610s passing traffic we received a hot fix
> from them and are deploying it early in the morning. If that doesn't work
> we will back rev.
>
>
>
> River Perry
>
> Network Services
>
> St.edwards University
>
>
> On Mar 27, 2015, at 6:45 PM, Jordan Sage  > wrote:
>
>  And backhaul bandwidth is not taxed?  I know I have to reboot an
> occasional 3610 for acting up.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [
> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On
> Behalf Of *Jeremy Gibbs
> *Sent:* Friday, March 27, 2015 4:43 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> 
> *Subject:* Re: [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> <5 users usually.  I'm just not sure what to do at this point.
>
> On Friday, March 27, 2015, Jordan Sage  > wrote:
>
>  How many users are connected to your 3610’s?  We have found that
> anything over 35 users on a 3610 will cause a whole host of issues.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeremy Gibbs
> *Sent:* Friday, March 27, 2015 3:56 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> Hello,
>
>
>
> We recently upgraded to firmware 09.15.04.001.  We have had many issues
> with users staying connected, but not being able to forward traffic.
> Especially after doing something like a speed test.
>
>
>
> During a period of high utilization such as a speedteset, the client will
> appear to loose connectivity to the Internet (can't ping out), but I can
> continue to ping internally but nothing else.
>
>
>
> The only way to fix this is to disconnect and reconnect.
>
>
>
> Here are our radio settings.
>
>
>
>
>
> Radio 1:
> Admin Mode: On
> Radio Mode: a/n
> Channel Width: 40MHZ
> Guard Interval: Short
> ATPC: Disabled
> Max Tx Power: 24 dbm
> Min Tx Power: 10 dbm
> Auto Tx Power Ctrl Adj: 0 dbm
> Channel Plan: All Channels
> Ant Selection: L/M/R
> Advanced:
> DTIM Period: 2
> Beacon Period: 100
> RTS/CTS Threshold: 2346
> Frag. Threshold: 2346
> Maximum Distance: 100
> Dynamic Channel Selection: Monitor Mode
> DCS Noise Threshold: -80
> DCS Channel Occupancy Threshold: 100
> DCS Update Period: 5
> Min Basic Rate: 24Mbps
> Max % of non-unicast traffic: n/a
> Optimized for power save: n/a
> Adaptable Rate: n/a
> Multicast to Unicast delivery: n/a
> Protection Mode: None
> Protection Type: CTS only
> 40Mhz Channel Busy Threshold: 50
> Aggregate MSDUs: Enabled
> Aggregate MPDUs: Enabled
> Aggregate MPDU Max Length: 65535
> Agg. MPDU Max # of Sub-frames: 64
> ADDBA Support: Enabled
>
>
>
>
> Radio 2:
> Admin Mode: On
> Radio Mode: g/n
&

Re: Extreme 3610 AP problems

2015-03-27 Thread Jeremy Gibbs

Wired speed < 3 Mbps. I have rebooted the aps multiple times.  It's an
802.1X network. The clients all seem to bounce between APs a lot since the
new code. I wonder if the reauth is failing but it's not reporting it in
NAC or the wireless controller and I end up between policy's. We installed
this code to fix our APs from randomly rebooting all the time.

On Friday, March 27, 2015, Jordan Sage  wrote:

>  And backhaul bandwidth is not taxed?  I know I have to reboot an
> occasional 3610 for acting up.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On
> Behalf Of *Jeremy Gibbs
> *Sent:* Friday, March 27, 2015 4:43 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> 
> *Subject:* Re: [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> <5 users usually.  I'm just not sure what to do at this point.
>
> On Friday, March 27, 2015, Jordan Sage  > wrote:
>
>  How many users are connected to your 3610’s?  We have found that
> anything over 35 users on a 3610 will cause a whole host of issues.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Jeremy Gibbs
> *Sent:* Friday, March 27, 2015 3:56 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> Hello,
>
>
>
> We recently upgraded to firmware 09.15.04.001.  We have had many issues
> with users staying connected, but not being able to forward traffic.
> Especially after doing something like a speed test.
>
>
>
> During a period of high utilization such as a speedteset, the client will
> appear to loose connectivity to the Internet (can't ping out), but I can
> continue to ping internally but nothing else.
>
>
>
> The only way to fix this is to disconnect and reconnect.
>
>
>
> Here are our radio settings.
>
>
>
>
>
> Radio 1:
> Admin Mode: On
> Radio Mode: a/n
> Channel Width: 40MHZ
> Guard Interval: Short
> ATPC: Disabled
> Max Tx Power: 24 dbm
> Min Tx Power: 10 dbm
> Auto Tx Power Ctrl Adj: 0 dbm
> Channel Plan: All Channels
> Ant Selection: L/M/R
> Advanced:
> DTIM Period: 2
> Beacon Period: 100
> RTS/CTS Threshold: 2346
> Frag. Threshold: 2346
> Maximum Distance: 100
> Dynamic Channel Selection: Monitor Mode
> DCS Noise Threshold: -80
> DCS Channel Occupancy Threshold: 100
> DCS Update Period: 5
> Min Basic Rate: 24Mbps
> Max % of non-unicast traffic: n/a
> Optimized for power save: n/a
> Adaptable Rate: n/a
> Multicast to Unicast delivery: n/a
> Protection Mode: None
> Protection Type: CTS only
> 40Mhz Channel Busy Threshold: 50
> Aggregate MSDUs: Enabled
> Aggregate MPDUs: Enabled
> Aggregate MPDU Max Length: 65535
> Agg. MPDU Max # of Sub-frames: 64
> ADDBA Support: Enabled
>
>
>
>
> Radio 2:
> Admin Mode: On
> Radio Mode: g/n
> Channel Width: 20MHz
> Guard Interval: Long
> ATPC: Disabled
> Max Tx Power: 24 dbm
> Min Tx Power: 10 dbm
> Auto Tx Power Ctrl Adj: 0 dbm
> Channel Plan: 3-Channel Plan
> Ant Selection: L/M/R
> Advanced:
> DTIM Period: 5
> Beacon Period: 100
> RTS/CTS Threshold: 2346
> Frag. Threshold: 2346
> Maximum Distance: 100
> Dynamic Channel Selection: Monitor Mode
> DCS Noise Threshold: -80
> DCS Channel Occupancy Threshold: 100
> DCS Update Period: 5
> Min Basic Rate: 24 Mbps
> Max % of non-unicast traffic: n/a
> Optimized for power save: n/a
> Adaptable Rate: n/a
> Multicast to Unicast delivery: n/a
> 11b:
> Preamble: n/a
> 11g:
> Protection Mode: None
> Protection Rate: n/a
> Protection Type: CTS only
> 11n:
> Protection Mode: None
> Protection Type: CTS only
> 40Mhz Channel Busy Threshold: n/a
> Aggregate MSDUs: Enabled
> Aggregate MPDUs: Enabled
> Aggregate MPDU Max Length: 65535
> Agg. MPDU Max # of Sub-frames: 64
> ADDBA Support: Enabled
>
>
>
>
>
> Thanks
>
>
>
> Jeremy
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
>
> --
>
>
>
> *-- Jeremy L. Gibbs*
>
> Network Engineer
> Utica College IITS
>
> T: (315) 223-2383
>
> F: (315) 792-3814
>
> E: jlgi...@utica.edu 
>
> http://www.utica.edu
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>


-- 


*--Jeremy L. Gibbs*
Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: Extreme 3610 AP problems

2015-03-27 Thread Jeremy Gibbs

<5 users usually.  I'm just not sure what to do at this point.

On Friday, March 27, 2015, Jordan Sage  wrote:

>  How many users are connected to your 3610’s?  We have found that
> anything over 35 users on a 3610 will cause a whole host of issues.
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> ] *On
> Behalf Of *Jeremy Gibbs
> *Sent:* Friday, March 27, 2015 3:56 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> 
> *Subject:* [WIRELESS-LAN] Extreme 3610 AP problems
>
>
>
> Hello,
>
>
>
> We recently upgraded to firmware 09.15.04.001.  We have had many issues
> with users staying connected, but not being able to forward traffic.
> Especially after doing something like a speed test.
>
>
>
> During a period of high utilization such as a speedteset, the client will
> appear to loose connectivity to the Internet (can't ping out), but I can
> continue to ping internally but nothing else.
>
>
>
> The only way to fix this is to disconnect and reconnect.
>
>
>
> Here are our radio settings.
>
>
>
>
>
> Radio 1:
> Admin Mode: On
> Radio Mode: a/n
> Channel Width: 40MHZ
> Guard Interval: Short
> ATPC: Disabled
> Max Tx Power: 24 dbm
> Min Tx Power: 10 dbm
> Auto Tx Power Ctrl Adj: 0 dbm
> Channel Plan: All Channels
> Ant Selection: L/M/R
> Advanced:
> DTIM Period: 2
> Beacon Period: 100
> RTS/CTS Threshold: 2346
> Frag. Threshold: 2346
> Maximum Distance: 100
> Dynamic Channel Selection: Monitor Mode
> DCS Noise Threshold: -80
> DCS Channel Occupancy Threshold: 100
> DCS Update Period: 5
> Min Basic Rate: 24Mbps
> Max % of non-unicast traffic: n/a
> Optimized for power save: n/a
> Adaptable Rate: n/a
> Multicast to Unicast delivery: n/a
> Protection Mode: None
> Protection Type: CTS only
> 40Mhz Channel Busy Threshold: 50
> Aggregate MSDUs: Enabled
> Aggregate MPDUs: Enabled
> Aggregate MPDU Max Length: 65535
> Agg. MPDU Max # of Sub-frames: 64
> ADDBA Support: Enabled
>
>
>
>
> Radio 2:
> Admin Mode: On
> Radio Mode: g/n
> Channel Width: 20MHz
> Guard Interval: Long
> ATPC: Disabled
> Max Tx Power: 24 dbm
> Min Tx Power: 10 dbm
> Auto Tx Power Ctrl Adj: 0 dbm
> Channel Plan: 3-Channel Plan
> Ant Selection: L/M/R
> Advanced:
> DTIM Period: 5
> Beacon Period: 100
> RTS/CTS Threshold: 2346
> Frag. Threshold: 2346
> Maximum Distance: 100
> Dynamic Channel Selection: Monitor Mode
> DCS Noise Threshold: -80
> DCS Channel Occupancy Threshold: 100
> DCS Update Period: 5
> Min Basic Rate: 24 Mbps
> Max % of non-unicast traffic: n/a
> Optimized for power save: n/a
> Adaptable Rate: n/a
> Multicast to Unicast delivery: n/a
> 11b:
> Preamble: n/a
> 11g:
> Protection Mode: None
> Protection Rate: n/a
> Protection Type: CTS only
> 11n:
> Protection Mode: None
> Protection Type: CTS only
> 40Mhz Channel Busy Threshold: n/a
> Aggregate MSDUs: Enabled
> Aggregate MPDUs: Enabled
> Aggregate MPDU Max Length: 65535
> Agg. MPDU Max # of Sub-frames: 64
> ADDBA Support: Enabled
>
>
>
>
>
> Thanks
>
>
>
> Jeremy
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>


-- 


*--Jeremy L. Gibbs*
Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Extreme 3610 AP problems

2015-03-27 Thread Jeremy Gibbs

Hello,

We recently upgraded to firmware 09.15.04.001.  We have had many issues
with users staying connected, but not being able to forward traffic.
Especially after doing something like a speed test.

During a period of high utilization such as a speedteset, the client will
appear to loose connectivity to the Internet (can't ping out), but I can
continue to ping internally but nothing else.

The only way to fix this is to disconnect and reconnect.

Here are our radio settings.



Radio 1:
Admin Mode: On
Radio Mode: a/n
Channel Width: 40MHZ
Guard Interval: Short
ATPC: Disabled
Max Tx Power: 24 dbm
Min Tx Power: 10 dbm
Auto Tx Power Ctrl Adj: 0 dbm
Channel Plan: All Channels
Ant Selection: L/M/R
Advanced:
DTIM Period: 2
Beacon Period: 100
RTS/CTS Threshold: 2346
Frag. Threshold: 2346
Maximum Distance: 100
Dynamic Channel Selection: Monitor Mode
DCS Noise Threshold: -80
DCS Channel Occupancy Threshold: 100
DCS Update Period: 5
Min Basic Rate: 24Mbps
Max % of non-unicast traffic: n/a
Optimized for power save: n/a
Adaptable Rate: n/a
Multicast to Unicast delivery: n/a
Protection Mode: None
Protection Type: CTS only
40Mhz Channel Busy Threshold: 50
Aggregate MSDUs: Enabled
Aggregate MPDUs: Enabled
Aggregate MPDU Max Length: 65535
Agg. MPDU Max # of Sub-frames: 64
ADDBA Support: Enabled


Radio 2:
Admin Mode: On
Radio Mode: g/n
Channel Width: 20MHz
Guard Interval: Long
ATPC: Disabled
Max Tx Power: 24 dbm
Min Tx Power: 10 dbm
Auto Tx Power Ctrl Adj: 0 dbm
Channel Plan: 3-Channel Plan
Ant Selection: L/M/R
Advanced:
DTIM Period: 5
Beacon Period: 100
RTS/CTS Threshold: 2346
Frag. Threshold: 2346
Maximum Distance: 100
Dynamic Channel Selection: Monitor Mode
DCS Noise Threshold: -80
DCS Channel Occupancy Threshold: 100
DCS Update Period: 5
Min Basic Rate: 24 Mbps
Max % of non-unicast traffic: n/a
Optimized for power save: n/a
Adaptable Rate: n/a
Multicast to Unicast delivery: n/a
11b:
Preamble: n/a
11g:
Protection Mode: None
Protection Rate: n/a
Protection Type: CTS only
11n:
Protection Mode: None
Protection Type: CTS only
40Mhz Channel Busy Threshold: n/a
Aggregate MSDUs: Enabled
Aggregate MPDUs: Enabled
Aggregate MPDU Max Length: 65535
Agg. MPDU Max # of Sub-frames: 64
ADDBA Support: Enabled


Thanks

Jeremy

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Power Management

2014-09-08 Thread Jeremy Gibbs

Command line show power inline with the "|" include should work out well.
 You could also have a programmer develop something for you.  You would
just have to walk the SNMP tree and take port descriptions and power
levels.  Also, if you use Cacit, check for a plugin that will graph total
power usage.  That may be interesting to trend and could help with UPS
sizing in the future etc.

On Mon, Sep 8, 2014 at 12:39 PM, Peter P Morrissey  wrote:

>  We just use the command line, and don’t seem to need to do much
> management as the devices are plug and play. Occasionally we power
> something down and up to reset it and occasionally we have to check on a
> power issue, but it seems to mostly take care of itself.  I can’t say I
> have ever missed not having a GUI for this purpose, and it definitely make
> sense to get rid of the midspans if the switches take care of it.
>
>
>
> Pete Morrissey
>
>
>
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Watters, John
> *Sent:* Monday, September 08, 2014 12:22 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* [WIRELESS-LAN] Power Management
>
>
>
>
>
> I have been using the PowerDsine PoE inserters (6, 12, & 24 ports) for
> years and am generally very pleased with them. We started using them before
> VoIP caught on and before our switches had built-in PoE. I am now getting
> pressure to abandon the PowerDsine devices since all of our new switches do
> have PoE (mostly using Cisco 3750x/3850x for distribution now).
>
>
>
> The problem I have with abandoning the PowerDsine units is the lack of a
> nice graphical management tool for the PoE on my Cisco switches. Has anyone
> found a nice tool for power management of Cisco switches?
>
>
>
> At a minimum I need to see the interface name, the interface description,
> and the current power usage; and be able to easily toggle power off and
> back on. It would be very nice to be able to only show the interfaces that
> have a description matching a specified mask so I could look at only APs,
> only phones, all, etc., based on my mask.
>
>
>
> We don’t really want to turn on HTTP for the switches, but we could if
> this would provide what we need for power management.
>
>
>
> Any advice would be appreciated.
>
>
>
> Thanks.
>
>
>
>
>
>
>
> -jcw
> [image: UA Logo]
>
>
>
>
> John Watters   The University of Alabama
>
> Office of Information
> Technology
>
> 205-348-3992
>
>
>
>
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>  ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>


-- 


*--Jeremy L. Gibbs*
Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
E: jlgi...@utica.edu
http://www.utica.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Mac OS X Lion 10.7.2 update breaks SSL when visiting wireless portal

2011-11-04 Thread Jeremy Gibbs

We have been having problem with the latest version of Apples 10.7.2
operating system.  When students get redirected to our wireless portal, it
breaks the ability for Mac OS X to connect to any SSL (https) enabled site.
 For example, http://www.facebook.com will work fine, but
https://www.facebook.com will not work at all (wired or wireless at this
point).

To fix this issue, you must remove the /Library/Keychain/system.keychain
and the ~/Library/Keychain/login.keychain files.  Then after the computer
sleeps or gets restarted, the same problem is experienced.

Here is an Apple support page.

https://discussions.apple.com/thread/3428078?start=0&tstart=0


-- 
Jeremy L. Gibbs
Systems Administrator
Utica College
Integrated Information Technology Services
(315) 223-2383

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

53 matches

Mail list logo