Re: [WIRELESS-LAN] Aruba information sharing Zoom call
On Sep 17, 2021, at 21:29, Patrick McEvilly mailto:patrick_mcevi...@harvard.edu>> wrote: This group has been a great help to us as we dealt with several issues over the past two weeks related to our Aruba wireless infrastructure. Just to add our experiences to the mix…..Aruba came out with a more widely available 8.7.1.5 C build last week. We installed it on our beta/test controller cluster on Friday and are planning on doing one of our campus controller clusters tomorrow morning and then the other on Wednesday. The other published mitigations have had us in a stable state over the past 10 days or so. Then we are all waiting for the 8.7.1.6 GA build in a couple of weeks. Fingers crossed…..thanks to everyone here and at Aruba who has been sharing very helpful information and working with us through all of this. -- Julian Y. Koh Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <https://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root
On Aug 9, 2021, at 07:56, Tim Cappalli <0194c9ecac40-dmarc-requ...@listserv.educause.edu<mailto:0194c9ecac40-dmarc-requ...@listserv.educause.edu>> wrote: Lets not go down this rabbit hole again. I thought there was a picture of a rabbit and a hole in the dictionary next to “mailing list” and “USENET”. :) Or is that just in reference to NANOG and IPv6? :) :) :) -- Julian Y. Koh Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <https://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Aruba Founders Retiring (CEO, CTO, and Architect)
On Jun 2, 2021, at 08:09, Johnson, Neil M mailto:neil-john...@uiowa.edu>> wrote: CEO Blog Post - https://blogs.arubanetworks.com/uncategorized/lets-name-it-aruba/<https://urldefense.com/v3/__https://blogs.arubanetworks.com/uncategorized/lets-name-it-aruba/__;!!Dq0X2DkFhyF93HkjWTBQKhk!Cnb1xiQgrLAThmoMVkpkQjNK1vo-w0syYItoUkmHoX9vnNxMt3pVcAfIkRIxy_UvBQXOEw$> CTO Blog Post - https://blogs.arubanetworks.com/uncategorized/my-aruba-journey/<https://urldefense.com/v3/__https://blogs.arubanetworks.com/uncategorized/my-aruba-journey/__;!!Dq0X2DkFhyF93HkjWTBQKhk!Cnb1xiQgrLAThmoMVkpkQjNK1vo-w0syYItoUkmHoX9vnNxMt3pVcAfIkRIxy_UwO0oztA$> Chief Architect - https://blogs.arubanetworks.com/uncategorized/reflecting-on-my-aruba-family/<https://urldefense.com/v3/__https://blogs.arubanetworks.com/uncategorized/reflecting-on-my-aruba-family/__;!!Dq0X2DkFhyF93HkjWTBQKhk!Cnb1xiQgrLAThmoMVkpkQjNK1vo-w0syYItoUkmHoX9vnNxMt3pVcAfIkRIxy_UkeABHnQ$> Thanks for sharing, Neil. Definitely end of an era. Fingers crossed that this transition is as successful as their last few major transitions over the past few years! -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <https://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Rate Limits on Guest Wi-Fi
On Apr 12, 2021, at 18:20, Curtis K. Larsen mailto:curtis.k.lar...@utah.edu>> wrote: Curious to know if any have removed or recently raised the rate limit on the Guest Wi-Fi network at your institution, particularly large universities or hospitals. If you have taken that step how is it going? Also curious to hear what speeds you rate limit to if it is rate limited and how you came to that conclusion. When we first rolled out guest wi-fi I don’t know how many years ago, we rate limited things to 3Mbps per device. A number of years ago, we upped it to 10Mbps. The general thinking was that people should probably be able to watch 1 HD video stream comfortably. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Wi-Fi and Covid
On Apr 1, 2021, at 16:03, Philippe Hanset <005cd62f91b7-dmarc-requ...@listserv.educause.edu<mailto:005cd62f91b7-dmarc-requ...@listserv.educause.edu>> wrote: Ok, Full Disclosure … I was in shortage of April 1st fun :) Well, you got all of us….. :) Nicely done! -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Wi-Fi and Covid
On Apr 1, 2021, at 14:29, Philippe Hanset <005cd62f91b7-dmarc-requ...@listserv.educause.edu<mailto:005cd62f91b7-dmarc-requ...@listserv.educause.edu>> wrote: Has anyone else been approached by AFCOTRA? They have developed an algorithm to map Wireless users and Covid Contamination. They want to use Wi-Fi logs to establish mapping of Covid Cross Contamination on campus. (I guess linking MAC address to Wi-Fi triangulation) We haven’t talked to that organization specifically, but last year there was a bit of discussion about using Wi-Fi data to assist with contact tracing and with occupancy level tracking around campus. At least a couple of the Wi-Fi vendors came up with analytics/reporting tools that would assist with this type of thing. We chose not to implement anything like this due to privacy concerns primarily. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Outdoor WLANs?
7sMuj5WlNEDMo5-CZiC439ECdX4cCbg$> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.com/v3/__https://nam10.safelinks.protection.outlook.com/?url=https*3A*2F*2Fwww.educause.edu*2Fcommunity=04*7C01*7Ccae104*40PSU.EDU*7Ce5a86993b04148feede908d8df30a5dd*7C7cf48d453ddb4389a9c1c115526eb52e*7C0*7C1*7C637504747331604026*7CUnknown*7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0*3D*7C3000=EF7cV5sH1a3VWL6gKM*2BkWzjYeKh1P*2FKmMHJujYyUw3Q*3D=0__;JSUlJSUlJSUlJSUlJSUlJSUlJQ!!Dq0X2DkFhyF93HkjWTBQKhk!E8yTGpHyYZCL3s7lHopWT4NA1ublfWPVKkOu59h7sMuj5WlNEDMo5-CZiC439ECdX4cCbg$> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.com/v3/__https://www.educause.edu/community__;!!Dq0X2DkFhyF93HkjWTBQKhk!E8yTGpHyYZCL3s7lHopWT4NA1ublfWPVKkOu59h7sMuj5WlNEDMo5-CZiC439EDaqi0OsA$> -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Macbook zoom wireless dropout issues
On Feb 12, 2021, at 07:56, Sidharth Nandury mailto:nandu...@denison.edu>> wrote: We are an Aruba shop at Denison University and have received reports of issues on Zoom and Google Meet as well mostly on Mac OS. Looking into the Zoom dashboard statistics of some of these calls we are seeing the "Max Loss" percentage go up to 99% frequently and back down to 2-6 % on wireless when there are no issues. We can generally co-relate this to higher ping responses. I would also love to what other Universities are doing to look at this. This thread reminded me of a recent on on the NANOG mailing list about Macs and wireless issues. Go to https://mailman.nanog.org/pipermail/nanog/2020-October/thread.html and look at the thread titled "Apple Catalina Appears to Introduce Massive Jitter”. I can’t remember all of the details but the tl;dr summary that I remember involved some interaction between Bluetooth, possibly Location Services, and Wi-Fi. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Large Venue Wireless
On Jan 19, 2021, at 16:45, Evans, Mr. Chad mailto:cev...@tarleton.edu>> wrote: We are researching options to provide Wi-Fi at our University Football Stadium. The request is to utilize the University's central IT Enterprise Network for connectivity. Due to limited resources and security concerns we prefer to partner with a vendor to design, implement and maintain the solution. I would appreciate any feedback in regards to utilizing central IT Enterprise Network for guest Wi-Fi in large venues. A few years back we renovated our arena that is used for basketball and other indoor events. We worked with Athletics to evaluate LPV (Large Public Venue) offerings from different vendors and select one to perform the work and provide support during events. The overall external connectivity does get out to the internet through the main campus network, but the arena network itself is treated as a separate segment of our overall campus network. Our network engineering team does have visibility and access into the environment. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Clover Flex - eduroam
I'm not a PCI QSA, nor do I play one on TV, but if the Clover Flex does P2PE (Point to Point Encryption), that should prevent the underlying network from being in PCI scope. -- Julian Y. Koh kohs...@northwestern.edu On 12/9/20, 15:00, "The EDUCAUSE Wireless Issues Community Group Listserv on behalf of Lee H Badman" wrote: Wouldn't this put your whole Eduroam environment in PCI scope? Lee Badman | Network Architect (CWNE#200) Information Technology Services (NDD Group) 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 e lhbad...@syr.edu w its.syr.edu Campus Wireless Policy: https://urldefense.com/v3/__https://answers.syr.edu/display/network/Wireless*Network*and*Systems__;Kysr!!Dq0X2DkFhyF93HkjWTBQKhk!GsFZZKdAst3g9mSXaGuxZrqFhqmFFlfBP0p_bs87p6SAXkfsAIxiy_tIhRTPMdBc6th9rg$ SYRACUSE UNIVERSITY syr.edu -Original Message- From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Aaron Brunck Sent: Wednesday, December 9, 2020 10:51 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Clover Flex - eduroam Hello, We are attempting to install a Clover Flex credit card reader on our eduroam network but we have been running into issues. The Clover Flex is locked down and will not allow us to install a web browsing app which would allow us to install the required certs for our eduroam environment. Investigated installing the signed root certificate but did not see a way to do this over a wireless hotspot connection. We have also tried to authenticate the Clover Flex with anonymous credentials but it is still unhappy. Has anyone been able to successfully configure one of these devices for an eduroam network? ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://urldefense.com/v3/__https://www.educause.edu/community__;!!Dq0X2DkFhyF93HkjWTBQKhk!GsFZZKdAst3g9mSXaGuxZrqFhqmFFlfBP0p_bs87p6SAXkfsAIxiy_tIhRTPMdCdZZ4gJQ$ ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://urldefense.com/v3/__https://www.educause.edu/community__;!!Dq0X2DkFhyF93HkjWTBQKhk!GsFZZKdAst3g9mSXaGuxZrqFhqmFFlfBP0p_bs87p6SAXkfsAIxiy_tIhRTPMdCdZZ4gJQ$ ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Status of Wi-Fi 6 Client Drivers?
On Sep 23, 2020, at 16:38, Lee H Badman <00db5b77bd95-dmarc-requ...@listserv.educause.edu<mailto:00db5b77bd95-dmarc-requ...@listserv.educause.edu>> wrote: What is truly frustrating is that all vendors involved are likely members of the Wi-Fi Alliance, whose "interoperability" testing obviously isn't getting it done. I hear the frustration in general, but in this specific case it seems like the frustration should be directed not at the fact that there are incompatible drivers but the difficulty in being able to update those drivers? It’s not the Wi-Fi Alliance’s fault that users have to figure out to download new drivers directly from the NIC manufacturer instead of just getting them as part of an automatic update process, is it? -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Antenna mounting suggestions
On Aug 29, 2020, at 22:36, Ricardo Stella mailto:ste...@rider.edu>> wrote: Many look for hidden Mickeys at WDW. I like to look for APs but they are well hidden. Then again, no need to hide them in Galaxy’s Edge.. The Disney folks were great to talk with at recent Atmosphere conferences. They had all sorts of fun pictures and stories to tell about hiding (or not hiding as you point out) APs in the parks. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] MAC Randomization, a step further...
On Aug 6, 2020, at 09:51, Enfield, Chuck mailto:cae...@psu.edu>> wrote: How can we fulfill DMCA requirements when we can’t even identify a device, let alone the user? If you want to remain anonymous, use a different network. IANAL, and I don’t even play one on TV, but my admittedly old understanding of the DMCA is that it’s not necessarily mandating that you have to be able to identify every single device on your network. Indeed, some institutions’ responses to DMCA notices has been that they don’t have the necessary information to be able to take action. So IMO, assuming (which is dangerous) that I’m correct, that if MAC randomization puts an undue burden and/or large obstacles on your ability to track down a device/user and cut it off from the network, the DMCA alone shouldn’t be seen as a mandate to try to disable MAC randomization. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Cisco pre-DNA Spaces Location Service, Contact Tracing
On May 27, 2020, at 12:30, Lee H Badman <00db5b77bd95-dmarc-requ...@listserv.educause.edu<mailto:00db5b77bd95-dmarc-requ...@listserv.educause.edu>> wrote: My question is specifically for Cisco legacy location services users. Are you all doing anything specific in anticipation of possibly needing to provide Wi-Fi location data for contact tracing? Are you being specifically asked about it by your management? We had a bit of a discussion about this on the monthly CommTech EDUCAUSE call today. No one has specifically asked us to provide this data yet, but the general approach we’re taking is that Wi-Fi data does not provide the necessarily granularity to do true contact tracing, and any data we provide will only be applicable to our campus. So Wi-Fi data can be useful as a secondary/tertiary support to true contact tracing (ie, person X has been diagnosed with COVID-19 and is working to retrace movements over the past 14 days) and campus preparations (based on historical and/or real-time present data, here are the areas where we expect to have the highest densities of people, so let’s direct efforts with respect to more frequent cleaning, signage, line/queue management, etc in those areas). -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Wireless location data for contact tracing
The UK folks are supposedly looking at switching to the Apple/Google APIs. That should address the background concerns as well as privacy issues with their centralized model. https://techcrunch.com/2020/05/07/uk-eyeing-switch-to-apple-google-api-for-coronavirus-contacts-tracing-report/ On May 15, 2020, at 11:57, LaPorte, David mailto:david_lapo...@harvard.edu>> wrote: One challenging aspect of a Bluetooth-based approach is that the app must be open and in the foreground of the device (which must remain unlocked). That seems to be a common limitation with most other Bluetooth-based approaches (including Meridian), although it seems like the UK’s “NHS COVID-19” app has implemented a relatively untested workaround: https://techcrunch.com/2020/05/05/nhs-covid-19-the-uks-coronavirus-contacts-tracing-app-explained/<https://urldefense.com/v3/__https://techcrunch.com/2020/05/05/nhs-covid-19-the-uks-coronavirus-contacts-tracing-app-explained/__;!!Dq0X2DkFhyF93HkjWTBQKhk!E7_iREFnCxQZzunl4_5Ta54GQCz40BIAYWHXgJyYbFbhYMG18B7uMLNS1UkLy8nH3IB1Ow$>: Best, Dave — David LaPorte Harvard University Information Technology P: (617) 496-3446 From: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> on behalf of Julian Y Koh mailto:kohs...@northwestern.edu>> Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Date: Friday, May 15, 2020 at 12:38 To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>" mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] Wireless location data for contact tracing I’m not sure that Wi-Fi data will be the best for doing actual contact tracing. Maybe if you’ve got the full blown Meridian location tracking or something similar that can tie in Bluetooth-based beacons, but it seems to me that the granularity of Wi-Fi only data wouldn’t quite be up to what you’d need for effective contact tracing. I’m not completely convinced that Bluetooth doesn’t cast too wide a net either, but it’d be a lot better that Wi-Fi triangulation. Where we’re anticipating having the discussion around Wi-Fi data is gauging user/device density and duration of stay in general areas so that we can gauge what areas present the greater risks of exposure. There was a recent NYT article that explored this using cell phone location data. https://www.nytimes.com/interactive/2020/05/06/opinion/coronavirus-us-reopen.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.nytimes.com_interactive_2020_05_06_opinion_coronavirus-2Dus-2Dreopen.html=DwMGaQ=WO-RGvefibhHBZq3fL85hQ=MOrPzn96ki798xbUwXJc6Hbb8ZwV-Df1GCkE26WPyzg=6Pv6VtEpHK3IKdxjA-5mKmZ5tx8onLW0n73s1lNzqSg=Ex7WTUkXv2YMcRkug0XOhFtmR9CXTH33iawJ7C0f6dw=> Going back to contact tracing, as of right now we see the value of trying to roll our own app or system to be limited given that there’s no way to tell what people are going to do when they leave campus. I’m hoping the state will come up with something workable that we can then point everyone here to use. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.it.northwestern.edu_=DwMGaQ=WO-RGvefibhHBZq3fL85hQ=MOrPzn96ki798xbUwXJc6Hbb8ZwV-Df1GCkE26WPyzg=6Pv6VtEpHK3IKdxjA-5mKmZ5tx8onLW0n73s1lNzqSg=7SWaGbBsKunaURXtSDBN9ieYfTGRMj2sYauhkSsIV9A=>> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__bt.ittns.northwestern.edu_julian_pgppubkey.html=DwMGaQ=WO-RGvefibhHBZq3fL85hQ=MOrPzn96ki798xbUwXJc6Hbb8ZwV-Df1GCkE26WPyzg=6Pv6VtEpHK3IKdxjA-5mKmZ5tx8onLW0n73s1lNzqSg=8_FCvemye75IJtIcPzk0xmvGBQiFAH-FahCg-TlvTsA=>> On May 15, 2020, at 11:17, McGuire, Michael <00208832ddd0-dmarc-requ...@listserv.educause.edu<mailto:00208832ddd0-dmarc-requ...@listserv.educause.edu>> wrote: As I’m sure everyone else is doing, we’re working on plans for having our campus community rejoin us at some point. The question of “how far back do you keep wireless logs” was just asked which of course leads to “we want to see where a person has been on a given day”. This of course has privacy issues along with the technical challenges of storing and accessing that data. Has anyone else been asked to look into this or begun to make preparations for such? Being an Aruba shop we already leverage AirWave reports for our campus police when tracing lost or stolen devices as well as where a user has been or devices in an area at a specific time. This request seems to be a larger scale with potentially more moving parts. - Michael Michael McGuire Network Systems Admi
Re: [WIRELESS-LAN] Wireless location data for contact tracing
I’m not sure that Wi-Fi data will be the best for doing actual contact tracing. Maybe if you’ve got the full blown Meridian location tracking or something similar that can tie in Bluetooth-based beacons, but it seems to me that the granularity of Wi-Fi only data wouldn’t quite be up to what you’d need for effective contact tracing. I’m not completely convinced that Bluetooth doesn’t cast too wide a net either, but it’d be a lot better that Wi-Fi triangulation. Where we’re anticipating having the discussion around Wi-Fi data is gauging user/device density and duration of stay in general areas so that we can gauge what areas present the greater risks of exposure. There was a recent NYT article that explored this using cell phone location data. https://www.nytimes.com/interactive/2020/05/06/opinion/coronavirus-us-reopen.html Going back to contact tracing, as of right now we see the value of trying to roll our own app or system to be limited given that there’s no way to tell what people are going to do when they leave campus. I’m hoping the state will come up with something workable that we can then point everyone here to use. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> On May 15, 2020, at 11:17, McGuire, Michael <00208832ddd0-dmarc-requ...@listserv.educause.edu<mailto:00208832ddd0-dmarc-requ...@listserv.educause.edu>> wrote: As I’m sure everyone else is doing, we’re working on plans for having our campus community rejoin us at some point. The question of “how far back do you keep wireless logs” was just asked which of course leads to “we want to see where a person has been on a given day”. This of course has privacy issues along with the technical challenges of storing and accessing that data. Has anyone else been asked to look into this or begun to make preparations for such? Being an Aruba shop we already leverage AirWave reports for our campus police when tracing lost or stolen devices as well as where a user has been or devices in an area at a specific time. This request seems to be a larger scale with potentially more moving parts. - Michael Michael McGuire Network Systems Administrator Monmouth University mmcgu...@monmouth.edu<mailto:mmcgu...@monmouth.edu> 732.263.5589 <https://urldefense.com/v3/__https://www.monmouth.edu/?utm_source=Email*Signature_medium=email_campaign=Email*Signature*Generator__;Kysr!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLaFMvufg$> 400 Cedar Avenue West Long Branch, NJ 07764 monmouth.edu<https://urldefense.com/v3/__https://www.monmouth.edu/?utm_source=Email*Signature_medium=email_campaign=Email*Signature*Generator__;Kysr!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLaFMvufg$> <https://urldefense.com/v3/__https://twitter.com/monmouthu__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLnKTorsw$> <https://urldefense.com/v3/__https://www.facebook.com/MonmouthUniversity__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLszoFXbQ$> <https://urldefense.com/v3/__https://instagram.com/monmouthuniversity__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbLwXUY6fw$> <https://urldefense.com/v3/__https://www.snapchat.com/add/monmouthu__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbI6PXAvNQ$> <https://urldefense.com/v3/__https://www.linkedin.com/school/monmouth-university/__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbI9xp1Rqg$> We are a green campus. Think before you print. ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://urldefense.com/v3/__https://www.educause.edu/community__;!!Dq0X2DkFhyF93HkjWTBQKhk!GxdXiJ7V22R-CDaaztQ6k-ODF5Ou3tlHTD5MIYpPr8iu4Avdrb9P8gdGGcZypbKQBiQd7w$> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Requesting arena Wi-Fi feedback
On Mar 5, 2020, at 07:20, Allen Toms mailto:alt...@lsu.edu>> wrote: You are the second respondent to recommend MS Benbow. We'll have to check them out as we proceed. MS Benbow did our renovated arena with Aruba here at Northwestern a couple years ago. You should definitely check them out. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Ex: Re: [WIRELESS-LAN] neighbors 'jamming' 2.4GHz spectrum
On Jan 29, 2020, at 08:38, Coehoorn, Joel mailto:jcoeho...@york.edu>> wrote: I don't know about that. The enforcement example that stands out to me is Marriott was not allowed to use the fine print when you get a room to prohibit hot spots, interfering or not, and they paid a hefty fine because of it. The details are a little hazy with the passage of time, but IIRC the Marriott case was special because they were using the active rogue disassociation features of their wireless network to intentionally knock people off of any SSIDs other than the ones that they were operating. So that goes beyond simply radiating on a channel. Corrections/clarifications welcome as always! :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] rules for mis-behaving wireless clients
On Nov 20, 2019, at 11:16, Joseph M. Karam mailto:jka...@princeton.edu>> wrote: We would like to define a rule in our wireless infrastructure that says something like, “if the device failed authentication 20 times in 1 minute, do not allow it to authenticate again for 10 minutes”. Has anyone had good or bad experiences with defining these types of policies? This sounds like a variation of the “account lockout” question that pops up in security discussions, and the wireless situation you describe always comes up as one of the examples as to potentially bad consequences. IMO, the conversation needs to evolve to not just whether we should be locking out accounts but how can we do it in a smarter way? ie, it’s one thing to lock out an account where someone has been trying 100 different passwords in a time period vs the same password over and over again. Similarly, there are geolocation tools available so you could see, for example, that should be able to alert you if someone has been logging in successfully from a single geographical area for the past week but all of a sudden has a number of unsuccessful login attempts from a vastly different location. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Performance improvements from hallway to in-room
On Sep 5, 2019, at 12:43, Turner, Ryan H mailto:rhtur...@email.unc.edu>> wrote: thanks to data provided to us from Nyansa Voyance, we are able to clearly demonstrate to Housing that these funds were well spent. Very cool, Ryan, thanks for sharing! We did our shift to in-room a number of years ago, so we didn’t have cool visualizations of aggregate user experience like what products like Voyance and NetInsight provide today. I can’t remember all the exact details, but we had to mine our controllers for data and logs showing decreased incidences and presence of things like co-channel interference to show improvements from the redesign. Much easier today to let the magic machine learning analysis engines do that work for us! :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Aruba Wi-Gi 6 APs
On Sep 5, 2019, at 14:08, Turner, Ryan H mailto:rhtur...@email.unc.edu>> wrote: We've done a test deployment of Aruba 515s. There seem to be some driver compatibility issues. We have 2 IT buildings. I had an induvial able to connect and see SSIDs just fine in our building with 315s. When she came to the building with 515s, she saw nothing. I updated her drivers, and then everything worked. So just be aware you might see more of that. We were running 8.503 code (I think). Having users update their device drivers is on our standard troubleshooting script for when people call in trouble reports. It’s been solving problems for years. :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Re: [WIRELESS-LAN] Your eduroam semi-annual report
On Jul 5, 2018, at 20:40, Turner, Ryan H mailto:rhtur...@email.unc.edu>> wrote: They created it for us. I think we started getting them a few weeks ago. Yeah, we started getting them as well - I think they are very interesting. Our immediate question was whether information was aggregated somewhere or could somehow be compared with other institutions like ours, but the response was that the types of institutions are very disparate and that it might be something they look into for the future. One thing that I’m really curious about is the authentication success rates. I haven’t seen our semi-annual report that covers all of January-June, but just looking at the monthly reports, we’re around 68% success for the NU users who are traveling elsewhere (but June had a big dropoff to 55% down from 65% the month before) and ~51% for the guests who are visiting our institution. We don’t use eduroam as our primary SSID. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Indoor Navigation.
> On Jun 18, 2018, at 08:16, Yahya M. Jaber wrote: > > What about the outdoor areas, do you have such? > You use WiFi only? We have some outdoor Wi-Fi coverage, but not pervasive. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Indoor Navigation.
> On Jun 18, 2018, at 04:38, Yahya M. Jaber wrote: > > I just want to gather feedback from anyone who uses indoor navigation for > their campus, what is your feedback on your solution? What solution do you > use? What problems do you face? We used the Meridian system from Aruba/HPE in our new business school building last year, and our engineering school did a limited pilot before that. The system works in general, and Aruba support from the product team as always is excellent. The particular challenges we face are: 1.) The system itself costs a fair bit of money, so customers need to do a lot of planning from a budgeting perspective. I and others have been talking about alternative licensing models with Aruba, since the higher ed use case is definitely different from those of the original customer bases. 2.) The business school building specifically offered some unique challenges in terms of architecture. There are huge open atriums and other spaces that lead to beacons being _too_ visible, which can occasionally confuse the device trying to do the triangulation. 3.) While the development environment is quite easy to pick up, customers need to account for development time, especially if external integrations need to be built in. Just like #1, this adds to the necessary planning and resources that need to be brought to bear. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Re-authentication times for guest wireless solutions
> On May 10, 2018, at 11:00, Daniel Wurst <wur...@denison.edu> wrote: > > This summer we plan to make changes to our guest wireless solution. We plan > to have users go to a captive portal page on our Aruba controllers. Currently > we have our re-authentication interval set to 8 hours. We were wondering how > often other universities are making wireless guests re-authenticate to their > networks. > We do 7 days for registration. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] ClearPass - not so clear anymore
> On Apr 2, 2018, at 16:47, Trinklein, Jason R <trinkle...@cofc.edu> wrote: > > We are considering clearpass for our guest network captive portal. We have a > case of sticker shock, however…at a cost of nearly $50K, it seems expensive > for a captive portal. As others have said, talk to your account rep - there may be ways to reduce the pricing. ClearPass is expensive, especially if you’re getting it just for a single function. The value IMO comes about when you are able to leverage multiple capabilities, since again purely IMO Aruba has done a pretty good job of integrating disparate/acquired products into a cohesive whole. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Atmosphere Conference next week - higher education gathering
> On Mar 22, 2018, at 16:09, Brian Helman <bhel...@salemstate.edu> wrote: > > More generically speaking, as many of us go to conferences that may not be > Higher Education-specific, make sure you introduce yourselves to our peers, > and make sure they are aware of the Educause Constituency Groups (especially > this one and the NETMAN group). > I’ll be there Sunday-Wednesday. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Offline/Spare Gear Inventory Size
> On Feb 26, 2018, at 12:20, Trinklein, Jason R <trinkle...@cofc.edu> wrote: > > > I’m curious to know the size of your spare gear inventories. Do you keep a > percentage of each model of AP in inventory, and what is your reasoning? > Storms? Last minute/emergency wireless coverage needs? In addition to what’s already been mentioned, there are places where it can be advantageous to buy, say, your entire year’s supply of something so that you get a bigger purchasing discount. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Campus Wireless in Married or Family Student housing
> On Sep 15, 2017, at 06:41, Michael Davis <da...@udel.edu> wrote: > > I was wondering if anyone had policies or thoughts on wireless service in > Married/Family student housing? We have 2 buildings that provide family housing. We offer the same services there as all the other residence halls. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Backup power
> On Jul 20, 2017, at 10:02, Sandra Bury <sa...@fsmail.bradley.edu> wrote: > > I would be interested to know how many of you include UPS purchases for > switches in each network closet in your campus deployments. We put our switches on UPS. When a larger building UPS is available from facilities, we use that instead of small closet UPS units. > If you do not build in backup power, do you put your switches on a > maintenance contract, or do you pay to replace them when they fail outside of > warranty? > We self-insure on switches and access points. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] 802.1x expired certificate (Eduroam)
> On Jul 3, 2017, at 17:38, Marcelo Maraboli <marcelo.marab...@uc.cl> wrote: > > What happens on the supplicant side of the 802.1x (User) when the > Radius certificate expires ? > > I am interested in what the user will face and HAVE to do. > > We have found 2 possibilities: > a) The user is prompted to "trust" the new certificate and that's it. This has been our experience. Some clients behave differently here and there due to bugs and/or config differences, but generally the worst that happens is that people need to trust the new certificate. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] macOS Sierra and 802.1X certificate storage/validation
All fixed in 10.12.5, thanks to Tim for filing the bug report with Apple! <https://support.apple.com/en-us/HT207797>: === > 802.1X > Available for: macOS Sierra 10.12.4 > Impact: A malicious network with 802.1X authentication may be able to capture > user network credentials > Description: A certificate validation issue existed in EAP-TLS when a > certificate changed. This issue was addressed through improved certificate > validation. > CVE-2017-6988: Tim Cappalli of Aruba, a Hewlett Packard Enterprise company ====== -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> > On Mar 28, 2017, at 14:35, Cappalli, Tim (Aruba) <t...@hpe.com> wrote: > > As of 10.12.3, it does not seem to be prompting users to store the > certificate anymore. Still trying to track down what changed. > > > > On 3/28/17, 3:27 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv > on behalf of Julian Y Koh" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of > kohs...@northwestern.edu> wrote: > >Hey all, > >My Google-fu is weak today. Can anyone tell me where macOS Sierra > (10.12.x) stores the certificate used for wireless 802.1X EAP-PEAP > connections? In older versions of the OS, these were stored nicely in the > Keychain, but they don’t seem to be there anymore. > >We’re in the process of renewing the certificate on our RADIUS server, and > our fuzzy 3-year old memories are telling us that the Macs used to prompt > people again to accept the new certificate, but that doesn’t seem to be > happening now either. So all in all I’m a little confused. :) > >Thanks in advance! > >-- >Julian Y. Koh >Associate Director, Telecommunications and Network Services >Northwestern Information Technology > >2001 Sheridan Road #G-166 >Evanston, IL 60208 >+1-847-467-5780 >Northwestern IT Web Site: <http://www.it.northwestern.edu/> >PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> > > >** >Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at > https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_discuss=DwIGaQ=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws=ITCdJ8r7Mvmi4B5IfM-uUxBCe5N77i8k9OcsASk91Zg=ERaN25tueHepduqA5F6d0VOKN62NCdg7vngfRxToX8g=AYCkHalzoB5Xo6HrWo2peozbx2E35qV1FNM0nxZfg1k= > . > > > > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at > https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_discuss=DwIGaQ=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws=ITCdJ8r7Mvmi4B5IfM-uUxBCe5N77i8k9OcsASk91Zg=ERaN25tueHepduqA5F6d0VOKN62NCdg7vngfRxToX8g=AYCkHalzoB5Xo6HrWo2peozbx2E35qV1FNM0nxZfg1k= > . > ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Aruba AP Models - 315 vs 325
> On May 2, 2017, at 08:32, McClintic, Thomas <thomas.mcclin...@uth.tmc.edu> > wrote: > > Sorry, this was mentioned previously. I should have read bottom up instead of > top down J > Insert regular tilting at windmills rant about top posting here… :) :) :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] IPTV deployment
> On Apr 26, 2017, at 10:17, Baugh, Craig <c.ba...@tcu.edu> wrote: > > I am looking for any advice from colleges that have implemented IPTV services. > For many years we had a multicast Haivision/Video Furnace system. We never made the move to get that on wireless, and a few years back we implemented the Comcast Xfinity On Campus service. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
macOS Sierra and 802.1X certificate storage/validation
Hey all, My Google-fu is weak today. Can anyone tell me where macOS Sierra (10.12.x) stores the certificate used for wireless 802.1X EAP-PEAP connections? In older versions of the OS, these were stored nicely in the Keychain, but they don’t seem to be there anymore. We’re in the process of renewing the certificate on our RADIUS server, and our fuzzy 3-year old memories are telling us that the Macs used to prompt people again to accept the new certificate, but that doesn’t seem to be happening now either. So all in all I’m a little confused. :) Thanks in advance! -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Wireless Lighting Controls - impact on Wi-Fi or Wi-Fi's impact?
> On Mar 23, 2017, at 09:06, Williams, Jess <jess-willi...@utc.edu> wrote: > > Our campus Facilities department is looking at a wireless lighting control > system that uses a "Zigbee based" 2.4GHz wireless protocol. We’ve been getting some similar requests for things like thermostats and the like. I’m thinking that the opportunity exists for conversations that go beyond just frequency band usage and interference avoidance and talking about what possibilities exist to move these devices to the 802.11 network itself. Obviously that’s not going to work for every situation but I think we at least need to try to get ahead of this so that we can be involved in purchasing decisions/discussions. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Wireless Door lock systems
> On Mar 11, 2017, at 05:58, Brian David <davi...@bc.edu> wrote: > > I was wondering what other Universities experience with wireless door locks? > > How have the door locks been working? Is there a lot of maintenance with your > systems? We started using the Assa Abloy locks this academic year in a few renovated residence halls, so we haven’t hit a battery change cycle yet. Overall they seem to be working well. They can do 802.1X auth/encryption. I’m not aware of any major issues that have bubbled up to the networking team here after initial rollout. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Disney's Free Wi-Fi
> On Mar 3, 2017, at 15:01, Thomas Carter <tcar...@austincollege.edu> wrote: > > But density and usage patterns are much different. Someone is a Disney park > is much less likely to be streaming Netflix in HD compared to someone on a > college campus, for example. Additionally they are covering lots of open > spaces without as many pesky walls to block signals. I suspect their average > bandwidth usage per guest is much lower than the average bandwidth usage per > student. I’m not doubting the design or the results. It just surprised me. The outdoor numbers I’ll definitely believe are very different from our regular indoor usage patterns, but I would think all the hotel rooms have to be kind of similar to our residence halls. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Disney's Free Wi-Fi
> On Mar 3, 2017, at 13:22, Bob Brown <bbr...@nww.com> wrote: > > According to a wireless engineer at Disney, the WLAN infrastructure in > Orlando consists of about 3,500 Cisco and Aruba APs across resorts, 4 theme > parks etc. That seems like a low number to me, considering the AP counts I’ve seen us throw around here on the list for our campuses. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] SSID names
> On Feb 21, 2017, at 14:45, Cappalli, Tim (Aruba) <t...@hpe.com> wrote: > > Have you considered using eduroam as your primary 802.1X SSID? Yep, it’s been talked about, and we know that a number of schools are doing this quite successfully. Not highest on the priority list though at this point in time. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] SSID names
> On Feb 21, 2017, at 14:36, Jim Stasik <jsta...@mc3.edu> wrote: > > I am curious how others are naming and separating the SSIDs in their > environment? Northwestern - 802.1X authenticated/encrypted Guest-Northwestern - Public guest access eduroam - self-explanatory Device-Northwestern - MAC registration for devices that can’t do 802.1X authentication -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] Prime Infrastructure Validated Alternatives
> On Jan 11, 2017, at 07:31, Lee H Badman <lhbad...@syr.edu> wrote: > > I was a fan of WLSE, actually. > We used it and WLSM quite successfully here as well for our first generation wireless network deployments. It was one of those deals where just about everyone else was complaining constantly about it and we seemed to be just incredibly lucky to not have any of those problems. I have no idea what we were doing differently, but I’ll take it. :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
Re: [WIRELESS-LAN] WiFi simple (but useful) tools
Mac equivalents: 1.) option-click on the Airport icon in the menu bar to see instantaneous detailed information on the current connection. 2.) Another command-line Mac tool is available at: /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport This will give you all sorts of other info. Exploring the options is left as an exercise to the reader. :) > On Nov 29, 2016, at 09:13 , Hector J Rios <hr...@lsu.edu> wrote: > > The first thing I do when I notice WiFi issues on my Windows laptop is to > bring up the WiFi Status window on my wireless adapter. This tells me the > signal quality, the speed, and the SSID I'm connected to. If I select details > (Network Connection Details) I then get more info like IP address and my MAC > address. > > But sometimes we need to know more, right? For that I use the netsh commands. > If I open up my command prompt and type "netsh WLAN show interfaces", I now > have more pieces of information to work with. Of special importance is the > BSSID. This is the MAC address of the WAP I'm connected to. I also get Radio > Type, which indicates which 802.11 protocol my adapter is using for the > current connection. > > If you like this command and want to take it an extra step, you can write the > following script into your favorite text editor: > > :loop > netsh WLAN show interfaces > timeout /t 5 > goto loop > > Save this file as a .bat. When you run it, a command prompt will pop up and > the command will run and refresh every 5 seconds. Now you have a pretty cool > and useful tool to monitor your WLAN adapter. > > Regards, > > Hector > > ** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at > https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_=CwIFAg=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws=ITCdJ8r7Mvmi4B5IfM-uUxBCe5N77i8k9OcsASk91Zg=-L1wwgsB2ZdCWkgSdYS6aGquIa2nfRbE84wU3lN7PdM=r-9mBELadWUo4mM5z8kRajlEiz1hoklcbzJVpJXr4sE= > . -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] on-boarding of personal wireless devices
On Thu Nov 17 2016 12:55:37 CST, "Urrea, Nick" <urr...@uchastings.edu> wrote: > > We at UC Hastings would like to create/deploy an automated on-boarding > solution for wireless personal devices such as Xbox, Roku, Apple TV, > Chromecast, etc. > Any advice would be greatly appreciated. The wireless network team here used the ClearPass system this fall to roll out a new SSID for these types of devices this fall for our students. <http://www.it.northwestern.edu/oncampus/device-northwestern/> Basically students can register their devices via self service portal. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] College Sports Venue Wireless- In-House vs 3rd Party
On Tue Nov 08 2016 11:03:51 CST, Norman Elton <normel...@gmail.com> wrote: > > Just following up on this, were there any additional responses? We've actually started these conversations with our Athletics department as well. One of our facilities will be undergoing significant renovation over the next couple of years, and there is a huge focus on technology for enhancing the fan experience. In general we are looking to have a model where Athletics and a vendor are responsible for real time support for the infrastructure and systems that are reliant on it, but nothing's been finalized. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Educause Conference
On Fri Sep 16 2016 19:24:14 CDT, "Norton, Thomas (Network Services)" <tnort...@liberty.edu> wrote: > > Awesome! That’s good to hear. > Kind of mean to celebrate another man's burning of hamburger..... :):) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Disabling LEDs on APs
Heh. <http://www.networkworld.com/article/3117216/mobile-wireless/lights-out-why-it-shops-are-disabling-wireless-ap-leds.html> -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Aruba and Bradford
On Tue Jul 19 2016 16:09:34 CDT, Brian Helman <bhel...@salemstate.edu> wrote: > > If you are an Aruba AND Bradford shop, what was you reason for using Bradford > vs Clearpass? Our primary interest in NAC is onboarding and guest networks > (wired and wireless). We are currently a Bradford shop. Back when we were making our initial NAC decision to replace an old open source system for residence hall wired ports, it came down to Avenda vs. Bradford. At the time, Avenda (dangit autocorrect keeps trying to change that to Agenda!) was pretty much brand new, and although we preferred the overall architecture, the end user experience was pretty raw. So we ended up going with Bradford. Later on after Aruba bought Avenda and Amigopod and lumped all that together into ClearPass, we bought into that to replace our old Steel Belted RADIUS servers for authentication purposes and later on used the Amigopod functionality to service our guest wireless network captive portal (we had liked Amigopod from the beginning but gave Bradford a shot at that function first since we already owned that, and Amigopod was a little pricey). Now we use Bradford for device registration on the wired ports in the residence halls and public areas of the library. We also use it to implement quarantine functionality on all wired ports across the institution. Works fine for these purposes. ClearPass is used for central RADIUS authentication for wireless and various other services, guest registration, and quarantining for wireless. Also works fine for those purposes. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Aruba Controller code recommendations
On Mon Jun 13 2016 12:52:09 CDT, "Entwistle, Bruce" <bruce_entwis...@redlands.edu> wrote: > > We are looking to upgrade our Aruba 7210 controllers which are currently > running software version 6.4.2.4. Looking at the versions currently > available on the web site I see the latest GA version is 6.4.3.9 and the > latest ED version is 6.4.4.8. We're running 6.4.3.3. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Who wifi vendors does everyone use?
On Thu Mar 31 2016 21:31:37 CDT, "Whelan, Robert" <r.whe...@neu.edu> wrote: > > Northeastern is Aruba with over 3700 APs. Oh fine, I can't resist after that. Northwestern is Aruba with a little over 5000 APs. :) :) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco WLC5508
On Fri Mar 25 2016 06:40:48 CDT, Lee H Badman <lhbad...@syr.edu> wrote: > > It's pretty sad these questions even have to be asked, isn't it? The code > culture has become one where bugs are guaranteed and if we get mediocrity out > if the vendor, we celebrate it. I don't know if I've quite lost hope to that point. :) Our SEs with our various vendors are pretty good at working with us when planning an upgrade to do at least a high level examination of bugs to see if they are things that might impact our environment. Some vendors also have designations for how "safe" they think a given release might be for general deployments. i.e., unless you don't need the specific bug fix or feature that's in version X.Y right now, it's safer to hold off until X.Y.Z or until X.Y has been out in field for a while when it will be designated as "General Availability" or something similar. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Typical Registration Numbers for Guest Wireless Service?
On Thu Mar 10 2016 12:36:16 CST, "Zielske, Jessica" <jco...@exchange.vt.edu> wrote: > > Is anyone able to share stats on the quantity of guest registrations over a > time period, a daily average or the like? > Our device registrations are good for a period of 7 days. On average we see ~1000-1100 registration events per day on a weekday during the school year. We peak at about 2000 simultaneous devices on the guest wireless network on those days, with ~8000 unique devices seen per week. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Open Networks in Resnet
On Wed Mar 02 2016 14:35:00 CST, Lee H Badman <lhbad...@syr.edu> wrote: > > Other than Jeff Sessler at Scripps, who else is running an open network in > their resnet environment? At Northwestern, we have the following SSIDs: Northwestern (802.1X/WPA2-Enterprise EAP-PEAPv0) eduroam Guest-Northwestern (no encryption/authentication to associate, captive portal registration for 7 days of access, bandwidth/port/protocol restrictions) -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Current state of DAS in Higher Ed?
On Wed Feb 17 2016 12:46:30 CST, Pete Hoffswell <0012b553021b-dmarc-requ...@listserv.educause.edu> wrote: > > I'm interested to hear stories. We have a few LEEDS buildings that are quite > Faraday cage-like. Wonder if we should explore DAS, wait for wifi-calling, > or what We have indoor DAS (iDAS) installed in a few buildings. It's horrendously expensive, and there's pretty much no chance anymore of getting carriers to help fund it. The ACUTA group just did a series of webinars on cellular technologies and forecasting for the future, if you're a member of that organization. Wi-Fi calling is definitely going to play a key role. You might also want to look at what local regulations you have for public safety radios (police/fire/etc walkie-talkies) - there may be requirements for your institution to make sure that those signals can get into these new buildings too. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 +1-847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WIFI calling on iPhones with AT
On Wed Jan 20 2016 10:27:21 CST, Peter P Morrissey <ppmor...@syr.edu> wrote: > > And really, what would be the point of doing QOS in this case when 99% of the > end to end connection is out of your control? > I think when it comes to voice services, there is some merit to being able to implement some kind of control where possible and easy to do. For example, Aruba has had the capability to prioritize MS Lync voice/video traffic with a very easy checkbox for quite some time now. Assuming that the feature works the way it's supposed to in a given environment, to me it's an easy win to just turn it on and reduce the potential headache. Looking forward, again assuming (I know I'm making a ton of assumptions here) that the Wi-Fi calling traffic for different carriers can be similarly well characterized and thus prioritized, we'd definitely be interested in seeing how well the different vendors can actually implement this. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WIFI calling on iPhones with AT
On Mon Jan 18 2016 06:25:32 CST, "Osborne, Bruce W (Network Services)" <bosbo...@liberty.edu> wrote: > > Do you have any links or other information to share? We are not currently > doing anything for Wi-Fi calling. We don't have anything publicly available just yet, but Wi-Fi calling is going to be an integral part of our strategic cellular service plan for the campus (hopefully to be published in the next few months). With carriers not investing in interior DAS arrangements like they used to be, Wi-Fi is going to play an integral role in providing cellular service to many of our reception-challenged areas. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Beacons
On Tue Nov 24 2015 10:53:28 CST, "Turner, Ryan H" <rhtur...@email.unc.edu> wrote: > > For those of you that are on campuses that use wireless beacons to deliver > content and information to students, I am interested in hearing how it is > being deployed or plans to be deployed… We've done a pilot with one of our schools with 50 beacons - seemed to work pretty well for what they were looking for. Now we are looking at seeing how many other schools/departments might be interested in signing up, since ideally we would like the number of different apps to be as small as possible. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Beacons
On Mon Nov 30 2015 13:38:07 CST, "Turner, Ryan H" <rhtur...@email.unc.edu> wrote: > > Would you mind sharing how you are using the beacons? Basic wayfinding within a building. i.e., tell me how to get from wherever I am to room . We also tested location-based alerts, and they work, but that wasn't of primary interest. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Purpose-Built Wireless Coverage in Stairwells and Elevators
On Wed Nov 18 2015 09:26:03 CST, Lee H Badman <lhbad...@syr.edu> wrote: > > As you get into new building wireless deployments, I’m wondering if anyone is > rethinking their coverage of elevators (like with dedicated coverage in each > car) and stairwells (also specific coverage, not just bleed out from > hallways) now that we’re into the era of Wi-FI calling, RTLS, safety apps, > etc. Stairwells to me are an interesting case that definitely requires some examination. To me it seems like elevators are less interesting since there is a pretty widespread expectation that no wireless communication (cellular or Wifi) works reliably in elevators already, so engineering a solution for wifi in elevators would seem to be of a lower priority overall. It's an interesting engineering exercise for sure though! -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Desktop projection to classroom display
On Wed Oct 28 2015 19:26:05 CDT, Justin Dover <do...@harpethhall.org> wrote: > > IT does require a good wireless network because WiDi piggy backs on your > wireless routers. ?? Maybe I'm not understanding things, but I thought that WiDi didn't use your Wi-Fi access points. <https://www-ssl.intel.com/content/dam/www/public/us/en/documents/white-papers/pro-wireless-display-white-paper.pdf> talks about how WiDi was designed to avoid overlap with enterprise wireless network channel usage by avoiding the DFS channels at least, but it still doesn't prevent random users from setting these things up and inadvertently setting them to a non-DFS channel that is already in use. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Desktop projection to classroom display
On Tue Oct 27 2015 07:49:31 CDT, "Ashfield, Matt (NBCC)" <matt.ashfi...@nbcc.ca> wrote: > > We’d like to try and standardize on a technology so we can manage it (ha!). > I’m just wondering if anyone has solved this one yet? We’ve looked briefly > at AirParrot but wondering if anyone else has had any luck in this area. One of our groups just showed up with the Barco ClickShare. I know it's been discussed here in the past a couple of times, but any idea how it compares with some of the other solutions mentioned here already? Just at a first glance I'm not too wild about it since it basically looks like an AP that gets connected to a projector or display. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Measuring User Experience
On Thu Oct 22 2015 12:15:09 CDT, Jeffrey D. Sessler <j...@scrippscollege.edu> wrote: > > The difficulty with wireless is that even when the problem is the client, you > still get the blame. Oh that's just a given. :) The large majority of the problems that ever end up escalating all the way up to us get resolved by having users update drivers, especially on Windows machines where the manufacturer distributes the driver updates, not Microsoft. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Measuring User Experience
On Thu Oct 22 2015 08:11:46 CDT, "Williams, Matthew" <mwill...@kent.edu> wrote: > > Thank you for the ideas, everyone. The problem that we have with measuring > tickets is that our user base is more apt to complain on social media and we > simply don’t have the man-hours to scour the various sites. There was some survey we got last year (can't remember the source, either EDUCAUSE or an internal one) that said that students just don't open tickets - the vast majority of the time they are going to friends for assistance, which of course leads to all sorts of wacky or outright wrong solutions for things. If we even do get tickets, the challenge then becomes getting the student to respond to us to set up a time to troubleshoot. Moving forward, we're going to be looking at some targeted surveys this year to see if we can get more actionable data. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Smart TVs and other "smart" devices
On Mon Sep 14 2015 06:27:08 CDT, "Osborne, Bruce W (Network Services)" <bosbo...@liberty.edu> wrote: > > And the enterprise Wi-Fi vendors choose to ignore Wi-Fi Direct. > This is not just in the residence halls either - business class equipment (like the MS Surface Hub) uses this for clients to project content and other things. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html> ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] iPhone hotspots that are on when off.
On Fri Aug 28 2015 08:48:09 CDT, Lee H Badman lhbad...@syr.edu wrote: So I reached out again, and she assured me that it’s turned off. So I took my curiosity to The Google. It turns out a lot of people have already noticed that “No” doesn’t mean “No” when it comes to Apple’s iPhone hotspots. It actually means “we’ll show you that it’s off, but other devices can turn it on”. I think there's a little bit of nuance that might be getting missed here. My feeling is that the root cause of all of this is related to the Handoff/Continuity feature set that was introduced with Mac OS X Yosemite and iOS 8. http://www.apple.com/osx/continuity/ These features use Bluetooth and Wi-Fi Direct and AppleIDs to link your devices together to be able to do things like have your laptop and iPad turn on the personal hotspot on your phone (among other things like use your laptop/iPad to receive and make calls through your phone, relay text messages, start composing an email or reading a web page on one device and pick up on another, etc etc). So yes, the advice to turn off Bluetooth will definitely stop the behavior from happening, but I think one other piece is to tell the laptop not to remember all the Wi-Fi networks that it has connected to (or change the priority of remembered networks such that the hotspot SSID is lower in priority than your university network). Or in the case of the iPad, have it forget the network sourced by the personal hotspot. That way, if the laptop/iPad can't connect to any of its other configured networks, it won't then fall back to try to activate the hotspot on the phone. I haven't tested this exhaustively, but that's the best hypothesis I can come up with based on a description of the issue and the configurations of my own devices. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WiFi Service Level Agreement
On Wed Aug 26 2015 13:02:49 CDT, Hunter Fuller hf0...@uah.edu wrote: Of course I can't speak for everyone, and I don't know that I would lay out an SLA saying wireless will be up 99.999% of the time or anything, but it just doesn't seem as fragile as one might think initially. The next problem is uniformly defining uptime for an enterprise/campus-wide service. How does the failure of a single AP (or a single switch if you're talking wired networking) impact your uptime number? The issue is even more nebulous for wireless since I would bet in most cases if you have a single AP out in most of our buildings, there's still some residual connectivity available from other nearby APs. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Apple OSX 10.11 beta
On Mon Jul 27 2015 01:27:57 CDT, Jason Cook jason.c...@adelaide.edu.au wrote: Also seems worth noting that certs will need to be 1024bit. Our certs are 1024 so expecting that to be ok for us http://superuser.com/questions/935756/mac-os-el-capitan-10-11-not-able-to-connect-to-wifiwpa-2-enterprise Note that the certificate bit length is different from the Diffie-Hellman group bit length; the latter is what is referred to in that document. Also worth noting is that there are other Apple documents that say that OS X 10.10.4 and iOS 8.4 require a 2048-bit DH group, so there appears to be some discrepancy at least in the docs. We had to upgrade both ClearPass (6.5.2 plus a patch) and our Aruba controller code (6.4.2.9) to get both iOS 9 and OS X 10.11 to work with our 802.1X network. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] New Wi-Fi technology will make phones ‘aware’ of their surroundings
On Tue Jul 14 2015 13:44:02 CDT, Lee H Badman lhbad...@syr.edu wrote: Thanks for sharing. My first thought is enormous battery suck and my second thought is I hope there's an easy to find kill switch for the whole thing. My first reaction after reading this: Devices will only collect and send information to each other based on permissions the device’s owner has granted. For instance, if you were to configure a social app like Facebook to receive and send proximity notices, then Wi-Fi Aware would only pick the Facebook notices out of constant signal chatter, ignoring messages from all other apps.” was to laugh just a bit to myself. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
802.11n frame aggregation vulnerability
http://securityaffairs.co/wordpress/38234/hacking/802-11n-flaw.html Fortunately, there are several methods to mitigate the attacks, including MAC layer encryption, disabling Aggregated Mac Protocol Data Unit (A-MPDU) frame aggregation, configuring the system to drop corrupted A-MPDUs, the use of Language-theoretic security (LangSec) stacks, modulation switching, and the use of deep packet inspection.” Comments? -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Manager of Network Engineering and Services position at NU
Northwestern University is seeking a new Manager of Network Engineering and Services in its central IT-Telecommunications and Network Services department. The old manager somehow got given an Associate Director job. Investigations are still pending into that wackiness, but in the meantime we need a new manager. This position is responsible for leading a team of 12 data network engineers who are responsible for the design, configuration, implementation, and day to day maintenance/operations for all infrastructure associated with IP networking on the US-based campuses of Northwestern University. This includes things like routers, switches, firewalls, wireless access points/controllers, optical network nodes, load balancers, intrusion prevention systems, VPN concentrators, and various other network-related systems and services (DNS, DHCP, NTP, NAC, AAA, monitoring/management of all of the above, etc etc). We are looking for someone who is technically adept, but we are not looking for someone who will be expected to regularly log into things and fix them. Rather, a good understanding of what it required to work with and implement all of the different pieces of technology/infrastructure as well as the ability to effectively/efficiently direct the efforts of those doing the work are key skills. There is a lot to stay on top of just on the technical side, and in addition there are a lot of relationships to manage with groups and units not just within Northwestern but outside as well. Responsive and customer focused communication skills (both written and spoken), the ability to process/integrate details from many streams of information simultaneously, and a cool head in a crisis are also ideal attributes that we are looking for. Interested parties should go to http://www.northwestern.edu/hr/jobs/ and search for job ID 25740. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
On Wed Mar 18 2015 12:49:10 CDT, Lee H Badman lhbad...@syr.edu wrote: This is not meant to self-promote, apologies if it seems that way. Looking for interest on whether those on the list would get value out of a potential new wireless-oriented discussion board, as described here: I’ll join in with the folks who prefer email-based mechanisms to purely web-based solutions. Just based on experiences with other things, my interaction with the latter would be much less than the former. Having said that, an argument could be made that I’m not quite the target audience anymore for these things anyway if they’re going to be talking about deep down details of specific technologies. :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Re: [WIRELESS-LAN] Looking for interest among Wi-Fi professionals
On Wed Mar 18 2015 15:26:27 CDT, Chuck Enfield chu...@psu.edu wrote: We all know you're advancing up the career ladder. No need to rub it in. Eek. I totally didn’t mean it that way. Apologies! -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Re: [WIRELESS-LAN] Apple watch wifi
On Wed Mar 11 2015 22:02:39 CDT, Trent Hurt trent.h...@louisville.edu wrote: How Apple watch will use wifi. Doesn't actually connect to network. http://iphone.appleinsider.com/articles/14/09/15/apple-watch-airdrop-ibeacon-continuity-coax-advanced-features-from-bluetooth-wifi Sent from my iPhone 802.11b/g only. Yay, more 2.4GHz! :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks
On Wed Feb 25 2015 15:07:31 CST, Trent Hurt trent.h...@louisville.edu wrote: http://mvnoblog.com/hp-is-reportedly-trying-to-buy-aruba-networks/ http://www.networkworld.com/article/2889293/wireless/report-hp-to-buy-aruba-for-wireless-tech.html Lee’s not going to be on HP’s Christmas card list… :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Re: [WIRELESS-LAN] latest from FCC on de-authing Mi-Fi
On Wed Feb 11 2015 09:22:55 CST, Bob Brown bbr...@nww.com wrote: Thought my recent interview with head of wireless for Partners Healthcare might be of interest re: the FCC de-authing discussion http://www.networkworld.com/article/2881540/careers/how-not-to-get-slammed-by-the-fcc-for-wi-fi-blocking.html One thing that I haven’t seen mentioned (or it’s just as likely that I missed it) is the situation where a user’s AP is configured to broadcast the same network name as one of our SSIDs. Is there justification to use deauth as a protective measure in those cases? -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Trying to get the Wi-Fi Alliance's Attention
On Fri Jan 23 2015 14:25:29 CST, Hinson, Matthew P matthew.hin...@vikings.berry.edu wrote: Cleared the chain of nested replies insert obligatory tilting at windmills snarky remark about top posting :):) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WLAN design presentation tips?
On Tue Oct 21 2014 12:47:02 CDT, Williams, Matthew mwill...@kent.edu wrote: I’ve just started here at Kent State and I’m facing an uphill battle regarding updating our WLAN design. All APs are deployed in the hallways and we’re rolling out 802.11ac. We’d like to move the APs into the rooms, but the mere suggestion has been met with resistance. I was just wondering if any of you had any tips or suggestions for trying presenting the new model to upper management. Thanks for any suggestions that you might share! We did a demo building to show how it improved coverage and capacity. Then the powers that be were sold on the design. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html
Re: [WIRELESS-LAN] iOS8 and randomized mac addresses
On Mon Jun 09 2014 10:06:27 CDT, Rick Coloccia, Jr. coloc...@geneseo.edu wrote: Just saw this: http://www.theverge.com/2014/6/9/5792970/ios-8-strikes-an-unexpected-blow-against-location-tracking Here’s more detail. Apparently you need to have cellular data and location services turned off for random MAC addresses to be used. http://www.powerpage.org/ios-8s-mac-randomization-requires-cellular-data-location-services-to-be-disabled/ http://blog.airtightnetworks.com/ios8-mac-randomization-analyzed/ http://blog.airtightnetworks.com/ios8-mac-randomgate/ -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] 802.1x Certificates for RADIUS
On Wed Sep 24 2014 15:07:33 CDT, Jason Wang j.w...@its.utexas.edu wrote: I'm curious which CA's you are using for your RADIUS servers for your 802.1x implementations. We use the Comodo certs available via InCommon. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
iOS 8 and Wi-Fi Calling?
Anyone seeing issues with Wi-Fi calling with iOS 8 iPhones? We do NAT/PAT with our Aruba controllers, and it seems like that doesn’t like the VPN connection setup at least that T-Mobile uses. We have a user who has tested setting up a temporary NAT/PAT hotspot using his laptop through his Ethernet connection, and that works fine, so it’s something with the specific NAT/PAT with the Aruba controller. Wondering if anyone else is seeing similar behavior. We’re going to move to an external firewall to do the NAT later this year, so hopefully things will be fixed then, but any info that people can share would be very useful. Thanks! -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] guest wireless
On Tue Sep 09 2014 10:40:33 CDT, Mark Reboli mreb...@misericordia.edu wrote: I am looking for information on what people do with guest wireless. Do you have open wireless on your campus? Do you have a password that everyone knows? Do you create special passwords for groups? Any assistance would be helpful. NU has an open (no encryption or 802.11-level auth) SSID that anyone can use. Registration is required via a captive portal to collect name, email address, and sponsoring entity. Registration will grant access for 7 days after which re-registration is required. Bandwidth is limited to 3Mbps, and only certain ports/protocols are allowed. Different IP space is used from the rest of the campus network, so access to campus-restricted resources is not allowed. We also don’t allow access to our campus VPN from the guest network. http://www.it.northwestern.edu/oncampus/guest-wireless/ We offer eduroam services, which are not bandwidth or port/protocol limited. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Power Management
On Mon Sep 08 2014 11:22:11 CDT, Watters, John john.watt...@ua.edu wrote: The problem I have with abandoning the PowerDsine units is the lack of a nice graphical management tool for the PoE on my Cisco switches. Has anyone found a nice tool for power management of Cisco switches? We rolled this functionality into a home-built tool for switch management and port provisioning that uses SNMP. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Printing
On Fri Aug 01 2014 06:46:11 CDT, Osborne, Bruce W (Network Services) bosbo...@liberty.edu wrote: Aruba’s system for personal devices sets up a software-defiled network Pun…..intended? :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Apple TV display mirroring spectrum use in HD wifi
On Wed Mar 12 2014 15:09:36 CDT, Jason Heffner jdh...@psu.edu wrote: AppleTV: AppleTV 6.1 software update. You can install this through the updates menu. An active connection to a network. iPad: iOS 7.1 and an active network connection accessible to the AppleTV to verify connectivity. Bluetooth enabled. I don’t think that all AppleTV units have Bluetooth. I’m not exactly sure which revs do or don’t offhand unfortunately. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Apple TV display mirroring spectrum use in HD wifi
On Wed Mar 12 2014 15:11:34 CDT, Julian Y Koh kohs...@northwestern.edu wrote: I don’t think that all AppleTV units have Bluetooth. I’m not exactly sure which revs do or don’t offhand unfortunately. Another thing is that I would imagine that both the iOS device and the AppleTV need to be able to reach each other directly using unicast. So if the AppleTV is behind a NAT device with respect to the iOS device, or if you have somehow blocked unicast traffic between clients on your wireless network, you might be able to do the discovery via Bluetooh but not actually stream any traffic. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Google Glass experiences
On Thu Mar 06 2014 07:37:07 CST, Lee H Badman lhbad...@syr.edu wrote: Anyhow, back to topic- the only thing that works for us for the half-dozen units that we have enabled on campus is MAC-exception on our open guest WLAN and free pass to bypass the portal. How’s that for cutting edge? Yeah that is basically what we did too. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Mavericks update
On Feb 25, 2014, at 12:26 , Dan Brisson dbris...@uvm.edu wrote: Doesn't look promising: http://support.apple.com/kb/HT6114 I'm not seeing any mention of Wireless fixes/enhancements. http://support.apple.com/kb/HT6150 has the security-related updates. It’s possible that the roaming/certificate issue is fixed in the Certificate Trust Policy item. Or as we’ve all seen it may not be mentioned specifically anywhere. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] How many drops 802.11ac phase 2
On Feb 9, 2014, at 02:29 , Ian McDonald i...@st-andrews.ac.uk wrote: Design guides now are indicating an access point in every other room. Where is all this bandwidth meant to go? Isn’t this more being driven by supplying a reliable signal/coverage area especially as client device density goes up and even more especially in construction settings where propagation is challenging? -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] How many drops 802.11ac phase 2
On Feb 7, 2014, at 09:13 , Jerry Bucklaew j...@buffalo.edu wrote: Well I guess we are the odd man out. We are pulling one cat6a and will continue to so. Same here. Sorry you don’t get to be odd man out. :) I just do not see the point in pulling two. First off the wired bandwidth is never the issue on the AP, I would bet most of my ap's run at 100meg, gig will be fine for a very long time. That is our bet. Second, I just do not see the AP vendors going to two ports with some type of bonding. Well some vendors at least do support multiple wired ports already. How they divide up traffic between those ports varies. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] OS X 802.1x auth issue
On Jan 17, 2014, at 22:16 , Mike Albano mike.alb...@unlv.edu wrote: Would be nice if more technical details were available. For example, at what part of the EAP/PEAP packet exchange does this delay occur? Sounded like part of the issue was with CRL and/or OCSP. Also interesting was that they are advising folks to set trust settings on all the certs in the chain... -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Migration plan
On Jan 16, 2014, at 09:00 , Muraca, Peppino P. pmur...@stonehill.edu wrote: Hi everyone, we are in the process of looking at possibly switching to a new wireless vender, and we have been asked what others have done to roll out the new system. Was it challenging having to manage two systems in parallel, My plan is to replace a building at a time managing both systems till we are completely migrated. If anyone has done this we would appreciate any advice and any do’s and don’ts , especially if you have done the migration from Trapeze/Juniper to Aruba wireless . We migrated from one vendor to another over a period of a couple of years. As you said, we did a building at a time, and it wasn’t too horrible to deal with managing two systems over that limited period of time. Of course, back then our wireless footprint was a lot smaller than it is today. :) -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Guest Network Access Policy
On Jan 16, 2014, at 15:55 , Alexander, David alexa...@ohio.edu wrote: 1) Do you allow guests on your wireless network? Yes, we have eduroam as well as a separate guest SSID. a. If you allow guests, what steps do they need to take to gain access to the network (eg. sponsorship, MAC registration, open network)? Captive portal redirect, users can self-register, registration is good for 7 days. b. If you require sponsorship or device registration, can you explain the process or give me a pointer to your policy? No sponsorship required. 2) Is your wireless network completely open in any part of your campus (eg. Library, student center, event spaces, athletic fields, etc.)? No, we put the guest and eduroam SSIDs on separate networks that don’t use our regular campus IP space, so users on those networks aren’t able to access resources that are restricted to the campus network. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WiFi planning spin-off - Student provided wifi
On Dec 16, 2013, at 06:39 , Osborne, Bruce W (Network Services) bosbo...@liberty.edu wrote: Aruba already has their product on the market – the AP93H. http://www.arubanetworks.com/products/access-points/ap-93h/ Biggest difference though is that it’s not dual band. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] 802.1x vs web-portal
On Nov 19, 2013, at 15:05 , Peter P Morrissey ppmor...@syr.edu wrote: Can anyone name an application that does not have strong encryption? Does not have strong encryption != Strong encryption is in use by default DNS springs to mind. Heck, just leave tcpdump running when you wake a machine up from sleep and see all the things it tries to do on the network. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Eduroam rollout- one more time
On Nov 1, 2013, at 11:34 , Lee H Badman lhbad...@syr.edu wrote: Go the easy path, and push it the Eduroam SSID everywhere, as an additional WLAN, and live with the fact that it won’t get a lot of use in most places and puts management traffic in the air that isn’t generally going to be used. This is what we did at NU. We do some role-based stuff on the back end such that if an NU person connects to eduroam, they get the same IP addressing and setup as if they use our regular 802.1X SSID. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless NAT Tools for tracking DMCA reports
On Oct 7, 2013, at 08:18 , Brian Helman bhel...@salemstate.edu wrote: I am blocking outgoing P2P so our students (presumably, but who knows) can’t re-serve files, but somehow the initial identifications are still being made. I haven’t spent the time to research this. This is likely because the DMCA enforcement agents are often just looking for the IPs of clients that are joining the swarm, not necessarily ones that are actually serving up content. At least that's how things used to be back when I dealt more with security incidents. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Problems with new Apple Laptops
On Sep 26, 2013, at 15:52 , Travis Schick trsch...@ucdavis.edu wrote: Apple has confirmed that it is a cert validation delay... and they do respond... eventually - setting the dealy to 30 - at least allow the Macs to eventually get online - vs getting stuck in the auth state and requiring user intervention. Does anyone have an actual BugID with Apple that we can reference? Before we go down the route of telling people that they need to change this setting in Keychain Access, it would be good to get an idea of whether Apple even considers this to be an official bug and when they might be able to fix it. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Problems with new Apple Laptops
On Sep 26, 2013, at 15:39 , Travis Schick trsch...@ucdavis.edu wrote: I have found that this delay will go away if the cert used for WPA2 auth is updated to also always trust for SSL. That seems suboptimal. Not just because you need to get your clients to change configs, but I wonder how that affects overall trust and if it opens you up to other holes. For example, does changing that setting on the client mean that you won't be able to revoke that certificate? What if your certificate and key get stolen and then used to set up a malicious site somewhere? Someone else can do that testing. :) Another vendor is recommending that a timeout value for EAP responses be raised from its default 5 second value to 30 seconds, since the Macs are eventually responding - it just takes a long time in some cases. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] iOS 7 update available at 1PM
On Sep 24, 2013, at 20:37 , James Andrewartha jandrewar...@ccgs.wa.edu.au wrote: For future iOS upgrades it should work, provided you are NATting all clients to the same IP as the caching server. https://groups.google.com/forum/#!topic/macenterprise/BzUAeNDN4lo What if NAT is not in play? We're looking at the possibility of deploying a number of these caching servers since Akamai didn't help us out last week, but if both the client and the server have to be behind the same NAT'ed IP, that's not really going to be that useful. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Reasons for NOT upgrading to iOS 7?
On Sep 24, 2013, at 08:00 , j...@nww.com wrote: One of my editors noted there are stories online about the large percentage of upgrades to iOS 7 in a very short time; but he himself has NOT. He wondered about why others may be refusing or delaying the upgrade. Personally I am concerned about how much slower iOS 7 will be on my iPhone 4S. I got burned pretty badly with the iOS 4 upgrade on my iPhone 3G. Also I'm due for a phone upgrade, and Apple is offering pretty good trade in value for my 4S, so I might just go for a new 5s now. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.