Re: [WIRELESS-LAN] Apple and wireless connectivity issues?

2010-10-07 Thread Patrick Goggins 
Ditto.

~Patrick


On Oct 7, 2010, at 10:00 AM, "Reynolds, Walter"  wrote:

> We have found that many of these are fixed by disabling IPv6 on the Airport 
> interface for the client.
> 
> ---
> Walter Reynolds
> Principal Systems Security Development Engineer
> ITS Communications Systems and Data Centers 
> University of Michigan
> (734) 615-9438
> 
> 
>> -Original Message-
>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv
>> [mailto:wireless-...@listserv.educause.edu] On Behalf Of Johnson,
>> Neil M
>> Sent: Thursday, October 07, 2010 10:33 AM
>> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>> Subject: Re: [WIRELESS-LAN] Apple and wireless connectivity issues?
>> 
>> We also see lots of problems with Macs being unable to obtain DHCP addresses
>> properly eventually ending up with a self-assigned IP address.
>> 
>> Attempts to engage Apple have not been helpful.
>> 
>> 
>> 
>> -Neil
>> 
>> --
>> Neil Johnson
>> Network Engineer
>> Information Technology Services
>> The University of Iowa
>> Work: 319 384-0938
>> Mobile: 319 540-2081
>> Fax: 319 355-2618
>> E-mail: neil-john...@uiowa.edu
>> 
>> 
>>> -Original Message-
>>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv
>>> [mailto:wireless-...@listserv.educause.edu] On Behalf Of Chris
>> Brezil
>>> Sent: Thursday, October 07, 2010 8:28 AM
>>> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>>> Subject: [WIRELESS-LAN] Apple and wireless connectivity issues?
>>> 
>>> Over the summer we upgraded our wireless infrastructure from all
>>> autonomous Cisco access points to a managed Aruba wireless environment.
>>> Since the start of the semester we have had issues come up that we have
>>> been addressing, but we are now encountering something that we never
>>> faced before - it seems more and more that the majority of new issues
>>> we are dealing come from Apple laptops and mobile devices. We have
>>> heard of some of the larger reported issues about Apple, such as the
>>> DHCP issues with the original iPad iOS. We have also done some of our
>>> own research on this and see Apple mentioned numerous times in regards
>>> to wireless connectivity issues, but we don't know if we are seeing
>>> this because this is what we are looking for or if because it is the
>>> reality of the situation.
>>> 
>>> An example of this type of issue is that a student applied Apple
>>> updates to her computer last Friday and then could not get an IP
>>> address afterwards on our wireless network, though she could still use
>>> her wireless router at home. Calling Apple about this resulted in them
>>> telling us that if the computer can connect in one place but not
>>> another that it is our problem and not an issue with the laptop, even
>>> though many other Apple computers with the same version of the OS could
>>> connect to our network.
>>> 
>>> We continue to troubleshoot and look to see if there is something that
>>> is about our wireless network configuration that is causing problems.
>>> However, we would like to see if others have experienced similar types
>>> of issues on their campuses. Do you see a preponderance of wireless
>>> issues over time relating to Apple products? If this has been the case
>>> for you, were you successfully able to address issues with Apple? Did
>>> you have to go back to your wireless vendor to fix these issues? Does
>>> this sound like something unique to our experience here? We look
>>> forward to hearing what others have experienced.
>>> 
>>> Regards,
>>> Chris Brezil
>>> Assistant Vice President/IT
>>> The New School
>>> 
>>> **
>>> Participation and subscription information for this EDUCAUSE
>>> Constituent Group discussion list can be found at
>>> http://www.educause.edu/groups/.
>> 
>> **
>> Participation and subscription information for this EDUCAUSE Constituent 
>> Group
>> discussion list can be found at http://www.educause.edu/groups/.
> 
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] AppleTV/ Campus WLAN

2010-10-07 Thread Patrick Goggins 
The only real issue will be the HD content streaming depending upon the 
available bandwidth for students. Also they will also need to be whitelisted in 
most NAC/NPS environments.

~Patrick


On Oct 7, 2010, at 8:18 AM, "Lee H Badman" 
mailto:lhbad...@syr.edu>> wrote:

Apple has dropped prices on their AppleTV, and we’re wondering if it will end 
meaning anything in the grand scheme from the WLAN support perspective. The 
unit itself can get network connectivity via Ethernet or wireless (probably not 
Enterprise security, but I don’t know that), and users can control it from 
their network-connected iPhone or iPad.

Has anyone found these devices to be of concern?

-Lee Badman




** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Wireless Bakeoff

2010-10-04 Thread Patrick Goggins 
Did you end up using Xirrus in your low density locations as well?

~Patrick


On Oct 4, 2010, at 12:03 PM, "Clark, Joseph K" 
mailto:clar...@cofc.edu>> wrote:

We recently, within 2 years, went through a similar test. We included AeroHive 
and Xirrus in our list along with Meru, Cisco and Aruba. We ended up choosing 
Xirrus and we have been happy with the decision. If you would like more 
information let me know.

Thanks,
Joseph Clark
Senior Network Engineer
Department of IT
College of Charleston
Charleston, SC 29424-0001
o:843.953.3846
c:843.425.4291
e:clar...@cofc.edu


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Huels, Chris
Sent: Monday, October 04, 2010 12:35 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Wireless Bakeoff


All,



Currently Washington University uses Meru for wireless. In order to migrate to 
802.11n, we will have to replace all of the access points and look at replacing 
the controllers to accommodate the throughput. This has given us the 
opportunity to go back and assess other vendors that offer enterprise wireless 
solutions. The vendors that we are looking into are Meru, Aruba, and Cisco. I 
would like to get input from this group on some pros and cons of each, or are 
there other vendors that have been working well? Any input would be helpful.



Thanks

Chris
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
 http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Windows 7 64-bit WPA2 Connectivity Issues

2010-09-28 Thread Patrick Goggins 
Have been running 64-bit 7 for months with no issues using WPA2-AES with PSKs.

~Patrick


On Sep 28, 2010, at 3:48 PM, "Linchuan Yang" 
mailto:lichu...@alcor.concordia.ca>> wrote:

Many of our windows 7 clients have this problem. We found a solution: in the 
“Network Properties”, go to the “Security” tab, there is a button named 
“Advanced settings”.  Play with the check box of “Specify authentication mode”: 
some clients should check it, and others should uncheck it.

Good luck!

Yours,
Linchuan Yang (Antony)
Wireless Networking Analyst
Network Assessment and Integration,
IITS-Concordia University
Tel: (514)848-2424 ext. 7664

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of WALLACE, DAVID
Sent: September 28, 2010 4:34 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Windows 7 64-bit WPA2 Connectivity Issues

Anyone experiencing any issues with Windows 7 64 bit machines staying connected 
to WPA2-AES enabled WLAN.  Specifically the client associates and authenticates 
properly, is assigned an IP.  Shortly afterwords client is repeatedly prompted 
to enter their credentials. Disabling the client wlan interface seems to 
mitigate this for some time, but symptoms return, and interrupt client while 
connected to wireless network.

Running Cisco Lite weight ap’s on WISM’s, and stand alone controllers etc.  
Running 7.0.98.0 code.  Not seeing issues with XP or Vista machines.  Only 
common denominator so far has been 64 bit Windows 7 OS.  Doesn’t seem to matter 
if it’s Enterprise or Home version.

Thanks in advanced.

David Wallace
Network Design Engineer
Kent State University
Phone:330-672-0379
dwall...@kent.edu

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Mysterious Missing ARP Entry

2010-09-28 Thread Patrick Goggins 
Is the particular ssid being broadcast? Try a different wireless driver on the 
tablets. Are the tablets showing the issue across all ap's or just a specific 
model?

~Patrick


On Sep 27, 2010, at 4:40 PM, "Watters, John" 
mailto:john.watt...@ua.edu>> wrote:


I need some help with a strange new problem – a persistent missing ARP entry.

We are a Cisco shop running WiSMs (6.0.199.4) with a mix of 1142s, 1131’s and a 
few older 1242 APs.

This past Friday we got a report of 5 XP tablets that could not use the 
wireless network. These are 5 out of a group of 50 handheld tablets used in our 
hospital by the doctors for charting, etc. All of these are imaged and should 
be using the same image (and later reimaged to be sure). It turns out that that 
these five machines can use every SSID on campus except for one – their special 
one which uses WEP (no flames about WPA; we have tried to get them to move, but 
they are doctors and know more than anyone else). Further investigation has 
shown that these five machines never get an ARP entry built for their default 
gateway. They can talk to other machines on their subnet, but nothing outside. 
When a manual ARP entry is built for them, they are fine. This problem has 
persisted across reboots and reimaging of these five machines.

Today we have received reports of other machines on campus who have similar 
symptoms (we have yet to actually see one of them). They lose connectivity on 
one SSID but are OK on all others.

Has anyone else seen this? Can you give me a clue what to look for?


Along with the MAC address strangeness, which we are seeing, this problem has 
made for a very interesting few days.

Thanks for any help you can offer.


-jcw 


John WattersThe University of Alabama: OIT  205-348-3992

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] List Guidelines reminder

2010-08-12 Thread Patrick Goggins 
Agreed, most are one-time communications but every once and awhile there will 
be repeated additions to their spam lists which require some further 
remediation.

~Patrick


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[wireless-...@listserv.educause.edu] On Behalf Of Jeffrey Sessler 
[j...@scrippscollege.edu]
Sent: Thursday, August 12, 2010 6:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] List Guidelines reminder

What I'm tired of is being "subscribed" to vendor communications shortly after 
I post here. I'll unsubscribe, and then after a new post/reply, I'm suddenly 
added to their marketing lists again. It tells me that while vendors may not be 
posting here, they are mining the lists for email contacts.


Jeff

>>> Peter P Morrissey  08/12/10 9:57 AM >>>
Thank you Philippe!
I'm surprised we even let vendors on the list.
Have we ever considered limiting it to .edu's?
Pete M.

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset
Sent: Thursday, August 12, 2010 12:55 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] List Guidelines reminder

All,

Having education affiliated people asking questions about vendors on the list
is part of the purpose of this medium. Having vendors doing the same is not.

please read the guidelines of the listserv at:

http://www.educause.edu/Community/ConstituentandDiscussionGroups/ConstituentandDiscussionGroupP/892

Thank you for your understanding.

Regards,

Philippe Hanset
Wireless-LAN Constituent Group leader

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.
**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Meraki?

2010-08-11 Thread Patrick Goggins 
While we didn't have the chance to do as in-depth in testing we also looked at 
Meraki but ended up going with Aruba. The Aruba solution for us was cheaper, 
offers more features (the vlan tunneling and bridging options), and ended up 
being more secure with regards to packet captures.



Patrick Goggins
Network Administrator
Carroll University



-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Ethan Sommer
Sent: Wednesday, August 11, 2010 2:45 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Meraki?

We tried out Meraki, and wound up going with Aruba.

Meraki Pros:
* MUCH easier to use.
* Possibly better coverage?
* The Aruba 105 ceiling mount design is really annoying. With meraki you 
can just hang them on the wall with screws.
* Their techs (once you convince them you actually have a problem) can 
go into your system and diagnose and fix the problem for you.
* There is no controller to purchase, so the cost scales linearly with 
the number of APs. (the 65th ap isn't $10k)

Meraki Cons:
* We saw about a 40-50% increase in throughput using Aruba close to the 
access points. (I could transfer about 11MBytes/second over 5Ghz N with 
Meraki vs 19MBytes/second with Aruba.)
* We found it a bit creepy that their techs could do packet captures of 
our network.
* The user interface is so simple it often hides parameters we'd like to 
be able to tweek (or at least try tweeking.) For example, their sales 
people said it only did 802.11G on the 2.4ghz band, but it actually did 
802.11N. We wanted to try turning it to 802.11G only and see if what the 
sales guy said about 802.11G and 802.11N interoperating was true, but 
there isn't a way to do that. I suspect that having N turned on was the 
better setting, but being who I am, I wanted to test it.
* Each AP is more expensive than an Aruba AP-105. Depending on how your 
budgets work, it might actually be easier to have a big up front cost 
and lower incremental costs.
* The ability to tunnel the traffic back to our server room and deal 
with the VLANs there was a handy Aruba feature. With Meraki, you have to 
tag the VLANs all the way out to the AP.

Ethan




On 08/11/2010 11:19 AM, Marcelo Lew wrote:
> I was wondering if somebody on the list is using (or considered) using the 
> Meraki System?
>
> Marcelo Lew
> Wireless Enterprise Administrator
> University Technology Services
> University of Denver
> Desk: (303) 871-6523
> Cell: (303) 669-4217
> Fax:  (303) 871-5900
> Email: m...@du.edu
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.
>


-- 
Ethan Sommer
Associate Director of Core Services
Gustavus Technology Services
somm...@gustavus.edu
507-933-7042

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] blocking broadcast/multicast?

2010-07-03 Thread Patrick Goggins 
From what we've seen the large amount of connections from a small number of 
users have either been virus/bot or p2p in nature with one case being a 
legitimate download manager.

~Patrick

On Jul 2, 2010, at 12:35 PM, "Holland, Stephen" 
mailto:s.holl...@neu.edu>> wrote:

Ryan,

You are correct that we are running M3's today. However, when we originally 
used the filter it was with the Sup2 cards. We were getting unexplained CPU 
spikes and we could not determine why.  One of the recommendations by Aruba was 
to create the following filter and apply to our secure and non-secure roles:

ip access-list eth DenyIPv6
  deny 0x86dd
  permit any


If anybody is following this thread and wants to try this APPLY THE FILTER TO 
THE LOCAL CONTROLLERS AND MASTER FIRST….Then apply filter to the appropriate 
roles.  If you don't do it in this order the controller will not associate the 
role with the filter correctly and it will not work. When we applied we saw CPU 
go down and not up but that was our experience.

In regards to the CPU spikes we found users in the initial captive portal role 
who had 300 - 400 sessions open with the controller. When we blacklisted the 
user the CPU went back down.  We never found out who the users were so we could 
not determine why they created so many sessions. We did however limit the 
number of sessions on the initial role to 50 (need enough sessions for DHCP, 
Portal and other things required to make the portal page operate) and the 
problem went away.

Stephen Holland
Network Engineer
Northeastern University




From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Ryan Holland
Sent: Wednesday, June 30, 2010 5:09 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] blocking broadcast/multicast?

Stephen,

Ha!

I'm assuming you're running the M3 supervisor cards.  We're using SUP-IIs, and 
they get taxed easily.

==
Ryan Holland
Network Engineer, Wireless
Office of the Chief Information Officer
The Ohio State University
614-292-9906    
holland@osu.edu

On Jun 30, 2010, at 4:31 PM, Holland, Stephen wrote:


Ryan,

Believe it or not the filter does not dent the controller CPU in the least. 
Aruba was the one who recommended the filter to cut down CPU usage.  All of our 
controllers running under 1% on all CPU's.

BTW: I like the last name! We could be brothers………..

Thanks

Stephen Holland
Network Engineer
Northeastern University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Ryan Holland
Sent: Wednesday, June 30, 2010 2:08 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] blocking broadcast/multicast?

Stephen,

Blocking IPv6 via the policy enforcement firewall can add an incredible amount 
of processing on the controller, as each and every frame must be inspected. If 
you do not support v6 on wireless, it is much more efficient to just turn it 
off. You said "vlan pooling", so I assume you have Aruba. Issue the following: 
no ipv6 enable

==
Ryan Holland
Network Engineer, Wireless
Office of the Chief Information Officer
The Ohio State University
614-292-9906    
holland@osu.edu

On Jun 30, 2010, at 1:59 PM, Holland, Stephen wrote:



We found that IPv6 broadcast traffic contributed significantly to our wireless 
broadcast traffic. Since we don't support IPv6 on the wireless network we 
blocked the ethertype for IPv6 on our wireless controllers.  Also, running vlan 
pooling with /23's.

On a different topic related to bcast/mcast.   Our wireless controllers connect 
to a pair of 4948 switches which then connect to Cisco routers which provide 
the vlans for wireless users.  We use HSRP for redundancy. We realized there is 
no need to send the mcast traffic for HSRP out to the vlans which support our 
wireless users. As long as the routers see each other's HSRP updates it does 
not make sense to forward them to the wireless network. We created a filter to 
block the HSRP updates on the 4948 switches and applied it in the outbound 
direction toward the wireless controllers. For some reason the filter did not 
work. Doing some testing we found the filter is working because it drops 
updates if we apply it in the inbound direction. Does anybody know the filter 
would not work in the outbound direction?.

Thanks

Stephen Holland
Network Engineer
Northeastern University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Marcelo Lew
Sent: Wednesday, June 30, 2010 10:05 AM
To:  
WIRELESS-LAN@LISTSE

RE: blocking broadcast/multicast?

2010-06-29 Thread Patrick Goggins 
The only traffic of this nature which we block at the edge is UPNP traffic, 
outside of that large amounts of broadcast traffic from wireless users 
historically has been a sign that the system was compromised.

~Patrick

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Marcelo Lew
Sent: Tuesday, June 29, 2010 12:10 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] blocking broadcast/multicast?

Wondering how many of you are blocking broadcast/ multicast on the wifi 
network?  If so, do you allow it on certain SSIDs?  Do you get a lot of user 
complains about this?  I would like to reduce unnecessary use of airtime, 
however, "unnecessary" can mean many different things depending who you ask...

Marcelo Lew
Wireless Network Specialist
University Technology Services
University of Denver
Desk: (303) 871-6523
Cell: (303) 669-4217
Fax:  (303) 871-5900
Email: m...@du.edu

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Aruba vs HP vs Meraki

2010-04-12 Thread Patrick Goggins 
I believe this would fall under the built-in theft deterrent feature.


Patrick Goggins
Network Administrator
Carroll University

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Johnson, Bruce T.
Sent: Monday, April 12, 2010 8:04 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba vs HP vs Meraki

I'd bring the 1250 to a bar fight.  It's more Medieval.



Bruce T. Johnson | Partners Healthcare | Network Engineering  
617.726.9662 | Pager: 31633 | bjohns...@partners.org

-Original Message-
From: Jeffrey Sessler [j...@scrippscollege.edu]
Received: 4/11/10 10:27 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU [wireless-...@listserv.educause.edu]
Subject: Re: [WIRELESS-LAN] Aruba vs HP vs Meraki



And as Lee is swinging the 1142s, the song "Eye of the Tiger" would be playing, 
along with a slow-motion montage of various IT highlights from his career. :)

Jeff

>>> Mike King  4/11/2010 5:46 PM >>>


On Sun, Apr 11, 2010 at 8:30 PM, Lee H Badman  wrote:


If I have to take an AP to a bar fight, I'd want a Cisco to swing around, 
simply based on heft.



Based on that line, I had two images pop in my mind:

The first one was Lee Swinging two 1142n (one in each hand) like a ninja.

Two was Cisco new Marketing campaign. "If I have to take an AP to a bar fight, 
I'd want a Cisco"
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/. 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


The information in this e-mail is intended only for the person to whom it is
addressed. If you believe this e-mail was sent to you in error and the e-mail
contains patient information, please contact the Partners Compliance HelpLine at
http://www.partners.org/complianceline . If the e-mail was sent to you in error
but does not contain patient information, please contact the sender and properly
dispose of the e-mail.

RE: HP MSM317

2010-04-12 Thread Patrick Goggins 
We looked at deploying these in some of the cement-block style dorms to 
increase the port count per room and add wireless to the dorms but opted not to.


1)  The devices are 10/100 and 802.11b/g only, long-term we are looking to 
move to gigabit or faster campus-wide and the migration to 802.11n

2)  Being POE for our purposes requires purchasing all new switches in the 
dorms to support them

3)  During testing we noticed these devices reboot if there is disruption 
on the management vlan between the device and controller... Firmware upgrading 
a building uplink switch would result in the devices causing an extended out as 
they would reboot and reload their configuration after the building uplink 
switch was already back up.

4)  These are surface-mount devicesthey will stick out of the wall 
around 1" which for in the dorms gives that much extra room for furniture (at 
least what is here) to easily hit the devices.

5)  Scaling up after looking at implementing a couple hundred of these 
devices you need to factor in licensing on the controller and potentially 
multiple controllers.

6)  The MSM back-end works well as a basic NAC but provides no posture 
assessment/enforcement.



Patrick Goggins
Network Administrator
Carroll University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of William Emmel
Sent: Friday, April 09, 2010 8:59 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] HP MSM317

Just curious if anyone has any experience with the HP ProCurve MSM317 Access 
device that they could share.  Apparently they are being deployed by Marriot 
hotels and could be a good fit for student residence halls.  Thanks.

Bill

William F. Emmel
Director of Network and Communications Services
St. John's University, Queens, New York
Office 1-718-990-2007
Mobile 1-516-647-7624
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] NAC -Posture Assessment

2010-04-12 Thread Patrick Goggins 
See below

Patrick Goggins
Network Administrator
Carroll University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Manoj Abeysekera
Sent: Friday, April 09, 2010 9:35 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] NAC -Posture Assessment

Hello Everyone,

I think we may have discussed this before but I want to do a quick poll and see 
where is everyone with their NAC implementation and specifically Posture 
Assessment in your university. So, my questions are;

1. Have you implemented the Posture Assessment in your campus including all 
Dorms and Administrative buildings?

All dorms, wireless campus-wide, and communal wired ports in academic buildings


2. Do you think the investment is worthy and provide enough value for your 
investment?

Yes, at least for students otherwise a large enough portion will run un-patched 
and with the same 90-day trial antivirus from years ago.


3. Do you think complications involved with Posture Assessment and collateral  
risk it bring (as a campus wide outage thanks to NAC hardware) outweigh the 
individual virus or malware problems that your support staff have to deal with?

Yes. It depends on implementation if an outage to the system will cause service 
disruption to users (Inline vs 802.1x vs DHCP enforcement methods).

Thanks again for your help.




Manoj


--

P. Manoj Abeysekera, CWNA, ACMA
Network Engineer
American University
4200 Wisconsin Ave, NW
Washington DC. 20016
202-885-2702
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Aruba vs HP vs Meraki

2010-04-02 Thread Patrick Goggins 
HP can be decentralized (depending on the model) or controller-based but 
requires a large number of controllers to scale well. While Aruba does have 
extra licensing fees some of them can be skipped with the newer licensing model 
and others passed on if you have an existing NAC/NPS solution which works well 
for you environment. How is your organization with regards to cloud services in 
general? If per policy other services were turned down by the organization 
Meraki might not be an option as wireless configuration is "in the cloud". What 
features are you looking to implement on the access points? For example, we are 
using ethertype filters at the AP level to block IPv6 which during tests 
earlier this year HP would not offer but Cisco and 3Com did. When running 
encryption on your network if certain encrypted SSID's are available 
campus-wide is this installation a forklift replaced? If not, the new equipment 
may need to support whatever the existing encryption settings are as different 
vendors have slight variation on implementation of the standards. If using 
802.1x and it is a mixed vendor environment thoroughly test the functionality, 
we have seen some limitation when running cross-vendor with multiple MAC 
addresses on a single switch port or access points tying in correctly with 
different NAC solutions.


~Patrick


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[wireless-...@listserv.educause.edu] On Behalf Of Mike Hydra 
[mhy...@2fast4wireless.com]
Sent: Friday, April 02, 2010 4:01 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba vs HP vs Meraki

What I personally find interesting is the wide choice not from a manufacturing 
point of view but more from a Wi-Fi technology point of view.

Aruba – Controller based (aka controller based)
All data goes through the controller, centralized architecture.

HP – decentralized (Controller in not directly essential)
Data path is separated from the management path.

Meraki – Cloud computing
Centralized Cloud, not having to own controller hardware inside your own 
network.

All three very different solutions.

I’m looking forward to follow this email threat with the comments, thanks for 
sharing.
I would recommend writing down a proof of concept and invite the vendors of 
your choice.
In this way you’ve tested your requirement (out of your proof on concept) 
therefore convinced around the solution you buy is the right one.
Good luck...


Mike  Hydra

Cell: +31 6 29 07 18 96
Tel:  +31 252 62 61 20
Fax: +31 252 68 88  37
E-mail:  mhy...@2fast4wireless.com
Skype:  Flying-Wireless-Dutchman
Web:  www.2fast4wireless.com




From: Peter P Morrissey >
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>
Date: Fri, 2 Apr 2010 22:47:26 +0200
To: >
Subject: Re: Aruba vs HP vs Meraki

OK, so I'll ask. Why did you eliminate Cisco already?
Pete M.

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Ethan Sommer
Sent: Friday, April 02, 2010 2:21 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba vs HP vs Meraki

We are considering replacing our 200+ AP wireless infrastructure with a
controller based 802.11n system.

I believe we have narrowed it down to Aruba, HP Procurve (we use HP
switch gear), and Meraki.

I have two questions:

1. Are there any hidden costs we should watch out for with any of these
(particularly Aruba.) Will we hit major costs other than the up front
cost for the APs and the controllers?

2. I know a lot of schools are very happily using Aruba, but I haven't
heard of any schools using HP and very few using Meraki.

Are there any schools who have gone with Aruba and regretted it? If so, why?

Are there any schools out there using HP Procurve (formerly Colubrius)
or Merkai? What do you think of them? Did you have any surprises after
you deployed?


Ethan

--
Ethan Sommer
Associate Director of Core Services
507-933-7042
somm...@gustavus.edu

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



The information in this e-mail is confidential and may be legally privileged. 
If you have received this e-mail in error, please reply to its sender 
indicating "received in error" in the subject line, then delete the e-mail and 
destroy any copies of it. If you are not its intended recipient, any 
disclosure, copying, distribution or any action taken or omitted to be taken in 
reliance on this e-mail, is prohibited and may be unlawful. Internet 
communications are not considered secure. Information might b

RE: Cisco Bridging Issue

2010-03-04 Thread Patrick Goggins 
Reconfigured it again and the bridge link is stable, still working on the 
client access issue.

Patrick Goggins
Network Administrator
Carroll University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Lee H Badman
Sent: Thursday, March 04, 2010 10:53 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco Bridging Issue

Have you tried to accomplish simple bridging first- no client access? We have a 
number of 1240s running as bridges reliably and with no issues. But we don't do 
client access at the same time on the same hardware. That's not saying that it 
can't be done, but a good first step might be to just get the bridges to the 
point where simple reliable point-to-point bridging is happening, and then 
bring in the client access piece (or just add a different AP at the end for 
client access).

We do push multiple VLANs across our P=P bridge links.

Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Adjunct Instructor, iSchool
Syracuse University
315 443-3003



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Patrick Goggins
Sent: Thursday, March 04, 2010 11:45 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco Bridging Issue

We have a pair of Cisco 1242AG's that we're trying to bridge together.  Our 
layout would be as follows:  The root building has a switch connected to the 
first 1242 would be bridged to the second 1242 using the A radio.  At the 
remote building (about 300 feet away, but no way to run wire to it), the second 
1242AG would be installed with the b/g radio setup for client access.  Ideally 
we would like to do this and support multiple tagged VLans (Management, and two 
other VLans for a pair of SSID's), but would will settle for a single VLan if 
need be.

We've been able to find documents to create bridges with 1300's and 1400's, but 
haven't found anything to help us when trying to do it using two 1242's.  I 
tried following the closest document from Cisco that I can find 
(http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008058f53e.shtml)
 and it sort of works, but the client-bridge AP continuously says "Warning: 
INterface Dot1Radio1, cannot associate: EAP authenticating". While the 
root-bridge keeps flipping between "RADIUS Server xx.xx.xx.xx is not 
responding" and then "RADIUS Server xx.xx.xx.xx has returned".  Both access 
points show the other end of the bridge link if we look at the Associations, 
but the state is reporting "Association processing".

We're welcome any ideas.  Both access points are identical and were started 
with a reset to factory defaults.
Model: Air-AP1242AG-A-K9
System Software: 12.3(8)JA
Bootloader: 12.3(7)JA


Patrick Goggins
Network Administrator
Carroll University
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Cisco Bridging Issue

2010-03-04 Thread Patrick Goggins 
We have a pair of Cisco 1242AG's that we're trying to bridge together.  Our 
layout would be as follows:  The root building has a switch connected to the 
first 1242 would be bridged to the second 1242 using the A radio.  At the 
remote building (about 300 feet away, but no way to run wire to it), the second 
1242AG would be installed with the b/g radio setup for client access.  Ideally 
we would like to do this and support multiple tagged VLans (Management, and two 
other VLans for a pair of SSID's), but would will settle for a single VLan if 
need be.

We've been able to find documents to create bridges with 1300's and 1400's, but 
haven't found anything to help us when trying to do it using two 1242's.  I 
tried following the closest document from Cisco that I can find 
(http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008058f53e.shtml)
 and it sort of works, but the client-bridge AP continuously says "Warning: 
INterface Dot1Radio1, cannot associate: EAP authenticating". While the 
root-bridge keeps flipping between "RADIUS Server xx.xx.xx.xx is not 
responding" and then "RADIUS Server xx.xx.xx.xx has returned".  Both access 
points show the other end of the bridge link if we look at the Associations, 
but the state is reporting "Association processing".

We're welcome any ideas.  Both access points are identical and were started 
with a reset to factory defaults.
Model: Air-AP1242AG-A-K9
System Software: 12.3(8)JA
Bootloader: 12.3(7)JA


Patrick Goggins
Network Administrator
Carroll University

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Private IP space for wireless users- anyone?

2010-03-01 Thread Patrick Goggins 
We've been using /21's for a couple of years on the wireless and /20's on the 
wired side for a couple of years now without any real problems. The only 
feature we've been using on the access points to prevent some of the 
non-required traffic has been applying ether-type filters to block IPv6, 
Appletalk, and IPX when we can. We looked at using /22's on the wired side for 
the residence halls a couple years ago but found a number of games required all 
clients to be in the same broadcast domain.

Patrick Goggins
Network Administrator
Carroll University

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Jim Glassford
Sent: Monday, March 01, 2010 3:18 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Private IP space for wireless users- anyone?

Hi Aaron,

I asked about this in April 2008 right before we did our first /21 and had 
replies of sites using /20s without problems. As David said, "if using cisco 
wlc, the default behaviour is to block broadcast and multicast traffic from 
being sent out the WLAN to other wireless client devices". Other vendors may 
have similar, we have had no problem with /21 on wireless. We do not do this on 
any wired LAN, just the controller based lwap and now capwap wireless.

thanks!
jim



On 3/1/2010 3:58 PM, Aaron S. Thompson wrote:
I'm surprised at the use of such large broadcast domains, 4094 or even 2046 
available hosts?  We have found domains that large could bring necessary 
broadcast load on your network gear and client load of having to respond to all 
the broadcast traffic.  Once we identified these potential problems we began 
deploying /24's.

We are using the private address space allocation with PAT.

Any other thoughts on broadcast domains?  Do others treat the wireless 
different from the LAN?


-
Aaron Thompson
Network Services Manager
Network and Telecommunications

Berklee College of Music
1140 Boylston Street, MS-186 NETT
Boston, MA 02215-3693
617.747.8656  athomp...@berklee.edu<mailto:athomp...@berklee.edu>  
www.berklee.edu<http://www.berklee.edu/>

On Mar 1, 2010, at 3:15 PM, David Wang wrote:


James, if you using cisco wlc, the default behaviour is to block broadcast and 
multicast traffic from being sent out the WLAN to other wireless client 
devices. We are using multiple /21 private IPs with NAT.

David Wang
Networking and Security Services, CCS
University of Guelph  519-824-4120 ext 52046

On 2009-12-16, at 10:04 AM, Jamie Savage wrote:

Ken,
  /20 subnets?.I've always been concerned about such a large 
broadcast domain.iewe've not gone larger than /22.  Have you done any 
special tweaking to facilitate the /20s or have they just worked fine as is?

.thx...J

James Savage   York University
Senior Communications Tech.   108 Steacie Building
jsav...@yorku.ca<mailto:jsav...@yorku.ca>4700 Keele 
Street
ph: 416-736-2100 ext. 22605Toronto, Ontario
fax: 416-736-5830M3J 1P3, CANADA



From:Ken LeCompte 
mailto:lecom...@nbcs.rutgers.edu>>
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date:12/16/2009 08:11 AM
Subject:Re: [WIRELESS-LAN] Private IP space for wireless users- anyone?
Sent by:The EDUCAUSE Wireless Issues Constituent Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>




We are doing NAT/PAT at the edge with a firewall module in a 6500 for
our 5000 peak logged in users. We use four /20's to break up those
users across our wireless controllers. The wireless users are also not
the only ones being NATed at that firewall module. All of the dorm
wired users are NATed there too.

Thanks.

Ken

--
Ken LeCompte - Telecommunications Analyst
Rutgers University Office of Information Technology
Campus Computing Services - Central Systems and Services
Office ~ (732) 445-4823

On Dec 15, 2009, at 6:36 AM, Lee H Badman wrote:

> Thanks for all of the responses- I wonder if anyone with a peak
> usage like ours is doing NAT- almost 6500 clients?
>
> -Lee
> 
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [wireless-...@listserv.educause.edu<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> ] On Behalf Of Jason Appah [jason.ap...@oit.edu<mailto:jason.ap...@oit.edu>]
> Sent: Monday, December 14, 2009 11:03 PM
> To: 
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
> Subject: Re: [WIRELESS-LAN] Private IP space for wireless users-
> anyone?
>
> Yes, that is what we do. I just wondered how big if a bear it would be
> to track pat in a university wireless environment.

Re: [WIRELESS-LAN] Private IP space for wireless users- anyone?

2009-12-15 Thread Patrick Goggins 
The only problem we ran into were a couple of websites blocking us  
because to the it would look like a DOS attack. After contacting the  
sites and notifying them that the single ip they were seeing was just  
the public ip for the NAT network.

~Patrick

Sent from my iPhone

On Dec 15, 2009, at 5:36 AM, "Lee H Badman"  wrote:

> Thanks for all of the responses- I wonder if anyone with a peak  
> usage like ours is doing NAT- almost 6500 clients?
>
> -Lee
> 
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv  
> [wireless-...@listserv.educause.edu] On Behalf Of Jason Appah  
> [jason.ap...@oit.edu]
> Sent: Monday, December 14, 2009 11:03 PM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: Re: [WIRELESS-LAN] Private IP space for wireless users-  
> anyone?
>
> Yes, that is what we do. I just wondered how big if a bear it would be
> to track pat in a university wireless environment.
>
> In a second related note, we recently changed our NAT timeout from 3
> to 2 hours as we were beginning to run out of 1 to 1 NAT ranges
>
> Sent from my iPhone
>
> Jason Appah
> Systems Administrator
> Oregon Tech
>
> On Dec 14, 2009, at 6:33 PM, "Phil Trivilino"  wrote:
>
>> We do 1to1 dynamic NAT on the ASA firewall and log all the
>> translations to a syslog server.  Easy to get the private ip from
>> the log given the time and global ip.  It is all we've seen the need
>> for to this point.
>> Phil
>>
>> On Dec 14, 2009, at 8:55 PM, Lee H Badman wrote:
>>
>>> Wondering how many other schools are using private IP space for
>>> wireless users, how you accomplish the NAT, and what mechanisms you
>>> use for user tracking for the private-public mappings for forensic/
>>> investigatory purposes.
>>>
>>> Thanks-
>>>
>>> Lee
>>> **
>>> Participation and subscription information for this EDUCAUSE
>>> Constituent Group discussion list can be found at 
>>> http://www.educause.edu/groups/
>>> .
>>
>> **
>> Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at 
>> http://www.educause.edu/groups/
>> .
>
> **
> Participation and subscription information for this EDUCAUSE  
> Constituent Group discussion list can be found at 
> http://www.educause.edu/groups/ 
> .
>
> **
> Participation and subscription information for this EDUCAUSE  
> Constituent Group discussion list can be found at 
> http://www.educause.edu/groups/ 
> .

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Restricting of wireless access in classrooms

2009-12-02 Thread Patrick Goggins 
Something that we are implementing to provide this functionality is by 
separating out by ssid university owned systems from personally owned 
equipment. While it doesn't lockout by room it does still enable wireless for 
instructors.

~Patrick

On Dec 2, 2009, at 3:56 PM, "Peter P Morrissey" 
mailto:ppmor...@syr.edu>> wrote:

Thanks. I think I understand that, and I do think the Aruba system has some 
impressive features.
I’m just trying to make the point that while it appears to supply some of the 
essential building blocks, it also appears to lack the critical pieces for 
provisioning in a way that is practical and manageable. If you are saying you 
have actually solved this problem using Aruba then I stand corrected.

Peter M.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Justin Hao
Sent: Wednesday, December 02, 2009 3:11 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Restricting of wireless access in classrooms

aruba can identify roles based on radius/groups and you can assign policies 
using the aruba Policy enforcement firewall to limit access to certain 
roles/ssids/profiles etc. you may want to review their documentation to get 
more detail on these features

-Justin

Peter P Morrissey wrote:
How are you using Aruba to know what students to keep off and when?

Peter M.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu]
 On Behalf Of  
gwill...@uccs.edu
Sent: Wednesday, December 02, 2009 2:50 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Restricting of wireless access in classrooms

We use Aruba here, so like Chris Denver said, it’s not a problem to just do it 
through the equipment.   But if you have another vendor -  what about 
programming the captive portal page to email the professors about who logged 
into the page and put a disclaimer on the page that says that all logins are 
reviewed by the professor.  This way you can satisfy both those professors who 
want access and those who don’t.  If I were a student, I sure wouldn’t want my 
logins showing up on the professors email.  You could also use your syslogs to 
write a webpage that shows real time which people are logged in.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:wireless-...@listserv.educause.edu]
 On Behalf Of Ryan Holland
Sent: Wednesday, December 02, 2009 12:15 PM
To:  
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Restricting of wireless access in classrooms

Nicholas,

While I personally feel this is more of a behavioral issue to solve opposed to 
a technical one, one option would be to install APs in the restricted 
classrooms broadcasting the same ESSID as you do outside the classroom. This 
would (likely) be the strongest available signal for the students, and their 
device(s) would (likely) connect to these APs. You could invoke specific 
firewall policies for users on these APs to be different. For example, you 
could redirect all traffic to a captive portal instructing them that use of 
wireless during class is prohibited . . . or something to that effect.

Just an idea.

--
Ryan Holland
Network Engineer, Wireless
CIO - Infrastructure
614-292-9906    
holland@osu.edu

On Dec 2, 2009, at 2:02 PM, Urrea, Nick wrote:

I’m compiling research to give to our Faculty Technology Committee.
My question is has anybody successfully implemented a solution that restricts 
access to wireless internet in classrooms?
Also if you have tried and were not successful in restricting wireless access 
in classrooms let me know. Why didn’t the solution work.
No opinions please about how students can just go buy a mobile broadband card 
from a cellular carrier, or installing microwaves in the classrooms, or that 
teaching techniques should improve.



Nicholas Urrea
Information Technology
UC Hastings College of the Law
urr...@uchastings.edu
x4718



Spam
Not spam
Forget previous 
vote
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
 http://www.educause.edu/groups/.


***