Re: [WIRELESS-LAN] What about WLAN in the Dorms?
I have been lurking on this thread waiting for someone to mention the classic "wireless routers are not allowed on campus networks" arguement. <>>> [EMAIL PROTECTED] 03/17/07 4:38 PM >>> Frank: Our interpretation of the OTARD rules allows for us to view student residences as different than the classic landlord-tenant relationship, and as such we can impose our limitations as part of the private property argument. Where this falls apart is if we have a non-university entity leasing space (say a commercial copy center or food/beverage service provider). In this case, it is more of a landlord-tenant relationship, and we cannot enforce our restrictions (however we put some other provision in the lease that precludes attachment of said wireless devices). And in the immortal words of Forest Gump "That's all I have to say about that". Best Regards, Chuck Bartel -Original Message- From: Frank Bulk [mailto:[EMAIL PROTECTED] Sent: Thursday, March 15, 2007 9:22 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] What about WLAN in the Dorms? Charles: You brought up OTARD, so I can help but ask: what was the line of reasoning your legal office followed to come up with the policy that you "reserve the right to limit the use of non-wireless Andrew 2.4 GHz devices"? This topic has been beaten to death on this listserv and I though the consensus was that the school could: - restrict attachment of such devices to their Ethernet network - control use in public areas and classrooms because it is private property - restrict faculty and staff from using such devices as part of their occupational obligations - but that residence halls, dormitories, and most any student housing had free use of unlicensed spectrum. Of course, that doesn't preclude the school from discouraging it, but they had a careful line to walk. Frank -Original Message- From: Charles R. Bartel [mailto:[EMAIL PROTECTED] Sent: Thursday, March 15, 2007 5:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] What about WLAN in the Dorms? Philippe: Here are answers from Carnegie Mellon. We have had Wireless Andrew in our dorms since the summer of 2001. -Destruction/disappearance of APs In our agreement with our Housing Services department, students that have a university-owned AP in their dorm rooms are covered under the same agreement that holds the student responsible for any damage to their rooms (the AP is considered part of their room). For APs in common areas, all students in the dorm are charged their fair share of the AP replacement for damage or theft (the same as if there was damage to any other common use item in the dorm). We have lost a few over the years, I believe more in the academic/research buildings than the dorms. -Interferences by cordeless phones -Interference from rogue APs (innocent or voluntary) These two are covered under our "Airspace" policy. We reserve the right to limit the use of non-Wireeless Andrew 2.4Ghz devices. I hesitate to mention this as I don't want to start the discussion up again on the d-list about an OTARD. Our Legal Affairs office has upheld our "Airspace" policy given the OTARD rules. -Do you do use vendors that provide a Wi-Fi defense (Airtight, Airmagnet, Built-in Meru disassociation) Not yet, we do use Airmagnet and other tools to search for rogue APs if there appears to be an interference problem. -If you have a wired port for every student, is wireless becoming a replacement or is it a complement We do have a wired port for every "pillow" in the dorms (we have since the late 1980's). We also have 100% wireless coverage (11b). We are seeing a significant preference for wireless over wired, but we are a fairly computing intensive campus, so the wired ports get a workout as well. -...and all these ugly ones that we have not thought about Nothing jumps out at the moment. Best Regards, Chuck Bartel Director of Network Services Project Director - Wireless Andrew Computing Services Carnegie Mellon University -Original Message- From: Philippe Hanset [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 14, 2007 2:40 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] What about WLAN in the Dorms? So, we have had a 100% coverage of WLAN on campus since 2001, dealing with all kinds of problems, and sharing our adventures with this list. We also have a 100% WLAN network in our dormatories based on Linksys, Netgear,... and completely funded by students: read 100% rogue. This cheap architecture doesn't seem to cut it anymore, we are going to provide a centrally managed WLAN in the dorms. Here is a list of positive things that we thought about, if you wouldn't mind sharing your experience with us, we will be eternally greatful: -Destruction/disappearance of APs -Interferences by cordeless phones -Interference from rogue APs (innocent or voluntary) -Do you do use vendors that provide a Wi-Fi defense (Airtight, Airmagnet
Re: [WIRELESS-LAN] wireless IP addressing
One of the things we discovered was that we could move our AP's management interfaces to a private VLAN/address space. Huge gains there. There are usually pockets of unassigned addresses due to legacy wastefulness. As we recovered these pockets using more efficient VLSM assignments on the wire, We redesigned our captive portal gateway so that it can aggregate several VLSM spaces in one VLAN. <>http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Guest Access and Library Licenses
Our wireless guest access is a captive portal that has the ability to specify different rules for guests than members of the campus community. We also have a very restricted anonymous access category that may naturally provide the required limits. So far the use of the guest level has been less than expected. <>>> [EMAIL PROTECTED] 4/12/2006 10:36:14 AM >>> I'm new to the list, and apologize if this has been discussed already, but I couldn't find anything appropriate in the archives, and this group seems the best to answer this question. We're planning a guest access facility that will allow anyone at Wayne to sponsor guests for up to five days. Someone has asked whether this will infringe on our Library's agreements with organizations like J-Store that license access to journals, books and such to those offically affiliated with Wayne. Because of the way our library handles this on campus our guest solution will not segregate our guests from access to those resources. Has anyone had to deal with this? Do libraries in general care about this level of access? (as opposed to access, say, for alums, which would be long-term) Geoff Nathan -- Geoffrey S. Nathan, Security Policy Coordinator, Computing and Information Technology, and Associate Professor of English Linguistics Program Phone Numbers Department of English Computing and Information Technology: (313) 577-1259 Wayne State University Linguistics (English): (313) 577-8621 Detroit, MI, 48202 C&IT Fax: (313) 577-1338 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WiFi Client Tracking software/hardware
>The only real trick I've somewhat been able to come up with is to Kick >the MAC Address off the AP via the DeAuthenticate which forces the NIC >to ReAssociate and get a DHCP address again. This whole process only >takes a few seconds and if I'm sitting right next to the NIC, then I may >be able to tell. Of course this all takes time and is not very >accurate. I think this is the key to a solution. You could reduce the lease length to a short enough duration that it is frequently seen in the renewal process. <>http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Guest access
There was a similar thread last week that might be useful to lookup. We also use LDAP for regular access, but Guests are kept in SQL, and and a third option is anonymous access. Any regular user can create a guest account for friends, which is only slightly different from regular access. Our anonymous access is limited to web,webmail, and vpn at a noticably reduced speed. <>>> [EMAIL PROTECTED] 03/30/06 7:32 PM >>> We have recently installed a wireless network on a portion of the campus. The student and administrators are all authenticated through a front end device which validates user accounts against an LDAP server running on a domain controller. However we now have the requirement for guests of the campus to connect to the wireless network. We have some ideas how we would like to handle this issue but are curious as to what others have done to accommodate these guest connections. Please let me know. Thank you Bruce Entwistle Network Manager University of Redlands ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Wireless Guest Access
At Syracuse we use a captive portal. There are three levels of access: LDAP authenticated - Full Access - users in LDAP can create SQL based Guest Accounts for friends - Nearly Full Access * anonymous Free access - limited in speed and ports (perceptably annoying web,https, vpn) (We have the ability to readily boot off and deny access by MAC -- IDS sensors) (The portal is consistent with our resnet policy enforcement requirements) <>>> [EMAIL PROTECTED] 3/22/2006 3:02:33 PM >>> We are exploring the possibility of offering guest wireless access and I would like to get a feel for how others might be handling it. Any and all information and opinions will be greatly appreciated. Thanks, Cully Cully Bennefield Baylor University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Paint that attenuates Radio Signals
Thank you for the clarifications. <>>> [EMAIL PROTECTED] 2/14/2006 8:41 PM >>> Well did not notice that the companies name was already mentioned in the previous post so here is an article about the same which answers certain questions of the paint being toxic or not- http://informationweek.com/story/showArticle.jhtml?articleID=56200676 -divya Quoting Randy Grimshaw <[EMAIL PROTECTED]>: > I would also ask about the long term environmental impact. Is the > material used (i.e. lead) non-toxic? or will it someday chip, leach, > fume or whatever. > <> > > <> Room 203 Machinery Hall > Syracuse University > Syracuse, NY 13244 > 315-443-5779 > [EMAIL PROTECTED] >>>> [EMAIL PROTECTED] 02/09/06 4:28 PM >>> > While I haven't tried that particular product, I have use other types > of paint to attenuate RF (don't recall the commercial names). They > worked fairly well, but since they blocked a pretty wide range of > frequencies you might have unintended consequences. For example, cell > phones signals were also attenuated. > > David > > > > > On Feb 9, 2006, at 1:17 PM, Stephen Holland wrote: > >> Has anybody heard of a product from Force Field Wireless that can be >> painted on walls to attenuate Radio Signals like WiFI?. >> >> I happened to find a link to it by accident and I'm curious as to how >> effective it is. >> >> Thanks >> >> Steve Holland >> Network Engineer >> Northeastern University >> >> ** >> Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at http:// >> www.educause.edu/groups/. > > ** > Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ** > Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > Divya Kurup Graduate Student, School of Information Studies Syracuse University ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Paint that attenuates Radio Signals
I would also ask about the long term environmental impact. Is the material used (i.e. lead) non-toxic? or will it someday chip, leach, fume or whatever. <>>> [EMAIL PROTECTED] 02/09/06 4:28 PM >>> While I haven't tried that particular product, I have use other types of paint to attenuate RF (don't recall the commercial names). They worked fairly well, but since they blocked a pretty wide range of frequencies you might have unintended consequences. For example, cell phones signals were also attenuated. David On Feb 9, 2006, at 1:17 PM, Stephen Holland wrote: > Has anybody heard of a product from Force Field Wireless that can be > painted on walls to attenuate Radio Signals like WiFI?. > > I happened to find a link to it by accident and I'm curious as to how > effective it is. > > Thanks > > Steve Holland > Network Engineer > Northeastern University > > ** > Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at http:// > www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Multiple VLANs configuration
> -Original Message- > Where would you set the host to ask for credentials every > time a connection is initiated? You can use DNS views to provide the giaddr address for a specified vlan to clients on that vlan using the same certified name. <>http://www.educause.edu/groups/.