RE: rough start of semester on 9800-80 WLCs

[Rios, Hector J]

There are two commands you can use:

show wireless loadbalance tag affinity wncd 
show wireless stats ap loadbalance summary

Hector Rios
UT Austin


From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Chad Sawyer
Sent: Tuesday, September 7, 2021 1:48 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] rough start of semester on 9800-80 WLCs

Thanks for the info.  I'll look into the AP service pack.  We haven't done one 
of those yet so kind of curious to see it in action.

Yeah we had mixed results with the 500 APs in a site tag.  Some of the areas on 
campus were fine.  I think client count had something to do with provoking it.  
Our highest population areas were the ones that saw the most capwap timeouts.  
Just curious- how are you checking the number of APs and site tags assigned to 
a wncd process?

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Rios, Hector J
Sent: Tuesday, September 7, 2021 12:57 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] rough start of semester on 9800-80 WLCs

Chad,

Sorry to hear about the issues you ran into. We also started the semester with 
9800-80s, but we chose to go with 17.3.4.

Things went well for most of the day on the first day of classes, except for a 
single controller crash after business hours. Cisco has identified this as a 
bug on the 17.3.X:
CSCvx71141 - CPU HOG in RRM Process.

You should contact TAC to get more details. They might also be able to provide 
a workaround, depending on your configuration.

We also ran into the bug below, but this was fixed with an AP service pack. 
Cool feature BTW, it actually works.
CSCvz08781
Symptom: AP2800/3800/4800/1560/IW6300/ESW6300 Firmware Radio Crash on 17.3.4 
while passing client traffic.

There is also an issue on 17.3.4 that is impacting 9120s. Cisco is working on a 
service pack for this as well. Don't have more details on this.

Thank you on the information regarding the wncd processes. We also followed the 
best practices, but we do have controllers that have a few wncd processes with 
a little over 500 APs. No issues so far, other than we have noticed in a few 
instances that even though we only have 8 custom site tags, some WLCs will 
assign two sitetags to a single wncd process.  We are working with TAC on this.

We also have a substantial number of 2700 series AP. We encountered no major 
issues during the upgrade process.

Finally, we have noticed that L3 roaming is not working on our 802.1X and PSK 
SSIDs. I wonder if anyone has run into this issue as well?.

Best,

Hector Rios
UT Austin




From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Chad Sawyer
Sent: Tuesday, September 7, 2021 9:21 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] rough start of semester on 9800-80 WLCs

Just sending a heads up in case anyone else hits these.  This was our first 
semester with a full campus since moving everything over to our 9800-80 pairs.  
They've been in production for much of the past 12 months and the performance 
was fine when campus was empty.  Under load was another story.

First issue:
Code 17.3.3 has the following bugs that were causing frequent HA failovers that 
reference the wncd process.  This was resolved by upgrading to 17.4.4.
CSCvx37499- Controller reloads with the reason "Critical process wncd fault on 
rp_0_0 (rc=139)
CSCvy20300- Primary controller in HA frequently ends abnormally

Second issue:
Unfortunately these failovers also provoked one of the units to lose the 
contents of its bootflash and get stuck in rommon mode, so we had to recover it 
via the booting to USB routine.  This was also due to a 17.3.3 bug and has been 
hopefully resolved so far by upgrading to 17.4.4.
CSCvy73836- C9800-80 controller goes to rommon after multiple failovers due to 
power cycling

Third issue:
The nastiest thing though was unrelated to bugs.  It was CAPWAP timeouts that 
only occurred in busy areas of campus.  AP uptime would show months, but CAPWAP 
uptimes were constantly resetting to zero.  The logs on the AP would show the 
following message: "Going to restart CAPWAP (reason : data keepalive not 
received)"  We wasted a lot of time troubleshooting this as a connectivity 
issue between our APs and controller, but that wasn't the cause.

This problem was a result of our following Cisco's 9800 best practice 
guide<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Fproducts%2Fcollateral%2Fwireless%2Fcatalyst-9800-series-wireless-controllers%2Fguide-c07-743627.html=04%7C01%7Cchadsawyer%40USF.EDU%7C70dd56e07e8d48c6afc308d9722075bf%7C741bf7dee2e546df8d6782607df9d

RE: rough start of semester on 9800-80 WLCs

[Rios, Hector J]

Chad,

Sorry to hear about the issues you ran into. We also started the semester with 
9800-80s, but we chose to go with 17.3.4.

Things went well for most of the day on the first day of classes, except for a 
single controller crash after business hours. Cisco has identified this as a 
bug on the 17.3.X:
CSCvx71141 - CPU HOG in RRM Process.

You should contact TAC to get more details. They might also be able to provide 
a workaround, depending on your configuration.

We also ran into the bug below, but this was fixed with an AP service pack. 
Cool feature BTW, it actually works.
CSCvz08781
Symptom: AP2800/3800/4800/1560/IW6300/ESW6300 Firmware Radio Crash on 17.3.4 
while passing client traffic.

There is also an issue on 17.3.4 that is impacting 9120s. Cisco is working on a 
service pack for this as well. Don't have more details on this.

Thank you on the information regarding the wncd processes. We also followed the 
best practices, but we do have controllers that have a few wncd processes with 
a little over 500 APs. No issues so far, other than we have noticed in a few 
instances that even though we only have 8 custom site tags, some WLCs will 
assign two sitetags to a single wncd process.  We are working with TAC on this.

We also have a substantial number of 2700 series AP. We encountered no major 
issues during the upgrade process.

Finally, we have noticed that L3 roaming is not working on our 802.1X and PSK 
SSIDs. I wonder if anyone has run into this issue as well?.

Best,

Hector Rios
UT Austin




From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Chad Sawyer
Sent: Tuesday, September 7, 2021 9:21 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] rough start of semester on 9800-80 WLCs

Just sending a heads up in case anyone else hits these.  This was our first 
semester with a full campus since moving everything over to our 9800-80 pairs.  
They've been in production for much of the past 12 months and the performance 
was fine when campus was empty.  Under load was another story.

First issue:
Code 17.3.3 has the following bugs that were causing frequent HA failovers that 
reference the wncd process.  This was resolved by upgrading to 17.4.4.
CSCvx37499- Controller reloads with the reason "Critical process wncd fault on 
rp_0_0 (rc=139)
CSCvy20300- Primary controller in HA frequently ends abnormally

Second issue:
Unfortunately these failovers also provoked one of the units to lose the 
contents of its bootflash and get stuck in rommon mode, so we had to recover it 
via the booting to USB routine.  This was also due to a 17.3.3 bug and has been 
hopefully resolved so far by upgrading to 17.4.4.
CSCvy73836- C9800-80 controller goes to rommon after multiple failovers due to 
power cycling

Third issue:
The nastiest thing though was unrelated to bugs.  It was CAPWAP timeouts that 
only occurred in busy areas of campus.  AP uptime would show months, but CAPWAP 
uptimes were constantly resetting to zero.  The logs on the AP would show the 
following message: "Going to restart CAPWAP (reason : data keepalive not 
received)"  We wasted a lot of time troubleshooting this as a connectivity 
issue between our APs and controller, but that wasn't the cause.

This problem was a result of our following Cisco's 9800 best practice 
guide,
 specifically on site tag sizing.  Although the guide says up to 500 APs can 
safely be assigned to a site tag, that was far from the truth in our 
experience.  Several TAC folks missed it and it took our rep escalating the 
issue to a senior wireless design person from Cisco to finally find it.  She 
advised breaking up our site tags so that they didn't exceed 250 APs, which 
instantly resolved the CAPWAP timeouts.


Fourth issue:
Apparently some of the 2702i APs don't handle code upgrades gracefully with the 
9800s.  Cisco made it sound like this was a common issue.  After upgrading from 
17.3.3 to 17.3.4, several 2700s on campus were showing "%CAPWAP-3-ERRORLOG: 
Certificate verification failed!" when attempting to establish CAPWAP with the 
controllers.  This was resolved by manually recovering the APs by pushing an 
image from the downloads page to them via TFTP.  Luckily we have a staff member 
who's pretty skilled at automating this type of stuff.  These were the commands:

SSH to the affected AP
enable
!
(enter password if there is one)
!
debug capwap console cli
!
archive download-sw /overwrite /force-reload tftp://(tftp server 
IP)/ap3g2-k9w8-tar.153-3.JPJ7.tar
!

The AP will automatically reload, establish capwap with the controller, 
download the proper image, reload, and re-join the controller successfully.


Chad Sawyer
Network Engineer
USF Information Technology 

RE: Ekahau Update

[Rios, Hector J]

Ian,

Thank you for putting this together. Let's hope Ekahau is truly receptive and 
they are able to come with alternatives that benefit all of us.

Hector Rios
UT Austin

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Ian Lyons
Sent: Monday, August 9, 2021 12:50 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Ekahau Update

Good Day Everyone!

Eric and I were happy to host a meeting with many of you about Ekahau last 
Friday.

We had a peak of 28 folks and an average of 18!  Thank you for coming!

The meeting started with introductions and that lasted about the first 20 min 
or so.
Steve (VP Global Sales) and Stewart (SE North America) were Ekahau 
representatives. Both started ~2 years ago

Then we segued into how people used the product:
Sidekick, AP on a stick, Design, Analysis, Engineering, and proof of 
engineering were the common threads.

Steve opened the introductions and brought up a point that Ekahau EULA was 
always 1:1. Members that have been using the product for 8+ years have evidence 
that it was initially concurrent users' vs 1:1.  Further the "teeth" that made 
sharing the gear difficult became active in version 10.3.

Many schools, large and small, with disparate sized teams as well as healthcare 
indicated that there isn't a 1 size fits all.

Pro's and Con's:
Some folks have deep pockets and will fund other active users.  Others stated 
that the device is used periodically and could be used by interns for site 
surveys up to proof of design and engineering validation by FTE's.
Use of a physical hardware license key was discussed:  On the one hand it makes 
it easier to tie to license to something, but that has the impact of requiring 
people to come into contact to hand it off.
The spirit of the device was a sporadically used tool but only 1 person at a 
time.

Some suggestions by the group and Ekahau, were a tiered approach of access.

Where we left things is that Stephen (SVP of Sales) will work with his 
management to determine an alternate EULA\connection model that will better fit 
our needs (those on the call).  We agreed to another meeting, ideally in 8 
weeks' time to review Stephen's work on our behalf.

Steve was adamant that any problems by the group accessing a tool because of 
lock out/access please send an email to him (email info below) and he will help 
get you access to the tool again.

steve.lit...@ekahau.com
stewart.goum...@ekahau.com

Link to the Meeting
Webex meeting recording: Ekahau and Educause WIFI Group
Password: EducauseWifi
Recording link: 
https://rollins.webex.com/rollins/ldr.php?RCID=12596eece193961c0a7e8c4c5e51a99e

*Any mistakes in the summarization are mine, on how the product works or ties 
together.  I do not have the product, so my knowledge gaps were a result of 
unfamiliarity of the product and a poor google search to educate myself.

Cheers
Ian J Lyons
Network Architect - Rollins College
401.413.1661 Cell
407.628.6396 Desk



This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

[Rios, Hector J]

The challenge with testing FT, either "enabled" or "adaptive" is that it will 
most likely work with the few devices you can test with, but the minute you 
enable it and expose it to all your client devices, there will be some that 
will just not play nice. At that point you either revert your config, or take a 
stance of "this is what we support moving forward, so, sorry". It's the nature 
of the game.

Hector Rios, UT Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Dennis Xu
Sent: Wednesday, July 28, 2021 2:05 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

Thanks for all the information.

We might want to test the FT "enabled" setting.

Dennis Xu

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Steve J Wenger
Sent: Monday, July 26, 2021 3:00 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

CAUTION: This email originated from outside of the University of Guelph. Do not 
click links or open attachments unless you recognize the sender and know the 
content is safe. If in doubt, forward suspicious emails to 
ith...@uoguelph.ca

We learned that FT "Adaptive Enabled" was on by default when we deployed IOS-XE 
17.3.  Certain Motorola cell phones had difficulty connecting intermittently, 
regardless if the phones were Android 10 or 11.  When we set FT to "disabled", 
the Android clients in question were able to connect and roam between AP's and 
buildings without problems.  Discovered this only after reading about the Cisco 
bug CSCvu24770.  Have not tried to set FT to "enabled" to experiment yet.

Thanks,

Steve Wenger
Viterbo University
Wi-Fi / Telecom Administrator | Instructional and Information Technology
608-796-3950
[EmailSignatureLogo]
www.viterbo.edu | 900 Viterbo Drive, La Crosse, WI  
54601

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Jason Mallon
Sent: Monday, July 26, 2021 1:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable

EXTERNAL: This email originated from a sender outside of Viterbo. Use caution 
when clicking on links or opening attachments.
We have FT enabled on ours, and it allowed the Andorid devices to connect that 
were unable to while we had FT adaptive.  I have not heard, up to this point, 
of any devices failing to connect since we made the swap a couple months ago.


Jason Mallon
Network Engineer
Office of Information Technology
The University of 
Alabama
jemal...@ua.edu
[The University of Alabama stacked logo with box 
A]



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Dennis Xu mailto:d...@uoguelph.ca>>
Date: Monday, July 26, 2021 at 1:19 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [EXTERNAL] [WIRELESS-LAN] Fast Transition Enable
Hi,


Has anyone set Fast Transition to enable for Cisco WLCs? Have you had any 
compatibility issues with client devices with FT enabled? I am asking because 
of the Android bug CSCvu24770 which caused some Android devices not able to 
connect with adaptive FT.



Thanks.

Dennis

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 

RE: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Cisco 8540 Code Recommendation, Based on Stability?

[Rios, Hector J]

The log “chatter: lat_client_add(422): Failed to add client” is documented in 
CSCvv78366. The release notes for 8.10.151 say that it is resolved, but it is 
not. From the troubleshooting I’ve done, even on MR5, it appears this bug is 
purely cosmetic. I have not had issues connecting to APs experiencing this bug 
when I have tested. The biggest issue with this bug is all the trash that is 
generating.

Hector Rios, UT Austin

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Mathieu Sturm
Sent: Tuesday, June 8, 2021 2:03 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Cisco 8540 Code 
Recommendation, Based on Stability?

Hello all,

We were struggling with this issue as well on version 8.10.130.0. We created a 
tac case (SR 690110031) last year but due to covid and lockdowns we couldn’t 
reproduce the issue. We only saw these issues on places where there was a lot 
of clients/roaming. On these ap’s the logs were filled with “chatter: 
lat_client_add(422): Failed to add client”. Not sure if this was related 
though. We only saw this issue on newer ap’s (2800/3800 and 9120’s).

No fix so far (and apparently not even in 8.10.151). Cisco pointed us to bug id 
CSCvv78719 and we had to disable MU-MIMO.
We weren’t able to verify this fix.

Regards


Mathieu Sturm
Hoofdmedewerker Netwerkbeheer

[https://www.hogent.be/www/assets/Image/logo2018.png]

Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23
www.hogent.be






Van: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
Namens Jonathan Oakden
Verzonden: woensdag 2 juni 2021 17:38
Aan: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Onderwerp: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Cisco 8540 Code 
Recommendation, Based on Stability?

Not sure as yet as we have been too busy to get this over to TAC at the moment 
since we identified the problem and came across this bug ID at the end of last 
week. It’s certainly the closest match we can find.
We can see that most of our 2801 APs sit at around 30-50% memory utilisation, 
however around 6% of them (about 320) are currently above 60% which is unusual. 
These appear to be climbing steadily at around 3-4% per week as though there is 
a memory leak.
We first spotted this when we got reports from students in a residence saying 
they were connected to wifi but nothing was working. Looking at the AP it was 
sat at 95% memory utilisation. Rebooting the AP restored service. However, we 
then looked at nearby APs and could see them climbing as well. It doesn’t 
appear to be all our APs but some unknown subsection of them.
We only went to 8.10 as we had bought some 9105 APs.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Lee H Badman 
<00db5b77bd95-dmarc-requ...@listserv.educause.edu>
Date: Wednesday, 2 June 2021 at 16:30
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] [EXTERNAL] [WIRELESS-LAN] Cisco 8540 Code 
Recommendation, Based on Stability?
That one’s interesting because it shows affected code is 8.5(140.0), and only 
one case... is TAC agreeing it’s the same bug? Just curious.
Lee Badman (mobile)

On Jun 2, 2021, at 11:23 AM, Jonathan Oakden 
mailto:j.p.oak...@lboro.ac.uk>> wrote:

We are on 8.10.151 for the last couple of months here at Loughborough 
University in England. We think we are being hit quite badly by this bug:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp31778
with around 6% of our 2802i APs being currently affected.
It’s a really annoying bug too as to the user they appear to be connected to 
Wi-Fi but they have no network activity at all. Also the APs seem fine from a 
monitoring perspective unless you are either carefully monitoring their memory 
usage, or they get so far out of memory that they appear to lose their 
registration with the controller.
As such, I really can’t recommend 8.10.151.

From: The EDUCAUSE Wireless 

RE: [WIRELESS-LAN] Apple product antenna strength vs other?

[Rios, Hector J]

For iOS there is always the trusty Airport utility. At the very least it tells 
you the BSSID, channel and RSSI in dBm.

Hector Rios, UT Austin

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Enfield, Chuck
Sent: Friday, June 4, 2021 10:14 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Apple product antenna strength vs other?

Along the same lines as what Lee said, you need to make sure all the client 
devices are connecting to the same AP and radio.  I also don't recommend 
relying on bars for anything.  Perhaps there's a standard for them now, but if 
there is I'm not aware of it.  To see the connection details:


  *   On Mac, Hold the option key while clicking the wireless icon.
  *   On Android, download any of the myriad apps which provide network 
connection details.  You can also enable developer options (Google the steps), 
then enable Wi-Fi verbose logging to see more connection details right in the 
wi-fi menu on your device.
  *   On Windows, the OS reports Wi-Fi strength in % instead of dB, so I 
recommend an app.  If you haven't purchased any Wi-Fi diagnostic apps for 
Windows, then there's a free one in the app store called Wi-Fi Analyzer that 
will give you the basic info.  I wouldn't trust everything in the app (it seems 
to think all channels are 20Mhz) but I've found the other basic info (channel, 
rssi, protocol, bssid) reliable.
  *   Sadly, I'm not aware of how to get any useful network information from 
iOS devices.


From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Tyler
Sent: Friday, June 4, 2021 10:43 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Apple product antenna strength vs other?

Chuck,
We checked bar strength.  Macs were in the 2nd out of 3 bars.  PC's were 
getting 4 out of 5.  I didn't check the phones.  We did bandwidth testing and 
Macs were below 10Mb while PC's were averaging around 150Mb.  I did check 
Airwave for possible issues.  It suggested a poor SNR value for at least one of 
the Macs.  I didn't know what to make of that since the PC's were not having 
that issue.  Health was not good.
  Also, the Macs would drop connections and sometimes have random difficulty in 
connecting.  No issues with the PC's or droids.
  It was basic testing at this point, but there was no doubt that Macs 
struggled performance wise while PC's didn't.  I do need to go back and make 
sure they are all using the same AP.  I did check on one Mac, but I didn't 
verify it for all of them.
  Tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Enfield, Chuck
Sent: Friday, June 4, 2021 9:28 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Apple product antenna strength vs other?

Tim,

If you don't mind my asking, how are you assessing the performance?

Chuck Enfield
Manager, Wireless & Cellular
Penn State IT
814-863-8715

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Tyler
Sent: Friday, June 4, 2021 10:18 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Apple product antenna strength vs other?

Wifi experts,

We are running Aruba MM with two controllers on 8.7.3.  Our AP's are mostly 
AP-225's.
I have had complaints from one of our tech rooms that they were getting a poor 
signal.  I finally got around to testing that room out.  The location of the AP 
to this room is in an adjacent room.  When I test with Windows PC's and Droid 
phones, the signal and performance is just fine.  When we tested with Macs and 
iphones, the signal strength was amazingly weak for all of them.  We tested 
with two Macs and two iphones as well as multiple PC's and Android phones.  
Only the Apple devices had weak signals.  Have any of you experienced a weaker 
antenna performance with your Apple devices on your campuses?

If I put an AP in the room, the Apple devices are fine.  But I am surprised I 
would have to do this.  I would not have expected Apple devices to have weaker 
antennas.

I did check in Airwave to make sure at least one of the Macs was still 
connecting to the same AP.  Any thoughts from anyone?


Tim Tyler
Network Engineer
Beloit College


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 

RE: Experience with Directional External Antennas on Cisco

[Rios, Hector J]

The Cisco AIR-ANT2566P4W-R= is an excellent antenna for broad coverage. The 
Cisco AIR-ANT2566D4M-R is also a good option for more focused coverage. You can 
find similar antennas available at a lower cost, with relatively the same specs 
and performance like 
https://www.tessco.com/product/2-4-5ghz-6dbi-dual-polarized-directional-antenna-279467.
 I find that between Ventev and Acceltex you can find just about any antenna 
you need to meet your requirements.

If you have Ekahau, it will have a long list of supported vendor antennas with 
their radiation patterns and you can drop them into a project to see what the 
coverage will look like. Very useful tool.

Hector Rios, UT Austin


From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Kris Vangeel
Sent: Thursday, June 3, 2021 6:25 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Experience with Directional External Antennas on Cisco

Which directional antenna brands (patch and high density patch) do you use on 
Cisco APs and what are your experiences them  (good or bad) ?

(We mainly used 2802 APs until recently and have moved towards 9120 APs as our 
standard AP)

Thanks a lot

Kris Vangeel
University of Leuven

This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Cisco 8540 Code Recommendation, Based on Stability?

[Rios, Hector J]

We recently upgraded to 8.10.151 and have no complaints. But then again code 
stability depends on so many factors. We have 8540s, and a mix of 9120s, 2700s, 
2800, and 1562s.

Hector Rios, UT Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Lee H Badman
Sent: Wednesday, June 2, 2021 9:40 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco 8540 Code Recommendation, Based on Stability?

Hi all,

After a tumultuous series of code versions, awhile back we settled on 8.5.151.0 
and hung on to it like grim death because it was very, very reliable.

Given that 8.5 code goes end-of-support at end of 2021, combined with latest 
rounds of announced vulnerabilities, I'm looking for recommendations in the 
8.10 train based on wanting stability above all. We have 3800s and 3700s 
currently, likely to stay that way through the next academic year.

Has anyone found an 8.10. code version for the 8540 that supports the 3700 and 
3800 while providing good daily stability?

Thanks,


Lee Badman | Network Architect (CWNE#200)
Information Technology Services
(NDD Group)
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   e lhbad...@syr.edu w its.syr.edu
Campus Wireless Policy: 
https://answers.syr.edu/display/network/Wireless+Network+and+Systems
SYRACUSE UNIVERSITY
syr.edu


This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] Outdoor WLANs?

[Rios, Hector J]

Similar to others, we also broadcast our main SSIDs outdoors. I think it is the 
best design. It keeps things consistent. To Lawson’s point, seamless mobility 
could be a challenge. Depending on the size of your campus and your network, 
you might be able to have a large subnet. But for those that are unable to do 
that, then your outdoor Wi-Fi design becomes even more important. You have to 
find ways to break your campus into zones that make sense, from a roaming 
perspective. Also, some outdoor Wi-Fi deployments tend to be focused on 
coverage only, but with COVID a lot of us are finding out that we also need to 
focus on density. An outdoor AP can cover large areas, but that also means more 
clients can connect to it. And the more you try to cover the higher the 
potential for your Wi-Fi performance to suffer.

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] The star is wireless

[Rios, Hector J]

Very creative Philippe! I want to see it with all the lights on.

Greetings,

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Philippe Hanset
Sent: Monday, December 14, 2020 1:56 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] The star is wireless

Season's greetings to all :)

[cid:image001.jpg@01D6D241.3C6E0A00]




Philippe Hanset, CEO
www.anyroam.net
Operator of eduroam-US






This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] Fast transition roaming

[Rios, Hector J]

You can also use the Wi-Fi Alliance product finder: 
https://www.wi-fi.org/product-finder. Fast BSS Transition is covered under the 
Wi-Fi Agile Multiband technical specification. 

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS



-Original Message-
From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Brady J. Ballstadt
Sent: Friday, December 4, 2020 8:46 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Fast transition roaming

+1 for the list JJ sent.  That is also what I use to try to track down client 
support.  I do agree having an r and k column would be nice, but there are also 
pcaps there if you want to get into a specific one and look.  

It's the best list I know of so if anyone has another I'd also be interested in 
seeing it to have it as a resource.

That being said we haven't run into many issues with r/k/v.  Cisco+apple did 
get a bit finicky about roaming for awhile there, but we are no long a cisco 
shop so can't chime in if it's a lot better or not.  From client side I haven't 
run into issues with these on in our higher ed environment.  I've seen use 
cases where these have broken certain devices but they were wonderful barcode 
scanners.  

Brady Ballstadt
UITS
University of Arkansas

On 12/4/20, 8:34 AM, "The EDUCAUSE Wireless Issues Community Group Listserv on 
behalf of Jennifer Minella"  wrote:

EXTERNAL MESSAGE


Eric,
Admittedly I'm skimming here, but wanted to just throw in the note that 
ultimately it's up to whether the client supports the various roaming 
protocols. Not all do, and there's no (IMO) intuitive line there, no pattern or 
specific date, etc. at which point you can easily say "this client would 
support xyz". I'm not cool enough to remember all the details of what all 
clients support. There's some info at 
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fclients.mikealbano.com%2Fdata=04%7C01%7Cbjballst%40UARK.EDU%7Cd7e37f2640f14039fd4308d89861b16c%7C79c742c4e61c4fa5be89a3cb566a80d1%7C0%7C0%7C637426892659475885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000sdata=3Slo2kEFL%2FH3pp7cFtAww5qAhHGgOEorkBTBykH4aXE%3Dreserved=0
 I refer to regularly - if you pop that out it has the 11v protocol but it 
doesn't look it lists 11k or 11r unfortunately. Someone else here may have 
another resource that's better for roaming info.

+1 on CTS (Clear to Send) podcast links Jethro sent, great peeps and info!

Hope that helps a tiny bit!
-jj

___
Jennifer Minella, CISSP, HP MASE
VP of Engineering & Security
Carolina Advanced Digital, Inc.

https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.cadinc.com%2Fdata=04%7C01%7Cbjballst%40UARK.EDU%7Cd7e37f2640f14039fd4308d89861b16c%7C79c742c4e61c4fa5be89a3cb566a80d1%7C0%7C0%7C637426892659475885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000sdata=t8QhxxHCF8%2BqoKjB7ITZgdM%2B4QetSEfrTBHW%2B%2B%2BsVwo%3Dreserved=0
j...@cadinc.com
919.460.1313 Main Office
919.539.2726 Mobile/text


-Original Message-
From: Jethro R Binks 
Sent: Thursday, December 3, 2020 5:08 AM
Subject: Re: Fast transition roaming

Clear To Send podcast had several episodes/posts covering these (and v):

  
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cleartosend.net%2F802-11k-802-11v%2Fdata=04%7C01%7Cbjballst%40UARK.EDU%7Cd7e37f2640f14039fd4308d89861b16c%7C79c742c4e61c4fa5be89a3cb566a80d1%7C0%7C0%7C637426892659475885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000sdata=T938XFZY8kkgFrUr76yqRonx3cyt5g3udvR48g7ALx4%3Dreserved=0

  
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cleartosend.net%2Fcts-206-a-look-into-802-11k%2Fdata=04%7C01%7Cbjballst%40UARK.EDU%7Cd7e37f2640f14039fd4308d89861b16c%7C79c742c4e61c4fa5be89a3cb566a80d1%7C0%7C0%7C637426892659475885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000sdata=L%2BFQo4deSWvSQW7R%2FhR0766JQm9Tp%2Bs3a2fvormYqYU%3Dreserved=0

  
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cleartosend.net%2Fcts-211-a-look-into-802-11v%2Fdata=04%7C01%7Cbjballst%40UARK.EDU%7Cd7e37f2640f14039fd4308d89861b16c%7C79c742c4e61c4fa5be89a3cb566a80d1%7C0%7C0%7C637426892659475885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000sdata=DaRcatA4viSn4O4%2FtdetjkHMKzy8BSqlSSQJmWwxNlw%3Dreserved=0

  

RE: [WIRELESS-LAN] Cisco 8.10.130.0 eduroam issues

[Rios, Hector J]

Mathieu,

We continue to experience bug CSCvv78366. It is indeed cosmetic but it causes 
APs to spew a lot of syslog messages (~40 per second). I have not looked into 
CSCvv78719.

MR4 came out last month. We have not upgraded yet. If you look at the release 
notes there are some interesting caveats. One of the resolved caveats have to 
do with TWT. The resolution, you guessed it, disable TWT. So there seems to be 
a number of issues being caused by .11ax features.

Multiuser operation is very complex, and for clients to take advantage of it 
they first have to support it and then a lot of other conditions need to be in 
place for it to actually happen (e.g. spatial diversity). So disabling it right 
now should not cause a big impact, and should hopefully provide Cisco time to 
get their bugs fixed (in a timely manner).

BTW, sadly none of the bugs you listed appear in the MR4 release notes.

Best,

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Mathieu Sturm
Sent: Friday, November 20, 2020 1:29 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco 8.10.130.0 eduroam issues

Hello everyone,

We’ve been having issues on 8.10.130.0 where a client could connect to a 
certain 2800/3800/9120 but didn’t have network access. Since the client was 
already connected they couldn’t roam to another AP.

We first thought it to be this bug: 
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv78366
Cisco thinks this is only cosmetic… so they now think we are facing this bug: 
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv78719%20/?rfs=iqvred

Their (temporary) solution is to

Step 1
Choose WLANs and click the WLAN ID.
Step 2
In the Advanced tab, check or uncheck the 11ac MU-MIMO check box.
Step 3
In the 802.11ax BSS Configuration section, check or uncheck the Down Link 
MU-MIMO and Up Link MU-MIMO  disable MU-MIMO on 802.11ax APs.

I’m not to keen on doing this. It makes our 2800/3800/9120’s pretty worthless.

We also saw these bugs:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk68674/?rfs=iqvred
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh04804/?rfs=iqvred

We are waiting for MR4 were hopefully these bugs will be gone (We can only hope 
)

Regards,


Mathieu Sturm
Hoofdmedewerker Netwerkbeheer

[cid:image001.png@01D6BF1C.DD313F30]

Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23
www.hogent.be




Van: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
Namens Phill Solomon
Verzonden: donderdag 1 oktober 2020 1:15
Aan: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Onderwerp: Re: [WIRELESS-LAN] Cisco 8.10.130.0 eduroam issues

We have upgrade 2/3 WLC pairs from 8.5.151 to 8.10.103.0 – seems to be going ok 
with the exception of DNAC-C reporting slower / more DHCP failures – while we 
have received no support calls – just wondering if anyone else has seen this?

Mathieu, thanks for the tip on the bug, now watching that too.

thanks

Phill Solomon
Senior Network Engineer
Deakin University, IS - AV & Networks,  ICT Infrastructure Services, eSolutions
• Phone: +61 3 924 46069

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Mathieu Sturm
Sent: Thursday, 24 September 2020 10:13 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco 8.10.130.0 eduroam issues

Little update, I came across this bug id: 
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu65125/?rfs=iqvred
 (thanks Jeff for the hint about version 8.10.139.43)

So I decided to change the settings on the SSID from WPA2 + WPA3 back to 
WPA+WPA2 and this seems to have resolved our issues (we’re testing right now).

My wife is about to deliver our 2nd daughter so I will ask my colleagues to 
update if possible.

Regards,


Mathieu Sturm
Hoofdmedewerker Netwerkbeheer

[https://www.hogent.be/www/assets/Image/logo2018.png]

Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23

RE: [WIRELESS-LAN] Transitioning from older controller to new controller

[Rios, Hector J]

May I suggest that we also consider setting up an agenda. There are significant 
enough changes in IOS-XE that configuration management will be very different. 
Some might be considering DNA Center, others might be looking to take advantage 
of its programmatic capabilities. For those that have PRIME there will be 
decisions to be made.

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS


From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Ricardo Stella
Sent: Wednesday, November 11, 2020 5:37 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller


How about someone set up a new quick signup form?

---
°(((=((===°°°(((===


On Nov 11, 2020, at 6:19 PM, Oh, Christopher 
mailto:c...@luc.edu>> wrote:

I would also love to join the meeting.


Chris Oh

Network Engineer

Information Technology Services

Loyola University Chicago​

P: 773.508.6073| E: c...@luc.edu

​




From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Michael Usher 
<010ef28e43bf-dmarc-requ...@listserv.educause.edu>
Sent: Wednesday, November 11, 2020 2:52 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller

I took a list of names a few weeks ago, but then I went dark when work got 
busy.  My apologies for the silence.

I'm reaching out to Mike Atkins to see if we can get everyone together on a 
single session.  I envisioned more of a "panel discussion" than a formal 
presentation -- but I've sure got my list of "gotchas" to share, so I'm sure it 
will be useful.

Looking forward to sharing experiences with others.

Michael Usher



On Wed, Nov 11, 2020 at 12:48 PM Matthew Craig 
mailto:matcr...@nmsu.edu>> wrote:
I am intersted as well.




-
Matt Craig
Network Engineer
Information and Communication Technologies
New Mexico State University









On Nov 11, 2020, at 1:25 PM, Mike Atkins 
mailto:matk...@nd.edu>> wrote:

WARNING: This email originated external to the NMSU email system. Do not click 
on links or open attachments unless you are sure the content is safe.
You are not late at all.  I certainly am.  I have 8-9 e-mails for interest.  
I'll send out a quick survey to collect information from those that responded.  
I will send it to the list again to pickup others that might be interested.


On Wed, Nov 11, 2020 at 3:17 PM Michael Heflin 
<02002057e293-dmarc-requ...@listserv.educause.edu>
 wrote:
Little late but would be interested in this as we are moving from 8540's to 
9800's

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community


--







Mike Atkins

Infrastructure Architect

Office of Information Technology

University of Notre Dame





**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


--
Michael Usher
Interim Network Operations Manager
Senior Wireless Network Engineer
University of California, Santa Cruz
mus...@ucsc.edu831-459-3697

**
Replies to 

RE: [WIRELESS-LAN] Transitioning from older controller to new controller

[Rios, Hector J]

I’m interested too.

Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS




From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Mike Atkins
Sent: Wednesday, November 11, 2020 2:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller

You are not late at all.  I certainly am.  I have 8-9 e-mails for interest.  
I'll send out a quick survey to collect information from those that responded.  
I will send it to the list again to pickup others that might be interested.


On Wed, Nov 11, 2020 at 3:17 PM Michael Heflin 
<02002057e293-dmarc-requ...@listserv.educause.edu>
 wrote:
Little late but would be interested in this as we are moving from 8540's to 
9800's

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


--




Mike Atkins
Infrastructure Architect
Office of Information Technology
University of Notre Dame





**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] Transitioning from older controller to new controller

[Rios, Hector J]

Me too please.


Hector Rios, Wireless Network Architect
The University of Texas at Austin | ITS



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Catania, Michael
Sent: Monday, October 12, 2020 8:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller

Please add me too.

Michael Catania
Sr. Network Analyst
Information Technology Services
Loyola University Chicago

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Misra, Sapna 
mailto:sapna.tripa...@vumc.org>>
Sent: Monday, October 12, 2020 8:32:25 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller


I am interested too. Planning a migration from 8510s (eventually 8540s) to 
9800s.



Best,



Sapna Misra | Principal Network Engineer | Information Technology | Vanderbilt 
University Medical Center
sapna.tripa...@vumc.org | Phone 615-875-8876



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Yahya Jaber
Sent: Sunday, October 11, 2020 1:52 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller



Me too please.



Thanks.



Yahya Jaber.

Sr. Wireless Engineer

IT Network & Communications - Engineering

Building 14, Level 2, Rm 201-WS37

KAUST 23955-6900 Thuwal, KSA



Email yahya.ja...@kaust.edu.sa

Office +966 (0) 12 8081237

Mobile +966 (0) 558697555

On Call Rotation Mobile: +966 54 470 1177



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Brahim Bouchaiba
Sent: Friday, October 9, 2020 19:07
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller



I like to be added also.

Thanks.



On Fri, Oct 9, 2020 at 11:27 AM Jesse Thomas 
mailto:jtho...@hamilton.edu>> wrote:

Same here - we're moving from WiSM2 to 9840.



Thanks,




--

Jesse Thomas
Network & Systems Administrator
Hamilton College
315-859-4211





On Fri, Oct 9, 2020 at 10:44 AM Slone, Kelly 
mailto:kelly.sl...@marshall.edu>> wrote:

I would also like to be included.



Thank you,



Kelly Slone, B.S., MCP

IT Infrastructure Engineer

Marshall University Information Technology

Drinko Library DL 436

Office:  304-696-6109

Helpdesk:  304-696-3200

slon...@marshall.edu





From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, October 9, 2020 at 10:30 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller

Sounds like I might need to set up a general session.  I'll catch Don and Abbas 
early next week, but if there's other interest, I'm happy to do a wider 
discussion after a bit of preparation.  I'll send out an invite for signups 
when I'm ready next week.



On Fri, Oct 9, 2020 at 7:27 AM Floyd, Brad 
mailto:bfl...@mail.smu.edu>> wrote:

Mike,

Per our recent conversation about this topic, yes please add me to the invite 
list.

Thanks,

Brad



From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Mike Atkins
Sent: Friday, October 09, 2020 9:08 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Transitioning from older controller to new 
controller



[EXTERNAL SENDER]


I've reached out to a few schools individually on this very topic.  Would the 
group want to do a Zoom session on this?











Mike Atkins

Network Engineer

Office of Information Technology

University of Notre Dame



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Sullivan, Don
Sent: Friday, October 9, 2020 9:01 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Transitioning from older controller to new controller



We are in the process of upgrading our wireless from a Cisco 8510 to a Cisco 
9800-80. I wanted to query those on this list who have already gone through 
this process about any lessons learned that would have been nice to know before 
transitioning your existing AP inventory that is compliant with the new 
hardware. I am building the configuration for the 9800 from scratch 

RE: WLC 8.10.122 Bug

[Rios, Hector J]

Bug ID CSCvu67048 has a much better explanation of the problem than the one I 
mentioned. It's disappointing they don't list it in the release notes of either 
8.10MR2 or MR3. Thank you for sharing!

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Mathieu Sturm
Sent: Friday, August 28, 2020 6:42 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLC 8.10.122 Bug

We are experiencing CSCvu67048 and are upgrading to 8.10.130. Also on version 
8.10.122 is this bug CSCvu24770

8.10.122 should be avoided.


Mathieu Sturm
Hoofdmedewerker Netwerkbeheer

[https://www.hogent.be/www/assets/Image/logo2018.png]

Directie Financiën, Infrastructuur en IT
Afdeling Netwerkbeheer
Campus Schoonmeerssen - Gebouw B  Lokaal B0.75
Valentin Vaerwyckweg 1 - 9000 Gent
+32 9 243 35 23
www.hogent.be<https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.hogent.be%2F=02%7C01%7Cmathieu.sturm%40hogent.be%7C86879fbc6e8c49ab13ff08d67ac4edef%7C5cf7310e091a4bc5acd726c721d4cccd%7C1%7C0%7C636831383554731873=8NfYjNEE4XDViDT6wMtCYFa0cY8g5CXqS9kf7VtYBcU%3D=0>




Van: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
Namens Rios, Hector J
Verzonden: donderdag 27 augustus 2020 18:43
Aan: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Onderwerp: [WIRELESS-LAN] WLC 8.10.122 Bug

For those of you on or considering 8.10., be aware of this bug:


CSCvt38486:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt38486<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbst.cloudapps.cisco.com%2Fbugsearch%2Fbug%2FCSCvt38486=02%7C01%7Cmathieu.sturm%40HOGENT.BE%7Cc8ea3053fe7944fe246608d84aa84468%7C5cf7310e091a4bc5acd726c721d4cccd%7C1%7C0%7C63734143384762=m9YmWtHN8WrijL520jqPkYyqDniFM%2Fbsg2PIt9cAJGQ%3D=0>

This was actually brought up a couple of months ago on subject "WLC 8.10.121 
Deferred". We did experience the issue with Windows clients. And testing on 
8.10.130 looks to resolve the problem.

Thanks,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity=02%7C01%7Cmathieu.sturm%40HOGENT.BE%7Cc8ea3053fe7944fe246608d84aa84468%7C5cf7310e091a4bc5acd726c721d4cccd%7C1%7C0%7C637341433847637770=7EI7s0QJ9UJVFkBKokNK%2FP41R6tVRzqUO9s3Qud50es%3D=0>

This message is from an external sender. Learn more about why this 
matters.<https://ut.service-now.com/sp?id=kb_article=KB0011401>


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

WLC 8.10.122 Bug

[Rios, Hector J]

For those of you on or considering 8.10., be aware of this bug:


CSCvt38486:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt38486

This was actually brought up a couple of months ago on subject "WLC 8.10.121 
Deferred". We did experience the issue with Windows clients. And testing on 
8.10.130 looks to resolve the problem.

Thanks,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: WLC 8.10.130

[Rios, Hector J]

I have upgraded two 8540 WLCs already and I've done tests on about 25 different 
APs (2700, 3700, 2800). I upgraded from .122 to .130. I've tested PSK, .1X 
auth. No issues so far.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Mathieu Sturm
Sent: Thursday, August 20, 2020 2:03 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLC 8.10.130

I upgraded tot hat version on one of our controllers. Luckily I only had 6 ap's 
on that WLC. 5 of them got in a loop where they wouldn't join the controller. 
Only 1 eventually joined after more than an hour. I wouldn't recommend that 
version for now. All AP's were 2802's.

Van: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
Namens Rios, Hector J
Verzonden: dinsdag 18 augustus 2020 17:01
Aan: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Onderwerp: [WIRELESS-LAN] WLC 8.10.130

Has anyone upgraded to WLC 8.10.130? I'm running it in the lab. No issues with 
the upgrade. Just wanted to see if anyone is on it and with students back.

Thanks,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity=02%7C01%7Cmathieu.sturm%40HOGENT.BE%7C4580984a200a4e210a8a08d843878b0b%7C5cf7310e091a4bc5acd726c721d4cccd%7C1%7C0%7C637333596722417149=vwSWhTiGTV989LCgJ1l4%2FUSfEIVP1Gyab6wrdISIj3E%3D=0>

This message is from an external sender. Learn more about why this 
matters.<https://ut.service-now.com/sp?id=kb_article=KB0011401>


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

WLC 8.10.130

[Rios, Hector J]

Has anyone upgraded to WLC 8.10.130? I'm running it in the lab. No issues with 
the upgrade. Just wanted to see if anyone is on it and with students back.

Thanks,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Free Wi-Fi Events Coming Up

[Rios, Hector J]

Virtual Wi-Fi World Congress 2020, September 29
https://wifinowglobal.com/news-and-blog/announcement-welcome-to-the-virtual-wi-fi-world-congress-2020/amp/

Wireless Technology Forum, September 27th to October 2nd
https://wtf20.com/

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] MAC Randomization, a step further...

[Rios, Hector J]

Nope. MAC addr is still the same. This is day 2. I’ve been associated to the 
same AP.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Jake Snyder
Sent: Friday, July 31, 2020 8:54 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

It should change the next time it associates.
Sent from my iPhone


On Jul 30, 2020, at 1:02 PM, GT Hill mailto:g...@gthill.com>> 
wrote:

From what I understand it will keep the same MAC longer if it passing traffic 
at that 24 hour mark.

GT Hill

On Thu, Jul 30, 2020 at 1:44 PM Rios, Hector J 
mailto:hector.r...@austin.utexas.edu>> wrote:
I’ve done several tests on an iPhone 7 and there have been instances where the 
phone retains the same private MAC addr longer than 24 hours. Has anyone else 
done more testing?

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 4:14 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Ahh.  I glossed right over the 24-hour part.  That’s much less distressing, but 
I’m going to have a beer anyway.

Thanks Tim.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 5:04 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

But why would that change anything? A user on campus for a football game is 
there for less than 24 hours. The MAC address changes per ESSID, every 24 
hours. I don’t understand what changes here for that use case?

It really only impacts mid to long term guests. So I guess in your example, 
parents weekend may be the one that is affected. But even then, dropping the 
lease times would solve the problem. I believe many wireless vendors recommend 
a visitor lease time of 1-8 hours.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 17:01
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Tim,
With Covid, any lease time would not be an issue. But how big were your home 
football events / tailgate parties / parent weekends at Brandeis? I’m focusing 
more on the impact of those events on the guest side of things.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 3:53 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Agreed on IPv6, but even for IPv4, I imagine most folks are running short 
leases on a visitor network, so I don’t really think much changes here. If your 
leases are 12 hours or less, there should be no impact.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 16:51
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Maybe a good use case for IPv6

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 3:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Uhg.  Didn’t even think about that.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Eric LaCroix
Sent: Friday, July 10, 2020 4:48 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

We’re all going to need to check the TTL on DHCP leases… some of our scopes 
will get eaten alive otherwise.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of "Floyd, Brad" mailto:bfl...@mail.smu.edu>>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 3:42 PM
To: 
"WIRELESS-LAN@LISTSERV.EDUC

RE: [WIRELESS-LAN] MAC Randomization, a step further...

[Rios, Hector J]

I’ve done several tests on an iPhone 7 and there have been instances where the 
phone retains the same private MAC addr longer than 24 hours. Has anyone else 
done more testing?

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 4:14 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Ahh.  I glossed right over the 24-hour part.  That’s much less distressing, but 
I’m going to have a beer anyway.

Thanks Tim.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 5:04 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

But why would that change anything? A user on campus for a football game is 
there for less than 24 hours. The MAC address changes per ESSID, every 24 
hours. I don’t understand what changes here for that use case?

It really only impacts mid to long term guests. So I guess in your example, 
parents weekend may be the one that is affected. But even then, dropping the 
lease times would solve the problem. I believe many wireless vendors recommend 
a visitor lease time of 1-8 hours.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 17:01
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Tim,
With Covid, any lease time would not be an issue. But how big were your home 
football events / tailgate parties / parent weekends at Brandeis? I’m focusing 
more on the impact of those events on the guest side of things.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 3:53 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Agreed on IPv6, but even for IPv4, I imagine most folks are running short 
leases on a visitor network, so I don’t really think much changes here. If your 
leases are 12 hours or less, there should be no impact.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 16:51
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Maybe a good use case for IPv6

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 3:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

Uhg.  Didn’t even think about that.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Eric LaCroix
Sent: Friday, July 10, 2020 4:48 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

We’re all going to need to check the TTL on DHCP leases… some of our scopes 
will get eaten alive otherwise.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of "Floyd, Brad" mailto:bfl...@mail.smu.edu>>
Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 3:42 PM
To: 
"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Thanks Tim. I just started a conversation with my SE.
Brad

From: The EDUCAUSE Wireless Issues Community Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 2:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [EXTERNAL]Re: [WIRELESS-LAN] MAC Randomization, a step further...

For extended visitor use cases (over 1 day), Passpoint is really the only 
feasible solution moving forward. Aruba has a Passpoint offering/service called 
Air Pass and WBA’s OpenRoaming initiative is gaining a lot of support.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 15:04
To: 

RE: Cisco 3800 AP code 8.10 wireless disconnections/drops

[Rios, Hector J]

8.10.121.0 is a deferred code. There are two major bugs you should be aware of:

CSCvt47413   IW-6300H/1562/2800/3800/4800 series APs are failing DFS 
compliance
CSCvt98797   Channel Availability Check (CAC) is skipped after channel 
change on 2800/3800/4800/1560/IW6300

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tariq Adnan
Sent: Thursday, July 23, 2020 9:18 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco 3800 AP code 8.10 wireless disconnections/drops

Hello everyone,

Just checking if anyone else is experiencing the wireless disconnection issues 
like us.

So far we have received complaints from multiple sites where we have deployed 
3800 model AP on 8.10.121.0. The 3800 on a different controller running code 
8.5.161.4 seems to have no issue so far.

The drop outs are very random and sometime would happen in the middle of a zoom 
meeting - very frustrating for students during lecture.

I have raised a TAC case and we couldn't reproduce the issue during 1.5 hours 
troubleshooting session.

I am suspecting below bug but unless we recreate the issue and take some logs, 
Cisco won't recommend any workaround or code upgrade:
CSCvt22353
 2800/3800/4800/1560 APs not sending DHCP messages over the air
>From bug details:
"From AP debugs and OTA captures, we can see some traffic exchange, but at some 
point AP stops transmitting data frames over the air (could be DHCP, or ICMP, 
or other data traffic), affecting all clients connected at that time."
Thanks,
-
Cheers,

Kind regards,


This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: [WIRELESS-LAN] MAC Randomization, a step further...

[Rios, Hector J]

I just finished reading the “Apple Beta Software Program Agreement”. 
Interesting information:

“Don’t blog, post screen shots, tweet, or publicly post information about the 
public beta software, and don’t discuss the public beta software with or 
demonstrate it to others who are not in the Apple Beta Software Program.”

So, I need everyone to sign up to the beta software program so we can continue 
this conversation (J/K)

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tim Cappalli
Sent: Tuesday, July 21, 2020 1:06 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

 Yeah, good catch Chris! I’d be interested in seeing some field data as well. 
The only info I saw was that it changed every 24 hours, but it sounds like 
there’s a * which indicates inactivity / not associated.

It makes much more sense that it wouldn’t change if the device maintains an 
active connection as there are really no privacy concerns until the device 
disconnects and moves.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Tuesday, July 21, 2020 at 13:15
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Tim had mentioned the following: “On iOS 14, the MAC is set per ESSID and is 
changed once every 24 hours.”

Chris then mentioned that he found one iOS 14 device that, as long as it 
remains connected, the MAC remains the same, even beyond 24hrs.

Has anyone else done testing? Please share your results.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Johnson, Christopher
Sent: Monday, July 20, 2020 10:19 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Default behavior matters indeed. Got a preview of what to expect over the 
weekend.

Found one individual that was in Aruba Airwave “12 Times” for their iPhone 14.0 
over past couple of weeks and another “6 times”. It appears that as long as the 
device remains “connected” to the network beyond the 24 hours, the MAC Address 
will remain the same. Although if they’re fully de-authenticated or move say 
into an elevator or outside (or a class phone reboot occurs in the pocket) – 
then the MAC Address will update upon establishing a new connection – that is 
just the initial observation I saw.
Christopher Johnson
Wireless Network Engineer
Office of Technology Solutions | Illinois State University
(309) 438-8444

Stay connected with ISU IT news and tips with @ISU IT Help on 
Facebook<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FISUITHelp%2F=02%7C01%7Ctim.cappalli%40MICROSOFT.COM%7Cc141f9922e2241c5153b08d82d99b43e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637309485473827397=FGJLeAaYuQi53K0C3dSVpVbg7exX195P4eSHJJGLjUU%3D=0>
 and 
Twitter<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FISUITHelp=02%7C01%7Ctim.cappalli%40MICROSOFT.COM%7Cc141f9922e2241c5153b08d82d99b43e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637309485473837398=bC3HH3eN2hDSeTLdAbF9%2Fwgs286voXLDLZXX1VuSlxk%3D=0>
From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Enfield, Chuck
Sent: Tuesday, July 14, 2020 12:36 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

[This message came from an external source. If suspicious, report to 
ab...@ilstu.edu<mailto:ab...@ilstu.edu>]
True, but default behavior matters.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Rios, Hector J
Sent: Tuesday, July 14, 2020 1:12 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Please note that MAC randomization is not just a feature of Android and iOS. It 
is supported across other operating systems.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Jonathan Miller
Sent: Tuesday, July 14, 2020 11:32 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

For those of us using ClearPass to authenticate 

RE: [WIRELESS-LAN] MAC Randomization, a step further...

[Rios, Hector J]

Tim had mentioned the following: “On iOS 14, the MAC is set per ESSID and is 
changed once every 24 hours.”

Chris then mentioned that he found one iOS 14 device that, as long as it 
remains connected, the MAC remains the same, even beyond 24hrs.

Has anyone else done testing? Please share your results.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Johnson, Christopher
Sent: Monday, July 20, 2020 10:19 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Default behavior matters indeed. Got a preview of what to expect over the 
weekend.

Found one individual that was in Aruba Airwave “12 Times” for their iPhone 14.0 
over past couple of weeks and another “6 times”. It appears that as long as the 
device remains “connected” to the network beyond the 24 hours, the MAC Address 
will remain the same. Although if they’re fully de-authenticated or move say 
into an elevator or outside (or a class phone reboot occurs in the pocket) – 
then the MAC Address will update upon establishing a new connection – that is 
just the initial observation I saw.
Christopher Johnson
Wireless Network Engineer
Office of Technology Solutions | Illinois State University
(309) 438-8444

Stay connected with ISU IT news and tips with @ISU IT Help on 
Facebook<https://www.facebook.com/ISUITHelp/> and 
Twitter<https://twitter.com/ISUITHelp>
From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Enfield, Chuck
Sent: Tuesday, July 14, 2020 12:36 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

[This message came from an external source. If suspicious, report to 
ab...@ilstu.edu<mailto:ab...@ilstu.edu>]
True, but default behavior matters.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Rios, Hector J
Sent: Tuesday, July 14, 2020 1:12 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Please note that MAC randomization is not just a feature of Android and iOS. It 
is supported across other operating systems.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Jonathan Miller
Sent: Tuesday, July 14, 2020 11:32 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

For those of us using ClearPass to authenticate users to eduroam, does this 
mean that every iOS device will get registered as a new endpoint every day?  
For others, does your NAC store a client's MAC persistently?  I'm assuming that 
the answer to both is yes.

How can we plan for the impact of that on our databases?  Should we delete all 
iOS and Android devices after 48 hours?  Am I missing something obvious?

Jonathan Miller
Senior Network Analyst
Franklin and Marshall College


On Fri, Jul 10, 2020 at 4:37 PM Enfield, Chuck 
mailto:cae...@psu.edu>> wrote:
PS – My plan for supporting our guest network will be to tell any user who 
contacts us with an Apple device that the network is fine and they should 
contact Apple for device support.  I can’t get away with that for our 
enterprise network, but Apple is going to own the guest problem.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 4:34 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

My point wasn’t to debate Passpoint either.  I’m wondering if Apple actually 
has a plan, and if so, if they’ve bothered to tell anybody.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 4:22 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Passpoint is not just about mobile network operators. Any identity provider can 
provision a Passpoint profile. That is the whole drive behind OpenRoaming. The 
industry goal is that every user has at least 2 Passpoint profiles on their 
devices: one tied to their enterprise/school identity and the other tied to a 
personal identity. The traditional enterprise/school onboarding process stays 
largely the same, except some additional Passpoint logic is added.

Mo

RE: [WIRELESS-LAN] MAC Randomization, a step further...

[Rios, Hector J]

Please note that MAC randomization is not just a feature of Android and iOS. It 
is supported across other operating systems.

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Jonathan Miller
Sent: Tuesday, July 14, 2020 11:32 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

For those of us using ClearPass to authenticate users to eduroam, does this 
mean that every iOS device will get registered as a new endpoint every day?  
For others, does your NAC store a client's MAC persistently?  I'm assuming that 
the answer to both is yes.

How can we plan for the impact of that on our databases?  Should we delete all 
iOS and Android devices after 48 hours?  Am I missing something obvious?

Jonathan Miller
Senior Network Analyst
Franklin and Marshall College


On Fri, Jul 10, 2020 at 4:37 PM Enfield, Chuck 
mailto:cae...@psu.edu>> wrote:
PS – My plan for supporting our guest network will be to tell any user who 
contacts us with an Apple device that the network is fine and they should 
contact Apple for device support.  I can’t get away with that for our 
enterprise network, but Apple is going to own the guest problem.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Enfield, Chuck
Sent: Friday, July 10, 2020 4:34 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

My point wasn’t to debate Passpoint either.  I’m wondering if Apple actually 
has a plan, and if so, if they’ve bothered to tell anybody.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 4:22 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Passpoint is not just about mobile network operators. Any identity provider can 
provision a Passpoint profile. That is the whole drive behind OpenRoaming. The 
industry goal is that every user has at least 2 Passpoint profiles on their 
devices: one tied to their enterprise/school identity and the other tied to a 
personal identity. The traditional enterprise/school onboarding process stays 
largely the same, except some additional Passpoint logic is added.

Mobile network operators / cell providers are only one (optional) piece of the 
puzzle.

Probably should start a separate thread for anything deeper on Passpoint beyond 
it being a solution for network access. Don’t want to take away from the OG 
conversation.

tim

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 16:17
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
Understood, but few Wi-Fi operators actually support Passpoint on their 
networks.  Since Apple is eliminating the alternatives, they either must be 
idiots (my bet) or have a proposal for what we should all being doing instead.

I still get really confused looks when I try to discuss Passpoint with my 
contacts at the major cellular providers, so it can’t possibly be a realistic 
option for most of us.

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Tim Cappalli
Sent: Friday, July 10, 2020 4:07 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...

Not sure I follow. Passpoint is an industry-wide solution for secure Wi-Fi 
roaming. Passpoint has been supported on iOS and macOS (along with Windows and 
Android) for a number of years.

I definitely don’t follow this comment: “you can’t onboard your Apple to enable 
identity-based auth.”

tim


From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Date: Friday, July 10, 2020 at 16:04
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: Re: [WIRELESS-LAN] MAC Randomization, a step further...
So you can’t use an Apple MAC address for guest auth, and you can’t onboard 
your Apple to enable identity-based auth.  Apple must be thinking that they can 
drag the entire world, kicking and screaming, into federated authentication 
that Apple products ship knowing how to do (Passpoint, openroaming, etc.).  Do 
they have a proposal for this that I missed?

From: The EDUCAUSE Wireless Issues Community Group Listserv 

Cisco UDN, is it worth it?

[Rios, Hector J]

I'm sure a lot of you have thought about offering better support for devices 
that require link-local multicast or broadcast. But you know the challenges. 
Cisco User Defined Networks is actually a really cool solution by Cisco. And it 
seems to provide a solution that is both easy for the user and the network 
operator. How reliable it will be, we shall see.

https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/digital-network-architecture/nb-06-user-defined-nw-so-cte-en.html

But if you have been able to decipher the extremely confusing and complex Cisco 
licensing scheme, UDN requires that you maintain a DNA Advantage subscription 
(If you haven't seen the prices, talk to your Cisco rep). Not only that, but 
you also have to get DNA Center, ISE, Wave2 APs, and the shiny new 9800s. When 
you put the whole solution together, you end up with an extremely expensive 
proposition.

Knowing the value of UDN, and all the other features that Cisco is offering, 
seems like the price is a direct result of the innovation. But at which point 
does a solution become so expensive that the benefits alone cannot justify the 
price. Lee has been vocal about this and I totally agree. The consumer hears 
Cisco say "the value of DNA advantage is justified because of all the features 
we offer to you", so I'm going to charge you $$$". The consumer says "but I 
only need one or two of the solutions that DNA A offers and I can only afford 
$$$". Clearly, there is a disconnect.

Other vendors' solutions are going up in price as well, seems like the new 
normal is higher prices, subscription models, and extra "features" with 
additional costs.

Regards,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

MAC Randomization, a step further...

[Rios, Hector J]

Apple is moving forward with their privacy efforts. The next step is to 
randomize MAC addresses when connecting to an AP, not just when probing. This 
is coming soon.

https://globalreachtech.com/blog-mac-randomisation-apple/

This is from Apple. Luckily, there is a way to disable private addresses. I 
just don't know if it will be ON by default.
https://support.apple.com/en-qa/HT211227

Happy Friday!

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Cisco WLC Stable code in 8.5 train

[Rios, Hector J]

Did TAC mention when they will release 8.10MR3?

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Tariq Adnan
Sent: Tuesday, June 30, 2020 7:56 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC Stable code in 8.5 train

Hi Gertjan,

A tac engineer today confirmed with BU that the fix is not even in 8.5.161.5.

I was told to wait for 8.10mr3 which supposedly has a fix for this bug. We 
can’t go above 8.5 because of presence of old Aps (3500, 3600) so we are stuck 
.

We have another pair of 8540 and I plan to upgrade it to 8.10mr3 and then 
migrate all 3800’s to it. Hopefully that will fix the issue for us.

-
Cheers,

Kind regards,
Tariq Adnan  |  Senior Network Engineer
ICT, Campus Network Services

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Scharloo, Gertjan
Sent: Friday, 26 June 2020 10:47 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC Stable code in 8.5 train

Hi all,

We have some serious issues with 8.5.161.x . We are now trying 8.5.161.5 )

Zoom / Team / Skype4Business customers are complaining . We see Drops on our 
Access-switch (port) <-> Access-Points 2802

packet drops could be explained by CSCvq90572 Receive throughput degrades for 
2800/3800/4800/1560 - AP fails to send block ACKs



I think this bug is not solved yet and is present in all version of 8.5.16x



8.5.161.5



…..

CSCvq99108 Cisco 3700 AP series reloads unexpectedly due to reason 44



8.5.161.4

…..

CSCvp69474 Access point reloads unexpectedly generating capwapd core dumps

CSCvq90572 Receive throughput degrades for 2800/3800/4800/1560 - AP fails to 
send block ACKs

CSCvo33808 Cisco 2802,3802,4800,1562 AP reloads unexpectedly with radio 
firmware crash

CSCvp06909 DOT11-2-RADIO_FAILED, Not Beaconing for too long, 
get_vap_mcast_q_len: invalid interface

CSCvt53819 CPU increases to 90+% with hight volume traffic.

CSCvo10708 Cisco 2800, 3800 APs exhibit choppiness with the Vocera client 
during the multicast voice call

CSCvp54103 IOS APs reloads unexpectedly with 'Unexpected exception to CPU' in 
logs

CSCvq76143 Cisco 2800 AP reloads unexpectedly on Sxpd process

CSCvs38511 5508 silent crash

CSCvs41893 3702 AP running 8.5.151.0 release software reloads unexpectedly
….

Etc etc…


ICT Services
Netwerkbeheer – draadloos

Gertjan Scharloo
ICT consultant
_

Universiteit van Amsterdam | Hogeschool van Amsterdam

Leeuwenburg | kamer A10.20
Weesperzijde 190 | 1097 DZ Amsterdam
Tel: +31(0)20 525 4885
Mobiel: +31(0) 61013-5880
www.uva.nl
uva.nl/profile/g.scharloo
https://time.is/nl/CET
 Je kunt mij ook bereiken via Skype for Business 
[cid:image001.png@01D64ED6.C2638C00]

at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

This message is from an external sender. Learn more about why this 
matters.


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Cisco Field Notice on WLCs and APs

[Rios, Hector J]

Cisco just released a number of field notices. These are pretty serious as they 
just found out that some versions of their code are not complying with DFS 
requirements. This is affecting a lot of APs.

https://www.cisco.com/c/en/us/support/docs/field-notices/705/fn70577.html?emailclick=CNSemail

Regards,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: WLC 8.10.121 Deferred

[Rios, Hector J]

Dennis,

Have you tested your Android devices with FT disabled? (instead of FT 
Adaptive). I would be curious to hear what results you get.

Thanks,

Hector Rios, Wireless Network Architect
The University of Texas at Austin



From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Dennis Xu
Sent: Friday, June 26, 2020 11:45 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLC 8.10.121 Deferred

We have upgraded to 8.10.121.0 for one month. We have seen some devices not 
able to connect. When they run into this issue, we don’t see any association 
requests from the devices. There are something in the beacon which are not 
liked by the devices so they do not want to join. Not a lot of devices 
affected, mainly from Android 10 devices(from MI, Huawei and Nokia vendors).  I 
also have two Windows 10 laptops having similar issue but they were able to 
connect after a wireless driver upgrade. We only have WPA2 checked for WLAN 
security. I opened a TAC case. The only workaround for Android 10 is to set FT 
to enable instead of Adaptive, but I did not accept that as I am afraid it will 
cause bigger problem for other devices. My TAC engineer said Cisco is working 
on a fix for this issue and ETA of the release is in July.

Dennis

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
On Behalf Of Christina Klam
Sent: Friday, June 26, 2020 12:19 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLC 8.10.121 Deferred

CAUTION: This email originated from outside of the University of Guelph. Do not 
click links or open attachments unless you recognize the sender and know the 
content is safe. If in doubt, forward suspicious emails to 
ith...@uoguelph.ca

All,

FYI:   I noticed that  "over-the-ds" setting changed when we upgraded from 8.5 
to 8.10.121.0.  There may be other settings that changed as well.


Christina Klam
Network Engineer
Institute for Advanced Study
1 Einstein Dr
Princeton, NJ 08540
(m) +1 609-751-7899
(o) +1 609-734-8154
ck...@ias.edu


From: "Mallon, Jason" mailto:jemal...@ua.edu>>
To: "The EDUCAUSE Wireless Issues Community Group Listserv" 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Sent: Friday, June 26, 2020 10:24:20 AM
Subject: Re: [WIRELESS-LAN] WLC 8.10.121 Deferred

Paul,
Are you by any chance running WPA2 + WPA3 Enterprise with both the WPA2 and 
WPA3 boxes checked?  We are currently on 8.10.121 and seeing this issue as well 
primarily with Windows devices.  I have not seen any issues with Macs and 
authentication.


Jason Mallon

Network Engineer III, OIT

The University of Alabama
jemal...@ua.edu



From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Paul Smith mailto:psmi...@marian.edu>>
Sent: Friday, June 26, 2020 9:44 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
Subject: [EXTERNAL] Re: [WIRELESS-LAN] WLC 8.10.121 Deferred

We were running 8.10.121 on our 5520 and began having authentication issues. It 
is weird because radius isn't even seeing the attempts (or weren't logging 
rejections). The behavior persists even using local authentication. Eventually 
we can get the clients to connect, but it takes a number of attempts. It's very 
frustrating.

Cisco had us upgrade to 8.10.122, but the problem still persists. We would roll 
back, but we have 9130's on the campus now and we need 8.10.122 to manage them.

Such a headache right now.

Paul Smith
Network Administrator
Marian University
psmi...@marian.edu
317.955.6069

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

This message is from an external sender. Learn more about why this 

WLC 8.10.121 Deferred

[Rios, Hector J]

Not sure if everyone saw the deferral of 8.10.121.0 There is a single bug that 
is fixed on 8.10.122.0 Must be bad enough for Cisco to decide to pull 
8.10.121.0 off the suggested list of releases.

Regards,

Hector Rios, Wireless Network Architect
The University of Texas at Austin


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Cisco pre-DNA Spaces Location Service, Contact Tracing

[Rios, Hector J]

Aruba has a webinar this week, for anyone interested: 

Contact Tracing in Higher Education: What you can do now
https://arubanetworks.zoom.us/meeting/register/tJMkdeuvpjMjG9wOJ7P2I4J_1STpNEEcWhBD

Just like Cisco, Aruba has other integrations to provide additional accuracy 
and functionality. How you use all this, whether is Cisco, Aruba or whoever, 
depends on exactly how granular you want to get, and how much you are willing 
to pay. 

Hector Rios


-Original Message-
From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Lee H Badman
Sent: Wednesday, May 27, 2020 12:30 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco pre-DNA Spaces Location Service, Contact Tracing

I hope everyone on the list is doing well.

We are getting multiple vendor pitches these days for contact tracing 
“solutions”. From Cisco, our main network vendor, their pitch relies on DNA 
Spaces. We don’t use that yet,  and it’s no secret what is happening to many of 
our budgets.

 My question is specifically for Cisco legacy location services users. Are you 
all doing anything specific in anticipation of possibly needing to provide 
Wi-Fi location data for contact tracing? Are you being specifically asked about 
it by your management? 

I haven’t decided yet weather the vendors are being generally altruistic or 
opportunistic on this topic yet.

Regards,

Lee Badman (mobile)

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community
>> This message is from an external sender. Learn more about why this <<
>> matters at https://links.utexas.edu/rtyclf.<<

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

RE: Are You Ready for WiFi6E

[Rios, Hector J]

Lee,

Don't give the vendors more ideas please. If I see a "champion's league" 
licensing level, I'll quit.

Hector Rios

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Lee H Badman
Sent: Friday, April 24, 2020 9:34 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Are You Ready for WiFi6E

Hi Hector,

More channels in and of itself is fantastic, even if we don't bond them up into 
huge wide ones. As for APs being hurried out, I'm more interested in how 
clients will roll out. I don't have a lot of faith in certain WLAN vendors 
getting 6 GHz right for a while, given track records to date of shotgunning 
alpha quality code onto the market. Also halfway expect the license-happy 
idiocy that's becoming pervasive to apply to new hardware and what you are 
"allowed" to do in 6 GHz, despite it being unlicensed by the FCC.

Lee Badman

From: The EDUCAUSE Wireless Issues Community Group Listserv 
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> 
on behalf of Rios, Hector J 
mailto:hector.r...@austin.utexas.edu>>
Sent: Friday, April 24, 2020 10:15:35 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [WIRELESS-LAN] Are You Ready for WiFi6E

Now that the FCC has approved the 6GHz band, I wonder what others are doing in 
terms of planning. There is a lot to think about and unlike prior 
announcements, this one really is a game changer. Here are some thoughts:

*Vendors should be rushing to make APs and make them available possibly this 
year.
*The assumption is that the new radios will be tri radios. I'm sure vendors 
will get creative.
*More radios chains and more features (BLE, USB, Zigbee) mean more power needs.
*Faster more efficient technology means faster speeds required: 2.5G/5G.
*Will your existing infrastructure be capable to handle the new technology? 
Today, most likely not.
*If in the middle of a lifecycle, do you continue or do you wait?

For those that are super excited, here are some last things to think about:

Higher modulations require higher levels of SNR. Higher frequencies have 
shorter wavelengths and more trouble getting through objects. Bonding channels 
raises your noise floor and also requires higher receiver sensitivity. There 
are a ton of other things to consider. What say you?

Regards,

Hector Rios
The University of Texas at Austin



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

This message is from an external sender. Learn more about why this 
matters.<https://ut.service-now.com/sp?id=kb_article=KB0011401>


**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Are You Ready for WiFi6E

[Rios, Hector J]

Now that the FCC has approved the 6GHz band, I wonder what others are doing in 
terms of planning. There is a lot to think about and unlike prior 
announcements, this one really is a game changer. Here are some thoughts:

*Vendors should be rushing to make APs and make them available possibly this 
year.
*The assumption is that the new radios will be tri radios. I'm sure vendors 
will get creative.
*More radios chains and more features (BLE, USB, Zigbee) mean more power needs.
*Faster more efficient technology means faster speeds required: 2.5G/5G.
*Will your existing infrastructure be capable to handle the new technology? 
Today, most likely not.
*If in the middle of a lifecycle, do you continue or do you wait?

For those that are super excited, here are some last things to think about:

Higher modulations require higher levels of SNR. Higher frequencies have 
shorter wavelengths and more trouble getting through objects. Bonding channels 
raises your noise floor and also requires higher receiver sensitivity. There 
are a ton of other things to consider. What say you?

Regards,

Hector Rios
The University of Texas at Austin



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community