RE: Who WiFi vendors does everyone use? REVISITED

[Williams, Matthew]

Kent State University
24,000 concurrent devices
3,300 Cisco APs
Controller Based
Cisco Prime 2.2
Rolling refresh (2,100 ac APs with  1200 n APs to go)  - Want to get to a 5 
year refresh plan
ClearPass for Guests

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jennifer Francis Wilson
Sent: Friday, April 1, 2016 10:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED

Can we include -

- Recent replacement/upgrade strategy (total 3 year, total 5 year, rolling)
- Guest/Visitor management system (ISE, Clearpass, Cloudpath etc.)

Regards,

Jen.


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John
Sent: 01 April 2016 15:06
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Who WiFi vendors does everyone use? REVISITED

Can we revisit this subject? It seems to have gotten a good number of responses 
but the information is of limited use without other information to go with it.

If folks will send me information on their wireless networks I will tabulate it 
and send it back out to the list.

How about the following info:

School name
Total number of clients served (faculty + staff + students + guess at guests) 
during a typical school day
Brand(s) of APs in use and approximate number of APs for each brand
Whether the APs are standalone or controller based
Wireless management platform (e.g., Cisco Prime, HP Aruba Airwave, none, etc.)


For the University of Alabama I would answer as follows:

The University of Alabama
45,000 clients
Cisco 5,000 APs
Controller based
HP Aruba Airwave management


If others want to suggest additional questions, that is fine as long as we can 
get them soon enough so that most people who respond will have answers to all 
of the questions. Why don't we collect questions until next WED and try to get 
the poll sent out next THU?




-jcw
  [UA Logo]

John Watters   The University of Alabama
Office of Information Technology
205-348-3992


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Welcome to Bring-Your-Own-Access | EdTech Magazine

[Williams, Matthew]

I think about it every time I get a ticket that says, "my phone won't work on 
wireless, but my roommate's does.  This is clearly a  network problem that must 
be fixed immediately!"  :)

The biggest issue that I've run into with this is that we have a "Residential 
Learning" environment and there are classrooms in all of our residence halls.  
We don't want to risk BYOA crushing the wireless for our academic programs in 
the res halls.

Then there's the case of once you pull the lid off of that beast, there's no 
going back, at least in our environment.  Once we tell 10,000 residential 
students that they can have at it with their own APs, there's no way to 
backtrack if it causes the problems that I can foresee.

I'd love to see consumer devices start to have some more intelligence that 
would allow them to play a little better in enterprise like environments.  It 
would alleviate a TON of financial pressure for us.  

Respectfully,

Matt

-Original Message-if
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Thursday, March 10, 2016 9:10 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Welcome to Bring-Your-Own-Access | EdTech Magazine

Any folks looking to adopt bring your own access policies?  


http://edtechmagazine.com/higher/article/2015/12/welcome-bring-your-own-access


Sent from my iPhone
**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Self-registered MAC device bypass- worth the headaches?

[Williams, Matthew]

Our helpdesk folks sat down and wrote up documents on how to find the MAC 
addresses for as many devices as they could.  We haven't done any instructions 
for the Amazon Echoes yet.  We hit the most common devices and are waiting to 
see what tickets we get for devices that we missed so we can build them into 
our registration page.  Our registration page was written in-house and the 
developers set it up to display the instructions for finding the MAC address, 
including screen shots, based on the device that you selected in the drop down.

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: Tuesday, March 1, 2016 10:01 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Self-registered MAC device bypass- worth the 
headaches?

This is something we struggle with, especially being a small school. Keeping up 
with the latest Chromecast/Roku/Amazon Echo, etc devices is near impossible. A 
big thank you to product designers who put the MAC on a label on the outside.

Thomas Carter
Network & Operations Manager
Austin College

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, March 1, 2016 8:12 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Self-registered MAC device bypass- worth the headaches?

Hi Everyone,

Not looking for a lot of input on all of the things you CAN do- just asking a 
focused question for those that are doing it.

We're piloting the ability for students to self-register games, TVs, Roku, etc. 
but am astounded at how hard some devices are to find MAC addresses for from 
the user side. Amazon Echo is notorious, also fighting with a Roku 2. No 
labels, not easy to find in menu. Sure, you can find all of this on APs, but 
that isn't "self-service" for self-registration.

Anyone have thoughts, comments, scars, suggestions? I know Clearpass and ISE 
can fingerprint, but I'm finding that's far from accurate at times, and again- 
doesn't help with "register YOUR device by MAC" for users that can't see what 
network admins use.

-Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] User and/or Location-based Content Restriction

[Williams, Matthew]

Is the intent to target users or locations.  I would think it would be easier 
to block access to applications based on location than user.  i.e. no one in 
your “Student” AD group can access Netflix while in Building “Z” from 8:30-5:30 
M-F.  That’s probably far too restrictive, but something to consider.

Do you do any packet shaping?  Perhaps do the limiting there?

Respectfully,

Matt

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser
Sent: Monday, February 8, 2016 2:32 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] User and/or Location-based Content Restriction

We've always killed these kinds of requests by pointing out that we can't do 
anything at all about anything with a 4g data plan.
On February 8, 2016 2:27:55 PM EST, "Case, Brandon J" 
> wrote:

Is anyone exploring or able to suggest good options for rate limiting or 
preventing access to random content services? This idea was posed to me today 
from up the chain with the goal of limiting certain students' ability to access 
certain services for a certain time, potentially only from a certain location. 
Yep.

As an example: Student A has a class in room 2 of building Z from 8:30 to 9:20 
M, W and F. The goal would be to prevent (or severely hinder the ability of) 
student A watching Netflix from 8:30 to 9:20 M, W and F while they're in room 2 
of building Z. Outright blocking of access to Netflix during that timeframe for 
student A regardless of location has also been discussed. I've already provided 
a plethora of possible pitfalls to any of these types of approaches and the 
associated administrative overhead they could incur but am being asked for 
answers all the same.

Yes, this does definitely wade into the treacherous waters of

technological solutions to what are really social problems (and I know has been 
discussed on this list in the past) however, I'm charged with providing some 
form of an answer up the chain and so I turn to you all for comments, insight 
and cautionary tales.

We're an all-Cisco shop with a healthy ISE deployment so my focus is there with 
AAA override for ACLs, dynamic VLAN assignments, AVC profiles and QoS profiles. 
Any solution I've thought of so far feels too much like a blunt object though.

Thanks,
--
Brandon Case
Senior Network Engineer
IT Infrastructure Services
Purdue University
ca...@purdue.edu
Office: (765) 49-67096
Mobile: (765) 421-6259
Fax:(765) 49-46620

PGP Fingerprint:
99CB 02D6 983C 1E2A 015F  205C C7AA E985 A11A 1251

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Measuring User Experience

[Williams, Matthew]

Great suggestions, everyone.  Thank you very much. 

Regarding Twitter, we started to go down the path of owning a hashtag, but it 
was quashed out of fear of bad PR in the twitterverse.  Instead, we have some 
students that spy on certain search terms and essentially stalk the 
complainers.  I could rant on this approach, but I like my job.  

I'll take all of the ideas presented here and see if we can come up with some 
sort of metric that makes sense and isn't pulled out of thin air.  Thanks 
everyone!

Respectfully, 

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Cook
Sent: Thursday, October 22, 2015 7:30 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring User Experience

I must say many staff aren't much better than the students at reporting issues. 
Often going through upper management before lodging a ticket. Reminds me of 
rant I saw on redit the other day stating he got a petition to fix wireless 
from the students but there were 0 reports in the ticket system for this 
location.. hah

Like many said could collect a pile of info like radius failed auth's and graph 
that as a percentage. Pull RSSI/SNR numbers and report on how many have 
acceptable numbers etc. 

User feedback is great, we usually do a survey every 2ish years and offer 
something like 5x $100 vouchers to get people on. Over 80% of people were happy 
or better, and we used the text feedback to identify the worst locations to 
investigate and resolve. Report on that to management. Seems to keep everyone 
happy. 
We also add to that tickets, we keep a spreadsheet and anything coverage 
related gets marked in. Whenever it comes to new installs time we use the 
spreadsheet and identify the buildings with the highest complaints and tackle 
them. The numbers of often not that big given users don't put tickets in, but 
it's the best we have and it's a statistic. Plus we are seeing to the needs of 
those who make the effort to contact us. What more can you really do?

Why fight twitter when you can join it?? Having said that I don't use it. But 
howabout creating a suitable hashtag for your students to use. 
#{universityname}wifi Advertise that out and get students to use it when they  
have something to say about your wifi. 


--
Jason Cook
The University of Adelaide, AUSTRALIA 5005 Ph    : +61 8 8313 4800

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Aaron Lamey
Sent: Friday, 23 October 2015 12:32 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring User Experience

My experience these last few years has been exactly this: students do not open 
tickets. My best luck has been having the help desk monitor twitter, especially 
the college "complaint" accounts, and engaging as soon as we see problems.

If you do get a ticket, make sure to get a cell phone. Texting has been by far 
the most reliable way to communicate. Phone calls/voicemails is not an 
effective way to communicate with this constituency. I'm attempting to reinvent 
our ticket system from an work tracking system to a full blown CRM with SMS and 
social media tie-ins.

This is not just you having this problem, Matthew. Not by a long shot.

Aaron Lamey
Director of Network and Telecommunications Christian Brothers University

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh
Sent: Thursday, October 22, 2015 8:56 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring User Experience

On Thu Oct 22 2015 08:11:46 CDT, "Williams, Matthew" <mwill...@kent.edu> wrote:
> 
> Thank you for the ideas, everyone.  The problem that we have with measuring 
> tickets is that our user base is more apt to complain on social media and we 
> simply don’t have the man-hours to scour the various sites. 

There was some survey we got last year (can't remember the source, either 
EDUCAUSE or an internal one) that said that students just don't open tickets - 
the vast majority of the time they are going to friends for assistance, which 
of course leads to all sorts of wacky or outright wrong solutions for things.  

If we even do get tickets, the challenge then becomes getting the student to 
respond to us to set up a time to troubleshoot.  

Moving forward, we're going to be looking at some targeted surveys this year to 
see if we can get more actionable data.  


--
Julian Y. Koh
Associate Director, Telecommunications and Network Services Northwestern 
University Information Technology (NUIT)

2001 Sheridan Road #G-166
Evanston, IL 6

Measuring User Experience

[Williams, Matthew]

I have been instructed that I need determine a metric that reasonably 
guestimates the end user experience of our wireless networks, without procuring 
a system(s) that does it.  I readily admit that my head kind of exploded when 
this directive was given.  Have any of you done this exercise or have any 
ideas/formulas to try to calculate something like this?  Thanks for any ideas 
that you care to share.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Measuring User Experience

[Williams, Matthew]

Thank you for the ideas, everyone.  The problem that we have with measuring 
tickets is that our user base is more apt to complain on social media and we 
simply don’t have the man-hours to scour the various sites.

Another component that we were thinking about trying to tie into this metric is 
disconnects, but I can’t find a reliable report from Cisco Prime 
Infrastructure.  At any rate, I’ll start with all of the great feedback from 
all of you and see where we end up.  Thanks again!

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Pete Hoffswell
Sent: Thursday, October 22, 2015 8:52 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Measuring User Experience

I pretty much measure this by number of tickets opened for wifi issues at our 
support desk.  It's a pretty good spot to measure "user experience".  Perhaps 
the only spot.

-
Pete Hoffswell - Network Manager
pete.hoffsw...@davenport.edu<mailto:pete.hoffsw...@davenport.edu>
http://www.davenport.edu

On Thu, Oct 22, 2015 at 8:46 AM, Matthew McFall 
<mmcf...@jsu.edu<mailto:mmcf...@jsu.edu>> wrote:
Matthew,

Another suggestion would be to do a poll/survey of the end users.  Depending on 
the response you get, you may get some useful feedback.
Matthew S. McFall
Network Engineer
CCNA/CCNA-Security
Division of Information Technology
Jacksonville State University
Office: 256-782-5664
[http://www.jsu.edu/gem_images/jsu_it_footer.gif]


From: "Philippe Hanset" <phan...@anyroam.net<mailto:phan...@anyroam.net>>
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Sent: Thursday, October 22, 2015 7:43:31 AM
Subject: Re: [WIRELESS-LAN] Measuring User Experience


Matthew,

Here are a few ideas (assuming that your Wi-Fi system/Trouble Ticket system 
allows you to poll that kind of data)

-HELP DESK: % of Help Desk trouble tickets related to Wireless, and type of 
problem
-BANDWIDTH: How is your bandwidth to the Internet doing? (% Utilization, are 
you limited for the Wi-Fi side?)
-AP LOAD: What is your campus wide ratio of user/AP (theoretical campus ratio : 
maximum unique users per day/total number of APs, Distribution ratio: What do 
you observe in your system, and how many APs are not within your own
 requirements…)
-AP DENSITY: What is your average dBm ? what do you consider to be your 
requirement and what % of  users on APs are/are not within that limit
-AP QUALITY: Then move to Jorj suggestion of measuring re-auth etc…

Any other limiting factor like DHCP capacity (number of IPs)
and finally, ease of configuration (number of trouble tickets related to 
configuration issues)

Philippe

Philippe Hanset
www.eduroam.us<http://www.eduroam.us>


On Oct 22, 2015, at 7:04 AM, Williams, Matthew 
<mwill...@kent.edu<mailto:mwill...@kent.edu>> wrote:

I have been instructed that I need determine a metric that reasonably 
guestimates the end user experience of our wireless networks, without procuring 
a system(s) that does it.  I readily admit that my head kind of exploded when 
this directive was given.  Have any of you done this exercise or have any 
ideas/formulas to try to calculate something like this?  Thanks for any ideas 
that you care to share.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246<tel:%28330%29%20672-7246>
Mobile: (330) 469-0445<tel:%28330%29%20469-0445>

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: eduroam

[Williams, Matthew]

I could be wrong, but I believe that you have to pay if you are not a member of 
I2.  If you are an I2 member it’s a no-cost service.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham
Sent: Friday, September 25, 2015 1:42 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] eduroam

Thanks Max

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Max Saber
Sent: Friday, September 25, 2015 12:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] eduroam

Hi Mike,

We are not part of Internet2 and have eduroam on campus as an additional SSID.

Max


...

Max Saber, MS
Systems Support Technician
Information Services
MCPHS University

179 Longwood Ave | Boston MA 02115
T 617.732.2811  C 774.644.1542  F 617.732.2080
max.sa...@mcphs.edu
www.mcphs.edu

[cid:image001.jpg@01D0F7A4.B9AC7A10]

Confidentiality Note:  This e-mail, and any attachment to it, is intended to be 
confidential and might be legally privileged.  It is intended solely for the 
use of the addressee.  If you are not the intended recipient, you are hereby 
notified that reading, copying, disseminating or distributing this email is 
strictly prohibited.  If you have received this e-mail in error, please 
immediately return it to the sender and delete it from your system.  Thank you.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Mike Cunningham
Sent: Friday, September 25, 2015 12:47
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] eduroam

Does anyone know for sure if a college that is not part of Internet2 can  still 
participate in eduroam or is have an Internet2 link a requirement?

Thanks

Mike Cunningham
VP of Information Technology Services/CIO
Pennsylvania College of Technology


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

[Williams, Matthew]

Make sure you aren’t over-running the available PoE on the switch.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Muraca, Peppino P.
Sent: Monday, September 14, 2015 12:40 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

Make sure you have it plugged eth0

Peppino Muraca
Sr. Network Administrator
Stonehill College
508-565-1193
pmur...@stonehill.edu



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ronald Loneker
Sent: Monday, September 14, 2015 11:38 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba Instant IAP-215 Wireless Access Points

Good Morning -
(forgive cross-postings - a member of the NETMAN list suggested this might be 
the place to post this question)

We just had close to 90 new Aruba Instant IAP-215 wireless access points 
installed in our residence halls to upgrade our wireless network.  Another 
building is soon to be underway, and I'm managing this project.
Over the last couple of weeks, it seems like random access points are shutting 
down wireless access.  They are not all connected to the same Cisco switch 
(various Cisco POE switches in two residence halls).  The access point is not 
ping-able, the MAC address is not found in the virtual controller's table, the 
switch port is up and power is being supplied to the access point.  The only 
way we seem to get an access point back up is to do a shut/no shut on the 
switch port to which it is connected.
The vendor who configured the access points hasn't been able to determine why 
this is happening and before we initiate an Aruba support call, I was wondering 
if anyone had any similar experiences like this and what you determined was the 
cause of the issue.  We are running into walls here.
Thanks in advance for any thoughts or ideas.

Ron Loneker, Jr.
Director of Media Services
College of Saint Elizabeth
Mahoney Library
2 Convent Road
Morristown, NJ  07960

Phone:  973-290-4229

e-mail:  rlone...@cse.edu


** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the dorms- quick Survey

[Williams, Matthew]

Jeff, 

Without knowing who is behind the device, how do you handle copyright issues?  

Respectfully, 

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Friday, September 4, 2015 4:24 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Supporting "those other Wi-Fi devices" in the 
dorms- quick Survey

Frans,

Why do you care who’s behind the device? If you were to treat student wireless 
in the same regard as Starbucks treats a device connecting to theirs, what 
possible policies would you be concerned with? If you could block the device 
and be done with it, what else do you want to do?

Liability - Risk management is a decision that is higher up the chain, and if 
user’s are satisfied with the risk while at a Starbucks, why would their 
expectation be different when consuming free WiFi at their college? Would the 
college actually be at greater risk if, for example, they promote WPA/802.1x 
enabled SSIDs as “Secure” when it’s adding only one layer?

Open Network - I’m not suggesting this, I’m saying, what’s the middle ground? 
Is a modified WPA-PSK system better, where the on boarding is using the 
student’s ID as the WPA-PSK password? Is that “Good Enough” to eliminate the 
hassles of WPA-Ent?

So again, I think it’s worth having the conversation. If the process is overly 
complicated or restrictive e.g. My chrome cast is on the device-lan, but my 
laptop isn’t allowed cause it does 802.1x, then what have we solved?

Jeff





On 9/4/15, 12:09 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
on behalf of Frans Panken"  wrote:

>Jeff,
>
>Jeffrey D. Sessler schreef op 04/09/15 om 20:55:
>> Just to turn this on it’s ear a bit...
>>
>> Why not go back to an open network for student devices, with the same EULA 
>> as they’d get be it at a Starbucks, McDonalds, hotel, or convention center? 
>> Why are we (my self included) so hell bent on student devices connecting via 
>> WPA-Ent and all the challenges associated with accommodating devices that 
>> can’t?
>Basically, because you do not know who is behind the device if this 
>user does something that conflicts with any of the policies (e.g., 
>security to name one).
>>
>>
>> Does data exist that shows all of this overhead we’ve created has had any 
>> measurable benefit (for the cost), especially when the same users aren’t 
>> concerned about over-the-air security when at the above mentioned places?
>Regardless of the numbers, I will tell you it was worth it.
>
>Inmagine the blames your institute copes with if some one decides to 
>put a rogue access point in between that cathes all kinds of privacy data?
>The end-user will blame the institue because it happended there!
>
>Note that there are easy out-of-the-box tools that are dedicated for 
>these kind of attacks and easy to set-up, even for a 12 year old. For 
>example, have a look at pineapple: https://www.wifipineapple.com/ (very 
>usefull to play with!)
>
>Or Nethunter, that uses Linux Kali and is installed on a simple phone 
>or tablet (http://www.nethunter.com/).
>
>>
>> Why do we care so much? Is there some middle-ground that is “good enough” 
>> but provides almost the same experience as at home?
>Seriously, you have an open network at home?? You login with your bank?
>Ever hear of SSL strip (if not, I recommend to Google it and watch that 
>little slot in your browser continously)
>
>>
>> Would our efforts be better spent implementing other beneficial technologies 
>> such location-aware WiFi, where after the student connects all their 
>> AppleTV, TimeMachine, and Chromecast devices, the network is smart enough to 
>> provide them visibility of only those devices when in/near the same location 
>> e.g. Location-aware bonjour?
>I hope the arguments above convinced you. If not, I think I can think 
>of some more...
>
>-Frans
>>
>>
>>
>> Jeff
>>
>>
>> On 9/4/15, 7:51 AM, "The EDUCAUSE Wireless Issues Constituent Group Listserv 
>> on behalf of Lee H Badman" > lhbad...@syr.edu> wrote:
>>
>>> Where it gets interesting- broadcast and single class C required. But- this 
>>> is a great summary of requirements. 
>>>
>>> Lee Badman | Network Architect
>>> Information Technology Services
>>> 206 Machinery Hall
>>> 120 Smith Drive
>>> Syracuse, New York 13244
>>> t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w its.syr.edu
>>> SYRACUSE UNIVERSITY
>>> syr.edu
>>>
>>> -Original Message-
>>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>>> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, 
>>> Neil M
>>> Sent: Friday, September 04, 2015 10:46 AM
>>> To: 

RE: Handling Non 802.1x Devices on the Enterprise Network

[Williams, Matthew]

We have an SSID for these devices and we built a device registration page for 
our students to go to enter their wireless MAC address.  This page requires the 
students to login so we capture who owns the device in question.  This page has 
an API that ties into our DHCP system.  Several of the newer RADIUS products 
have this feature built in, but we're still riding an old system that couldn't 
do this.

Respectfully,

Matthew Williams
Manager, Network and Telecommunications Services
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Troy Lynn Wiseman
Sent: Tuesday, September 1, 2015 10:40 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Handling Non 802.1x Devices on the Enterprise Network

We are trying to figure out how to handle non 802.1x devices on our enterprise 
network.  We are a Cisco shop and currently are broadcasting 4 SSIDs including 
a guest SSID that is non 802.1x.  We are concerned with how to give access to 
non 802.1x devices in our residence halls.  We were wondering how others are 
tackling this issue.

TROY WISEMAN
Network Engineer II

INFORMATION TECHNOLOGY
MAIL CODE 4622
SOUTHERN ILLINOIS UNIVERSITY
625 WHAM DRIVE
CARBONDALE, ILLINOIS 62901

twise...@siu.edu
P: (618) 453-6264
INFOTECH.SIU.EDU

[http://siu.edu/_common/images/SIUlogo.png]

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] 802.11r

[Williams, Matthew]

We turned it on for our primary SSID in Cisco code 7.6.130.0 for roughly 4 
hours and it was an absolute NIGHTMARE.  All device types were unpredictable 
and unstable.  About a third of our 20,000 user devices wouldn't connect at 
all, the ones that did would frequently drop off the network.  

Once we disabled it, roughly half of the machines that were able to connect 
while 802.11r was enabled were suddenly NOT able to connect after the rollback. 
 Those users had to forget the network and or delete the profile from their 
devices before they could connect again. 

It made for an interesting day and a half.

Respectfully, 

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jerry Bucklaew
Sent: Wednesday, July 1, 2015 8:51 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] 802.11r

To ALL:


  I was just wondering if anyone has taken the plunge and enabled 802.11r 
on their WLAN and if they had any fall out?  I know some vendors recommend 
putting up a second ssid but no one wants to maintain two SSID's.  I has been a 
couple years so maybe the client turnover has solved the issue? I had the same 
question about 802.11d and 802.11h.  I am running an Aruba environment but 
would be interested in the Cisco side of the house also.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Network Authentication question

[Williams, Matthew]

 specifics if you are interested.

Take care,

Matt Barber ‘06
Network and Systems Manager
Morrisville State College
315-684-6053

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Wednesday, June 24, 2015 10:44 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Network Authentication question

We’re looking into a few RADIUS solutions and I was wondering if any of you had 
any experience with the following products and what your thoughts are on them:

Cisco ISE
Aruba ClearPass
Extreme NetSight
Cloudpath XPressConnect ES

Any input would be appreciated.  Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
!DSPAM:911,558b11734371431181996!
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

__
This email has been scanned by Marymount California University email security 
service
__

__
This email has been scanned by Marymount California University email security 
service
__

Network Authentication question

[Williams, Matthew]

We're looking into a few RADIUS solutions and I was wondering if any of you had 
any experience with the following products and what your thoughts are on them:

Cisco ISE
Aruba ClearPass
Extreme NetSight
Cloudpath XPressConnect ES

Any input would be appreciated.  Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Wi-Fi Sense (Windows 10)

[Williams, Matthew]

I never said that I would trust the network security to an end user.  Just 
alluding to information that, though it is easy to turn on, it is not a 
“Default-On” feature as was suggested in earlier postings.  Like many folks 
have already stated, 802.1X solves the problem.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Tuesday, June 23, 2015 7:31 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Sense (Windows 10)

Do you really want to trust your network security to some clueless user?

I noticed that a student apparently got frustrated trying to use their email 
address to register on our Guest network rather than use the proper options. 
They ended up making this email address. 
imastudentandcantconnectdan...@dangit.commailto:imastudentandcantconnectdan...@dangit.com

I do not want to trust my security to someone who cannot even grasp the concept 
of a separate network for guests.

​

Bruce Osborne
Wireless Engineer
IT Infrastructure  Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Williams, Matthew [mailto:mwill...@kent.edu]
Sent: Monday, June 22, 2015 8:37 AM
Subject: Re: Wi-Fi Sense (Windows 10)

Found this type of information on various sites:



“When connecting to a password protected router you are given an UNCHECKED BY 
DEFAULT option to share the password with your friends. What this means is, the 
user can deliberately share the password they know.
This is just as secure as any other system because once you give a user a 
password they could share it if they chose. Nothing here is automatic no data 
is being proliferated without user consent. If your employees leak your 
password this way, then it's the same as leaking passwords otherwise.
Again this not an opt-in-by-default scenario. It requires a user knowing a 
password to actively choose to share for each router independently.”

Ignoring the ridiculousness of the existence of the feature, it appears to at 
least require someone to intentionally turn it on.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Monday, June 22, 2015 7:34 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Sense (Windows 10)

802.1X can be quite user-friendly if you use an onboarding tool such as 
CloudPath XpressConnect Wizard.

802.1X was designed for large enterprise networks. The PSK was never designed 
to be used in this manner, hence the name WPA2-Personal.

​

Bruce Osborne
Wireless Engineer
IT Infrastructure  Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Joel Coehoorn [mailto:jcoeho...@york.edu]
Sent: Sunday, June 21, 2015 4:48 PM
Subject: Re: Wi-Fi Sense (Windows 10)

I don't know. It seems like encryption and authorization are really two 
different things that wifi networks have historically conflated.

For our network, I'd really like a better user-friendly (ie, not .1x) option 
that provides good encryption, but assumes you are authorized by default. Any 
authorization or policy enforcement should take place at a different level, so 
it can include wired connections, too.

I haven't looked at the implementation details, but if done correctly, this has 
the potential to solve an issue with large PSK networks, such that I could use 
a Win10 machine to seed the key, without the normal weakness that anyone who 
knows the key can decrypt anyone else's traffic.

Of course, the devil is in the details, and I found it unlikely that the key 
sharing mechanism will be adequately secure, or even if it is, that enough 
device types will support this fast enough to make it a reasonable option.

From: Hunter Fullermailto:hf0...@uah.edu
Sent: ‎6/‎21/‎2015 3:08 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Sense (Windows 10)
Totally unacceptable.

It's like MS missed one of the main points of PSKs (as opposed to
non-encrypted networks) - to keep people out.

--
Hunter Fuller
Network Engineer
VBRH M-9B
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure

I am part of the UAH Safe Zone LGBTQIA support network:
http://www.uah.edu/student-affairs/safe-zone


On Sun, Jun 21, 2015 at 9:45 AM, James Andrewartha
jandrewar...@ccgs.wa.edu.aumailto:jandrewar...@ccgs.wa.edu.au wrote:
 Has anyone tried out Wi-Fi Sense in Windows 10 yet? It's

RE: Wi-Fi Sense (Windows 10)

[Williams, Matthew]

Found this type of information on various sites:



“When connecting to a password protected router you are given an UNCHECKED BY 
DEFAULT option to share the password with your friends. What this means is, the 
user can deliberately share the password they know.
This is just as secure as any other system because once you give a user a 
password they could share it if they chose. Nothing here is automatic no data 
is being proliferated without user consent. If your employees leak your 
password this way, then it's the same as leaking passwords otherwise.
Again this not an opt-in-by-default scenario. It requires a user knowing a 
password to actively choose to share for each router independently.”

Ignoring the ridiculousness of the existence of the feature, it appears to at 
least require someone to intentionally turn it on.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W 
(Network Services)
Sent: Monday, June 22, 2015 7:34 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Sense (Windows 10)

802.1X can be quite user-friendly if you use an onboarding tool such as 
CloudPath XpressConnect Wizard.

802.1X was designed for large enterprise networks. The PSK was never designed 
to be used in this manner, hence the name WPA2-Personal.

​

Bruce Osborne
Wireless Engineer
IT Infrastructure  Media Solutions

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

From: Joel Coehoorn [mailto:jcoeho...@york.edu]
Sent: Sunday, June 21, 2015 4:48 PM
Subject: Re: Wi-Fi Sense (Windows 10)

I don't know. It seems like encryption and authorization are really two 
different things that wifi networks have historically conflated.

For our network, I'd really like a better user-friendly (ie, not .1x) option 
that provides good encryption, but assumes you are authorized by default. Any 
authorization or policy enforcement should take place at a different level, so 
it can include wired connections, too.

I haven't looked at the implementation details, but if done correctly, this has 
the potential to solve an issue with large PSK networks, such that I could use 
a Win10 machine to seed the key, without the normal weakness that anyone who 
knows the key can decrypt anyone else's traffic.

Of course, the devil is in the details, and I found it unlikely that the key 
sharing mechanism will be adequately secure, or even if it is, that enough 
device types will support this fast enough to make it a reasonable option.

From: Hunter Fullermailto:hf0...@uah.edu
Sent: ‎6/‎21/‎2015 3:08 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Sense (Windows 10)
Totally unacceptable.

It's like MS missed one of the main points of PSKs (as opposed to
non-encrypted networks) - to keep people out.

--
Hunter Fuller
Network Engineer
VBRH M-9B
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure

I am part of the UAH Safe Zone LGBTQIA support network:
http://www.uah.edu/student-affairs/safe-zone


On Sun, Jun 21, 2015 at 9:45 AM, James Andrewartha
jandrewar...@ccgs.wa.edu.aumailto:jandrewar...@ccgs.wa.edu.au wrote:
 Has anyone tried out Wi-Fi Sense in Windows 10 yet? It's a feature that lets
 you share PSKs with your Facebook and Skype friends, although they don't get
 to see it. The only way to opt-out as a network operator is to include
 _optout in the SSID, or use 802.1x.


 Given you can run netsh wlan show profile name=SSID key=clear I wonder how
 it will interact with Aerohive Private PSK and Ruckus Dynamic PSK which give
 each user their own individual PSKs per-device.


 http://www.reddit.com/r/sysadmin/comments/3aam8m/because_i_really_want_my_clients_wpa_keys_shared/


 --

 James Andrewartha
 Network  Projects Engineer
 Christ Church Grammar School
 Claremont, Western Australia
 Ph. (08) 9442 1757
 Mob. 0424 160 877
 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at
 http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: Rogue Devices

[Williams, Matthew]

Haha, nothing like a good public shaming to get what you want.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, May 14, 2015 4:25 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue Devices

Part of the rogue defense posture is very much non-technical. Many years ago, 
we drafted policy that was endorsed by our CIO and we did a lot of education 
with across our admin spaces and with our distributed support folks. Once they 
bought in to removing rogues as being in everybody’s interest (and as we grew a 
really good WLAN), they become partners and enforcers to us in the networking 
group. We’ve had extremely good luck on a very large campus for several years 
keeping rogues out based *mostly* on crafting a good message and providing 
solid, reliable Wi-Fi.

Then there’s the dorms…

All of the above applies, except buy-in isn’t as uniform. We do a lot of 
education at move-in time, and have various tricks to find and have the 
students remove their rogues without leaving the office.  In all cases, the 
response is “I didn’t know!” despite many, many communications of various types 
on the topic. My dream: a digital sign in each dorm lobby that scrolls network 
news, tips, etc- and spreads some shame. Like “If your Wi-Fi seems slow near 
rooms 625-629, it may be because someone has a network called Frankie’s Airport 
creaming the campus network.” Using PI/MSE to get close to signal then let peer 
pressure fix the problem.

☺

Lee Badman
Wireless/Network Architect
ITS, Syracuse University
315.443.3003
(Blog: http://wirednot.wordpress.com)

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Christopher Michael 
Allison
Sent: Thursday, May 14, 2015 3:17 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue Devices


We are in the same boat we use Prime and MSE. Resources are in issue. I wish we 
could still use the containment feature that Prime and the AP's have for the 
Rogues. We are currently doing a building by building sweep of our Academic 
Buildings to remove all the Rogues that aren't managed by our department. Its a 
slow and long process.

​


CHRISTOPHER ALLISON
Network Engineer I

Information Technology
Mail Code 4622
625 Wham Drive
Carbondale, Illinois 62901

chris.m.alli...@siu.edumailto:%20chris.m.alli...@siu.edu
P: 618 / 453 - 8415
F: 618 / 453 - 5261
INFOTECH.SIU.EDUhttp://infotech.siu.edu/
[http://asset.siu.edu/_assets/images/email_sig/SIU_email_2line.gif]

Choose a job you love, and you will never have to work a day in your life.
Confucius

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
on behalf of Reams, Lane 
lane.re...@vanderbilt.edumailto:lane.re...@vanderbilt.edu
Sent: Thursday, May 14, 2015 10:37 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue Devices

We use Prime Infrastructure and MSE.  With Prime, if you add both APs and 
switches, you can shut off wired port to disconnect rogue, but you still have 
the RF interference to deal with.  Works pretty good other than all the issues 
with Prime, but as a whole, this solution works.  Just wish we had resources to 
go after all the rogues . . . they are everywhere.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bibin George
Sent: Thursday, May 14, 2015 9:11 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue Devices

Thanks for the reply..
We have cisco 3700/3600 Aps, looking for the solution for both wireless and 
wired even if it is a two separate product. If  I can locate them would be 
perfect.



From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of McClintic, Thomas
Sent: Thursday, May 14, 2015 9:39 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Rogue Devices

Which wireless system are you using?
What type of rogue devices are you most interested in? (rogue on a wire, 
neighboring device, etc.)
Do you need to also locate these rogue devices?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Bibin George
Sent: Thursday, May 14, 2015 8:27 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Rogue Devices

Can anyone suggest a good tool that I can detect/ prevent Rogue devices out 

RE: [WIRELESS-LAN] AW: [WIRELESS-LAN] To provide (wireless) service, or not to provide (wireless) service...

[Williams, Matthew]

Philippe,

I see value in 802.11ac running on 40MHz channels.  It still plays nice with N 
and the performance, though negligible, is still better.

The biggest complaint that I have about AC is that management hears the sales 
pitch about how awesome it is at 80MHz and how it will solve all of our 
problems and they decree that it will be so.  In reality it will only make 
things worse for us.  We still run APs down the hall at full power 
(predecessor’s decision on the power) and we have an Airport less than 5 miles 
away.  We completed that phase of the upgrade in December… we’ve been trying to 
fix problems ever since.

Just my 2 cents.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset
Sent: Wednesday, May 13, 2015 10:21 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] AW: [WIRELESS-LAN] To provide (wireless) service, 
or not to provide (wireless) service...

So the Cellular industry is having seminars and investing big on Wi-Fi offload 
and some schools are considering LTE offload,
what an irony.

At the end of the day the cost of providing 1 byte over LTE is much higher than 
the cost 1 byte over Wi-Fi.
(DAS, Microcell, MacroTower, all more expensive than Wi-Fi…and much more 
complicated as far as contracting is concerned)

Before doing anything I would first analyze the average monthly bandwidth need 
of a student and then do a comparison between
Wi-Fi cost over 5-8 years VS LTE cost (with comparable quality of service).

And BTW, why do we all need to upgrade to 802.11ac? (802.11n  seems perfectly 
fine to me)
Because premature EOL is coming upon us?

On another note, having a low capacity/expensive Data Wireless in residence 
halls might have interesting side effects:

-Students will watch their shows in class rather at night
-Students will start reading books again in their rooms
-Students will hang around campus late at night just to have Wi-Fi access (do 
you plan to shutdown campus Wi-Fi after hours ? ;-)
-Students will meet in hallways and talk to each other rather using Social Media
-No need to filter peer-to-peer in residence halls, no one can afford to 
download anything

But here my main concern…how will you enable eduroam on Cellular? ;-)

Philippe

Philippe Hanset
www.eduroam.ushttp://www.eduroam.us



On May 13, 2015, at 9:24 AM, Brian Helman 
bhel...@salemstate.edumailto:bhel...@salemstate.edu wrote:

I have a little more information to provide now.  I absolutely appreciate that 
it will be extremely tempting to respond with biased opinions.  I don’t think 
there is anything that can be said that I haven’t already expressed to my team. 
 However, that will not help me write up my recommendation.  So that being 
said, feel free to chime in with tangible reasons to do this or not…

Apparently, our president heard that some schools are investigating purchasing 
bulk data contracts with mobile (“cellular”) carriers for data.  The idea is, 
we would stop providing 802.11g/n/ac wireless in the residence halls and 
instead provide students with the abilities to register their devices with the 
mobile carrier to use 4G/LTE data.  The University will pay for this.

Pros:
No wireless (802.11) to purchase, support
Reduced POE requirements on switches
No wireless driver/configuration mismatches problems to support

Cons:
Is mobile wireless signal available everywhere inside the buildings?  Costs to 
improve signal.
What speeds are available (what range of speeds)?  Is it by user or aggregate?
How is congestion handled?
What devices – mobile phones only?  Hotspots to provide access to non-cellular 
devices (e.g wifi-only tablets; laptops)
More Ethernet ports needed for devices that previously depended on wireless
What provider(s)?
Support shifted from “device to institutional wifi” to “device to myfi” or 
“devide to 3rd party”
Cost per user, per GB?

What else?

If you know of any institutions who have attempted this (I have heard MIT is 
looking at it, but we aren’t MIT), please let me know.

By the way, the background here is .. we installed our 802.11n network ~5 years 
ago and haven’t had any commitment to fund it since.  So now we are trying to 
deal with capacity (BYOD) issues that didn’t exist 5 years ago while upgrading 
to 11ac.  Of course, it’s not a 1:1 swap of equipment since we’d be migrating 
from 2.4GHz to 2.4+5GHz.  That puts the costs for forklift upgrades pretty high 
(did I mention I’ve been unsuccessfully asking for funding for 3 years?).

I believe this can all best be summarized with a simple .. Oy.

-Brian





From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]On Behalf Of Jerkan, Kristijan
Sent: Sunday, May 03, 2015 12:34 PM
To: 

RE: [WIRELESS-LAN] [WIRELESS-LAN] To provide (wireless) service, or not to provide (wireless) service...

[Williams, Matthew]

Absolutely, agree.  I think the push to AC is mostly a managerial/competitive 
advantage push.  We get to deal with the ramifications.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Philippe Hanset
Sent: Wednesday, May 13, 2015 10:46 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [WIRELESS-LAN] To provide (wireless) service, or 
not to provide (wireless) service...

Matthew,

I didn’t mean that 802.11ac is not better than 802.11n in many aspects, but 
more that many of us could live many more years with 802.11n
and be quite fine especially if cost is an issue.

Thanks,

Philippe

Philippe Hanset
www.anyroam.nethttp://www.anyroam.net



On May 13, 2015, at 10:38 AM, Williams, Matthew 
mwill...@kent.edumailto:mwill...@kent.edu wrote:

Philippe,

I see value in 802.11ac running on 40MHz channels.  It still plays nice with N 
and the performance, though negligible, is still better.

The biggest complaint that I have about AC is that management hears the sales 
pitch about how awesome it is at 80MHz and how it will solve all of our 
problems and they decree that it will be so.  In reality it will only make 
things worse for us.  We still run APs down the hall at full power 
(predecessor’s decision on the power) and we have an Airport less than 5 miles 
away.  We completed that phase of the upgrade in December… we’ve been trying to 
fix problems ever since.

Just my 2 cents.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]On Behalf Of Philippe Hanset
Sent: Wednesday, May 13, 2015 10:21 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] AW: [WIRELESS-LAN] To provide (wireless) service, 
or not to provide (wireless) service...

So the Cellular industry is having seminars and investing big on Wi-Fi offload 
and some schools are considering LTE offload,
what an irony.

At the end of the day the cost of providing 1 byte over LTE is much higher than 
the cost 1 byte over Wi-Fi.
(DAS, Microcell, MacroTower, all more expensive than Wi-Fi…and much more 
complicated as far as contracting is concerned)

Before doing anything I would first analyze the average monthly bandwidth need 
of a student and then do a comparison between
Wi-Fi cost over 5-8 years VS LTE cost (with comparable quality of service).

And BTW, why do we all need to upgrade to 802.11ac? (802.11n  seems perfectly 
fine to me)
Because premature EOL is coming upon us?

On another note, having a low capacity/expensive Data Wireless in residence 
halls might have interesting side effects:

-Students will watch their shows in class rather at night
-Students will start reading books again in their rooms
-Students will hang around campus late at night just to have Wi-Fi access (do 
you plan to shutdown campus Wi-Fi after hours ? ;-)
-Students will meet in hallways and talk to each other rather using Social Media
-No need to filter peer-to-peer in residence halls, no one can afford to 
download anything

But here my main concern…how will you enable eduroam on Cellular? ;-)

Philippe

Philippe Hanset
www.eduroam.ushttp://www.eduroam.us/



On May 13, 2015, at 9:24 AM, Brian Helman 
bhel...@salemstate.edumailto:bhel...@salemstate.edu wrote:

I have a little more information to provide now.  I absolutely appreciate that 
it will be extremely tempting to respond with biased opinions.  I don’t think 
there is anything that can be said that I haven’t already expressed to my team. 
 However, that will not help me write up my recommendation.  So that being 
said, feel free to chime in with tangible reasons to do this or not…

Apparently, our president heard that some schools are investigating purchasing 
bulk data contracts with mobile (“cellular”) carriers for data.  The idea is, 
we would stop providing 802.11g/n/ac wireless in the residence halls and 
instead provide students with the abilities to register their devices with the 
mobile carrier to use 4G/LTE data.  The University will pay for this.

Pros:
No wireless (802.11) to purchase, support
Reduced POE requirements on switches
No wireless driver/configuration mismatches problems to support

Cons:
Is mobile wireless signal available everywhere inside the buildings?  Costs to 
improve signal.
What speeds are available (what range of speeds)?  Is it by user or aggregate?
How is congestion handled?
What devices – mobile phones only?  Hotspots to provide access to non-cellular 
devices (e.g wifi-only tablets; laptops)
More Ethernet ports needed for devices that previously depended on wireless
What provider(s)?
Support shifted from “device to institutional wifi

RE: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

[Williams, Matthew]

Hi Jason,

In the version of code that I’m running, 7.6.120.6 and 7.6.130.0, checking 
Channel Announcement is what actually enables 802.11h.  If log into the CLI of 
my controllers and do a “show 802.11h” with Channel Announcement enabled, I see…


(Cisco Controller) show 802.11h

Power Constraint. 0
Channel Switch... Enabled
Channel Mode. Quiet

If I deselect Channel Announcement, I see this…

(Cisco Controller) show 802.11h

Power Constraint. 0
Channel Switch... Disabled
Channel Mode. Loud

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Watts
Sent: Thursday, April 2, 2015 9:40 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

I second Gertjan’s questions and also wonder if anyone is clear as to whether 
having just Channel Announcement turned on would cause this effect. Currently 
our controllers are configured as such and I’m seeing some new Macbook 
Pro/Yosemite issues.


[cid:image001.png@01D06DD9.34CDAE90]

Jason Watts | Senior Network Administrator

PRATT INSTITUTE
Academic Computing



On Apr 2, 2015, at 9:35 AM, Scharloo, Gertjan 
g.schar...@uva.nlmailto:g.schar...@uva.nl wrote:

Hi Kees,

Thanks for this advise!

Question : 802.11h works only together with 5 GHz. In a Cisco environment you 
can choice between 802.11h or DTPC (802.11a Global parameters/General)

Are there also known problems with DTPC and Yosemite and Is it wise to turn off 
(temporarily) 802.11h and turn on DTPC for 5 GHz ?

Gertjan Scharloo
ICT Consultant
_

Universiteit van Amsterdam | Hogeschool van Amsterdam

ICT Services
Leeuwenburg | kamer A9.44
Weesperzijde 190 | 1097 DZ Amsterdam
+31 (0)20 525 4885
Mobiel : +31(0) 61013-5880
www.uva.nlhttp://www.uva.nl/
uva.nl/profile/g.scharloohttp://uva.nl/profile/g.scharloo
Beschikbaar : Ma | - | Wo | Do | Vr |

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk
Sent: Thursday, April 2, 2015 2:55 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

FYI :

I think I found a very relevant post about Yosemite issues in enterprise WLAN 
environments.
IMHO due to many IE received in a large environment, MacBooks with Yosemite OSX 
can/will falter.

https://discussions.apple.com/thread/6825371

Sincerely, Kees Pronk

On 03 Mar 2015, at 14:47, Walter Reynolds 
wa...@umich.edumailto:wa...@umich.edu wrote:



The reason we turn off IPv6 is basically that some Mac's were unable to get a 
IPv4 address when they had V6 enabled.

It has been a problem for a while, and at this point it is just one of the many 
issues we have with Apple devices in general, not just on 10.10

We do have Cisco, but do not have V6 enabled everywhere.

No link to the page as it is an internal document.  That is why I copied the 
text and put it in the email.



Walter Reynolds
Principal Systems Security Development Engineer
Information and Technology Services
University of Michigan
(734) 615-9438

On Tue, Mar 3, 2015 at 8:26 AM, Frans Panken 
frans.pan...@surfnet.nlmailto:frans.pan...@surfnet.nl wrote:
Hi Walter,
Good suggestions. What is the reason you suggest to turn off IPv6 on Wi-Fi?
Do you have Cisco (we have a TAC case where IPv6 does not work well)? I wonder 
which Wi-Fi degradations you prevent by turning off IPv6. Can you explain (link 
to a page)?
-Frans
Walter Reynolds schreef op 03/03/15 om 13:49:
We also have seen a huge rise in issues.  10.10.3 which is being tested right 
now seems better, but not a solution.  Here is some of what we tell folks who 
have issues.  The firts set removes all network settings, but seems to help the 
most.


REMOVE MACHINE NETWORKING PREFERENCES

  1.  Click on the WiFi icon in the top menu bar and select: Turn Wi-Fi Off.
  2.  Click anywhere on the desktop.
  3.  Click on Go on the top of your screen.
  4.  Choose Computer
  5.  Choose your hard drive (it may be named Macintosh HD)
  6.  Choose Library
  7.  Choose Preferences
  8.  Choose SystemConfiguration
  9.  If the following items exist in the SystemConfiguration folder, drag them 
to the trash. (Note: They may not all exist.)
  com.apple.airport.preferences.plist
  com.apple.eapolclient.plist
  com.apple.network.eapolclient.configuration.plist
  com.apple.network.identification.plist
  com.apple.wifi.message-tracer.plist

  NetworkInterfaces.plist
  preferences.plist
  10. Restart your computer.
NOTE: After doing this step, you will need to rejoin 

RE: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

[Williams, Matthew]

Interesting.  In our versions of code, the Power Constraint checkbox doesn’t 
exist.  Must be a CLI function then.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk
Sent: Friday, April 3, 2015 10:13 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

In this blog Cisco’s Jerome Henry gives a very nice explanation about what 
Cisco’s implementation of 802.11h does and does not :

http://wirelessccie.blogspot.nl/2009/08/80211h-parameters.html

As I understand, the checkbox : Power Constraint might be the magic bullet…


Sincerely, Kees


Hi Jason,

In the version of code that I’m running, 7.6.120.6 and 7.6.130.0, checking 
Channel Announcement is what actually enables 802.11h.  If log into the CLI of 
my controllers and do a “show 802.11h” with Channel Announcement enabled, I see…


(Cisco Controller) show 802.11h

Power Constraint. 0
Channel Switch... Enabled
Channel Mode. Quiet

If I deselect Channel Announcement, I see this…

(Cisco Controller) show 802.11h

Power Constraint. 0
Channel Switch... Disabled
Channel Mode. Loud

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jason Watts
Sent: Thursday, April 2, 2015 9:40 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

I second Gertjan’s questions and also wonder if anyone is clear as to whether 
having just Channel Announcement turned on would cause this effect. Currently 
our controllers are configured as such and I’m seeing some new Macbook 
Pro/Yosemite issues.


image001.png

Jason Watts | Senior Network Administrator

PRATT INSTITUTE
Academic Computing



On Apr 2, 2015, at 9:35 AM, Scharloo, Gertjan 
g.schar...@uva.nlmailto:g.schar...@uva.nl wrote:

Hi Kees,

Thanks for this advise!

Question : 802.11h works only together with 5 GHz. In a Cisco environment you 
can choice between 802.11h or DTPC (802.11a Global parameters/General)

Are there also known problems with DTPC and Yosemite and Is it wise to turn off 
(temporarily) 802.11h and turn on DTPC for 5 GHz ?

Gertjan Scharloo
ICT Consultant
_

Universiteit van Amsterdam | Hogeschool van Amsterdam

ICT Services
Leeuwenburg | kamer A9.44
Weesperzijde 190 | 1097 DZ Amsterdam
+31 (0)20 525 4885
Mobiel : +31(0) 61013-5880
www.uva.nlhttp://www.uva.nl/
uva.nl/profile/g.scharloohttp://uva.nl/profile/g.scharloo
Beschikbaar : Ma | - | Wo | Do | Vr |

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kees Pronk
Sent: Thursday, April 2, 2015 2:55 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] MAC OS X Yosemite 10.10.2 Wi-Fi issues (update)

FYI :

I think I found a very relevant post about Yosemite issues in enterprise WLAN 
environments.
IMHO due to many IE received in a large environment, MacBooks with Yosemite OSX 
can/will falter.

https://discussions.apple.com/thread/6825371

Sincerely, Kees Pronk

On 03 Mar 2015, at 14:47, Walter Reynolds 
wa...@umich.edumailto:wa...@umich.edu wrote:




The reason we turn off IPv6 is basically that some Mac's were unable to get a 
IPv4 address when they had V6 enabled.

It has been a problem for a while, and at this point it is just one of the many 
issues we have with Apple devices in general, not just on 10.10

We do have Cisco, but do not have V6 enabled everywhere.

No link to the page as it is an internal document.  That is why I copied the 
text and put it in the email.



Walter Reynolds
Principal Systems Security Development Engineer
Information and Technology Services
University of Michigan
(734) 615-9438

On Tue, Mar 3, 2015 at 8:26 AM, Frans Panken 
frans.pan...@surfnet.nlmailto:frans.pan...@surfnet.nl wrote:
Hi Walter,
Good suggestions. What is the reason you suggest to turn off IPv6 on Wi-Fi?
Do you have Cisco (we have a TAC case where IPv6 does not work well)? I wonder 
which Wi-Fi degradations you prevent by turning off IPv6. Can you explain (link 
to a page)?
-Frans
Walter Reynolds schreef op 03/03/15 om 13:49:
We also have seen a huge rise in issues.  10.10.3 which is being tested right 
now seems better, but not a solution.  Here is some of what we tell folks who 
have issues.  The firts set removes all network settings, but seems to 

RE: ResHall Wireless

[Williams, Matthew]

We’re still investigating this as well.  Our wishlist would be a randomized PSK 
for each user, sort of like an authenticated guest network.  We haven’t seen 
anything that can pull that off though.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Christopher Michael 
Allison
Sent: Wednesday, March 11, 2015 10:31 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] ResHall Wireless


We use a seperate SSID currently but they have an IP similar to the other 
wireless on campus. We have had talks about DMZing our Residence halls from 
main campus including their wireless.

​


CHRISTOPHER ALLISON
Network Engineer I

Information Technology
Mail Code 4622
625 Wham Drive
Carbondale, Illinois 62901

chris.m.alli...@siu.edumailto:%20chris.m.alli...@siu.edu
P: 618 / 453 - 8415
F: 618 / 453 - 5261
INFOTECH.SIU.EDUhttp://infotech.siu.edu/
[http://asset.siu.edu/_assets/images/email_sig/SIU_email_2line.gif]

Choose a job you love, and you will never have to work a day in your life.
Confucius

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
on behalf of Hector J Rios hr...@lsu.edumailto:hr...@lsu.edu
Sent: Wednesday, March 11, 2015 8:47 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] ResHall Wireless

I’m wondering how many of you treat the wireless in the ResHalls differently 
from the wireless on the rest of your campus. In terms of geography, we have 21 
ResHalls that are in the perimeter of our campus. Some of these buildings are 
next to academic or administrative buildings. Eduroam is our main SSID. So, for 
the longest time it has only made sense to broadcast eduroam everywhere. Now, 
on the wired side of the house, our ResHalls have a dedicated connection that 
gives them direct, non-firewall access to the internet (for access to campus 
resources, a student must VPN). This came about as a request from the students 
to have more freedom in their residence. Makes sense. But wireless is different 
as it goes through our campus core, traverses our perimeter firewall, and goes 
out our main internet connection.

I’ve struggled to find an alternative solution to this. We recognize that 
students in ResHalls are different in the sense that they pay for a place to 
live and should get an internet service that is similar to their home service. 
However, any alternatives that we have considered (separate SSID, dynamic VLAN 
assignment, user groups) just seem to complicate the setup.

Any good ideas out there or creative ways in which you have tackled this 
challenge?

Thanks,

Hector Rios, CCNP, CCA
Assistant Director, Network Engineering
Dept. of Networking and Infrastructure
Information Technology Services
Louisiana State University

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

RE: Cisco MSE Alternatives

[Williams, Matthew]

We are using the MSEs almost exclusively for E911 for our handful of wireless 
VoIP phones.  A secondary use for us is to aid in tracking stolen devices, 
though we've only recovered a handful of them.  We aren't really doing anything 
with them other than that.  Which makes me question why we are keeping them 
around, especially if there is some third party product out there that can do 
something similar.

How about you?  What are you getting from them?

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Wednesday, February 25, 2015 2:46 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco MSE Alternatives

Just out of curiosity and also someone who has an MSE.  I'm wondering how you 
utilize the mse and  the info you get from it?  Is your network setup for 
location services?  Anything with the new analytics stuff?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Wednesday, February 25, 2015 2:03 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco MSE Alternatives

We need to upgrade our MSEs and I'm just curious if anyone knows if there are 
any third party alternative to the MSE.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: AirWave with Cisco 8510s

[Williams, Matthew]

I'm working with Aruba TAC to figure it out, but we have a lab 8510 on 8.0.100 
and that one won't come up in AirWave either.  I'll update the thread once some 
headway is made.

Respectfully, 

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John
Sent: Thursday, February 26, 2015 1:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] AirWave with Cisco 8510s

I certainly hope that it is supported by Airwave. We have been using Airwave 
for years and would like to continue if they will support current Cisco APs 7 
controllers. We are planning to move from our WiSM2s to 8510 within a couple of 
months. I would certainly hate to have to abandon the airwave platform due to 
lack of support. And, I will also be moving up the from 7.6.120.0 to the latest 
8 code about the same time.


==
-jcw

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Williams, Matthew 
[mwill...@kent.edu]
Sent: Thursday, February 26, 2015 9:28 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] AirWave with Cisco 8510s

Is anyone using AirWave to monitor Cisco 8510 controllers?  We're running a 
demo of AirWave, but it doesn't appear to like our 8510s running 7.6.130.  I've 
been told anecdotally that it works just fine on 7.6, but we can't get it to 
behave.  Thanks in advance for any insights.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Cisco MSE Alternatives

[Williams, Matthew]

We've created an event definition in Prime and tied those definitions to our 
MSEs so that when a location change is recorded, a TRAP is sent to our E911 
service.

Everything we've done is out-of-the-box capability in Prime and the MSEs that 
our E911 platform can integrate with.  However, I have no idea what the E911 
folks are doing on their end to enable this sorcery.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Thursday, February 26, 2015 1:09 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco MSE Alternatives

I'm very interested in how you use mse for e911.  Did you develop something in 
house from the API

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 26, 2015 9:10 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco MSE Alternatives

We are using the MSEs almost exclusively for E911 for our handful of wireless 
VoIP phones.  A secondary use for us is to aid in tracking stolen devices, 
though we've only recovered a handful of them.  We aren't really doing anything 
with them other than that.  Which makes me question why we are keeping them 
around, especially if there is some third party product out there that can do 
something similar.

How about you?  What are you getting from them?

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Wednesday, February 25, 2015 2:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco MSE Alternatives

Just out of curiosity and also someone who has an MSE.  I'm wondering how you 
utilize the mse and  the info you get from it?  Is your network setup for 
location services?  Anything with the new analytics stuff?

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Wednesday, February 25, 2015 2:03 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco MSE Alternatives

We need to upgrade our MSEs and I'm just curious if anyone knows if there are 
any third party alternative to the MSE.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks

[Williams, Matthew]

I've heard from multiple CIOs that they don't want a converged campus 
solution.  They don't want to end up beholden to a single vendor for financial 
and security reasons.  They want best-of-breed products that provide the most 
bang for the buck without the caveats of, Well if you want that that feature 
then you'll have to buy this appliance/plugin/thing-a-ma-bob, too.

I find the potential merger a bit disappointing because Aruba was a wireless 
company (with a few switches) and that's what they did.  I'd hate to see them 
end up getting lost in the shuffle of HP's portfolio of solutions.  Hopefully, 
if this all goes through, that won't happen.

Respectfully, 

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Thomas Carter
Sent: Thursday, February 26, 2015 4:33 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks

Yes, edge switches, but HP can sell the whole campus from firewalls to routers 
to core switches to APs to software (clearpass, airwave, etc) to truly compete 
with the likes of Cisco. They're pushing the converged campus to sound like a 
marketing wonk. Whether or not they screw it up is what we'll have to wait and 
see. 

Thomas Carter
Network and Operations Manager
Austin College 
903-813-2564


-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser
Sent: Thursday, February 26, 2015 2:44 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] HP is reportedly trying to buy Aruba Networks

On 02/26/2015 02:23 PM, Thomas Carter wrote:
 I kept telling our Dell reps that Dell needs to buy into wireless and 
 grab Aerohive or Ruckus. They would just mention the Aruba deal; we'll 
 see what happens with that.

 I do think this can be good for Aruba. I see it as this - Cisco is a 
 company that does $50B revenue annually and spends $6B in RD. I know 
 that's not all wireless, but Aruba has $725M annual revenue with $170M 
 RD. They need the financial backing to stay in second and maybe close 
 the gap on Cisco. If integrated well, HP could have a compelling 
 package with ProCurve and Aruba all managed under AirWave with some magic SDN 
 sprinkled in there somewhere.

But Aruba already has their own package with their MAS switches!

My biggest fear is that HP is buying Aruba the wireless company, not Aruba the 
client access company.  This would lead them to keeping the APs and 
controllers, while putting all of the rest of the goodies that let us to 
selecting them (Clearpass, Airwave's cross vendor capabilities, their
switches) in jeopardy of either being tossed outright or left hanging around 
atrophying.

-- 
Frank Sweetser fs at wpi.edu|  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |   - HL Mencken

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Cisco MSE Alternatives

[Williams, Matthew]

We need to upgrade our MSEs and I'm just curious if anyone knows if there are 
any third party alternative to the MSE.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

Lee, any time.

Kitri, the 10 minute time for a failure event to be triggered, the HA to become 
the primary, and the failed controller to come back up to a full Hot Standby 
has been consistent.  We've seen that the secondary controller has to reboot 
between two and three times before we have full SSO redundancy again.

Matt, did you see any watchdog errors in 8.0?  What caused you to go with 8.1?  
Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kitri Waterman
Sent: Thursday, February 19, 2015 3:16 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,

You mentioned 10 min for full HA convergence which seems long. But then 
again, we've also seen a consistent issue where during an HA event the configs 
are reported as out of sync and the secondary controller has to reboot, 
sometimes more than once to re-sync.

My current theory is that very dynamic parts of the configs like rogue adhoc 
alerts should be left out of the controller XML sync check and this would 
enable faster HA pairing.


Kitri Waterman
--
Network Engineer (Wireless)
University of Oregon



On 2/19/15 11:58 AM, Williams, Matthew wrote:
So far for us, I the benefits outweigh the risks.  In our case, when we failed 
one route engine the 8510s simply failed over to the HA box and there was no 
perceivable degradation in the user experience.  Our issues with using Layer-2 
for the HA only occurred if BOTH of our upstream switches had a routing engine 
failure within the 10 minutes it takes for the full HA convergence time.  The 
odds of that happening at the same time are extremely remote and would most 
likely indicate a much larger networking issue that would trump a wireless 
outage.

We chose to do the direct connection just to be extra safe.  In fact, the only 
reason we even found out about the routing engine issue was because we replaced 
routing engines in each of our upstream switches at roughly the same time.

I don't know how much testing you have done with the 8510s but we've run them 
through some pretty good paces.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

I saw the bowing thing- that's insane. It makes me curious about the racks they 
are mounted in.

To date, do you see the advantages of the 8510 as outweighing the concerns?


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 19, 2015 2:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Lee,
We're going through this as we speak.  We've seen some issues with the 
controllers physically bowing.  We've also had issues with running HA via 
Layer-2 when upstream routing engines/supervisor cards fail.  Part of the issue 
is that there is very limited keep alive timer control in our version of code 
and the thresholds aren't high enough to mitigate the route engines switching 
over.  Cisco recommends direct connecting them, so we've resorted to using 
switches as media converters for the direct connection.

The good news is that 8.0.100 reintroduced timer controls that did mitigate the 
failures when using Layer2 for the HA.  The bad news is that 8.0.100 caused 
watchdog failures in the 8510s.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:35 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

One more for the group: Having a large number of 5508s, I have an interest in 
greatly simplifying the environment by moving to higher capacity 8510s (zero 
interest in 5760s).

I'm hoping to hear from those that have taken the 8510 plunge. For us, outside 
of code issues, the 5508s have been solid hardware for us. Would like to know 
whether current 8510 users find them to be reliable as hardware, and whether 
the HA promises live up to the glossy.

Thanks-

Lee B.

Lee Badman
Wireless/Network Architect
ITS, Syracuse

RE: Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

So far for us, I the benefits outweigh the risks.  In our case, when we failed 
one route engine the 8510s simply failed over to the HA box and there was no 
perceivable degradation in the user experience.  Our issues with using Layer-2 
for the HA only occurred if BOTH of our upstream switches had a routing engine 
failure within the 10 minutes it takes for the full HA convergence time.  The 
odds of that happening at the same time are extremely remote and would most 
likely indicate a much larger networking issue that would trump a wireless 
outage.

We chose to do the direct connection just to be extra safe.  In fact, the only 
reason we even found out about the routing engine issue was because we replaced 
routing engines in each of our upstream switches at roughly the same time.

I don't know how much testing you have done with the 8510s but we've run them 
through some pretty good paces.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:49 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

I saw the bowing thing- that's insane. It makes me curious about the racks they 
are mounted in.

To date, do you see the advantages of the 8510 as outweighing the concerns?


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 19, 2015 2:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Lee,
We're going through this as we speak.  We've seen some issues with the 
controllers physically bowing.  We've also had issues with running HA via 
Layer-2 when upstream routing engines/supervisor cards fail.  Part of the issue 
is that there is very limited keep alive timer control in our version of code 
and the thresholds aren't high enough to mitigate the route engines switching 
over.  Cisco recommends direct connecting them, so we've resorted to using 
switches as media converters for the direct connection.

The good news is that 8.0.100 reintroduced timer controls that did mitigate the 
failures when using Layer2 for the HA.  The bad news is that 8.0.100 caused 
watchdog failures in the 8510s.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:35 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

One more for the group: Having a large number of 5508s, I have an interest in 
greatly simplifying the environment by moving to higher capacity 8510s (zero 
interest in 5760s).

I'm hoping to hear from those that have taken the 8510 plunge. For us, outside 
of code issues, the 5508s have been solid hardware for us. Would like to know 
whether current 8510 users find them to be reliable as hardware, and whether 
the HA promises live up to the glossy.

Thanks-

Lee B.

Lee Badman
Wireless/Network Architect
ITS, Syracuse University
315.443.3003
(Blog: http://wirednot.wordpress.com)



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

Lee,
We're going through this as we speak.  We've seen some issues with the 
controllers physically bowing.  We've also had issues with running HA via 
Layer-2 when upstream routing engines/supervisor cards fail.  Part of the issue 
is that there is very limited keep alive timer control in our version of code 
and the thresholds aren't high enough to mitigate the route engines switching 
over.  Cisco recommends direct connecting them, so we've resorted to using 
switches as media converters for the direct connection.

The good news is that 8.0.100 reintroduced timer controls that did mitigate the 
failures when using Layer2 for the HA.  The bad news is that 8.0.100 caused 
watchdog failures in the 8510s.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:35 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

One more for the group: Having a large number of 5508s, I have an interest in 
greatly simplifying the environment by moving to higher capacity 8510s (zero 
interest in 5760s).

I'm hoping to hear from those that have taken the 8510 plunge. For us, outside 
of code issues, the 5508s have been solid hardware for us. Would like to know 
whether current 8510 users find them to be reliable as hardware, and whether 
the HA promises live up to the glossy.

Thanks-

Lee B.

Lee Badman
Wireless/Network Architect
ITS, Syracuse University
315.443.3003
(Blog: http://wirednot.wordpress.com)



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

Matt,
Thanks for the info.  How are the 702s working out?  We’re looking into them as 
well.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Matt O'Brien
Sent: Thursday, February 19, 2015 3:42 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,
We never saw watchdog errors on 8.0. We moved to MR1 to take advantage of the 
trunk option on the 702w's. We held up on adding 702w's until we could assign 
different VLAN's to the switchports and keep the Users VLAN the same. It also 
came out at a convenient time, a couple weeks before the spring semester so we 
had time to look at it and move back to 8.0 if necessary.

On Thu, Feb 19, 2015 at 1:22 PM, Williams, Matthew 
mwill...@kent.edumailto:mwill...@kent.edu wrote:
Lee, any time.

Kitri, the 10 minute time for a failure event to be triggered, the HA to become 
the primary, and the “failed” controller to come back up to a full Hot Standby 
has been consistent.  We’ve seen that the secondary controller has to reboot 
between two and three times before we have full SSO redundancy again.

Matt, did you see any watchdog errors in 8.0?  What caused you to go with 8.1?  
Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Kitri Waterman
Sent: Thursday, February 19, 2015 3:16 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,

You mentioned 10 min for full HA convergence which seems long. But then 
again, we've also seen a consistent issue where during an HA event the configs 
are reported as out of sync and the secondary controller has to reboot, 
sometimes more than once to re-sync.

My current theory is that very dynamic parts of the configs like rogue adhoc 
alerts should be left out of the controller XML sync check and this would 
enable faster HA pairing.


Kitri Waterman
--
Network Engineer (Wireless)
University of Oregon


On 2/19/15 11:58 AM, Williams, Matthew wrote:
So far for us, I the benefits outweigh the risks.  In our case, when we failed 
one route engine the 8510s simply failed over to the HA box and there was no 
perceivable degradation in the user experience.  Our issues with using Layer-2 
for the HA only occurred if BOTH of our upstream switches had a routing engine 
failure within the 10 minutes it takes for the full HA convergence time.  The 
odds of that happening at the same time are extremely remote and would most 
likely indicate a much larger networking issue that would trump a wireless 
outage.

We chose to do the direct connection just to be extra safe.  In fact, the only 
reason we even found out about the routing engine issue was because we replaced 
routing engines in each of our upstream switches at roughly the same time.

I don’t know how much testing you have done with the 8510s but we’ve run them 
through some pretty good paces.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

I saw the bowing thing- that’s insane. It makes me curious about the racks they 
are mounted in.

To date, do you see the advantages of the 8510 as outweighing the concerns?


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 19, 2015 2:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Lee,
We’re going through this as we speak.  We’ve seen some issues with the 
controllers physically bowing.  We’ve also had issues with running HA via 
Layer-2 when upstream routing engines/supervisor cards fail.  Part of the issue 
is that there is very limited keep alive timer control in our version of code 
and the thresholds aren’t high enough to mitigate the route engines switching 
over.  Cisco recommends direct connecting them, so we’ve resorted to using 
switches as media converters for the direct connection

RE: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

Sorry, Lee.  I didn’t mean to hijack your thread.

Matt, can I email you directly about the 702s?

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 19, 2015 3:45 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,
Thanks for the info.  How are the 702s working out?  We’re looking into them as 
well.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Matt O'Brien
Sent: Thursday, February 19, 2015 3:42 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,
We never saw watchdog errors on 8.0. We moved to MR1 to take advantage of the 
trunk option on the 702w's. We held up on adding 702w's until we could assign 
different VLAN's to the switchports and keep the Users VLAN the same. It also 
came out at a convenient time, a couple weeks before the spring semester so we 
had time to look at it and move back to 8.0 if necessary.

On Thu, Feb 19, 2015 at 1:22 PM, Williams, Matthew 
mwill...@kent.edumailto:mwill...@kent.edu wrote:
Lee, any time.

Kitri, the 10 minute time for a failure event to be triggered, the HA to become 
the primary, and the “failed” controller to come back up to a full Hot Standby 
has been consistent.  We’ve seen that the secondary controller has to reboot 
between two and three times before we have full SSO redundancy again.

Matt, did you see any watchdog errors in 8.0?  What caused you to go with 8.1?  
Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Kitri Waterman
Sent: Thursday, February 19, 2015 3:16 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,

You mentioned 10 min for full HA convergence which seems long. But then 
again, we've also seen a consistent issue where during an HA event the configs 
are reported as out of sync and the secondary controller has to reboot, 
sometimes more than once to re-sync.

My current theory is that very dynamic parts of the configs like rogue adhoc 
alerts should be left out of the controller XML sync check and this would 
enable faster HA pairing.


Kitri Waterman
--
Network Engineer (Wireless)
University of Oregon

On 2/19/15 11:58 AM, Williams, Matthew wrote:
So far for us, I the benefits outweigh the risks.  In our case, when we failed 
one route engine the 8510s simply failed over to the HA box and there was no 
perceivable degradation in the user experience.  Our issues with using Layer-2 
for the HA only occurred if BOTH of our upstream switches had a routing engine 
failure within the 10 minutes it takes for the full HA convergence time.  The 
odds of that happening at the same time are extremely remote and would most 
likely indicate a much larger networking issue that would trump a wireless 
outage.

We chose to do the direct connection just to be extra safe.  In fact, the only 
reason we even found out about the routing engine issue was because we replaced 
routing engines in each of our upstream switches at roughly the same time.

I don’t know how much testing you have done with the 8510s but we’ve run them 
through some pretty good paces.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

I saw the bowing thing- that’s insane. It makes me curious about the racks they 
are mounted in.

To date, do you see the advantages of the 8510 as outweighing the concerns?


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Thursday, February 19, 2015 2:46 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking

RE: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC reliability

[Williams, Matthew]

Awesome.  Thanks, guys.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Matt O'Brien
Sent: Thursday, February 19, 2015 3:50 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

We really like the 702s. I wish they would have been an option a few years ago 
when we were adding full RF and density coverage in the dorms. They would have 
saved a lot of time and money and kept us out of the hallway deployment models 
in the bomb shelter construction dorms:)
On campus they are a great solution for those overlooked corner offices stuck 
behind an elevator shaft and such.

On Thu, Feb 19, 2015 at 1:45 PM, Williams, Matthew 
mwill...@kent.edumailto:mwill...@kent.edu wrote:
Matt,
Thanks for the info.  How are the 702s working out?  We’re looking into them as 
well.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Matt O'Brien
Sent: Thursday, February 19, 2015 3:42 PM

To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,
We never saw watchdog errors on 8.0. We moved to MR1 to take advantage of the 
trunk option on the 702w's. We held up on adding 702w's until we could assign 
different VLAN's to the switchports and keep the Users VLAN the same. It also 
came out at a convenient time, a couple weeks before the spring semester so we 
had time to look at it and move back to 8.0 if necessary.

On Thu, Feb 19, 2015 at 1:22 PM, Williams, Matthew 
mwill...@kent.edumailto:mwill...@kent.edu wrote:
Lee, any time.

Kitri, the 10 minute time for a failure event to be triggered, the HA to become 
the primary, and the “failed” controller to come back up to a full Hot Standby 
has been consistent.  We’ve seen that the secondary controller has to reboot 
between two and three times before we have full SSO redundancy again.

Matt, did you see any watchdog errors in 8.0?  What caused you to go with 8.1?  
Thanks.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
 On Behalf Of Kitri Waterman
Sent: Thursday, February 19, 2015 3:16 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials- 8510 vs 5508 WLC 
reliability

Matt,

You mentioned 10 min for full HA convergence which seems long. But then 
again, we've also seen a consistent issue where during an HA event the configs 
are reported as out of sync and the secondary controller has to reboot, 
sometimes more than once to re-sync.

My current theory is that very dynamic parts of the configs like rogue adhoc 
alerts should be left out of the controller XML sync check and this would 
enable faster HA pairing.


Kitri Waterman
--
Network Engineer (Wireless)
University of Oregon

On 2/19/15 11:58 AM, Williams, Matthew wrote:
So far for us, I the benefits outweigh the risks.  In our case, when we failed 
one route engine the 8510s simply failed over to the HA box and there was no 
perceivable degradation in the user experience.  Our issues with using Layer-2 
for the HA only occurred if BOTH of our upstream switches had a routing engine 
failure within the 10 minutes it takes for the full HA convergence time.  The 
odds of that happening at the same time are extremely remote and would most 
likely indicate a much larger networking issue that would trump a wireless 
outage.

We chose to do the direct connection just to be extra safe.  In fact, the only 
reason we even found out about the routing engine issue was because we replaced 
routing engines in each of our upstream switches at roughly the same time.

I don’t know how much testing you have done with the 8510s but we’ve run them 
through some pretty good paces.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246tel:%28330%29%20672-7246
Mobile: (330) 469-0445tel:%28330%29%20469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Thursday, February 19, 2015 2:49 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Looking for testimonials

RE: [WIRELESS-LAN] Cisco WLC AP Fallback Gone Wonky?

[Williams, Matthew]

Just a thought... is the 8510 pair set as a master?



Sent from my Verizon Wireless 4G LTE smartphone


 Original message 
From: Lee H Badman lhbad...@syr.edu
Date: 02/19/2015 10:50 AM (GMT-05:00)
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco WLC AP Fallback Gone Wonky?


Hello from snowy Syracuse. For the Cisco WLANers in the group:


Adding a new 8510 HA Pair to an existing large environment. The 8510s are up 
with management addresses, and AP fallback is disabled. Basically, these are 
controllers that are being configured as time allows and so need to be on the 
wire. Typically, disabling AP fallback is all that's needed to keep the APs 
away while working on a WLC. These 8510s have been sitting there for a week- 
idle and a work in progress-, and last night out of the blue one of them took 
on like 150 APs (is licensed for 1000) from a few different controllers in a 
very random feeling event (no disruption to the controllers that shed APs). 
Since the APs hit a controller that wasn't properly configured, lots of clients 
were dead in the water.

Did something change in 8.0.100 code or the 8510 that makes AP fallback 
disabled not effective? Is there any more positive way of keeping APs off of a 
controller that's a work in progress other than ACLs and putting them on 
different networks, etc? Seems reasonable to be able to just turn off  a 
controller's willingness to take APs...?


(just copied my inquiry from Cisco forums to this email)


Anyone have thoughts?


Thanks-


Lee


Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Cisco 8510 Controllers

[Williams, Matthew]

Good morning all,

We've got 8 Cisco 8510 controllers that we are getting ready to deploy and 
we've run into a very strange issue.  The 8510 controller is a 1 RU server-like 
form factor that requires a 4-post rack.

We've racked 4 of them and all 4 of them are literally bowing at the join 
between the board and power supplies.  Has anyone else with 8500s seen this?

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Cisco 8510 Controllers

[Williams, Matthew]

Yep, we used all of the parts that came with them and they are sitting in 
server cabinets as well.

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Sullivan, Don
Sent: Friday, January 16, 2015 10:58 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco 8510 Controllers

We have 2 8510s and we are using a 4 post rack (server cabinet). We are not 
seeing this. Did you use the rack mounts that came with the 8510s?

Don Sullivan
Network Adminstrator
Samford University
205-726-2111

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Williams, Matthew
Sent: Friday, January 16, 2015 9:44 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Cisco 8510 Controllers

Good morning all,

We've got 8 Cisco 8510 controllers that we are getting ready to deploy and 
we've run into a very strange issue.  The 8510 controller is a 1 RU server-like 
form factor that requires a 4-post rack.

We've racked 4 of them and all 4 of them are literally bowing at the join 
between the board and power supplies.  Has anyone else with 8500s seen this?

Respectfully,

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] Cisco 8510 Controllers

[Williams, Matthew]

Yes, they work.  They didn't appear to have this bowing when we installed them. 
 I'll examine the other 4 that we have in the warehouse.  

Respectfully, 

Matthew Williams
IT Manager, Wireless
Kent State University
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Ian McDonald
Sent: Friday, January 16, 2015 1:00 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco 8510 Controllers

It looks like they got dropped in transit. I've seen 1/2U's look like this 
before. I presume they work OK? 

--
Ian


-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hunter Fuller
Sent: 16 January 2015 17:57
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco 8510 Controllers

Wow. That's, uh... That's a new one on me.

Best of luck...

--
Hunter Fuller
Network Engineer
VBRH M-9B
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Systems and Infrastructure

I am part of the UAH Safe Zone LGBTQIA support network:
http://www.uah.edu/student-affairs/safe-zone


On Fri, Jan 16, 2015 at 11:54 AM, Williams, Matthew mwill...@kent.edu wrote:
 No, we installed them in a 4 post rack.



 Respectfully,



 Matthew Williams

 IT Manager, Wireless

 Kent State University

 Office: (330) 672-7246

 Mobile: (330) 469-0445



 From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Young
 Sent: Friday, January 16, 2015 11:15 AM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: Re: [WIRELESS-LAN] Cisco 8510 Controllers



 Hello William,



 Did you have to install the 8510s into a two post rack?



 One solution we deployed for a similar issue was to deploy a 2 post to 4
 post conversion kit.   This required that we place a second rack a couple of
 feet behind the original rack and then installed the conversion kit 
 parts to join the two racks together as one unit.  We could then 
 co-locate the handful of 4 post devices in the same rack as the 2 post 
 network equipment.



 One vendor of this type of 2 port to 4 post conversion kit is Kendall 
 Howard.  We used their  4-Piece Rack Conversion Kit SKU: 1927-3-004-00



 http://www.kendallhoward.com/4-Piece-Rack-Conversion-Kit.html



 Hope this helps,



 Jim Young

 Network Engineer

 Georgia State University

 Atlanta, GA   30303

 office: 404-413-4452

 mobile: 678-613-5514

 email: jyo...@gsu.edu







 From: Williams, Matthew mwill...@kent.edu
 Reply-To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Date: Friday, January 16, 2015 10:43 AM
 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
 Subject: [WIRELESS-LAN] Cisco 8510 Controllers



 Good morning all,



 We’ve got 8 Cisco 8510 controllers that we are getting ready to deploy 
 and we’ve run into a very strange issue.  The 8510 controller is a 1 
 RU server-like form factor that requires a 4—post rack.



 We’ve racked 4 of them and all 4 of them are literally bowing at the 
 join between the “board” and power supplies.  Has anyone else with 
 8500s seen this?



 Respectfully,



 Matthew Williams

 IT Manager, Wireless

 Kent State University

 Office: (330) 672-7246

 Mobile: (330) 469-0445



 ** Participation and subscription information for this 
 EDUCAUSE Constituent Group discussion list can be found at 
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this 
 EDUCAUSE Constituent Group discussion list can be found at 
 http://www.educause.edu/groups/.

 ** Participation and subscription information for this 
 EDUCAUSE Constituent Group discussion list can be found at 
 http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Airwave Support for Cisco Devices

[Williams, Matthew]

I'm going to try to revive a slightly old thread here...  

Can anyone comment on the level of reporting detail that you can get from 
AirWave with Cisco APs?  Is it comparable to AirWave's reporting detail of 
Aruba APs?

Respectfully, 

Matthew Williams
Kent State University
Network  Telecommunications Services
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Monday, October 27, 2014 9:08 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Airwave Support for Cisco Devices

Anyway, FWIW, I am sure Aruba's support for Cisco wireless is much better than 
Cisco's support for Aruba wireless.

Lee gives this two big fat thumbs' up.

:)

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of Osborne, Bruce W (Network 
Services) bosbo...@liberty.edu
Sent: Monday, October 27, 2014 7:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Airwave Support for Cisco Devices

Mike Tennefoss is a good contact.

Although I cannot comment on Aruba's support for Cisco wireless, I know that 
Airwave is going through some major pains to add back functionality lost when 
rearchitecting the product to eliminate Adobe Flash dependencies.

Anyway, FWIW, I am sure Aruba's support for Cisco wireless is much better than 
Cisco's support for Aruba wireless.


Bruce Osborne
Network Engineer - Wireless Team
IT Network Services

(434) 592-4229

LIBERTY UNIVERSITY
Training Champions for Christ since 1971

-Original Message-
From: Watters, John [mailto:john.watt...@ua.edu]
Sent: Sunday, October 26, 2014 8:33 PM
Subject: Airwave Support for Cisco Devices

Per an email from the Aruba VICE PRESIDENT OF STRATEGIC PARTNERSHIPS late 
Friday afternoon, Aruba is planning to support the Cisco 2700 APs:


There's misinformation flowing on the Listserv. Aruba is focused on staying 
up-to-date with Cisco devices, and we plan to support 2700s on or before the 
end of this calendar year. 


In addition, I was given contact information to get in touch with the Airwave 
Product Manger to talk about their support of the Cisco product line. While I 
have her attention I will make a plea for expanding the coverage of the Cisco 
WLCs to include many more of the available, and commonly used, controller 
options that are not currently settable (or monitored) by the AirWave product. 
We have three 2,500-device licenses for this product. I would certainly hate to 
have to abandon them due to lack of timely support for our constant growing and 
changing Cisco wireless infrastructure. We do not utilize the AirAirWave 
product to mange any of our Cisco switch gear.

We started using the Airwave product before Aruba purchased them. Since that 
purchase the support for Cisco products has gradually decreased. I can 
understand that Aruba needs to put more effort into supporting their own 
product line than they do for their infrastructure competitors. However, they 
should still be able to properly support the Cisco product line. I still view 
the AirWave product as a better reporting tool others I have seen. And, a more 
intuitive interface too. I certainly hope I still feel this way in a year or 
two.

I will pass anything that I find out that is particularly interesting regarding 
support for Cisco equipment along to the group.


mailto:mtennef...@arubanetworks.com


==
-jcw

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.
**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: IOS 8 roaming and Iphone 6 behavior

[Williams, Matthew]

Thanks for sharing.

Respectfully,

Matthew Williams
Kent State University
Network  Telecommunications Services
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dexter Caldwell
Sent: Monday, December 1, 2014 12:19 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] IOS 8 roaming and Iphone 6 behavior

Hi All,
Just wanted to pass this along in case anyone else finds it 
useful.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-0/iPhone_roam/b_iPhone-roaming.html

D/C

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine features illegal

[Williams, Matthew]

I don't think that there's a distinction about the location.  My understanding 
is that the issue was that Marriott was jamming the hotspots to force people to 
pay for the hotel provided wireless network.  I don't think that there would 
have been a lawsuit if the hotel Wi-Fi was free.

Respectfully,

Matthew Williams
Kent State University
Network  Telecommunications Services
Office: (330) 672-7246
Mobile: (330) 469-0445

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kitri Waterman
Sent: Monday, October 27, 2014 4:25 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine 
features illegal

Marriott Hotel Services has come to a $600,000 agreement with the Federal 
Communications Commission to settle allegations that the hotel chain 
interfered with and disabled Wi-Fi networks established by consumers in the 
conference facilities at a Nashville hotel in March 2013.

According to the nine-page order issued on Friday, a guest at the Gaylord 
Opryland hotel in Nashville, Tennessee complained that the hotel was jamming 
mobile hotspots so you can't use them in the convention space.

Is this a distinction between them blocking in their conference facilities 
vs. their hotel rooms? We all know that radio signal propagation is not so 
clean cut, but I'm wondering if the lawyers are seeing things differently.

Kitri Waterman
Network Engineer (Wireless)
University of Oregon

On 10/3/14 2:07 PM, Thomas Carter wrote:
I suspect the clause will still be valid, but we cannot use wireless 
countermeasures to enforce them. Telling students to turn them off, disabling 
wired ports, student discipline, etc are outside the FCC's jurisdiction it 
seems to me.

Thomas Carter
Network and Operations Manager
Austin College
903-813-2564
[AusColl_Logo_Email]

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Brian Helman
Sent: Friday, October 03, 2014 3:39 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine 
features illegal

I just saw this on CNN and jumped on the list to post. Using your own AP is 
against the AUP everyone signs at our institution. Now I wonder if that clause 
is invalid.

-Brian


Sent from my Galaxy S4. Tiny keyboards=typing mistakes. Verify anything sent.


-Original Message-
From: Frank Sweetser f...@wpi.edumailto:f...@wpi.edu
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Fri, 03 Oct 2014 3:55 PM
Subject: Re: [WIRELESS-LAN] It would seem FCC just declared WLAN quarantine 
features illegal
I think a good chunk of the use is even more insidious than that.  I've been
in a position where I've offered university guests access to our wifi.  A
number of these users - smart, highly technical IT professionals - instead
just said Nah, I'll just use my hotspot.

I suspect it's a combination of two things.  First, I paid for it, so I have
to use it to get my money's worth.  Second, I'd have to think about how to
set up a new wifi, or I can just turn on my hotspot by rote memory.

In both cases, the cost (or lack thereof) and quality of any host offered wifi
doesn't even factor into the decision at all.

Frank Sweetser fs at wpi.eduhttp://wpi.edu|  For every problem, there is 
a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |   - HL Mencken

On 10/3/2014 3:21 PM, Philippe Hanset wrote:
 Everything would be so much simpler if locations would provide Wi-Fi for free
 or at a reasonable price.
 When a technology is used by everyone (e.g. Electricity) like Wi-Fi, just
 include it in the cost of doing business.
 Stop charging users for Wi-Fi, especially when the room is already at
 $200+/night. People will bring their own Mi-Fi or smartphone-hotspot,
 and bypass the silly cost model!

 At Educause this week the Vendor-floor was plagued with hundreds of Mi-Fi and
 private Wi-Fi.
 The event was charging upward of $150/day for Wi-Fi to exhibitors. So, many of
 them had their own solutions!

 Humans are resourceful...and if you piss them off they will read the law and
 call the FCC (or they pirate your network ;-)

 Philippe

 Philippe Hanset
 www.eduroam.ushttp://www.eduroam.us http://www.eduroam.us



 On Oct 3, 2014, at 2:22 PM, Lee H Badman 
 lhbad...@syr.edumailto:lhbad...@syr.edu
 mailto:lhbad...@syr.edumailto:lhbad...@syr.edu wrote:


 What do you all think of this?
 http://arstechnica.com/tech-policy/2014/10/after-blocking-personal-hotspot-at-hotel-marriott-to-pay-fcc-60/

 - Lee Badman

 ** Participation and subscription information for this EDUCAUSE
 Constituent Group discussion list can be found at

WLAN design presentation tips?

[Williams, Matthew]

I've just started here at Kent State and I'm facing an uphill battle regarding 
updating our WLAN design.  All APs are deployed in the hallways and we're 
rolling out 802.11ac.  We'd like to move the APs into the rooms, but the mere 
suggestion has been met with resistance.  I was just wondering if any of you 
had any tips or suggestions for trying presenting the new model to upper 
management.  Thanks for any suggestions that you might share!

Respectfully,

Matthew Williams
Kent State University
Network  Telecommunications Services
Office: (330) 672-7246
Mobile: (330) 469-0445


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] WLAN design presentation tips?

[Williams, Matthew]

Thanks for the tips, everyone!  I appreciate the insights.

Respectfully, 

Matthew Williams
Kent State University
Network  Telecommunications Services
Office: (330) 672-7246
Mobile: (330) 469-0445 

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Anthony, Mark G
Sent: Tuesday, October 21, 2014 3:24 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN design presentation tips?

We also design the same for the dorms (hallways) and for the same reasons. 
However, it has been a problem on some of the newer dorms where the bed rooms 
are located on the outer walls while all the kitchen/baths sit between the user 
and ap. My question is has anyone been putting in the Aruba AP225s in the 
dorms? They seem to be a lot loader than previous aps, to where we have entire 
building turned as low as possible and every other room 2.4 has to be turned 
off.  

Mark G. Anthony 
Network Administrator
Information Technology Services
The Florida State University
Email manth...@fsu.edu

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kevin McCormick
Sent: Tuesday, October 21, 2014 2:47 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] WLAN design presentation tips?

We installed in the hallways due to cost, access for maintenance, and concern 
of vandalism in room. Coverage from hallway using our design was excellent. We 
designed the layout in Cisco Prime. Testing after install showed the wireless 
working very well in the rooms, even on 5 Ghz. 
Wireless just needs planning and design considerations for the location and 
environment.

-- 
Kevin McCormick
uTech Network Services
Western Illinois University


On 10/21/2014 12:47 PM, Williams, Matthew wrote:
 I've just started here at Kent State and I'm facing an uphill battle 
 regarding updating our WLAN design.  All APs are deployed in the hallways and 
 we're rolling out 802.11ac.  We'd like to move the APs into the rooms, but 
 the mere suggestion has been met with resistance.  I was just wondering if 
 any of you had any tips or suggestions for trying presenting the new model to 
 upper management.  Thanks for any suggestions that you might share!

 Respectfully,

 Matthew Williams
 Kent State University
 Network  Telecommunications Services
 Office: (330) 672-7246
 Mobile: (330) 469-0445


 **
 Participation and subscription information for this EDUCAUSE Constituent 
 Group discussion list can be found at http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.