Re: [WIRELESS-LAN] Multi vendor interoperability on Campus
In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware. Overall, I agree with option 3. Keith Noah University Information Technology Services University of Wisconsin-Milwaukee Network Operations Center Cell:414-810-6789 Office:414-229-4972 - Original Message - From: Bruce W Osborne bosbo...@liberty.edu To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Wednesday, May 1, 2013 6:12:08 AM Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction. We did a rapid deployment in our dorms over winter break. Bruce Osborne Wireless Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY 40 Years of Training Champions for Christ: 1971-2011 From: Becker, Jason [jbec...@wustl.edu] Sent: Tuesday, April 30, 2013 11:34 AM Subject: Multi vendor interoperability on Campus What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Ideas 1. Same ssid across both systems and let the clients choose what system. 2. Same ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect. 3. Have versions of ssids for each system so clients can choose what ssid to connect to. Thanks, Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Multi vendor interoperability on Campus
On Apr 30, 2013, at 10:34 , Becker, Jason jbec...@wustl.edu wrote: What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Over our multi-year migration from one vendor to another, we went with option 1 and did our best to keep the 2 vendors' equipment as physically separated as possible. Worked out fine. I'm sure there were some interference/roaming issues, but nothing major, and it was decided that not introducing user confusion about which SSID to use was a bigger benefit. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: http://www.it.northwestern.edu/ PGP Public Key:http://bt.ittns.northwestern.edu/julian/pgppubkey.html ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Multi vendor interoperability on Campus
We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs. Both systems authenticate against the same ACS server. In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server. Once accepted the Apple devices roam between systems. Has anyone had a similar experience and found a solution which did not include any user interaction? Thank you Bruce Entwistle Network Manager University of Redlands From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Keith Jeremy Noah Sent: Wednesday, May 01, 2013 4:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware. Overall, I agree with option 3. Keith Noah University Information Technology Services University of Wisconsin-Milwaukee Network Operations Center Cell:414-810-6789 Office:414-229-4972 From: Bruce W Osborne bosbo...@liberty.edumailto:bosbo...@liberty.edu To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Wednesday, May 1, 2013 6:12:08 AM Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction. We did a rapid deployment in our dorms over winter break. Bruce Osborne Wireless Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY 40 Years of Training Champions for Christ: 1971-2011 From: Becker, Jason [jbec...@wustl.edu] Sent: Tuesday, April 30, 2013 11:34 AM Subject: Multi vendor interoperability on Campus What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Ideas 1. Same ssid across both systems and let the clients choose what system. 2. Same ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect. 3. Have versions of ssids for each system so clients can choose what ssid to connect to. Thanks, Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Multi vendor interoperability on Campus
My campus is part of a seven college consortium, but we're all contained within a rather small (600 acre) geographic area i.e. we can walk to any of the various campuses. Each campus is independent, and we have some campuses on Cisco (five) and others on Aruba (two + library). We run in #1. That is, we advertise the same SSID's on both, and authentication is handled by a central Radius (Ignition) that knits all the authentication sources together. The certificate handed out is from the cental Radius, and devices freely roam between the two with no issues. For roaming-sensitive services like VoIP, we extend the same VLAN's to all to ensure the device retains its IP address. We also use xpressconnect to help provision users. We've been running in this configuration for years now, and even when there is an Aruba system boarding Cisco, we've encountered no issues specific to having two vendors. Having two vendors has provided us with a lot of real word comparison between the two vendors, and the Aruba deployments appear to be more client/client performance quirky than Cisco... but that's a different story. Jeff On Wednesday, May 01, 2013 at 9:31 AM, in message F3711825DE65B341914C8D37F8B9654E0CB36F076E@mail-01, Entwistle, Bruce bruce_entwis...@redlands.edu wrote: We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs. Both systems authenticate against the same ACS server. In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server. Once accepted the Apple devices roam between systems. Has anyone had a similar experience and found a solution which did not include any user interaction? Thank you Bruce Entwistle Network Manager University of Redlands From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Keith Jeremy Noah Sent: Wednesday, May 01, 2013 4:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware. Overall, I agree with option 3. Keith Noah University Information Technology Services University of Wisconsin-Milwaukee Network Operations Center Cell:414-810-6789 Office:414-229-4972 From: Bruce W Osborne bosbo...@liberty.edu To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Wednesday, May 1, 2013 6:12:08 AM Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction. We did a rapid deployment in our dorms over winter break. Bruce Osborne Wireless Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY 40 Years of Training Champions for Christ: 1971-2011 From: Becker, Jason [jbec...@wustl.edu] Sent: Tuesday, April 30, 2013 11:34 AM Subject: Multi vendor interoperability on Campus What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Ideas 1. Same ssid across both systems and let the clients choose what system. 2. Same ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect. 3. Have versions of ssids for each system so clients can choose what ssid to connect to. Thanks, Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Multi vendor interoperability on Campus
Bruce, Are the clients matching different policies on the ACS server depending on what wireless system they are connected to? If so each policy may be using a different certificate and freaking out the Apple clients when they cross systems. Jason Jason Todd Network Security Officer Western University of Health Sciences From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Entwistle, Bruce Sent: Wednesday, May 01, 2013 9:31 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs. Both systems authenticate against the same ACS server. In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server. Once accepted the Apple devices roam between systems. Has anyone had a similar experience and found a solution which did not include any user interaction? Thank you Bruce Entwistle Network Manager University of Redlands From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Keith Jeremy Noah Sent: Wednesday, May 01, 2013 4:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware. Overall, I agree with option 3. Keith Noah University Information Technology Services University of Wisconsin-Milwaukee Network Operations Center Cell:414-810-6789 Office:414-229-4972 From: Bruce W Osborne bosbo...@liberty.edumailto:bosbo...@liberty.edu To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Wednesday, May 1, 2013 6:12:08 AM Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction. We did a rapid deployment in our dorms over winter break. Bruce Osborne Wireless Network Engineer IT Network Services (434) 592-4229 LIBERTY UNIVERSITY 40 Years of Training Champions for Christ: 1971-2011 From: Becker, Jason [jbec...@wustl.edu] Sent: Tuesday, April 30, 2013 11:34 AM Subject: Multi vendor interoperability on Campus What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Ideas 1. Same ssid across both systems and let the clients choose what system. 2. Same ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect. 3. Have versions of ssids for each system so clients can choose what ssid to connect to. Thanks, Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Multi vendor interoperability on Campus
We are doing #1. Most of our buildings are far enough apart that you can't roam, so that's not an issue. Authentications run through the same radius server with policies for each vendor. I see the merit of option 3 though. Heath Barnhart, CCNA ITS Network Administrator Washburn University Topeka, KS On 04/30/2013 10:34 AM, Becker, Jason wrote: What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. Ideas 1. Same ssid across both systems and let the clients choose what system. 2. Same ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect. 3. Have versions of ssids for each system so clients can choose what ssid to connect to. Thanks, Jason ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.