Our first attempt at wireless-only was pushed by the cabling team for an old
shoe factory building we use for document storage. That was unsuccessful due to
the bulding construction & the user envorpnment. We are primarily wireless
there with phones connected wired.
We are in an environment whi
Behalf Of Osborne, Bruce W (Network Operations)
Sent: Monday, August 27, 2018 9:46 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Wireless Only in Student Housing?
When we initially went from wired/wireless to wireless + por
Our Xbox users are fine since we have a dense wireless deployment in the
residential areas.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: AIS [mailto:a...@reinhardt.edu]
Sent: Friday, August
When we initially went from wired/wireless to wireless + port request, we
initially pulled out $1million worth of switches to be reused in other projects.
We have since moved to wireless only. In some cases of clients with poor NICs
we provide temporary USB based loaner NICs. We have a list of s
VATION!" just sound desperate. (Oh, and I want a pony, too!)
-Lee
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
On Behalf Of Osborne, Bruce W (Network
Operations)
Sent: Friday, August 24, 2018 7:53 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Su
Actually Aruba has moved from the "HA Pair" structure to a Cluster structure in
AOS 8. We have 8 controllers in our Campus Cluster. Actually, the AP, SSID, &
client can all be on different controllers within the cluster, each with a
designated backup controller.
Since our cluster is split betwe
Aruba introduced client band steering before we became their customer in 2008.
At that time Cisco said band steering was not possible. Aruba has had spectrum
monitoring since before Cisco’s CleanAir technology. We know who is following
whom. That is why we made our choice.
Aruba has had ap pre
m
as Joachim mentioned, but as long as you have roaming setup correctly, it’s
almost always transparent to the user.
---
Eric Kenny
Network Architect
Harvard University ITS
---
> On Aug 23, 2018, at 7:33 AM, Osborne, Bruce W
always transparent to the user.
---
Eric Kenny
Network Architect
Harvard University ITS
---
> On Aug 23, 2018, at 7:33 AM, Osborne, Bruce W (Network Operations)
> wrote:
>
> Come over to the Intelligent Wi-Fi side! :D
>
Training Champions for Christ since 1971
-Original Message-
From: Joachim Tingvold [mailto:joac...@tingvold.com]
Sent: Thursday, August 23, 2018 7:49 AM
Subject: Re: Cisco - Field Notice - 70253 - Wireless Client Fails to Associate:
AID Error
On 23 Aug 2018, at 13:33, Osborne, Bruce W
Come over to the Intelligent Wi-Fi side! :D
We just moved to Aruba 8.2.x this summer and are impressed with the automated
RF management capabilities. We can now upgrade all or part of our wireless
network with zero downtime.
We also are in the process from moving from 3 independent systems (cam
ehalf of Osborne, Bruce W (Network Operations)
mailto:bosbo...@liberty.edu>>
Sent: Friday, August 17, 2018 7:27 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] eduroam ssid on RTS
We are an Aruba shop. For several year
We are an Aruba shop. For several years we have been using Aruba’s remote
access points on athletic highway coaches with a 4G backhaul through the vendor
installed cradlepoint router. The APs also support 4G USB sticks though. The
main issues in our case initially was bandwidth overage charges.
Or do you somehow encourage all users to use the
onboarding tool? Obviously the tool would be required if you're going down the
EAP-TLS path.
Norman
On Wed, Aug 8, 2018 at 7:35 AM Osborne, Bruce W (Network Operations)
wrote:
>
> We changed onboarding tools for non-AD devices to Se
We changed onboarding tools for non-AD devices to SecureW2 last September and
have been more than happy with their service & support.
They tend to officially support OS versions before official release, which can
be useful in a Higher-Ed environment.
Bruce Osborne
Liberty University
-Origi
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
On Behalf Of Osborne, Bruce W (Network Operations)
Sent: Tuesday, May 22, 2018 7:31 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Wireless Options
With Aruba APs you do not trunk VLAN
on for THAT thrill ride.
I’d love to have no more controllers, but the VLAN thing is tough to swallow.
-Lee Badman
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
On Behalf Of Osborne, Bruce W (Network Operations)
Sent: Monday,
With a cloud solution, if they mess up feature addition you are stuck with that
latest version, correct? With controller-based ot Aruba Instant type scenarios
you are in charge of when to upgrade, waiting for stable builds.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(4
Aruba has one too.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Thomas Carter [mailto:tcar...@austincollege.edu]
Sent: Thursday, May 17, 2018 5:18 PM
Subject: Re: Wireless Options
Ruckus has
++1 on Aruba
We hit Matt’s first point and worked with Aruba to rectify the issues. Their QA
testing at that time said the 125s were OK but we found out they behave
differently in a real world environment where there is interference. We got an
official apology from QA along with assurances they
While I agree with Ryan and others about user / client certificates, I believe
the original topic was RADIUS Server certificates, not user.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Turne
Unfortunately, for various reasons, we have had to do this too many times.
Our policy is for the configuration to trust the certificate chain, rather than
the server certificate. That allows you to update the server certificate
without breaking trust.
It you know in advance your new certificat
Guys,
Please keep us updated. Many of us are in the planning stages of moving to CPPM
6.7.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Cappalli, Tim (Aruba Security) [mailto:t...@hpe.com]
I will not be making it this year.
Last year there were some informal meetups during meals, at designated tables.
Perhaps that can work, with a little bit of coordination.
Maybe somebody should spin up a Slack channel to coordinate.
Bruce Osborne
Senior Network Engineer
Network Operations - Wi
That may not isolate the NIC.
I know on Gen 1 PS3s if the wireless NIC heard a packet it could not decode,
both wireless & wired NICS were affected and inoperative, implying they used a
common controller for both. Sony may still be doing the same thing with PS4.
Bruce Osborne
Senior Network
move the older APs to low volume areas and have the
one controller for the older stuff that can't be upgraded. We try and push ROI
to the max since we are a private college.
On Thu, Feb 22, 2018 at 7:48 AM, Osborne, Bruce W (Network Operations)
mailto:bosbo...@liberty.edu>> wrote:
One
For Aruba shops, I somewhat disagree with the last 3 points.
2% is way overkill for spares just sitting on the shelf.
Although you can cycle stock, there is no need to do so. We have had very few
DOA Aruba APs and they do not deteriorate with age
There is absolutely no need to pull out your sp
We have needed to replace very few of our Aruba APs. We keep inventory mainly
for the following reasons:
1. Temporary large event deployments
2. Coverage adjustments
3. Last minute projects that cannot wait for ordered equipment – We are a
construction-heavy school.
4. Pull backs fr
That is what we use.
http://speedtest.liberty.edu
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Adam Forsyth [mailto:forsy...@luther.edu]
Sent: Friday, February 23, 2018 9:53 AM
Subject: Re:
but what I'm more
interested in knowing is how the users get to the tool. What is the process for
a user to onboard to the network before they reach the tool?
Sent from Nine<http://www.9folders.com/>
________
From: "Osborne, Bruce W (Network Operations)"
One major point to consider is vendor support. We are not a Ruckus Wireless
customer but we just moved away from one of their prodicts to a different third
party product.
We just moved away from Cloudpath (we tried Wizard & ES) due to poor support
experiences and lack of timely updates for new
Charles,
A few months ago we evaluated onboarding solutions to replace our CloudPath
Wizard onboarding solution. The clear winner for us was the SecureW2 cloud
solution. They also have a locally hosted solution if that is your preference.
They are very customer focused. If you file a support t
almost
every other operating system).
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W
(Network Operations)
Sent: Friday, February 9, 2018 8:23 AM
To:
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-
I know there was a bug corrected in SecureW2 802.1X onboarding where they were
requiring a screen lock for Android when using PEAP=MSCHAPv2.
They corrected the issue in a later release.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Trainin
behalf of Osborne, Bruce W (Network
Operations)
Sent: Monday, January 22, 2018 6:05 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco Channel Width
You misspelled Toyota Prius 😃 Why throw away extra fuel and have higher
maintenance issues?
Bruce Osborne
Senior
You misspelled Toyota Prius 😃 Why throw away extra fuel and have higher
maintenance issues?
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
-Original Message-
From: Curtis K. Larsen [mailto
Wired ports are not needed for gaming devices, at least for customers with
Aruba wireless. The experience may be different with Ruckus Wireless, for
instance.
We have been successfully running wireless-only dorms for many years.
We are now deploying some wireless computer labs with dedicated A
They will just tell you to replace your (home) router. They have no clue about
enterprise.
Sort of like Apple, only worse.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Lee H Badman [mailto:
That sound like a vendor a few years ago that was pushing “leaky coax” for
Wi-Fi. I noticed some of their slides had a Virginia Tech logo so I reached out
to them. They had tested the system and determined it failed quite miserably.
Of course we told them to “take a hike”
Bruce Osborne
Senior
What about Universities that also cooperate with police forces, for example?
They deploy both?
I know our university police cooperate quite closely with local and state
forces.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champ
We currently use Option 3, but the clients only trust the certificate CHAIN,
not the server certificate itself. This lets us replace the server certificate
providing the chain remains the same. This worked fine for us for several years
with a 1 year server certificate. Unfortunately, we have cha
I sent Chris a wireless design presentation we made a couple of years ago.
We also use the Aruba ASE RF Optimization and Deployment Models
https://ase.arubanetworks.com/solutions/id/75
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Traini
Here is one of our approaches that may or may not work for you.
We had a delay in funding for upgrading part of our wireless system. When
students complained, we suggested they complain to the school management. That
helped us get the funding needed.
Bruce Osborne
Senior Network Engineer
Netwo
That means your infrastructure will eventually be insecure and unsupported by
the vendor. Your options then are wholesale replacement, hiring a skilled
programmer to (illegally) hack & test your old system, or outsourcing the
service.
Wireless is becoming mandatory these days to retain students
One easy answer:
More & more devices per person. This increases system load and interference.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Thomas Carter [mailto:tcar...@austincollege.edu]
Se
The specification, like many, was vague in implementation details and
practically all vendors chose a poor, insecure design. The only claw in WPA2
was vagueness in the specification. I understand the Wi-Fi Alliance is working
on remedying that as well as specifically testing for KRACK in its
c
No, the solution is EAP-TLS with individual device certificates.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Tim Tyler [mailto:ty...@beloit.edu]
Sent: Monday, October 16, 2017 9:57 AM
Subje
First, get the APs out of the hallways and locate them where the users are. APs
in hallways can hear each other better than they casn hear clients.
Second, work with your Aruba account team to optimize your RF environment for
the different building structures. We have based our RF adjustments on
Our Aruba SE alerted us but we are running 6.6.5. Out servers already had the
fixed version anyway.
For RADIUS monitoring we use Nagios and monitor twice. One services uses an
Active Directory service account, and a second one uses a ClearPass local user
account. Aruba recommends this to assist
We are designing our football stadium wireless using HPE/Aruba Networks Large
Public Venue expertise.
There is some more information here. http://www.arubanetworks.com/solutions/lpv/
Feel free to contact me off-list and I can connect you with our wireless
network architect.
Bruce Osborne
Senio
- accessibility support?
Hi Bruce,
What vendor have you moved to?
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>>
on behalf of "Osborne, Bruce W (Network Operations)"
mailto:bosbo...@liberty.edu>>
Reply-To: The ED
We are currently a CloudPath Wizard customer using PEAP-MSCHAPv2, but we
recently completed a project evaluating onboarding vendors for PRAP-MSCHAPv2 &
TLS, including CloudPath ES.
CloudPath Wizard & ES were both broken with PEAP-MSCHAPv2 for Windows 10
Creator Update. It took CloudPath 3 month
SE.EDU] On Behalf Of Osborne, Bruce W
(Network Operations)
Sent: Wednesday, September 27, 2017 3:08 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wi-Fi Request for University Conference event
Our process is not ideal.
Where possible, we try to avoid setting up special SSIDs.
Our process is not ideal.
Where possible, we try to avoid setting up special SSIDs. Our normal Guest SSID
allows for self registration for bandwidth-restricted Internet access or
sponsored registration for faster Internet access.
We utilize our ClearPass Guest management to create an expiring e
Even worse, it disconnects and re-enables auto-join at 5 AM local time.
Bluetooth works the same way.
I have heard a theory that they did this because of BLE beacons, but that does
not explain doing it for Wi-Fi.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-42
A few years ago we worked to move away from NAC (Bradford Campus Manager) to
801.1X authentication without NAC. We ended up purchasing Aruba ClearPass but
purchased (& did not use) some OnGuard NAC licenses to appease some management
that we could deploy NAC if needed. He have not needed that.
Yeah.
We have a stone mansion used that has the lath. We put an AP per room and just
upgraded them to Aruba AP-203H APs.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Harris, Robert [mailto:
Good call on the multiple helpers.
Several years ago we were using Cisco HSRP on some subnets with 2 SVIs. I had a
testing issue with an external wired NIC in a game console. With HSRP, both
SVIs use their helpers to respond to DHCP requests. The client basically gets 2
identical offers from th
Richard,
I doubt users would switch that quickly but I expect we will see some later
this week.
Since we are evaluating onboarding vendors, I must ask. Do your products
(Wizard & CloudPath ES) already support Android Oreo? I know at least one other
vendor already gas official support for this.
We have a special SSID deployed to a few areas for devices that require the
lower rates in order to associate. We use MAC Auth to restrict who can use it.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 19
Tariq,
We have been running multicast on wireless for IPTV for several years on our
Aruba wireless infrastructure. Since you mentioned "flexconnect" that implies,
to me, a cisco wireless infrastructure so my experience may not apply to your
situation.
We helped them test their "Dynamic Multica
We are currently evaluating onboarding solutions to move away from Wizard. Be
sure to check out other vendors such as SecureW2 in addition to ES. You can
then make the best choice for your situation.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UN
Lee,
If you do that here with our PEAP-MSCHAPv2, you break when the server
certificate is updated. If you onboard properly you only trust the certificate
chain and keep on working.
EAP-TLS has the advantage of stopping people from trying to work around the
system and then complaining when they
rne, Bruce W (Network Operations)
> wrote:
>
> Jerry,
>
>
>
> I find some of your comments interesting. We have many things in common. We
> are also an Aruba wireless / ClearPass customer using PEAP-MSCHAPv2 & MAC
> Auth. Although we initially designed for fu
N] EAP-TLS
> On Aug 11, 2017, at 6:45 AM, Osborne, Bruce W (Network Operations)
> wrote:
>
> Jerry,
>
>
>
> I find some of your comments interesting. We have many things in common. We
> are also an Aruba wireless / ClearPass customer using PEAP-MSCHAPv2 & MAC
&
uent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Curtis, Bruce
Sent: Monday, August 14, 2017 11:49 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] EAP-TLS
> On Aug 11, 2017, at 6:45 AM, Osborne, Bruce W (Network Operations)
> wrote:
>
>
We have door locks in our newer residences running PEAP-MSCHAPv2 with a service
account per building,
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Chuck Enfield [mailto:chu...@psu.edu]
Sent:
Jerry,
I find some of your comments interesting. We have many things in common. We are
also an Aruba wireless / ClearPass customer using PEAP-MSCHAPv2 & MAC Auth.
Although we initially designed for full Cisco wired 802.1X we have been running
a strange Cisco config that uses it somewhat but doe
Our students are wireless only, though. Any idea what protocols they use for
discovery? It probably could be added to Aruba AirGroup.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Hunter Full
We have not done bus stops but we have a couple of battery powered mobile packs
using Aruba RAP-155 with cellular backhaul. We aimed for 10 hour battery life.
In reality, the laptops people were using ran out of battery before the mobile
pack. These were originally designed with Aruba RAP-5WN on
We do not use EDUROAM.
We configure our current PEAP-MSCHAPv2 clients to trust the certificate chain
and a specific server name in the certificate. We can update the server
certificate so long as the certificate chain is the same.
Bruce Osborne
Senior Network Engineer
Network Operations - Wire
You asked about better ways of containing this. The Aruba AirGroup has provided
this functionality for years on the Aruba wireless system.
You will likely find it less expensive than the Cisco alternative too.
Our users connect to our 802.1X secure SSID while the devices connect to our
device S
I do not know if you have Cisco Wi-Fi phones (7821, 7925) or use Cisco
softphones, but they use peer to peer connections for calls after the initial
Call Manager setup.
Microsoft Lync / Skype for Business uses peer to peer for calls on your local
network rather than have both parties use an Int
The Apple Configurator requires an OS X computer and we are primarily Windows.
We use ClearPass mac address authentication on our open Aruba Networks gaming
SSID for Apple TVs. Even though the clients are on our secure SSID, the
AirGroup software-defined networking connects the devices so they
I am confused. Did you use Airtame or Apple TV?
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Ian Lyons [mailto:ily...@rollins.edu]
Sent: Thursday, May 18, 2017 3:00 PM
Subject: Re: Use of Air
I just received an official answer from Onno Harms, Product Manager for Indoor
WLAN at HPE/Aruba.
We had some issues with early production units of this mount:
o RJ45 Ethernet cable connectors are not low-profile enough, making it
difficult to fit the AP on the mount (need to push hard..)
If I were you, I would also try posting in the thread you linked to. Onno, who
last posted in the thread, in in charge of the AP team, I believe. Regardless,
he should be able to direct you appropriately.
Contacting your Aruba account team is a good idea but usually a multi-pronged
approach doe
http://www.arubanetworks.com/products/networking/access-points/
Checking quickly, the 330 series is 4x4 MU-MIMO and has HP SmartRate, their
multi-gigabit solution. You can get 5Gps on Cat 5e or 10Gps on Cat6A, according
to their data sheet.
http://www.arubanetworks.com/assets/so/SO_SmartRate.p
Craig,
Are you looking at this from a wireless perspective, worried, or both?
What is your wireless platform?
We implemented multicast IPTV on Aruba wireless using our existing Haivision
wired IPTV services. In fact, we helped Aruba test their "Dynamic Multicast
Optimization" solution.
Genera
Here at Liberty University, we generally do not use DFS channels. We are using
them in a couple of areas where we have APs with a dedicated SSID for wireless
computer labs, We know the NICs on those computers support the DFS channels.
Thos areas also have light coverage from our normal APs with
We currently use PEAP=MSCHAPv2.
For department-owned devices, we create a service account per department.
We also have iPads used in out elementary & high school. The students are
divided into 3 groups based on academic grade. We have a service account per
group and different web filtering polic
I believe you have to pay to use the EDUROAM federation of servers.
If you do not do this, yours is just another SSID using the name EDUROAM and
confusing real EDUROAM clients who happen on campus.
Without federation access, there is no way of authenticating visiting EDUROAM
clients.
Bruce Osbo
Bruce mentioned, use the freebie app from Airwave and it works well. Plug
in the floor plan that the architect gave you and it should be pretty dang
close.
Ian
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Osborne, Bruce W
(N
eting rooms (12 and 16 seats) I'd probably lean toward an
AP315, but the 2-6 seat spaces I'd consider the 303's. The 303's are about
half the cost, but I also may need more (one in each room instead of
every-other).
-Brian
From: The EDUCAUSE Wireless Issues Constituent Grou
Brian,
I know the best advice is to survey, but I know for new construction projects
that is not possible. We used to use the VisualRF component of Airwave. We now
use Ekahau to simulate and plan out deployments. It is always good to survey
and adjust afterwards to verify your planning.
I assu
Here is another vote for ClearPass with Aruba wireless.
When an Apple TV is registered, it is also registered as an AirGroup personal
device so the owner’s 802.1X Apple device can use AirPlay to display content on
the device. We also use Aruba’s Dynamic Multicast Optimization to provide
multica
Then onboarding, we just have the client trust our certificate chain, not the
server certificate directly, except by server name. This permits us to renew
our server certificate without causing client trust issues.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-
We have users connect to an open SSID to be provisioned for our 802.1X network.
Another alternative is to use your single SSID but allow PEAP for onboarding.
The user still gets an initial security prompt though.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4
antenna to be very powerful?
Brian
On 3/13/17 7:55 AM, Osborne, Bruce W (Network Operations) wrote:
We have been using Assa Abloy wireless locks in our newest residences on our
802.1X SSID. The AA batteries do not last as long as advertised. We place Aps
in rooms and the lock wireless antenna is on
We have been using Assa Abloy wireless locks in our newest residences on our
802.1X SSID. The AA batteries do not last as long as advertised. We place Aps
in rooms and the lock wireless antenna is on the insode of the door. Obviously,
rekeying maintenance is reduced. The locks update once a day.
With the captive portal removed, how do you stop roaming mobile devices from
sucking up all your dhcp addresses? We have found that a captive portal helps
reduce usage by roaming devices.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Tr
How are users onboarding? Manual configuration?
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
-Original Message-
From: Michael Dickson [mailto:mdick...@nic.umass.edu]
Sent: Tuesday, Febr
A few years ago there was a push to refer to our university as Liberty instead
of LU Our major SSID names are:
Liberty-Guest – open --self registered & sponsored guest & event access
Liberty-Wireless – open – 802.1X onboarding & mac auth for non-802.1X devices
Liberty-Secure – WPA2 Enterprise PEA
That is what we do with Aruba Aps. They have a mixture of higher feature &
lower feature models.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Thomas Carter [mailto:tcar...@austincollege.ed
What we do (and have done when our replacement AP budget was eliminated) was
this. Our group provides our best service and documents problems in the areas
where the budget was cut.
When the students complain loud enough, the budget money suddenly appears.
Bruce Osborne
Senior Network Engineer
N
t just makes me wonder, is all...
On Mon, Feb 20, 2017 at 07:06 Osborne, Bruce W (Network Operations)
mailto:bosbo...@liberty.edu>> wrote:
My first thought is this.
Are these boxes centrally managed? It appears you are using WPA2-Personal. If
so, it would be a pain to need to revisit each box
My first thought is this.
Are these boxes centrally managed? It appears you are using WPA2-Personal. If
so, it would be a pain to need to revisit each box every year to change the PSK.
How is channel coordination happening to minimize interference?
How will you handle misbehaving devices DOSing
people who are requesting single-domain certs.
On Mon, Feb 6, 2017 at 7:00 AM Osborne, Bruce W (Network Operations)
mailto:bosbo...@liberty.edu>> wrote:
We use SANs on our RADIUS certificate so we can use the same certificate for
https on those servers.
I agree with Tim, though. SANs are not
We use SANs on our RADIUS certificate so we can use the same certificate for
https on those servers.
I agree with Tim, though. SANs are not needed and we have run our RADIUS
certificate for several years on multiple servers without any SANs.
Bruce Osborne
Senior Network Engineer
Network Operati
Oops.
I stand corrected. I did not pay close attention because it just works in our
ClearPass environment.
Bruce Osborne
Senior Network Engineer
Network Operations - Wireless
(434) 592-4229
LIBERTY UNIVERSITY
Training Champions for Christ since 1971
From: Toivo Voll [mailto:to...@mail.usf.ed
1 - 100 of 126 matches
Mail list logo