Here's ours: 2 8540s in HA mode (bought with the idea of replacing all WiSM2s) 4 pairs of WiSM2s in HA mode 3 server ClearPass cluster for both eduroam and guest Main SSID: eduroam with PEAP/MSCHAP Mix of WAPs; 3500, 3600, 3700, 2800, 1810w Total number of WAPs: 3500 21000 peak users
We tested the 8540s extensively over the spring and summer, primarily with the 8.2.151 code and a mix of 2800s and 1810ws. We had AVC turned on, and were using RLANs for the wired ports. The largest number of WAPs we had on this pair was 469. We tested code 8.2.160 towards the end of the summer with all WAPs on the 8540s, and had no issues. First the day of classes, we had all WiSM2s running 8.2.160 simply as a backup. Early morning we started getting reports of 802.1X authentication failures (these failures had nothing to do with ClearPass). Shortly after that, WAPs starting flapping (disconnecting from the 8540s moving to WiSM2s and then moving back again). We tried playing with the TCP MSS setting, adjusting EAP timers, turning AVC off and multiple other things, but nothing worked. In the end, we downgraded the WiSM2s to 8.0.140 and moved all WAPs that were not 2800 or 1810s. The 8540s were downgraded to 8.2.151 so the 2800s and 1810s would have a controller to connect to. Network stability was restored after this. Needless to say it was a very unpleasant experience. We are still working with Cisco to find out the root cause of the problem. Hector Rios Louisiana State University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman Sent: Friday, August 25, 2017 8:22 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Move In/Opening Week- Any Problems? It might be beneficial to share notes in case other schools are hitting common problems. I'm wondering how everyone who is in the thick of it is faring with back-to-school? On this end, we are doing OK halfway to our expected total daily peak clients (we're at 15K now high water mark). Our significant WLAN-related changes since end of Spring semester * Running 8.2.151 on our 8540s * Significant quantities of Wave 2 APs * ISE as RADIUS (only, no NAC, no onboarding) No changes to: * our guest WLAN (Clearpass/an Aruba controller pair) * onboarding (Cloudpath Wiz) * overall topology * open network in dorms for gadgets * non-use of AVC, it crapped out and never got solved after hundreds of hours with TAC Fears: * We haven't yet hit the scale that will reveal problems with any of the newer stuff listed above Anyone else care to share? -Lee Lee Badman | Network Architect Certified Wireless Network Expert (#200) Information Technology Services 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 f 315.443.4325 e lhbad...@syr.edu<mailto:lhbad...@syr.edu> w its.syr.edu SYRACUSE UNIVERSITY syr.edu ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
