This is very helpful! Thank you. We are planning to implement the validusers-acl like you mentioned and restrict clients to only the IPs that we provide via DHCP. The description is exactly what we are seeing.
Christopher, would it be alright if we reached out to you if we have questions? I would hate to re-invent the wheel. Thank you, again. Sid On Tue, Sep 7, 2021 at 3:53 PM Johnson, Christopher <cbjo...@ilstu.edu> wrote: > Sid, > > > We know from personal experience of running into this issue several years > ago. Like David, we’ve instituted a few validuserACLs – (I actually use > aliases for those subnets – so that I can re-use them in other places and > to give a description of those valid ip addresses). > > After finding the offending device, was 99% positive it was malicious – > but as I dived into the Rabbit Hole – discovered it was just a stupid > malfunctioning device…a Roku Stick. I’ve also seen this behavior on other > devices that make use of a “Router/IP Sharing” SSID such as “Roku’s Dorm > Mode” or “Internet Sharing” with Windows. > > The Roku generates it’s own SSID “AP Mode” while connecting to our > infrastructure SSID – it’s not bridged – but routed based on the fact that > when you connect your phone or computer to the Roku’s SSID – your assigned > a 192.168.X private IP Address. What I suspect happened in our scenario > (I’ll use your 23.185.0.1 address for example). > > 1. Student Connected Roku to Guest SSID > > 2. Roku Prompted Student to use “Dorm Mode” > > 3. Student Connected to Roku with iPhone or Computer with a “home page” of > our institution’s website. > > 4. The Roku “mis-routed” a single packet -- Source: 23.185.0.1 – > Destination: 192.168.X.X – instead of sending it to the “private network” > wifi interface to the user’s iPhone or computer – it sent it out the > “infrastructure network” interface – which based on how a “User” gets into > the table à > https://community.arubanetworks.com/browse/articles/blogviewer?blogkey=95f4108f-5927-4700-891c-89fd218d0d4e > – and was assigned the guest unauthenticated policy – denying all traffic – > cept icmps. > > > > I first started suspecting things weren’t as “simple” as they may be when > I noticed Roku’s were “claiming” the IP Addresses of Google – what was > funny was seeing the Controller prevent one Roku from entering the > User-Table with a Google IP Address – *ONLY because another Roku* had > already sourced a packet with Google’s IP Address. > > > > If you add a “any any any deny” with “LOG” option enabled – you can see > ALL the invalid sessions that would have entered the user-table – including > their destinations. > > > I was only able to “partially replicate the behavior” – but it’s still a > strong case. > > A few links down below: > > > How the user gets into the user-table of the controller? - > https://community.arubanetworks.com/browse/articles/blogviewer?blogkey=95f4108f-5927-4700-891c-89fd218d0d4e > IP Address Leaking - > https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=39207#bm69bbf671-9e9b-4302-b11c-0965445bff7e > > > Some info from the ArubaOS Hardening Guide > > https://community.arubanetworks.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=d9518fcc-d8f1-440b-8f5d-68522d3be364 > - Page 26 and 27 goes into detail about “validuser” and > “local-valid-users” – “local-valid-users” requires the controller to have > an IP Address on that VLAN interface. There’s also the “Enforce DHCP” > option in each AAA Aruba Profile – essentially a per SSID setting. > > > > > https://community.arubanetworks.com/browse/articles/blogviewer?blogkey=de2277df-ff0e-41c1-9efb-643c0a04cf5c > > > https://community.arubanetworks.com/browse/articles/blogviewer?blogkey=99300862-622e-4dd5-9af4-f2d745b49db4 > > > > http://www.commsolutions.com/2011/10/eliminate-duplicate-client-entries-in-your-aruba-controller-for-clients-with-more-than-one-ip-address-or-network-interface/ > -à (BROKEN LINK Now ☹) > Unfortunately the video link I had from commsolutions – they had > presentation demonstrating this issue but it’s a broken link now –one of > their customers for whatever reason had their guests manually enter the ip > addresses onto their ipads – and someone flip-flopped the “IP Address” and > the “Default Gateway”….started denying traffic for the default > gateway….whoops! > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Mike Fitzgerald > *Sent:* Tuesday, September 07, 2021 12:16 PM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* Re: [WIRELESS-LAN] [EXTERNAL] Re: [WIRELESS-LAN] Websites > inaccessible from wireless network - Aruba > > > > Some people who received this message don't often get email from > fi...@brandeis.edu. Learn why this is important > <http://aka.ms/LearnAboutSenderIdentification> > > *[This message came from an external source. If suspicious, report to > ab...@ilstu.edu <ab...@ilstu.edu>] * > > Check your valid user table config to make sure you only allow the IP > ranges your DHCP server would give a wireless client. Otherwise, you can > end up with user table entries for destination IP's and then those IP's get > policed by the controller as you were seeing. Aruba default for that > config used to allow any any, which is bad... > > > > Mike > > > > > > On Tue, Sep 7, 2021 at 12:04 PM Sidharth Nandury <nandu...@denison.edu> > wrote: > > So..... sigh! > > > > It seems like an end client either statically or for some unknown reason > got assigned the IP address for these websites. The role that the client > was assigned had a policy to "deny" traffic to the internet (as per > design). The part that we did not know was that when a client is going to a > particular destination, the controllers look at the user table to see if > there is an IP and a route available before even going to the role-based > ACLs. > > > > Once we blacklisted the client or deleted the client from the user-table, > the websites were accessible again. > > > > Sid > > > > On Tue, Sep 7, 2021 at 11:29 AM Norman Mourtada <nmourt...@suffolk.edu> > wrote: > > With 8.6.0.9, no issues. > > > > (Aruba7220-MC-05) *#show datapath session | include 35.186.224.25 > > 35.186.224.25 172.16.122.193 6 443 58612 0/0 0 24 3 > tunnel 2306 a5 69 11747 17 > > 172.16.126.143 35.186.224.25 6 65364 443 0/0 0 24 0 > tunnel 1718 1a 29 3592 TC 26 > > 172.18.91.115 35.186.224.25 6 56982 443 0/0 0 0 0 > tunnel 1102 505 145 24120 C 29 > > 172.16.174.33 35.186.224.25 6 54373 443 0/0 0 24 0 > tunnel 2773 6da 9576 1018764 TC 21 > > 35.186.224.25 172.16.166.198 6 443 60052 0/0 0 24 1 > tunnel 133 de 371 269692 31 > > 172.16.172.51 35.186.224.25 6 63940 443 0/0 0 24 3 > tunnel 862 5c 17 2849 TC 30 > > 172.19.90.133 35.186.224.25 6 54371 443 0/0 0 24 0 > tunnel 1509 890 161 33426 TC 18 > > 172.19.91.45 35.186.224.25 6 62292 443 0/0 0 24 2 > tunnel 1630 4d 14 2502 TC 27 > > 35.186.224.25 172.16.166.198 6 443 60050 0/0 0 24 14 > tunnel 133 de 24 8727 31 > > 172.16.176.74 35.186.224.25 6 58973 443 0/0 0 24 2 > tunnel 1964 236 35 5322 TC 16 > > 172.16.176.193 35.186.224.25 6 61015 443 0/0 0 24 1 > tunnel 2160 10 44 15853 FTC 20 > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Dan Oachs > *Sent:* Tuesday, September 7, 2021 10:59 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* [EXTERNAL] Re: [WIRELESS-LAN] Websites inaccessible from > wireless network - Aruba > > > > CAUTION: This email originated from outside of the University. Do not > click links or open attachments unless you recognize the sender and know > the content is safe. > > > > Not seeing that issue here. We are on 8.7.1.4 > > > > (aruba-controller-1) #show datapath session | include 35.186.224.25 > 35.186.224.25 138.236.104.67 6 443 64918 0/0 0 1 1 > tunnel 6347 3cc 307 50335 15 > 138.236.82.47 35.186.224.25 6 57491 443 0/0 0 0 4 > tunnel 5540 382 179 117595 C 30 > 35.186.224.25 138.236.248.10 6 443 54342 0/0 0 1 1 > tunnel 972 e 209 16359 23 > 35.186.224.25 138.236.82.47 6 443 57491 0/0 0 1 4 > tunnel 5540 382 189 45940 30 > 138.236.104.67 35.186.224.25 6 64918 443 0/0 0 0 1 > tunnel 6347 3cd 345 38357 C 29 > 35.186.224.25 138.236.232.120 6 443 61505 0/0 0 1 0 > tunnel 7052 c 151 49165 22 > 138.236.250.85 35.186.224.25 6 54833 443 0/0 0 0 1 > tunnel 2686 1a 57 16206 C 27 > 35.186.224.25 138.236.251.120 6 443 51735 0/0 0 1 1 > tunnel 7060 8 29 3140 F 13 > 138.236.250.85 35.186.224.25 6 54834 443 0/0 0 0 2 > tunnel 2686 18 152 179792 C 27 > > > > --Dan > > > > On Tue, Sep 7, 2021 at 9:40 AM Sidharth Nandury <nandu...@denison.edu> > wrote: > > Hi All, > > > > Since last Monday we have seen a couple of different websites being > blocked on our Aruba wireless controllers. Spotify has been one of the > sites, as well as all websites hosted on IP 23.185.0.1 (which is our main > institution website - denison.edu > <https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342331848%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=LmZ%2FtGJJaQwm6qR56qncTHu8vTgs2UBvbmvUqEKzjAQ%3D&reserved=0>). > We can confirm that this is being blocked as we see the "D" (Deny) Flag on > the wireless controller. Below is an example of traffic being blocked to > Spotify. Is anyone suing Aruba AOS 8 controllers seeing this? > > > > (wlc-Thor) #show datapath session | include 35.186.224.25 > > Source IP or MAC Destination IP Prot SPort DPort Cntr Prio ToS Age > Destination TAge Packets Bytes Flags CPU ID > > ----------------- --------------- ---- ----- ----- -------- ---- --- --- > ----------- ---- ---------- ---------- --------------- ------- > > 10.143.203.26 35.186.224.25 6 52082 443 0/0 0 0 0 > tunnel 640 1 0 0 *FDYCA * 21 > > 10.143.195.85 35.186.224.25 6 59767 443 0/0 0 0 0 > tunnel 5357 0 0 0 * FDYCA* 27 > > 10.143.225.178 35.186.224.25 6 52292 443 0/0 0 0 0 > tunnel 6753 1 0 0 * FDYCA * 19 > > 10.143.195.85 35.186.224.25 6 59766 443 0/0 0 0 0 > tunnel 5357 1 0 0 *FDYCA * 27 > > > > (wlc-Thor) #show datapath session | include 23.185.0.1 > 10.143.228.16 23.185.0.1 6 59500 443 0/0 0 0 0 > tunnel 16789 a 0 0 *FDYCA* 18 > 10.143.244.151 23.185.0.1 6 58758 443 0/0 0 0 0 > tunnel 553 1 0 0 *FDYCA* 23 > 10.143.228.247 23.185.0.1 6 59063 443 0/0 0 0 0 > tunnel 13188 a 6 384 *FDYCA* 27 > 10.143.228.247 23.185.0.1 6 59062 443 0/0 0 0 0 > tunnel 13188 a 6 384 *FDYCA* 27 > 10.143.196.26 23.185.0.1 6 50851 443 0/0 0 0 0 > tunnel 5631 1 0 0 *FDYCA* 17 > 10.143.196.26 23.185.0.1 6 50852 443 0/0 0 0 0 > tunnel 5631 1 0 0 *FDYCA* 17 > 10.143.196.26 23.185.0.1 6 50853 443 0/0 0 0 0 > tunnel 5631 1 0 0 *FDYCA* 17 > > > > We have two 7240xm controllers running AOS v8.6.9 in a cluster with a > Mobility Conductor as a VM. We have a ticket open with TAC and have > escalated it up to ERT, but wanted to also reach out to others. > > > > Thank you. > > Sid > > > > -- > > > > > *Sidharth S. Nandury (He, Him, His) Infrastructure and Operations Manager > Information Technology Services > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342351839%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=wy2J0Rf7jgWgLuVEWz0Yf8bvqgg6uS1%2FG%2BG%2FhFSmQJ8%3D&reserved=0>* > > 100 West College Street, Granville, OH 43023 | Burton Hall > Office: 740-587-5533 | Mobile: 516-314-4413 > nand...@denison.edu > https://denison.edu/campus/technology/service-desk > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342351839%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=wy2J0Rf7jgWgLuVEWz0Yf8bvqgg6uS1%2FG%2BG%2FhFSmQJ8%3D&reserved=0> > > *NOTICE: This email message and all attachments transmitted with it may > contain legally privileged and confidential information intended solely for > the use of the addressee. If the reader of this message is not the intended > recipient, you are hereby notified that any reading, dissemination, > distribution, copying, or other use of this message or its attachments is > strictly prohibited. If you have received this message in error, please > notify the sender immediately by phone or by email, and delete this message > and all copies and backups thereof. > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342361835%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=N6hvDRLvBnGpIF2SHFDNa2caV972Ps5b5T%2BpiOxWIG0%3D&reserved=0>* > > *Please consider the environment before printing this email. > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342361835%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=N6hvDRLvBnGpIF2SHFDNa2caV972Ps5b5T%2BpiOxWIG0%3D&reserved=0>* > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342371833%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=u0PbxfGRjm%2BFCUQDCLFJlR%2B3xXEfxahFcHAndhG1%2FrY%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342371833%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=u0PbxfGRjm%2BFCUQDCLFJlR%2B3xXEfxahFcHAndhG1%2FrY%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342381828%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=hqAxJjPdmkQN4DkMfjJM%2BxEtAYgT%2FbWkPdtp9Vw64ow%3D&reserved=0> > > > > > -- > > *Error! Filename not specified.* > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2F&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342381828%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=00dQS8E3Ay16co4iirX26Jh0uhJClOF4MAk172WWe2I%3D&reserved=0> > > *Sidharth S. Nandury* > (He, Him, His) > *Infrastructure and Operations Manager* > Information Technology Services > > 100 West College Street, Granville, OH 43023 > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeniso.nu%2F2qF6h7M&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342391816%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=sLv7L2ntK4tFfekeY98wTG6pwI5CDY11M5wi8crQhyU%3D&reserved=0> > | Burton Hall > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2Fmap&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342391816%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Au%2B3mXssy3Z%2BfztYrW6l9O3NDcArav7CXSoOXmi1CRg%3D&reserved=0> > Office: 740-587-5533 <1-740-587-5533> | Mobile: 516-314-4413 > <1-516-314-4413> > nand...@denison.edu > https://denison.edu/campus/technology/service-desk > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdenison.edu%2Fcampus%2Ftechnology%2Fservice-desk&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342401809%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=vmXGte%2Bue0mQ513pFPeYE6CV9tETxVjGK9hg21LaPGs%3D&reserved=0> > > *NOTICE: This email message and all attachments transmitted with it may > contain legally privileged and confidential information intended solely for > the use of the addressee. If the reader of this message is not the intended > recipient, you are hereby notified that any reading, dissemination, > distribution, copying, or other use of this message or its attachments is > strictly prohibited. If you have received this message in error, please > notify the sender immediately by phone or by email, and delete this message > and all copies and backups thereof. * > > *Please consider the environment before printing this email.* > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342401809%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=oARUUDHYfvDlck%2FpbyQxTL8Vh%2Bm2%2FcAEIULcvlBTQt4%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7Cd8e44e59bd014c7cb55308d9722327eb%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637666318342411808%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Wkl6kzLk2j1NZpgI5%2FFu35%2Fsk6zjL4I7PRgAFbgNLxs%3D&reserved=0> > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > -- [image: Denison University] <https://denison.edu> *Sidharth S. Nandury* (He, Him, His) *Infrastructure and Operations Manager* Information Technology Services 100 West College Street, Granville, OH 43023 <https://deniso.nu/2qF6h7M> | Burton Hall <https://denison.edu/map> Office: 740-587-5533 <1-740-587-5533> | Mobile: 516-314-4413 <1-516-314-4413> nand...@denison.edu https://denison.edu/campus/technology/service-desk NOTICE: This email message and all attachments transmitted with it may contain legally privileged and confidential information intended solely for the use of the addressee. If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by phone or by email, and delete this message and all copies and backups thereof. *Please consider the environment before printing this email.* ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
