Profile

Bruce Osborne

Edit My Profile


My Content

1 to 20 of 31 total
Posted By Bruce Osborne 09-22-2022 09:55:27 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
In a given area, muliple SSIDs are in the same L2 domain because they need to share time in the same air space. One SSID beaconing support for slower data rates slows the beaconing for all SSIDs, using more of the shared time for Wi-Fi overhead, reducing the maximum goodput (usable bandwidth)) of clients. ...
Posted By Bruce Osborne 09-21-2022 01:36:50 PM
Found In Egroup: Wireless Local Area Networking
\ view thread
EAP-PEAP-MSCHAPv2 uses NTLM password hash for passwords. ------------------------------ Any information posted here is based on my personal experience & opinions. This is not an official communication from my employer. Bruce Osborne Network Engineer Liberty University Lynchburg VA United States -- ...
Posted By Bruce Osborne 09-21-2022 12:51:18 PM
Found In Egroup: Wireless Local Area Networking
\ view thread
The password prompting happens at the OS level for every connection. The onboarding process is immaterial. ------------------------------ Any information posted here is based on my personal experience & opinions. This is not an official communication from my employer. Bruce Osborne Network Engineer ...
Posted By Bruce Osborne 09-15-2022 11:47:03 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
In our TLS planning, for personal devices, the certificate uses the user's email as the identity. 1. You can associae an authentication with a user who opens a ticket. 2. auth logs comtsin the user's information 3. EAP-TLS works on all those devices. ------------------------------ Any information posted ...
Posted By Bruce Osborne 09-15-2022 11:17:13 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
Jon, Assumning you plan on makeing the TLS move with ClearPass, reach out to us when you are ready. Hopefully we will have already worked through the "gotchas". ------------------------------ Any information posted here is based on my personal experience & opinions. This is not an official communication ...
Posted By Bruce Osborne 09-15-2022 09:18:25 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
You can just as easily onboard enterprise devices usinf Intune & JAMF using SCEP calls. We have successfully tested JAMF and have documentation on doing that with Intune. ------------------------------ Any information posted here is based on my personal experience & opinions. This is not an official ...
Posted By Bruce Osborne 09-15-2022 08:41:06 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
Currently, when we onboard for PEAP-MSCHAPv2 ( & eventually TLS) we have the client trust the RADIUS server certificate chain, not the server certificate. Users that click directly on a PEAP-MSCHAPv2 SSID trust the server certificate. Just trusting the certificate chain &allows us to replace the server ...
Posted By Bruce Osborne 09-15-2022 08:06:55 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
I thought that was a response to my posting. I know you have talked with TJ here are we are starting our eduroam TLS journey with SecureW2 onboarding.Since our users are already familiar with using SecureW2 for PEAP-MSCHAPv2 we hope to mitigate issues when we start phasing in eduroam. Our current plan ...
Posted By Bruce Osborne 09-15-2022 06:35:00 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
The eduroam documentation refers to is as an Outer identity but technoically EAP-TLS has a Peer Identiy not an Outer Identity. ------------------------------ Any information posted here is based on my personal experience & opinions. This is not an official communication from my employer. Bruce Osborne ...
Posted By Bruce Osborne 09-15-2022 06:17:45 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
We have started moving from an EAP-PEAP-MSCHAPv2 SSID to a TLS-based eduroam SSID as our primary secure SSID. Aruba ClearPass. I would recommend it with one caveat.TLS with anomymous peer identity requires some custom configuration. Although we initially purchased ClearPass OnGuard NAC licenses, ...
Posted By Bruce Osborne 09-14-2022 09:08:54 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
These were primarily Student devices purchased from department stores. The student, as the Admiistrator just trusted the cr*p installed by Lenovo. Our HelpDesk technicials figured out that deleting the application was not enough, The service needed to be deleted too. not many on-CS students could handle ...
Posted By Bruce Osborne 09-14-2022 08:52:08 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
We had an excessive ARP issue with some of our Lenovo laptop clients on our Aruba wireless network. The factory installed Lenovo Vantage software insists on ARPing all address in its supbet. The solution involved removing the application & its service. We would then need to manually delete the blacklist ...
Posted By Bruce Osborne 08-05-2022 06:17:38 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
You realize the AP-105s & AP-135s are out of support since August 2020. That means no TAC support on any issues either. AP-105 AP-225 goes out of support in February. You really need should replace the 100 series APs too, if possible, before you have an issue. Bruce Osborne Senior Network ...
Posted By Bruce Osborne 06-24-2022 04:27:47 AM
Found In Egroup: Wireless Local Area Networking
\ view thread
Christina,, I would appreciate if you could share any information from your attempt. It may provide me with a starting pointin my investigation of implementing this/. Thank you, Bruce Osborne Senior Network Engineer Network Operations - Campus Networking (434) 592-4229 LIBERTY ...
Posted By Bruce Osborne 05-20-2022 11:45:55 AM
Found In Egroup: Network Management
\ view thread
Thank you for the confirmation. It appears to be functionally equivalent t the RS2 software our access control people have used for years centralizing all their locks. Bruce Osborne Senior Network Engineer Network Operations - Campus Networking (434) 592-4229 LIBERTY UNIVERSITY Training ...
Posted By Bruce Osborne 05-20-2022 08:13:18 AM
Found In Egroup: Network Management
\ view thread
That sounds like a cloud service? Many of us do not wish to depend on Internet access for access control. There would alsoe he security concern of data security. Bruce Osborne Senior Network Engineer Network Operations - Campus Networking (434) 592-4229 LIBERTY UNIVERSITY Training ...
Posted By Bruce Osborne 05-20-2022 07:33:19 AM
Found In Egroup: Network Management
\ view thread
Regarding battery life, we were originally told they would last a year. I know our Access control staff has had workers replace them more often. It likely is dependent on how much they are used. Bruce Osborne Senior Network Engineer Network Operations - Campus Networking (434) 592-4229 ...
Posted By Bruce Osborne 05-20-2022 06:51:59 AM
Found In Egroup: Network Management
\ view thread
We have some (older) Assa Abloy battery powered Wi-Fi locks integrated into our access control system in many of our residences. The student used their University ID badge to gain room access. The locks are currently doing IPv4 PEAP-MSCHAPv2. i can try to locate more information, if intereste. Many ...
Posted By Bruce Osborne 04-22-2022 08:47:26 AM
Found In Egroup: Network Management
\ view thread
ClearPass Admin here. We were one of Aruba's first ClearPass customers. Where in ClearPass are the deices registered? When we first started ( before ClearPass Guest) , we registered mac addresses in Endpoints. Later, I added an expiration field to delete student devices on July 1, after the school ...
Posted By Bruce Osborne 04-07-2022 11:37:45 AM
Found In Egroup: Network Management
\ view thread
If your system has no reason to expect a campus # coming from outside, just drop all incoming campus numbers as bogus. Bruce Osborne Senior Network Engineer Network Operations - Campus Networking (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971