Main Nav

Message from jtodd@westernu.edu

Bruce,

 

Are the clients matching different policies on the ACS server depending on what wireless system they are connected to? If so each policy may be using a different certificate and freaking out the Apple clients when they cross systems.

 

Jason

 

Jason Todd

Network Security Officer

Western University of Health Sciences  

 

Comments

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware.  Overall, I agree with option 3.


Keith Noah
University Information Technology Services
University of Wisconsin-Milwaukee
Network Operations Center
Cell:414-810-6789
Office:414-229-4972

From: "Bruce W Osborne" <bosborne@LIBERTY.EDU>
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Wednesday, May 1, 2013 6:12:08 AM
Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

On Apr 30, 2013, at 10:34 , "Becker, Jason" wrote: > > What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. > > A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. > Over our multi-year migration from one vendor to another, we went with option 1 and did our best to keep the 2 vendors' equipment as physically separated as possible. Worked out fine. I'm sure there were some interference/roaming issues, but nothing major, and it was decided that not introducing user confusion about which SSID to use was a bigger benefit. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: PGP Public Key: ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware.  Overall, I agree with option 3.


Keith Noah
University Information Technology Services
University of Wisconsin-Milwaukee
Network Operations Center
Cell:414-810-6789
Office:414-229-4972

From: "Bruce W Osborne" <bosborne@LIBERTY.EDU>
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Wednesday, May 1, 2013 6:12:08 AM
Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

On Apr 30, 2013, at 10:34 , "Becker, Jason" wrote: > > What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. > > A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. > Over our multi-year migration from one vendor to another, we went with option 1 and did our best to keep the 2 vendors' equipment as physically separated as possible. Worked out fine. I'm sure there were some interference/roaming issues, but nothing major, and it was decided that not introducing user confusion about which SSID to use was a bigger benefit. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: PGP Public Key: ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

My campus is part of a seven college consortium, but we're all contained within a rather small (600 acre) geographic area i.e. we can walk to any of the various campuses. Each campus is independent, and we have some campuses on Cisco (five) and others on Aruba (two + library).
 
We run in #1. That is, we advertise the same SSID's on both, and authentication is handled by a central Radius (Ignition) that knits all the authentication sources together. The certificate handed out is from the cental Radius, and devices freely roam between the two with no issues. For roaming-sensitive services like VoIP, we extend the same VLAN's to all to ensure the device retains its IP address.
 
We also use xpressconnect to help provision users.
 
We've been running in this configuration for years now, and even when there is an Aruba system boarding Cisco, we've encountered no issues specific to having two vendors. Having two vendors has provided us with a lot of "real word" comparison between the two vendors, and the Aruba deployments appear to be more client/client performance quirky than Cisco... but that's a different story.
 
Jeff   
 

>>> On Wednesday, May 01, 2013 at 9:31 AM, in message <F3711825DE65B341914C8D37F8B9654E0CB36F076E@mail-01>, "Entwistle, Bruce" <Bruce_Entwistle@REDLANDS.EDU> wrote:

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

Message from jtodd@westernu.edu

Bruce,

 

Are the clients matching different policies on the ACS server depending on what wireless system they are connected to? If so each policy may be using a different certificate and freaking out the Apple clients when they cross systems.

 

Jason

 

Jason Todd

Network Security Officer

Western University of Health Sciences  

 

We are doing #1. Most of our buildings are far enough apart that you can't roam, so that's not an issue. Authentications run through the same radius server with policies for each vendor. I see the merit of option 3 though.
Heath Barnhart, CCNA ITS Network Administrator Washburn University Topeka, KS
On 04/30/2013 10:34 AM, Becker, Jason wrote:
What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware.  Overall, I agree with option 3.


Keith Noah
University Information Technology Services
University of Wisconsin-Milwaukee
Network Operations Center
Cell:414-810-6789
Office:414-229-4972

From: "Bruce W Osborne" <bosborne@LIBERTY.EDU>
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Wednesday, May 1, 2013 6:12:08 AM
Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

In our ongoing deployments switching from Cisco to Juniper, we are using the new SSID as a way to advertise the new service and differentiate possible wireless connectivity issues. This has been very useful for campus communication and instructions to our help desk, but has lead to minor issues where some non-technical management have difficulty differentiating between the service and the hardware.  Overall, I agree with option 3.


Keith Noah
University Information Technology Services
University of Wisconsin-Milwaukee
Network Operations Center
Cell:414-810-6789
Office:414-229-4972

From: "Bruce W Osborne" <bosborne@LIBERTY.EDU>
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Wednesday, May 1, 2013 6:12:08 AM
Subject: Re: [WIRELESS-LAN] Multi vendor interoperability on Campus

I would recommend 3. When we moved from Cisco to Aruba in 2008, we used a different SSID and tried to deploy the new system geographically to minimize multi-vendor interaction.  We did a rapid deployment in our dorms over winter break.

 

 
Bruce Osborne
Wireless Network Engineer
IT Network Services
 
(434) 592-4229
 
LIBERTY UNIVERSITY
40 Years of Training Champions for Christ: 1971-2011
 
From: Becker, Jason [jbecker@WUSTL.EDU]
Sent: Tuesday, April 30, 2013 11:34 AM
Subject: Multi vendor interoperability on Campus

What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

On Apr 30, 2013, at 10:34 , "Becker, Jason" wrote: > > What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. > > A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. > Over our multi-year migration from one vendor to another, we went with option 1 and did our best to keep the 2 vendors' equipment as physically separated as possible. Worked out fine. I'm sure there were some interference/roaming issues, but nothing major, and it was decided that not introducing user confusion about which SSID to use was a bigger benefit. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: PGP Public Key: ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
On Apr 30, 2013, at 10:34 , "Becker, Jason" wrote: > > What are others doing to get interoperability when you have multiple wireless vendors on campus? We are transitioning to a new system and trying to think of all the issues we may run into during this. > > A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus, total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. > Over our multi-year migration from one vendor to another, we went with option 1 and did our best to keep the 2 vendors' equipment as physically separated as possible. Worked out fine. I'm sure there were some interference/roaming issues, but nothing major, and it was decided that not introducing user confusion about which SSID to use was a bigger benefit. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: PGP Public Key: ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

My campus is part of a seven college consortium, but we're all contained within a rather small (600 acre) geographic area i.e. we can walk to any of the various campuses. Each campus is independent, and we have some campuses on Cisco (five) and others on Aruba (two + library).
 
We run in #1. That is, we advertise the same SSID's on both, and authentication is handled by a central Radius (Ignition) that knits all the authentication sources together. The certificate handed out is from the cental Radius, and devices freely roam between the two with no issues. For roaming-sensitive services like VoIP, we extend the same VLAN's to all to ensure the device retains its IP address.
 
We also use xpressconnect to help provision users.
 
We've been running in this configuration for years now, and even when there is an Aruba system boarding Cisco, we've encountered no issues specific to having two vendors. Having two vendors has provided us with a lot of "real word" comparison between the two vendors, and the Aruba deployments appear to be more client/client performance quirky than Cisco... but that's a different story.
 
Jeff   
 

>>> On Wednesday, May 01, 2013 at 9:31 AM, in message <F3711825DE65B341914C8D37F8B9654E0CB36F076E@mail-01>, "Entwistle, Bruce" <Bruce_Entwistle@REDLANDS.EDU> wrote:

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

My campus is part of a seven college consortium, but we're all contained within a rather small (600 acre) geographic area i.e. we can walk to any of the various campuses. Each campus is independent, and we have some campuses on Cisco (five) and others on Aruba (two + library).
 
We run in #1. That is, we advertise the same SSID's on both, and authentication is handled by a central Radius (Ignition) that knits all the authentication sources together. The certificate handed out is from the cental Radius, and devices freely roam between the two with no issues. For roaming-sensitive services like VoIP, we extend the same VLAN's to all to ensure the device retains its IP address.
 
We also use xpressconnect to help provision users.
 
We've been running in this configuration for years now, and even when there is an Aruba system boarding Cisco, we've encountered no issues specific to having two vendors. Having two vendors has provided us with a lot of "real word" comparison between the two vendors, and the Aruba deployments appear to be more client/client performance quirky than Cisco... but that's a different story.
 
Jeff   
 

>>> On Wednesday, May 01, 2013 at 9:31 AM, in message <F3711825DE65B341914C8D37F8B9654E0CB36F076E@mail-01>, "Entwistle, Bruce" <Bruce_Entwistle@REDLANDS.EDU> wrote:

We are currently in the process of installing a second vendors wireless hardware on campus, current Cisco installing Aruba, using the same SSID on all APs.   Both systems authenticate against the same ACS server.  In our pilot deployment, windows PCs seemed to connected to either network with no intervention, however our Apple products ask to accept the certificate from our ACS server.  Once accepted the Apple devices roam between systems.

 

Has anyone had a similar experience and found a solution which did not include any user interaction?

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

 

 

Message from jtodd@westernu.edu

Bruce,

 

Are the clients matching different policies on the ACS server depending on what wireless system they are connected to? If so each policy may be using a different certificate and freaking out the Apple clients when they cross systems.

 

Jason

 

Jason Todd

Network Security Officer

Western University of Health Sciences  

 

Message from jtodd@westernu.edu

Bruce,

 

Are the clients matching different policies on the ACS server depending on what wireless system they are connected to? If so each policy may be using a different certificate and freaking out the Apple clients when they cross systems.

 

Jason

 

Jason Todd

Network Security Officer

Western University of Health Sciences  

 

We are doing #1. Most of our buildings are far enough apart that you can't roam, so that's not an issue. Authentications run through the same radius server with policies for each vendor. I see the merit of option 3 though.
Heath Barnhart, CCNA ITS Network Administrator Washburn University Topeka, KS
On 04/30/2013 10:34 AM, Becker, Jason wrote:
What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We are doing #1. Most of our buildings are far enough apart that you can't roam, so that's not an issue. Authentications run through the same radius server with policies for each vendor. I see the merit of option 3 though.
Heath Barnhart, CCNA ITS Network Administrator Washburn University Topeka, KS
On 04/30/2013 10:34 AM, Becker, Jason wrote:
What are others doing to get interoperability when you have multiple wireless vendors on campus?  We are transitioning to a new system and trying to think of all the issues we may run into during this.

A little background about our layout… a building will have all the same vendor AP's but adjacent building may not, over 100 buildings on campus,  total of 4000+ across campus, systems will have different ip pool space, and limited outdoor coverage. 
 
Ideas 
1. Same ssid across both systems and let the clients choose what system. 
2. Same  ssid and adjust the probe/reponse thresholds so clients outside of a building don't connect.
3. Have versions of ssids for each system so clients can choose what ssid to connect to.


Thanks,
Jason
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Close
Close


EDUCAUSE Connect
View dates and locations

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.