cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1539
Views
40
Helpful
28
Replies

If I had to deploy the office

If I had to deploy the office again I would not likely use monitor APs, because we already have sniffer APs. Our normal designs do consider monitor access points and we use the same 5-6 as well. 

Assuming a new or old deployment I would consider monitor aps. These allows you to quickly turn them into sniffers as need. Monitor aps allow you to get quicker environmental information rather then waiting for the production APs to do the short off channel scanning.

 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Beginner

Great presentation with very

Great presentation with very useful information.

I am working in a financial sector and one of the main concern is number of connection made to wireless access points. All our AP's are either 3702 or 3802 model with 5508 controller.

All AP's are installed below celling with 6 meter radius, Now one of the request made by business is they want to perform the real time monitoring for all their sites.

1. Business need the information on AP wise user count real time.

2. SSID wise user count per WLC.

Currently we are able to get this information through NCS Prime (3.1version), But this is more reactive mode , since we have to generate it manually and it is historical only. Is there any way to monitoring this parameters real time. I am not sure is this the right place to post the question.

Thank you Im glad you enjoyed

Thank you Im glad you enjoyed it. That is a rather interesting request in that it has to be real time. Keep in mind PRIME allows you a customize dash board and I remember seeing some options for displaying client counts on SSID etc. Have you looked at customizing the dash board ? 

You could get fancy with linux flavors of network mounting  like Cacti or NMS. I like NMS myself. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
ajc Frequent Contributor
Frequent Contributor

Excellent presentation George

Excellent presentation George,

I have two questions because I liked the approach you followed troubleshooting the wireless cards and drivers for the majority of the hospital owned devices in order to create an standard so I would appreciate if you share with us a guideline/tips about the process that you made/followed on that part as I would like to replicate that standardization process on the wireless environment I manage where it is possible.

My second question is:

I found that error 5440 on ISE is directly related to roaming and the fact that a brief disconnection happens due to the EAP and WPA Key mgmt process no matter if you have session resume enabled. In order to minimize this behavior, it is recommended to use 802.11r so I was wondering if you have that in place (I would say yes as you have WoWLAN) and any suggestions that you could share with us. Due to our BYOD environment implementing 802.11r could only apply to the SSID for School owned devices.

thanks

Abraham, Thank you for the

Abraham, Thank you for the kind comments Im really glad you enjoyed it.

Device testing is a very a important consideration when deploying reliable WiFi. Once you have a mental check box that the RF and wireless configuration is optimal and your config is simple and there was no changes on the network you can quickly start looking at the clients. 

Back to the testing ... Its not an easy task and it takes time to baseline client devices and drivers. Once you have your data base full of testing data you can then really feel comfortable and compare results. 

1) Baseline receive sensitivity of the device. We do this by testing at different distances from the ap and different orientations of the device. We can see quickly for example the iPhone hears the network 7-9 dB lower then say the average device. This is telling and might mean we need to consider a denser deployment. 

2) Roaming test - Look at 802.11 and 802.1X roaming - Collect logs on the device, OTAC (Over the air captures), and controller side.

- Make sure 11r, OKC is supported and working 

- Baseline the time from the last data frame sent on the old ap to the first data frame sent on the new ap

- Check roaming triggers and baseline 

3) QoS markings

- If your device and app is suppose to mark QoS make sure it is and that it is marking correctly. 

4) Allow the device to sit for 24-48 hours and see how the device behaves - do a constant ping do we lose pings and if so why

5) Elevator ride / off campus on campus  -- take the device on a long elevator ride does it quickly recover when coming back into coverage 

6) Does the device / app support Multicast confirm with multicast hammer OTAC, debugs

7) What 5 GHz channels does it support. Test connectivity on all bands UNII1/2/2E/3

8) Does the device UAPSD/PS POLL or some custom power save. Identity this and observe it working and baseline. 

9) Does the device probe aggressively -60 or lower you can see this with transmitting probes as the device is building a neighbor list. If a device is off channel probing its not servicing the client 

10) Does the device support 11k if so confirm this ... 

The list goes on. What is key, after you collect a lot of devices and or device and driver info you will see a pattern. If you test a device that is way out of spec compared to other data you collected you can start to question -- Humm will this device work in my environment. Then test and see. 

I hope that helps. 

If you are using EAP then either your device will support NO advance roaming features or it will have some flavor of OKC, PMK cache (fast roam back) or 11r. If a device doesn't support advance roaming protocols you are 100% correct. The device will have to do a FULL 802.1X, which is very much like pulling a cable from the wall and plugging it back in. That all said the controller by default supports OKC. In a BYOD environment where there is little control you are really challenged. Apple and some flavors of android support 11r. But I find some vendors who say they do but once we test we find out they dont support or have issues supporting 11r.

You my friend are in one of the most challenging environments. You know all to well and better then most about BYOD. When I think of wireless devices and education I think of the Guns and Roses song - Welcome to the jungle baby .. 

My suggestion is this ... You will never be able to control or manage these devices. While we want the best experience for our users. Find out the larger quantity of devices and NICs and test these drivers. When a student calls in and has an issue and they match say a 7265 INTEl NIC you can tell them we suggest driver XYZ. 

I hope this helps bud .. Thanks again for spending the hour with me and the cisco team on the webex. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Highlighted
Community Manager

Hi Geroge

Hi Geroge

Thank you so much for participating at the community, it has been quite a great session.

I would like to share with you some of the questions that were not answered during the event:

• Q: What tool did they installed on the iPads?
• Q: How do you address QoS on wireless?
• Q: Do you have any critical Wi-Fi policies that you would like to share?
• Q: In 1572 installation, I don’t get ac speeds when the ap is 10-15m away, can you help me?
• Q: Is there any way to prevent users to connect to 2.4 Ghz an force them to use 5Ghz. via WLC or any Supplicant?
• Q: What version of WLC code are you currently running?
• Q: In the end, was there cost savings over a wired office?   (Including time spent troubleshooting, lost productivity, etc.)
• Q: In healthcare you have a lot of proprietary equipment, where vendors don't want to co-exist with other vendors (healthcare equipment); how many prod SSIDs do you have, and how did you manage the healthcare vendors?
• Q: I found error 5440 on ISE is directly related to the disconnection experienced when roaming which is caused by EAP + WPA Key Mgmt process, did he solve this using 802.11r? But 802.11r is not widely supported
• Q: What do you think about 802.11r combined with session resume for PEAP/EAP-TLS on ISE?
• Q: Do you expect IoT devices to also share 5 GHz space or would these be better suited to use a low power 2.4 GHz transmission so voice and priority data gets the nicer 5 GHz band.
• Q: From an organizational buy-in, how cost effective is the all-wireless office?  Since the organization has absorb increased engineering/R&D to overcome issues, does this outweigh running drops and switches; especially when each design may be unique?
• Q: Were you budgeted form the start?
• Q: Have you to took advantage of Network Programmability to automate some tasks? If so, which ones?
• Q: Did you make any modifications for allowing user backups to occur over Wi-Fi?
• Q: Is that applicable to this model AIR-CAP3502I-A-K9?

  • Q: In an AWO did you find applications that didn't fuction on wireless?
  • Q: How many poeple do you have in your team? 

Collaborator

Hi 

Hi 

These are some of the questions that were not answered during the alive session: 

  • Q: ­Was the bleed through showing 2.4 GHz or 5­?
  • Q: Do you use a qualification document for your client NICs?­
  • Q: ­ What is your suggestion when designing for large open space with lot of surrounded AP'S? For example a person standing in the ground floor of a mall, surrounded by shops and he get almost same RSSI from the shops from the ground floor
  • Q: Cfr to the Wi-Fi office deployment - was the implementation a hard cut? Meaning stopping all LAN, and moving to WLAN all at once or was it an implementation on a "stage-by-stage"? ­
  • Q: ­Can you provide some pros/cons of why they have chosen utilizing AirMagnet  vs, say Ekahau? Maybe just some high level talking points?­
  • Q: ­Let’s assume the tpc value for the  5 ghz 11 (Min),What is the optimum value for 2.4 Ghz ?­
  • Q: ­What is the intel driver version that he posted as the most stable at this point?­
  • Q: ­I found error 5440 on ISE is directly related to the disconnection experienced when roaming which is caused by EAP + WPA Key Mgmt process, did he solve this using 802.11r? But 802.11r is not widely supported­.
  • Q: ­What do you think about 802.11r and session resume for PEAP/EAP-TLS?­
  • Q: ­Did you adjust any 802.11a optimized Roaming or DCA times to say every 8 hours for a full shift work day?­
  • Q: ­Would gpo push for 5ghz limit Wi-Fi connectivity when users have their devices outside the corp office? Is there a preference option for 5ghz priority then 2.4ghz. ­
  • Q: Can you share comments or experiences regards Chromecast on Apple Devices and their deployment? ­ (In case they have experience doing it)
  • Q: Whether 200mw power is allowed for the AP's? I thought 100mw is max power.
  • Q: Are you running 20Mhz channels throughout the hospital?
  • Q: Is it possible to rename for multiple ap's in prime? And how?
  • Q: What are the recommended certifications to fulfill the competitive wireless Job market requirement nowadays?
  • Q: Is there any plan to introduce 3800 into this AWO office in near terms?
  • Q: Did you ever want to give up and just pull a cable?

 

Beginner

Hi George ,

Hi George ,

"Roaming test - Look at 802.11 and 802.1X roaming - Collect logs on the device, OTAC (Over the air captures), and controller side."

You said collect  logs on the device ,If a windows device  we could run some native tools  and collect logs 

What if it is  android iphone device ? 

What are the few log   which will help us  to qucikly identify the device did not roam 

Thanks

On Android it depends how

On Android it depends how much the vendor exposes. Example if you use a Zebra MC40 they have their own flavor of Andriod. The expose a lot of the logs to the admin. Not being an Android guy I dont have that specific experience with the consumer grade device. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Beginner

Hi,

Hi,

Thank you george 

Could you post some log from your air captures which help us to identify roaming issues 

Thanks again

Beginner

Hello, we have some 3702,

Hello, we have some 3702, 1852, 3802 in office, WLC is 2504, we are happy with 1852, it's performance is so good, iperf could have 700+mbps, but both 3702 and 3802 only have 300-400mbps, it seems Marvell chip based AP never get well with Macbook(Broadcom wifi chip) through 3702 to 3802 with any WLC version(8.0 8.1 8.2 8.3), any suggestion for this issue? Can Cisco fix this issue? 

Hi Steve, It makes me wonder

Hi Steve, It makes me wonder what your config look like. We have 3700 and I can say we are getting  700+ on this model. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Beginner

Hi, George. Did you test it

Hi, George. Did you test it under Macbook Broadcom wifi? I test several 3702 and 3802, all is 300-400mbps, 3802 even worse, but with 1832 and 1852, could reach 600-700mbps very easy. All the test under totally same environment. My config: https://gist.githubusercontent.com/nutinshell/defffccdc20248f036b3680391c7a6cc/raw/350df641fba76cc1002ef9dff31931b3c5966973/gistfile1.txt

Hall of Fame Community Legend

Nice presentation, George!  

Nice presentation, George!  

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards