Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Locked thread
Nukelear v.2
Jun 25, 2004
My optional title text

Nukelear v.2 posted:

I'm digging the free 100 device management that I can use to manage certs for WPA2 Enterprise and not need my people to use their AD credentials anymore. That way I can better restrict access to only approved devices.

Trip report, free MR18 arrived, the wifi portion is solid. However using their device manager to do cert based auth is a bit wonky in Windows10 at least. Need to enroll in MDM as the end user, which means they need to get local admin rights on the machine to do the enroll. Otherwise the cert won't show up for the end user to use.

Adbot
ADBOT LOVES YOU

Internet Explorer
Jun 1, 2005


I doubt many here are running any of the following gear from Ubiquiti, but if you are, update your poo poo:
airMAX v5.6.2
airMAX AC v7.1.3
TOUGHSwitch v1.3.2
airGateway v1.1.5

http://arstechnica.com/security/201...ound-the-globe/

Nitr0
Aug 17, 2005

IT'S FREE REAL ESTATE


If you have your management interface exposed to the internet you deserve what you get

Partycat
Oct 25, 2004

Life at last
Salutations from the other side


Plaster Town Cop

What I got out of it was more that the whatever it is spreads by finding peers, since most people don't block mgmt clients from direct communications. So, all it takes for it is one way in somewhere - bleeding MPLS, lovely network at a site, and then it appears everywhere.

nexxai
Jul 17, 2002

quack quack bjork

Fun Shoe

Has anyone checked out v5.0 of Ubiquiti's new controller? From the looks of it, they are definitely trying to compete with Meraki but I'm curious if any of the features are actually as useful as the advertising makes it out to be.

wolrah
May 8, 2006
what?


I upgraded my home controller last night. I'm not doing anything particularly special with it, but what features are you interested in?

nexxai
Jul 17, 2002

quack quack bjork

Fun Shoe

wolrah posted:

I upgraded my home controller last night. I'm not doing anything particularly special with it, but what features are you interested in?
I'm not sure exactly. Just curious if they added any true new functionality, or if it's mostly just fluff.

Calidus
Oct 31, 2011

Stand back I'm going to try science!

Buying unifi gear is one of the best choices I have ever made. This stuff is amazing. I rolled out 3 switches and some APs this week. The unifi AP Edu are super cool.

Sepist
Dec 25, 2005

FUCK BITCHES, ROUTE PACKETS


Gravy Boat 2k

Do the newer iphone/android versions prompt a user to update their login password for 802.1x enabled SSID's if they reset their domain password? I see it was an issue on older versions, not sure about new stuff.

wolrah
May 8, 2006
what?


Calidus posted:

Buying unifi gear is one of the best choices I have ever made. This stuff is amazing. I rolled out 3 switches and some APs this week. The unifi AP Edu are super cool.

How do you like the switches? I've been eyeing them for customers where I'm installing a lot of their WiFi because of the non-standard PoE.

Now that the AP EDU has beta SIP support I'm getting one in for testing, if I can get my system paging properly through it those will be easy sales to a lot of people.

Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'


Do not use an Aerohive 300series AP

Thanks Ants
May 21, 2004

Bless You Ants, Blants



The 300 series are running ancient radios so I'm not surprised they are poo poo - they weren't great when they were new.

I'm really torn on Aerohive as a whole - they have no clear direction they are going in at the moment and seem to be running around in a blind panic while their competitors get gobbled up by absolutely huge industry players. I can't see them not getting acquired soon but I have no idea who would take them that hasn't already got a wireless play. It seems like the sort of dumb thing Dell might do.

Terminal
Feb 17, 2003
The Void

Captain Foo posted:

Do not use an Aerohive 300series AP

We've got a pinch of them in our environment (literally a pinch, 6 out of 170 AP's or so) and I have to remember to skip over them for HiveOS upgrades. The reason? Any future HiveOS versions will remove all 5ghz DFS channels from the 300 series because they couldn't get updated radio firmware

Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'


Terminal posted:

We've got a pinch of them in our environment (literally a pinch, 6 out of 170 AP's or so) and I have to remember to skip over them for HiveOS upgrades. The reason? Any future HiveOS versions will remove all 5ghz DFS channels from the 300 series because they couldn't get updated radio firmware

They have a chipset that for some reason is just unstable and crap. Run 230s or 141s instead.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



I posted this in the Cisco thread and then read it back and realised I was talking about Wi-Fi, so I'll put it in here as well.

I've been doing a bit of digging around the whole Cisco / Apple integration in iOS 10 (https://www.cisco.com/c/m/en_us/sol...ners/apple.html / https://www.apple.com/uk/ipad/busin...th-apple/cisco/), and as far as I can tell their three big points that have come about as a result of this collaboration are:
  • Better Wi-Fi connectivity for Apple devices on a Cisco (or Meraki) wireless network
  • Per-app QoS controlled via MDM policy
  • Cisco Spark is now equal to the native dialler
I might just be missing the point here, but the last two items on that list are iOS 10 features and don't care about what network hardware you are using, and granted Cisco have Meraki SM that supports the app profiles, and Spark that has been updated to use CallKit, but they don't seem to measure up to the way that Cisco are pitching them as reasons why you absolutely need to use Cisco networks with iOS devices. On the first point, Cisco have actually explained what it's all about on their blog:

https://blogs.cisco.com/enterprise/...ity-with-ios-10

Which again, to the best of my knowledge is just a bunch of standards (granted some of them are fairly new standards) that deal with roaming and how clients select APs to use. 802.11r and 802.11k for example have been in iOS since 2013, and 802.11v joined them a year later (https://support.apple.com/en-gb/HT202628). So the only thing unique to Cisco is that they can disable those features unless the device is running iOS 10 to avoid causing issues, that and the marketing co-operation they now have with Apple.

Like I said, I might just be failing to understand how this is a big deal, and maybe Cisco's point is more along the lines of "look what we managed to get Apple to talk to us about and implement for the good of everybody, oh and also our relationship means we are going to ensure compatibility in the future as well" than trying to pitch it as a breakthrough, but it seems they have gotten a bit carried away with the "only we can work nicely with iPhones and iPads" messaging, and their reps in the channel seem to be presenting it as this as well.

Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'


Apple is a colossal pos wrt enterprise anything, this includes wireless

Sepist
Dec 25, 2005

FUCK BITCHES, ROUTE PACKETS


Gravy Boat 2k

At least their BYOD Onboarding is more efficient than Androids

Thanks Ants
May 21, 2004

Bless You Ants, Blants



I am amazed that Microsoft gave up on the consumer market with their phone platform, re-reinvented it as an 'Enterprise' platform, and still couldn't figure out anything as elegant as DEP even with the ability to copy off Apple.

Adbot
ADBOT LOVES YOU

Ynglaur
Oct 9, 2013



It makes me sad my phone options are now just iPhone and Galaxy. Both are good phones, but Windows Phone had so much real potential, and pen input is great for an old person like me who can't type with two thumbs.

  • Locked thread