MY80211.com

Hello Wi-Fi Peeps!

The question comes up from time to time about using a Mac Book Pro OSX for real-time video. While it can be done and works well most of the time in a stationary fashion you need to be aware of what limitations you should expect, especially if you are using enterprise grade security.

Knowing 802.11r is not supported on a Mac Book Pro OSX, how do I know, becuase Apple said so here: https://support.apple.com/en-us/HT206207

I wanted to see if OKC and SKC (Sticky Key) was supported. We did this testing in a controlled enviroment. 

 http://www.my80211.com/storage/pdf/ACTIVEEXPERT.APPLE.MAC.ROAMING.0725.2017.pdf

ENJOY!

Have you tried to log into a Cisco WLC with Firefox and get an annoying certificate conflict message? No worries you can fix it !

Firefox collects certificates and will compare incoming certificates. If these certificates match but come from different sources Firefoxs throws the annoying certificate conflict message.

The HTTPS certificate on the WLC lives at MANAGEMENT-->HTTP-->CURRENT CERTIFICATE

Where the problem arrives, controllers shipped in batches appear to have the same identical certificates. This could be because they “blast” the firmware on the boxes in the manufacturing process.

An example of a factory provided certificate is below. First noticed there is no CN information and the validation date is way off.  This same certificate was on all the controllers in the batch.

The first controller you log into Firefox would accept and store this certificate. However, any controller you attempted to log into afterward would receive a certificate conflict.

So, how do we fix this issue? It's very simple …

After you configure your WLC with an IP address. Simply go to MANAGEMENT-->HTTP and click on regenerate certificate.  It will fill in a proper validation date and more specific CN information giving the certificate its true identity. However, this does require a controller reboot. So schedule accordingly. Below is a regenerated certificate.



Thats it! It should work now! Enjoy ....

I came across an oldie but goodie document. You can modify the driver behavior of the CB21 and PI21 AG cards.  

http://www.cisco.com/en/US/products/hw/wireless/ps4555/products_tech_note09186a008074fed9.shtml

Complete these steps in order to minimize delays when roaming from access point to access point when you use the CB21AG/PI21AG (802.11a/b/g wireless client adapter).

Note: These steps optimize roaming delays at the driver layer and are applicable to all authentication types. If 802.1x authentication is used, there might be additional optimizations possible, which are outside the scope of this document.

Note: Optimizing for faster roaming can potentially contribute to increased battery use and to reduced throughput.

1. Use ADU client software version 4.4 or later.

2. Set the BSS Aging Interval to 30, and set the Scan Valid Interval to 20.

   Complete these steps in order to set these two parameters via the Windows control panel:

   1. Go to Windows Explorer.

   2. Right-click My Network Places.

   3. Choose Properties from the drop-down list.

   4. Right-click Wireless Network Connection#, where # is the instance number of the Cisco CB21AG Wireless LAN adapter.

   5. Choose Properties from the drop-down list. The Wireless Network Connection Properties dialog box appears.

   6. Click Configure.

   7. Click the Advanced tab.

   8. Set the BSS Aging Interval to 30, and set the Scan Valid Interval to 20.

   These parameter values are the absolute lowest permitted values and should not be set any lower. The default values are 120 for BSS Aging Interval and 60 for Scan Valid Interval.

3. If your access point coverage permits it, configure the client profile in the ADU only to use the 5 GHz (802.11a) or 2.4 GHz (802.11b/g) band, not both. In order to configure the client profile, complete these steps:

   1. Launch the ADU client software.

   2. Click the Profile Management tab, highlight the profile of interest, and click Modify.

   3. Click the Advanced tab.

   4. Under Wireless Mode, uncheck the rates that you do not intend to use.

   5. If you do not use the ADU to manage the CB21AG, you must use registry settings in order to select the rates. Complete these steps:

      1. Choose Start > Run, and type regedit in order to launch the Registry Editor.

      2. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Class > {4D36E972-E325-11CE-BFC1-08002bE10318}.

      3. Right-click the 4D36E972-E325-11CE-BFC1-08002bE10318 folder, and choose Find.

      4. Type NetBand in the search field in order to locate the NetBand variable. This is under an [instance] four-digit subkey that has a DriverDesc value of Cisco Aironet 802.11a/b/g Wireless Adapter.

         The NetBand REG_SZ variable is a bitmask of supported rates. By default this is 15. The values are:

         802.11a    0x01
         (not used) 0x02
         802.11b    0x04
         802.11g    0x08
         (not used) 0x10

         For example, in order to support only 11b and 11g rates, this is 0x04 + 0x08 = 0x0C = 12 decimal.

I want to take this opportunity to compare the obvious comparison of Apple’s antenna issue with the iPhone4 with a typical WiFi client analogy.

Apple released the iPhone 4 this week. There are early reports of antenna issues. Apparently the antenna design is flawed. Depending on how you hold the phone it could attenuate the signal. Steve Job’s  responded to emails , “just don’t hold it like that.” Way to go Jobs! This reminds me of the old analogy “A man goes to the doctor and says, Doc when I do this it really hurts. The Doc responds then don’t do that”.

Here is a classic example of a client issue. Customers reported issues almost immediately with cell reception with the new iPhone4. So what gives!? … They didn’t change the cell towers over night (access points)! Their phones changed (clients)!

If you read the reports they are using terms you as wireless engineer should be very familiar with, “attenuation, signal degradation, poor reception”. These are general terms we hear or use ourselves. Wireless is a 2-way communication. Often non wireless educated folks assume when there are issues it is the network and by this I mean the wireless access point or wireless infrastructure. They often don’t consider the wireless client.

I can think back to 2003’ish (or there around) when Intel released the Intel 2200b/g clients. This was around the time Cisco purchased Airespace. If you were in WiFi you surly remember this issue.

For those of you who weren’t, here is a quick recap. The Intel 2200 clients were flawed and were flawed for well over 2 months before Intel released a driver fix. The 2200 driver had big issues! When authenticated and in OFDM rates, Intel 2200 clients would not rate shift down to DSSS. As clients moved away from the access point the rate shifting stopped and the client would drop off the wireless. Of course back then customers always looked at the network. “Its got to be the AP”.  Especially the early adopters of the new Cisco/Airespace solution. Immediately people pointed blame at Cisco thinking there was an issue with the new controller solution they purchased from Airespace, which wasn’t the case.

Rumor has it Cisco did an assist with Intel with the replacement driver.

Fast forward to today…

WiFi engineers have more tools, training and hands on experience to quickly troubleshoot these issues. In fact, a good wireless engineer can determine if it’s a potential client issue with a quick wireless client capture and debug at the controller or AP. Manufactures of Wireless clients have also improved, especially Intel since they work closely with Cisco. You will find troubleshooting and diagnostics tools on the client side more today then ever before.

You have to remember wireless clients aren’t created equal. They all hear differently  (receive sensitivity) and have different transmit power levels and they all have their own operating behavior (when to roam, how they interpret signal strength, etc). Lets face it, some wireless clients are just crap.

Conclusion

If you are new to WiFi. Wireless clients have an equal part in the communication efforts and should be factored in when troubleshooting. In the case of the iPhone4 issue. The didn’t move the cell towers over night. The client changed!

Did you know Cisco and Intel have a joint program called E2E which enhances roaming !? Its called E2E, End-2-End.

Enhanced neighbor list request (E2E)—The End-2-End (E2E) specification is a Cisco and Intel joint program that defines new protocols and interfaces to improve the overall voice and roaming experience. It applies only to Intel clients in a Cisco Compatible Extensions environment. Specifically, it enables Intel clients to request a neighbor list at will. When this occurs, the AP forwards the request to the WLC. The WLC receives the request and replies with the current Cisco Compatible Extensions roaming sublist of neighbors for the AP to which the client is associated.

 You can also view this in the gui. 

WIRLESS-->CLIENTS-->DETAIL