Tuesday, September 8, 2015

How to Make Cisco Prime Infrastructure Possibly Suck a Little Less

So, if you gather a bunch of people from the wireless community who use Cisco products together in a room with Cisco people you will inevitably hear horror stories about PI with complaints ranging from it doesn't work with my browser to nightmare upgrade experiences or even the occasional report that Prime has risen out of the Sea of Japan and is currently attacking Tokyo.  Cisco is taking care of the first one...hopefully...with Prime 3.0 being written in HTML 5 instead of Flash.  That last...well sorry Japan, you're on you're own there.  However, that middle one is still just awful and if have never seen PI eat itself to death during an upgrade you are a lucky individual.

I have personally talked to people that have lost everything during an in-line upgrade.  It can take weeks to recover if you have lots of maps.   I now avoid in-line upgrades which is your first pro-tip.  In-line upgrades are about as smart as buying an off the rack suit that's six sizes too small and expecting it not to tear itself apart as you wear it while you're doing jumping jacks.  Think that analogy is stupid?  Well, it's still ten times smarter than an in-line upgrade.

Anyway, at one of these meetings of the minds one of the attendees asked it was possible to get the maps out of prime since that was the most difficult bit to replace.  Turns out there is.  I have been using it for some time as a way to mitigate a worst case scenario while attempting to migrate prime.  This is what people commonly refer to as "upgrading prime".

Annnnnd....without further ado...

1. Click on the site maps link in Prime. In classic theme you go to Monitor -> Site Maps.  In the devil's user interface or what Cisco refers to as "Converged Theme" you go to Maps -> Site Maps.  There at the top center of the screen is a drop down box.  Open it up and you will see...


Just select "Export Maps" and hit the Go button.

2. You will then be present with a screen that looks like this...

Only without all the lines covering location names.

You can export any or all of your maps.  You can even export map info so that when you import the maps back into prime all of your access points will be where they are support to be.  The one caveat is that you have to add your controllers back to Prime first.  The access points have to be in the Prime database in order for Prime to add them back to the maps.  Also, I have seen Prime 3.0.  The process is essentially the same.  The interface just looks a bit different.  It's all schmancy now.

There you go.  Pretty simple right?
Posted by at 3 comments:

Apple finally decides to play nice.

Well, it appears that Apple finally decided to stop ignoring Cisco's phone calls and play nice.  This is great new for those of us with users who insist on using Apple wireless clients because...pretty....BRAAAAAAAINS!

http://www.cisco.com/c/r/en/us/internet-of-everything-ioe/ios-business-collaboration.html
http://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1715414
http://blogs.cisco.com/news/partnership

http://www.apple.com/pr/library/2015/08/31Apple-and-Cisco-Partner-to-Deliver-Fast-Lane-for-iOS-Enterprise-Users.html
Posted by at No comments:

Tuesday, July 7, 2015

Permitted Data Rates When Using TKIP or WEP

Okay, I get it.  Most enterprise and SOHO environments are probably using WPA2-Personal or WPA2-Enterprise.  This goes for most home users as well.  Why then, would I bother writing a post about data rate limitations for WEP and TKIP you ask?  Well, the answer is simple.  I work for a hospital and in healthcare all the normal rules are thrown out the window.  Thanks to heavy restrictions on what can or cannot be used in healthcare the updates tend to come slowly if at all.  I have spoken to other wireless engineers and exchanged horror stories.  I wish I could say my experience is unique.  Unfortunately, it isn't.  So, this is for those of us that still have to use out dated protocols.

The 802.11n and higher amendments do not permit the use of WEP or TKIP encryption for the High Throughput (HT) and Very High Throughput (VHT) data rates.  In fact, the Wifi Alliance will only certify 802.11n radios that use CCMP encryption for the higher data rates.  However, newer radios should support TKIP and WEP using the slower data rates defined for legacy 802.11a/b/g radios. 

What does this mean?  Basically if you have a nice shiny new 802.11ac deployment all pimped out with the latest technology and Joe User decides to connect to your network using WPA he will only see a maximum data rate of 54mbps.

One of these days I will have all the pesky legacy devices off my network.  Of course, by then an entirely new crop of legacy devices will be plaguing me for different reasons.  It's what I call job security.
Posted by at No comments:
Subscribe to: Posts (Atom)