my subscriptions
POPULAR-ALL-RANDOM | LOADING...MORE »
bmoraca 2 points

802.1x and DHCP is the correct answer here.

computer_ken 1 point

DHCP is definitely going to be utilized. I'm just not quite sure how to leverage 802.1X to assign VLANS.

bmoraca 2 points

802.1x is a method of authenticating a device before giving it access to the network. Part of this authentication can be an authorization. As such, your policy server can instruct the switch as to which VLAN the device is authorized to connect to.

Basically, the switch says "hey this guy wants to connect to the network" and your policy server responds by saying "yep, allowed, put him on VLAN X".

For printers, you can use MAC-address-Bypass to classify based on the MAC address. Then you just need a list of MAC addresses on your policy server. Or you could use EAP-TLS.

Packetfence is a popular free policy server.

computer_ken 1 point

After a bit of research I think I got the gist of it. I already stood up a Windows NPS for the Wireless RADIUS authentication. I'm going to try and setup EAP-TLS and authenticate with a generic service account since all of our printers are 802.1X capable. I've already configured the policy just need to configure a switch port and test.

Thanks for the info!

Load more comments
computer_ken commented on a post in r/Cisco
PRAMreset 5 points

Ahhh figured it out. I had to enable "DHCP Profiling" and "DHCP Addr. Assignment" in my WLAN to get the hostnames to show up. Not sure about the usernames, but this will do for now. Thanks for the help

computer_ken 1 point

Where did you find this information? I'm trying to view client hostnames as well but only getting a username column. I've already enabled both of those settings on the WLAN.

PRAMreset 2 points

Display the clients in the "clients" section of the Network Summary tab. From there click on the arrow next to Name and select columns. you will be able to add in HostName from there.

computer_ken 1 point

unfortunately i don't see any such options on my 5508. Thanks though!

dissel 1 point

If your lid is gone, your tank is so much more fucked, it's only funny because it's not mine.
If you have a water softener and it discharges into tank, the brine will destroy concrete. If it's a steel tank, it's the same thing.

computer_ken 1 point

Would you mind elaborating on this? I'm assuming it's a steel tank since a quick look with a flashlight revealed a metal container.

dissel 1 point

Steel and moisture don't last.
Have you ever had your "septic" tank pumped before

computer_ken 1 point

I'm not sure of the history of the property. I've only rented for just over a year.

Load more comments
dgmayor 1 point

Are you factoring in the price of the Smart Notebook subscriptions as well?

computer_ken 1 point

The consensus was that we would continue to pay for the smart notebook subscription no matter what platform we went with. Apparently the price of the subscription increases substantially if not used with a smart device so it was actually a cost savings in a sense.

2
medicinalcoma 1 point

I've had this happen but only when not plugging the ballast and timer directly into an outlet of their own, anytime I try doing timer/ballast + surge protector/extensions, etc, the timer fails to ever ignite the ballast.

The fact it's running fine minus the timer makes me think it's the timer/placement of it

computer_ken 1 point

I probably could have worded it a bit better. Initially it worked for about 20 minutes while plugged into the timer before shutting off. After swapping fuses I plugged it directly into the wall bypassing the timer. That's when it immediately blew. At that time I did not have the bulb plugged into the ballast. Could that have caused it to blow? I didn't think the bulb needed to be plugged in to fire up the ballast.

medicinalcoma 1 point

I believe so unfortunately, every digital HID ballast I've owned had warnings on not to attempt powering it on without a reflector/bulb.

Looking through a few DE ballast manuals, they say to power off between relamping or when doing any maintenance/adjustments :\

Hopefully you don't have any issues getting it replaced dude

computer_ken 1 point

Hmm that could be good or bad. Maybe I just blew the spare fuse due to not having the lamp plugged in and the first was a fluke. Guess I'll have to wait until the fuses get in to find out.

VA_Network_Nerd 12 points

What products have you researched thus far?

Please don't ask us to do all of your job for you.

You are being paid by your customer to solve this - not us.

computer_ken 0 points

I am not asking you to do my job. The SOHO router market is a flooded one so I was hoping to see what others have used and their experiences. That way I don't have to sift through product after product in my off hours.

TheHotFartsFromImgur 1 point

I remember when those patches hit, what a PITA. Microsoft says it's to help prevent man in the middle attacks. Here's a link about it: https://blogs.technet.microsoft.com/askpfeplat/2016/07/05/who-broke-my-user-gpos/

If possible, I'd recommend using auth users in the security filter as normal, and use item level targeting to get granular with the deployment. If you're not using ILT already, it's very easy and powerful.

computer_ken 1 point

I do use ILT for most deployments but was under the impression it only applies to GPP. Is that not true?

computer_ken commented on a post in r/k12sysadmin
emeryfan1988 2 points

FWIW, as a band aid, with our ruckus gear we were able to create another open SSID and limit the OS/Type to chromebooks only. This should allow google to fix the policies and the Chromebooks should reconnect to your preferred SSIDs if needed.

computer_ken 1 point

Any links on how to configure this?

hkd987 2 points

We just stopped all of our chromebooks from updated pinned them at the version they are at, going to see if this bandaids the problem.

We are using Aruba AP so it’s not just restricted to A single AP at this point based on the comments.

computer_ken 2 points

it's unlikely as mine have been pinned at 59 for a while now.

Load more comments
CityOfFire 1 point

I had this issue on dell laptops it ended up being a setting on the NIC. Every time the device went to sleep the NIC for some reason grabbed an APIPA on wake. I believe it was a power management setting.

computer_ken 2 points

Maybe set the NIC to never sleep? I've had this happen in dells as well as thinkpads.

ZAFJB 1 point

why they are not picking up an IP in the first place

Troubleshoot your DHCP:

  • Broadcast not reaching DHCP server

  • DHCP server too slow to respond

  • Use Wireshark

Hint - are those 'randoms' clustered by time, or location?

computer_ken 1 point

The instances are few and far between. I'd have to have Wireshark up and running for days in hopes of catching it.

Can't seem to find any pattern at all. 3 different sites all experience the same issue. I want to say their all windows 10 machines but I can't say for sure.

Load more comments
JosephRW 1 point

Machine based auth is the way to go here. Typically with windows if you're setting wi-fi to auth before the user sign in it will use the user credentials provided in the login prompt to auth against the wireless. If you use the local admin account that doesn't have an AD account connected to it which means it can't auth against AD which means no wi-fi.

That being said, machine based auth is a whole other kettle of fish. I don't know of a situation where you'd use both at the same time but I'm also PFY as fuck.

computer_ken 1 point

PFY

I have it set to compute and user auth. The computer account is not having any issues authenticating. I can see in the logs as well as the sign in screen that it is connecting with the computer account credentials. The issue does not occur until after logging into the local admin account. I was hoping if the user credentials failed it would fall over to computer credentials.

Grafiqal 1 point

Windows Key->Settings->type "lock screen" in search bar, click "Screen saver settings". Uncheck "On resume, display logon screen".

This is how to do it locally. You’ll want to do it in group policy because it may keep over writing your changes if there is already a policy

computer_ken 1 point

Found this on google already unfortunately it doesn't seem to work. i have that box unchecked but i still get the lockscreen after the display turns off.

computer_ken commented on a post in r/minnesotavikings
TheMerchantOfVarrock 3 points

Do I look like Zaff?

computer_ken 2 points

Was not expecting a RS reference in r/Minnesotavikings

view more:
next ›
93 Karma
52 Post Karma
41 Comment Karma

Following this user will show all the posts they make to their profile on your front page.

About computer_ken

  • Reddit Birthday

    February 23, 2015

Other Interesting Profiles

    Want to make posts on your
    own profile?

    Sign up to test the Reddit post to profile beta.

    Sign up