A few days ago I saw something on a social networking site about what Pizza would be like if it was a ‘Cloud Service’ – afraid I don’t know who to credit for it so I won’t post it here but I did give into temptation and make my own about Coffee!

After playing with Windows Phone 8.1 on my Nokia Lumia 1020 for the past few days (since general release in the UK) thus far my favourite feature has to be the ability for the phone to automatically turn back on WiFi (after a set period of time) after you turn it off.

Certainly where I live and work WiFi is plentiful and as such it makes much more sense to use than cellular data however on occasion I have found myself turning off WiFi (for any strange and interesting reason) but forgetting to turn it back on.

Still looking forwards to the UK version of Cortana if only to ask her what is going to happen in the next Halo!

Moodle InstallThe past few weeks at work have been filled up with going from what has been a very successful pilot of Moodle 2.6 to a fully featured install of Moodle 2.7.1. Hopefully as time allows I’ll be able to get out some posts about how each aspect of Moodle goes down with the staff an students but for now this post serves as a way for me to highlight some features (in no great detail) which I think deserve recognition.

Things to be covered include-

  • Linking AD accounts to class lists in Capita SIMS (a Schools Information Management System)
  • Using the auto login feature to put Moodle front and centre
  • My home
  • OneDrive, Google Drive and Dropbox integration
  • Moodle updates (going from 2.7 to 2.7.1)

Continue reading

In this guide I am going to show how to perform a very basic setup of a HP ProCurve 2610 Layer 2 network switch using a serial to console cable.

First up you will need a serial to console cable and a PC that has a serial port. If you don’t have a PC with a serial port (old HPs are great for this purpose) then you can get a USB to serial adapter – a point to note here is watch out for the super cheap ones, quite often you will find that they use counterfeit chips meaning USB drivers don’t work reliably.

Anywhos on with the guide!

First up the network switch that I have has been previously protected with a password, in addition I want to configure the switch from scratch. To do this I am going to perform a factory reset and clear…

Now its time to configure the switch, for the configuration I will be using PuTTY which can be downloaded from here – http://www.chiark.greenend.org.uk/~sgtatham/putty/.

This final network is quite possibly the ones that most Schools will shy away from on grounds of ‘security’ – where I work however that just isn’t an option as we have paying users of the school facilities right the way through the evening and weekends. Indeed the weekend after we put this public network in place we have ~110 users on the network all of which were taking part in a chess competition that was being held at the Academy.

James stop rambling and get on with the guide…

So for the Public WiFi network the objective is to provide guests with a shared key (which is changed regularly) to access the network and to be able to use the internet without putting in any web proxy settings.

Smoothwall

As per with the BYOD network you must have the Smoothwall configured with a virtual adapter which sits in the Public VLAN (details here -http://myworldofit.net/?p=6473) before carrying on with this guide. The screen shots below cover the configuration required…

Windows DHCP Server

Next up you must configure your Windows DHCP server to provide the clients with their IP addresses…

HP MSM

The configuration on the HP MSM for this network is as easy as setting up the Mac Wi-Fi VLAN as I will just be using a pre shared key that is changed regularly. However there are plenty of other options available like a captive web portal or single use keys (Meraki have a pretty funky option where you are forced (or just directed to) to ‘like’ a Facebook page before you are authenticated onto the network).

Zone Bridging

Finally as part of the configurations for the BYOD and Public networks because we are using the Smoothwall (and not our internal router) as the default gateway we need a method to allow what are 3 separate networks (BYOD/Public/Internal) to communicate with each other. On Smoothwall firewalls this is called Zone Bridging. N.B. – To configure zone bridging you need to have the Zone feature installed as a module (System > Maintenance > Modules).

That’s all folks!

Here ends this series of posts; hopefully they have given you an interesting insight into one (of many) ways to configure a WiFi network inside a School (or indeed any workplace). Please note that for specific help on the Smoothwall side your best bet will be to get a hold of Smoothwall direct and for support on HP wireless networks you will probably need to get a VAR involved.

The BYOD network is quite possibly the hardest to setup (and thanks to the Smoothwall support guys for spotting an obvious mistake I made on my DHCP config the first time round!) of all 4 of the SSIDs by also the most rewarding when you see 300+ students and staff connected on their Phones, Laptops and Tablet PCs. In a typical school BYOD network setup you will have two hoops to jump through, authenticating onto the SSID and then authenticating against the schools web filter. However using the neat WPA Enterprise authentication mode on Smoothwall firewalls its possible to both authenticate onto the SSID and the web proxy at the same time making life much easier for your users.

So time to get the configuration going…

Smoothwall Firewall

First up you must have configured a VLAN for the exclusive use of the BYOD network (as per the guide here – http://myworldofit.net/?p=6473) taking special note of setting the IP Helper Address to a virtual network adapter on your Smoothwall firewall which sits in the BYOD VLAN. Take a look at the screen shots below for more info…

NB – in this configuration the Smoothwall firewall will allow connectivity to the internet at the users policy level, if you want to allow BYOD guests to access your internal resources you will need to configure the Smoothwalls DNS and Zone Bridging features. I will touch on this in the next article.

HP MSM

The configuration on the HP MSM is similar to setting up the Domain WiFi network in that a RADIUS server is configured and the VSC is configured to use that RADIUS server.

User guides

To help you get started with your own user guides feel free to download and modify the ones that I have used at my establishment below.

  OSA-BYOD - Android (498.4 KiB, 64 hits)

  OSA-BYOD - iOS (3.3 MiB, 62 hits)

  OSA-BYOD - Windows 7 (796.7 KiB, 66 hits)

  OSA-BYOD - Windows 8 (2.1 MiB, 58 hits)

  OSA-BYOD - Windows Phone (206.9 KiB, 42 hits)

  OSA-BYOD - Windows Vista (1.5 MiB, 40 hits)

You will note that Windows XP is omitted as it is no longer a Microsoft supported operating system (although XP does work with this configuration).

Make no mistake I’m all for PRTG as my preferred Network Monitoring software so when I was asked to be featured in a case study I jumped at the chance.

That study is now live and can be seen here – http://www.paessler.com/company/casestudies/oxford_spires_uses_prtg

PRTG Case Study

Another similar article can also be seen here – http://www.networkingplus.co.uk/case-study-details?itemid=351

When setting up an installation of Microsoft Forefront Identity and Lifecycle Manager 2010 R2 going through the initial setup phase to configure common services I was getting the error message

The service account could not be found. This could be due to an incorrect password. Please check the service account and try again.

As it turns out I was getting this error message as I had entered the fully qualified domain name in the ‘Service Account Domain’ box instead of the shorter NETBIOS name.

Putting in the NETBIOS name allowed me to proceed to the next screen and finish the setup normally. See the screen shots below for a little more information-

By comparison to the Domain WiFi setup the configuration for the Apple network is much simpler.

The one tiny little exception is that the Apple Discovery Protocol (Bonjour) is by design unable to traverse VLANs. In many networks this wouldn’t be a problem however we have a item of software called AirServer on our Windows clients that ties into the AirPlay feature on iPads to project the iPad screen onto the PC screen. To get this feature working the Bonjour discovery packets need to move from the Windows VLAN to the Mac VLAN.

So first up the configuration for the SSID on our HP MSM controller-

To get the Bonjour packets to traverse the VLAN we need a ‘Bonjour Gateway’; to get this going I will be using a Virtual Machine with 3 network adapters running Ubuntu Client (if you are confidant with Linux then feel free to use the server edition!) and a bit of software called Avahi.

The guide here – http://community.spiceworks.com/how_to/show/38251-build-your-own-bonjour-gateway shows very well how to setup the Avahi software; in my case I went without the VLANs and just used native NICs sitting in the Server, Windows Clients and Mac Clients VLANs.

A few more details in the screen shots below-

Next up is an article on the BYOD SSID which uses a very cool feature on our Smoothwall firewall to make logins really easy.

About

my world of IT is a blog about both the business and consumer world of IT as seen by a common garden Network Manager. For more information click here!