We have a number of towers that we are working to migrate to ePMP from Ubiquiti currently. This was going to be a LONG process as we move from each via truck roll and installlation of new hardware. I was ECSTATIC when I saw the webinar and the ability to make existing customer ePMP customers for what I consider a very reasonable licensing fee that I am happy to allow you to recoup the development costs on.
HOWEVER, reading through the posts brought to light the HUGE flaw in this process. How can we be expected to migrate with a LIVE environment. We do NOT use the default WPA2 keys on the Cambium hardware and changing to that will of course knock off all the ePMP customers currently connected and will additionally just open things up for ANY ePMP client to connect.
The only process I have come up with is:
1. EARLY AM when traffic minimal, make the needed change and drop all the ePMP customers.
2. Elevate as many of the Ubiquiti radios as we can within this window.
3. Then change all of the migrated Elevate clients to the original key, dropping them for a bit
4. Change back to the original key and hope all of the orignal and new clients come back up.
NOT a smooth process and requires a lot of client radio downtime for either existing ePMP customers and/or Ubiquiti cleints being migrated.
I would like to hear from Cambium how they see this process taking place on an existing network and if anything is being done to make this a MUCH easier process. As metnioned the obvious solution is for the ePMP AP's to allow for multiple WPA2 keys to be accepted and even better, maybe the "default" one to ONLY work for Elevate client radios to prevent potentially others from getting in.
STILL VERY EXCITED FOR THIS OPTION! Just need to figure out a workable way of getting it up and running.
We've been thinking of how we're going to deploy as well.
To be honest, we're probably going to just put up a new temp AP with the default WPA key.
Then as we apply the Elevate software to Ubiquit radios and they connect to the temp AP, we'll log on and make the necessary changes to each radio to provision them on our permanent AP's.
Still requires a truck roll to put up the AP but I think this way will minimise downtime for migrating customers and eliminate it for any customers already on ePMP.
Yes, that is an option. But of course has a LOT of expenses with it as well. We have a number of towers and you either need to buy a lot of spare AP's to do this in timely fashion or slowly do a few at a time. We do not have a climber on staff either and that incurs significant expense to hang the AP's on the towers, not to mention not all of our towers is this an option without first renegotiating the contracts / rent. That is really a path we will avoid for us.
The early morning one should work, but at a MAJOR inconvenience. Especially in light of the fact that these need to be manually processed one by one.
Hoping Cambium will provide a seamless solution that allows us to do this when we want and for the clients we want. Another possibility and I am not sure how easy to implement it would be is create a firmware "modification" tool that allows us to set things like the default SSID / WPA2 keys and then when the firmware is applied it would have them. That might be easier than multiple WPA2 keys on the AP.
Larry Weidig wrote: ... create a firmware "modification" tool that allows us to set things like the default SSID / WPA2 keys and then when the firmware is applied it would have them.
I like that idea. As you say, that might be tricky for Cambium to implement, but a ''pre-configuration'' tool of sorts is a good idea. Where we could download the firmware file, but run a 'tool' on it to pre-populate it with our WPA2 key, before appling it to the SM's.
We have a number of towers that we are working to migrate to ePMP from Ubiquiti currently. This was going to be a LONG process as we move from each via truck roll and installlation of new hardware. I was ECSTATIC when I saw the webinar and the ability to make existing customer ePMP customers for what I consider a very reasonable licensing fee that I am happy to allow you to recoup the development costs on.
HOWEVER, reading through the posts brought to light the HUGE flaw in this process. How can we be expected to migrate with a LIVE environment. We do NOT use the default WPA2 keys on the Cambium hardware and changing to that will of course knock off all the ePMP customers currently connected and will additionally just open things up for ANY ePMP client to connect.
The only process I have come up with is:
1. EARLY AM when traffic minimal, make the needed change and drop all the ePMP customers.
2. Elevate as many of the Ubiquiti radios as we can within this window.
3. Then change all of the migrated Elevate clients to the original key, dropping them for a bit
4. Change back to the original key and hope all of the orignal and new clients come back up.
NOT a smooth process and requires a lot of client radio downtime for either existing ePMP customers and/or Ubiquiti cleints being migrated.
I would like to hear from Cambium how they see this process taking place on an existing network and if anything is being done to make this a MUCH easier process. As metnioned the obvious solution is for the ePMP AP's to allow for multiple WPA2 keys to be accepted and even better, maybe the "default" one to ONLY work for Elevate client radios to prevent potentially others from getting in.
STILL VERY EXCITED FOR THIS OPTION! Just need to figure out a workable way of getting it up and running.
Thanks!
Larry,
We want to help you guys and your feedback is important. Lot of chatter about the WPA but I am not entirely following the mixed network situation. Assuming you have an ePMP sector serving ePMP SMs. If you have UBNT SMs that you want to convert to elevate and attach then at the time they must be connnected to another UBNT AP somewhere, right? Am I missing something?
We have a number of towers that we are working to migrate to ePMP from Ubiquiti currently. This was going to be a LONG process as we move from each via truck roll and installlation of new hardware. I was ECSTATIC when I saw the webinar and the ability to make existing customer ePMP customers for what I consider a very reasonable licensing fee that I am happy to allow you to recoup the development costs on.
HOWEVER, reading through the posts brought to light the HUGE flaw in this process. How can we be expected to migrate with a LIVE environment. We do NOT use the default WPA2 keys on the Cambium hardware and changing to that will of course knock off all the ePMP customers currently connected and will additionally just open things up for ANY ePMP client to connect.
The only process I have come up with is:
1. EARLY AM when traffic minimal, make the needed change and drop all the ePMP customers.
2. Elevate as many of the Ubiquiti radios as we can within this window.
3. Then change all of the migrated Elevate clients to the original key, dropping them for a bit
4. Change back to the original key and hope all of the orignal and new clients come back up.
NOT a smooth process and requires a lot of client radio downtime for either existing ePMP customers and/or Ubiquiti cleints being migrated.
I would like to hear from Cambium how they see this process taking place on an existing network and if anything is being done to make this a MUCH easier process. As metnioned the obvious solution is for the ePMP AP's to allow for multiple WPA2 keys to be accepted and even better, maybe the "default" one to ONLY work for Elevate client radios to prevent potentially others from getting in.
STILL VERY EXCITED FOR THIS OPTION! Just need to figure out a workable way of getting it up and running.
Thanks!
Larry,
We want to help you guys and your feedback is important. Lot of chatter about the WPA but I am not entirely following the mixed network situation. Assuming you have an ePMP sector serving ePMP SMs. If you have UBNT SMs that you want to convert to elevate and attach then at the time they must be connnected to another UBNT AP somewhere, right? Am I missing something?
The issue with WPA is, where we already have an active ePMP sector (which isn't using the default WPA key) and a UBNT sector covering the same area. When we elevate the UBNT clients, there not going to be able to connect to the ePMP sector unless we change the WPA key to the default - but if we do that, it will take down all of the customers that are already on the sector. I think what everyone is looking for is a way to avoid that.
I think that the simplest way would be to just enable "Open" (under the wireless security options) by default - that way, we could just enable open on all of the existing clients and set the AP to open while were converting UBNT clients. Once everything is reconfigured with the proper key, it would just be a matter of switching WPA2 back on on the AP and everything would be set.
They are of course NOT real WPA2 keys but they are different and BOTH AP's have customers on them. So, now you upgrade your Ubiquiti subscribers to migrate them over. My understanding is that the new radio only looks for your default Cambium... WPA2 key so we are out of luck. If I change it to that default key now the problem is ANYBODY with a Cammbium radio can connect to the AP.
We want to help you guys and your feedback is important. Lot of chatter about the WPA but I am not entirely following the mixed network situation. Assuming you have an ePMP sector serving ePMP SMs. If you have UBNT SMs that you want to convert to elevate and attach then at the time they must be connnected to another UBNT AP somewhere, right? Am I missing something?
Sakid
You should have included the plain 802.11n mode support for the CPE.
That way, current ubnt cpes could be remotely elevated and instantly attached to the same UBNT AP. (Airmax turned off)
After that, config of each CPE could be done remotely while still connected to the UBNT AP.
Wow, wonder who that "somebody" might be. That would be a workable solution I would think and allow for easy migration to the new system on a client by client basis without providing any interruption to any other clients on either of the systems.
Make sure if somebody writes that tool it would save the congifuration at well so that if we mass push it out and then for one reason or anoither the radio is rebooted it would not lose these changes.
Could you also look at the option of adding the Management VLAN in a pre-config, mentioned this a few times in the threads and no one has spoken about this.
We have a very large network and it is all VLAN off. Without a Management VLAN on the SM we can not access it.
Yes, I would say if you are going to go this route then make a LOT of options configurable by preloading them in the Ubiquiti config file. This could potentially allow us the ability to do nearly hands aoff automated updates to the network which would be awesome. Things like network settings (NAT / PPPoE,...), Radius, cnMaestro,...
Is there any move on this pre-configuration process?
We would be glad to beta-test anything that is available.
It would speed us up enormously to be able to upload a 'User Provisioned Root Cert' and not have to switch APs away from Radius but any pre-configuration would help...