In Haarlem they are working on the modernization of, among other things, trains. Possibly wireless interference causes the vehicles, that move these trains, to go into an active error-state resulting in an emergency stop. We were asked to locate the alleged source of interference by means of an extensive RF spectrum analysis.
12 students, JNCIA training, online from our own studio
Question: Several times a year the Juniper MIST/JNCIA training is provided by Juniper Education Services. WiFi Wise provides the certified trainer, Juniper Education Services arranges the location (in Corona time often timest online from our own studio). This 4-day training is experienced as very valuable because of the interactive components. Can WiFi Wise provide a certified trainer to teach a class in English language for students from all over the world?
Have you ever watched a magician perform a magic trick and wondered how he did it?
Today I’m going to reveil the magic that Packet Magician Peter MacKenzie is using to block his kids internet.
If you’ve been in Peter’s JNCIS MistAI class you’ve probably seen him say “hey Siri, Block Luke’s internet” with an evil grin on his face. If not, Jussi Kiviniemi got a screenshot of it on twitter.
Did you get an Mist AP on one of the Wireless Wednesdays and want to get your kids to the dinner table? Or do you just want to show off to your boss by enabling the guest network by a voice command? Then keep reading.
Getting the right code
Everything that we do in the Mist UI is translated into API calls. So first off we need to get the right API call. I’m going to use the block internet example here, but you can to the same with enabling or disabling an SSID.
As we are using a WxLAN policy that blocks access for a client we need to build that rule first.
It is made of 3 components, a group of clients, an action (block) and a resource.
First off I created a label under Network -> Labels.
Here I grouped the mac addresses for my kids devices
Next I needed to build the policy, again on the site level so under Network -> Policy I created a policy using the label Kids and blocking them access to All resources. I’ve saved the rule and then DISABLED it. In the end I’ve created 3, each one of my boys individually, and them all combined.
Now this is where the magic happens, now I need to build or steal the API call needed to to enable the rule I want. Building is quite hard but there is loads of documentation found here and here.
So I’m going to show you how to steal the API call. For that the I’m going to open the Mist UI using Google Chrome.
Under the Menu -> More Tools you can find Developer Tools.
With these Developer Tools we can see everything our browser is doing on a webpage. This can be a lot so I’ve added a filter to just show me things to api.mist.com
So now when I enable the policy and press save I can see the actual API calls made:
You can see the PUT method as we are changing a value not a POST and creating a new entry. And in the body we see the “Enabled” set to “True”
The API call and the Enabled : True is what we need for our plan. The only other thing we need is API access. We need an API token.
I love cloud native wireless solutions! I think they’re more scalable, more flexible. I have a single point of management and no single point of failure. There are some “drawbacks” too though. Compliance for example, maybe your customer has principal reasons not to be on cloud provider xyz. And for some reason customers think the Wi-Fi will stop working without when the internet connection goes down. Though all your other cloud solutions like office365 might, Wi-Fi will probably remain online unless you’re using a cloud radius and LDAP solution, then connecting to the Wi-Fi will be troublesome. The thing you do need to do however is, as there is no controller to tunnel all traffic to, you need to configure your entire VLAN setup all the way to the edge switches. But with a single point of management this should be easy ;)