Skip to main content

Author: WiFi Wise

Wireless Troubleshooting | RF analysis, industrial hall for train modernization

>20,000 employees/users

In Haarlem they are working on the modernization of, among other things, trains. Possibly wireless interference causes the vehicles, that move these trains, to go into an active error-state resulting in an emergency stop. We were asked to locate the alleged source of interference by means of an extensive RF spectrum analysis.

Continue reading

Wireless Training | Juniper MIST ILO, JNCIA

12 students, JNCIA training, online from our own studio

Question: Several times a year the Juniper MIST/JNCIA training is provided by Juniper Education Services. WiFi Wise provides the certified trainer, Juniper Education Services arranges the location (in Corona time often timest online from our own studio). This 4-day training is experienced as very valuable because of the interactive components. Can WiFi Wise provide a certified trainer to teach a class in English language for students from all over the world?

Continue reading

Mist AI vs Clarke’s Law: Magic is Technology we don’t understand yet.

Packet Magician

Have you ever watched a magician perform a magic trick and wondered how he did it?
Today I’m going to reveil the magic that Packet Magician Peter MacKenzie is using to block his kids internet.

If you’ve been in Peter’s JNCIS MistAI class you’ve probably seen him say “hey Siri, Block Luke’s internet” with an evil grin on his face.  If not, Jussi Kiviniemi got a screenshot of it on twitter.

Did you get an Mist AP on one of the Wireless Wednesdays and want to get your kids to the dinner table? Or do you just want to show off to your boss by enabling the guest network by a voice command? Then keep reading.

Getting the right code

Everything that we do in the Mist UI is translated into API calls. So first off we need to get the right API call. I’m going to use the block internet example here, but you can to the same with enabling or disabling an SSID.

As we are using a WxLAN policy that blocks access for a client we need to build that rule first.
It is made of 3 components, a group of clients, an action (block) and a resource.

First off I created a label under Network -> Labels.
Here I grouped the mac addresses for my kids devices

Labels

Next I needed to build the policy, again on the site level so under Network -> Policy I created a policy using the label Kids and blocking them access to All resources. I’ve saved the rule and then DISABLED it. In the end I’ve created 3, each one of my boys individually, and them all combined.

Wxlan Policies

Now this is where the magic happens, now I need to build or steal the API call needed to to enable the rule I want.  Building is quite hard but there is loads of documentation found here and here.
So I’m going to show you how to steal the API call. For that the I’m going to open the Mist UI using Google Chrome.

Under the Menu -> More Tools you can find Developer Tools.
With these Developer Tools we can see everything our browser is doing on a webpage. This can be a lot so I’ve added a filter to just show me things to api.mist.com

Chrome Developer Tools

So now when I enable the policy and press save I can see the actual API calls made:
API Call displayed

You can see the PUT method as we are changing a value not a POST and creating a new entry. And in the body we see the “Enabled” set to “True”
Enabled

The API call and the Enabled : True is what we need for our plan. The only other thing we need is API access. We need an API token.

API Token:

If you are logged in to the Mist UI you can get a token by going to the following URL : https://api.mist.com/api/v1/self/apitokens

you should see something like this, though yours might be blank.
API Token

To get a token just press the post button at the bottom BUT the token wil only be shown to you ONCE!

API Token revealed

Save it in your password vault as this is your access to everything your account is entitled to in the Mist Environment!

Siri

Now lets get this stuff over to Siri. On your IOS device if you haven’t already install the shortcuts app.

Now we’re going to add a new shortcut by using the + icon.

For type of shortcuts choose Web.
Then under Web Requests choose Get Contents of URL.

This is where we need to add our collected components :

Siri Shortcuts

Now name it, save it and go bully your kids! Oh and don’t forget to create an Enable Kids Internet. Just to the same thing again but set Enabled to False!

 

Mist Edge as WFH solution

Cloud Wireless

I love cloud native wireless solutions! I think they’re more scalable, more flexible. I have a single point of management and no single point of failure. There are some “drawbacks” too though. Compliance for example, maybe your customer has principal reasons not to be on cloud provider xyz. And for some reason customers think the Wi-Fi will stop working without when the internet connection goes down. Though all your other cloud solutions like office365 might, Wi-Fi will probably remain online unless you’re using a cloud radius and LDAP solution, then connecting to the Wi-Fi will be troublesome. The thing you do need to do however is, as there is no controller to tunnel all traffic to, you need to configure your entire VLAN setup all the way to the edge switches. But with a single point of management this should be easy ;)

Continue reading