Working with VSCs
VSC configuration options
5-19
To use wireless mobility, you must:
Disable the Access control option under Global.
Install a Mobility or Premium license on the controller.
Bind the same VSC to all APs that will support roaming.
Configure the Wireless security filters so that they do not interfere with roaming
functionality. In most cases, these filters should be disabled. If you need to use them, note
that:
The Restrict wireless traffic to: Access point default gateway option is not
supported.
The Restrict wireless traffic to: MAC or Custom options can be used provided
that they restrict traffic to destinations that are reachable from all subnets in the
mobility domain.
Mobility traffic manager
Mobility Traffic Manager (MTM) enables you to take advantage of both distributed and
centralized strategies when deploying a wireless networking solution. For a complete
discussion of this feature and how to use it see, Chapter 9: Mobility traffic manager on
page 9-1.
If you are using MTM to tunnel the traffic from wireless users to their home networks, set the
following parameter to determine how MTM routes traffic if no home network is assigned to
a user (via their RADIUS account or local user account), or if the user’s home network is not
found in the mobility domain.
If no matching network is assigned:
Block user: User access is blocked.
Consider the user at home: The user’s home network is considered to be the subnet
assigned to the AP.
Subnet-based mobility
This feature has been deprecated. If you are creating a new installation, use Mobility
Traffic Manager. If you are upgrading from a previous release, your subnet-based
configuration will still work. However, for added benefits and greater flexibility you
should migrate your setup to Mobility Traffic Manager.
When Subnet-based mobility is enabled, a user’s home subnet is determined based on the
IPv4 address assigned to a user when they connect to the wireless network. If a user’s IPv4
address is not within the scope of any of the local subnets assigned to the AP, the user is
considered foreign to the network and their traffic is tunnelled via the controller to their
home subnet. If the user’s subnet does not match any subnets defined in the mobility domain,
the user is blocked.
To Next Page
Loading...
