Working with VSCs
VSC configuration options
5-20
One issue with using this method to determine the home subnet is that a user’s IPv4 address
is typically retrieved through DHCP. If a user connects to an AP in a new location (rather than
roaming to the AP), the IP address assigned through DHCP may identify the user as local to
the network, and not roaming.
Fast wireless roaming
WPA2 opportunistic key caching eliminates the delays associated with reauthentication when
client stations roam between APs installed on the same subnet.
The controller manages key distribution between the APs so that when wireless users roam
between APs, reauthentication is not delayed by having to completely renegotiate key values.
To support fast wireless roaming:
Disable the Access control option under Global.
Install a Mobility or Premium license on the controller.
All APs must be on the same layer 2 network.
All APs must have VSCs with the same name, SSID, and wireless protection settings.
Wireless protection must be WPA, or 802.1X authentication must be enabled.
Note RADIUS accounting is not supported when this option is enabled.
Wireless security filters
APs feature an intelligent bridge that can apply security filters to safeguard the flow of
wireless traffic. These filters limit both incoming and outgoing traffic as defined below and
force the APs to exchange traffic with a specific upstream device.
When access control is enabled, available options are:
The controlled AP will only allow user traffic that is addressed to the controller. All other
traffic is blocked. Make sure that the controller is set as the default gateway for all users. If
not, all user traffic will be blocked by the AP.
The default wireless security filters defined below are active.
To Next Page
Loading...
Need help?
General
