MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (WW) Access Point

121

122

123

124

125

126

127

128

129

130

• Bind the same VSC to all APs that will support roaming.

• Configure the Wireless security filters so that they do not interfere with roaming functionality.

In most cases, these filters should be disabled. If you need to use them, note that:

◦ The Restrict wireless traffic to: Access point default gateway option is not supported.

◦ The Restrict wireless traffic to: MAC or Custom options can be used but only if configured

to restrict traffic to destinations that are reachable from all subnets in the mobility domain.

Mobility traffic manager

Mobility Traffic Manager (MTM) enables you to take advantage of both distributed and

centralized strategies when deploying a wireless networking solution. For a complete discussion

of this feature and how to use it see “Mobility traffic manager” (page 285).

If you are using MTM to tunnel the traffic from wireless users to their home networks, set the

following parameter to determine how MTM routes traffic if no home network is assigned to a

user (via their RADIUS account or local user account), or if the users home network is not found

in the mobility domain.

If no matching network is assigned:

• Block user: User access is blocked.

• Consider the user at home: The users home network is considered to be the subnet assigned

to the AP.

Subnet-based mobility

This feature has been deprecated. If you are creating a new installation, use Mobility Traffic

Manager. If you are upgrading from a previous release, your subnet-based configuration will

still work. However, for added benefits and greater flexibility you should migrate your setup

to Mobility Traffic Manager.

When Subnet-based mobility is enabled, a users home subnet is determined based on the IPv4

address assigned to a user when they connect to the wireless network. If a users IPv4 address

is not within the scope of any of the local subnets assigned to the AP, the user is considered

foreign to the network and their traffic is tunnelled via the controller to their home subnet. If the

users subnet does not match any subnets defined in the mobility domain, the user is blocked.

One issue with using this method to determine the home subnet is that a users IPv4 address is

typically retrieved through DHCP. If a user connects to an AP in a new location (rather than

roaming to the AP), the IP address assigned through DHCP may identify the user as local to

the network, and not roaming.

Fast wireless roaming

WPA2 opportunistic key caching eliminates the delays associated with reauthentication when client

stations roam between APs installed on the same subnet.

The controller manages key distribution between the APs so that when wireless users roam between

APs, reauthentication is not delayed by having to completely renegotiate key values.

To support fast wireless roaming:

• Disable the Access control option under Global.

• Install a Mobility or Premium license on the controller.

• All APs must be on the same layer 2 network.

VSC configuration options 125