Manualshelf

WESM zl Management and Configuration Guide WT.01.XX and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
631632633634635636637638639640
9-14
Fast Layer 2 Roaming and Layer 3 Mobility
Configuring Fast Layer 2 Roaming for WPA/WPA2 with 802.1X
Figure 9-4. Enabling Pre-Authentication
6. Check the box for Pre-authentication.
Remember that pre-authentication messages do not cross subnetwork
(VLAN) boundaries, so the module receives them only from modules or
APs that assign the WLAN to the same subnetwork.
7. By default, PMK Caching and Opportunistic Key Caching are enabled and you
should leave them so.
PMK caching must be enabled for pre-authentication. (PMK caching
allows the module to store the station’s encryption key until the station
actually roams to it.) Although opportunistic key caching is optional for
pre-authentication, ProCurve Networking recommends that you accept
the default setting, which enables this option. Opportunistic key caching
facilitates fast roaming between RPs adopted by the same module.
Note When PMK caching is enabled, a WPA2 station that roams is no longer
controlled by any dynamic ACLs configured with IDM. If you use IDM to
assign ACLs to users with WPA2 connections, you should disable PMK
caching.