Security

Hi:

I'm in the process of an 802.1x rollout, and I'm having a few problems.

Users are routinely disconnected when roaming between APs that are on different controllers.

Is there a way to mitigate this?

Thanks,

Tony

Normally you would design a network that avoids users roaming between controllers, because their network state is lost when you do that.  If the VLANs the user ends up in on the second controller is different from the first, that is even worse...

Hi Colin:

Thanks for the info.

Right now, it's unavoidable. I've got three 3400 controllers, which only allow 64 AP's each.

I'm keeping each building on the same controller, but as users roam about campus, they hit different APs and controllers.

I'm planning on getting a 7210, which will host 512 APs.

From what you're saying, it sounds like I should put all my APs on the 7210, and use my 3400's only for backup?

Thanks,

Tony

Well if you have to do that, make sure the virtual APs bridge users to the exact same VLANs:

If your Virtual AP VLAN pool for controller 1 looks like this - 1,5,7 make sure it is 1,5,7 for all of them.  That way your clients will end up in the same VLAN when they roam from controller to controller and they will not have to re-discover their new default gateway or re-ip.  Trunk all of those VLANs to the same layer 3 switch and you should be good to go.