Wireless Access


Pre-Authentication and Roaming



Im looking into the wireless Pre-Authentication mechanism and was wondering where in the Aruba 3200 series controller I could find whether or not this is enabled. The "Pre-Authentication" im talking about is described below:


"Pre-authentication enables WPA2 wireless clients that are connected to one wireless AP to perform 802.1X authentication with other wireless APs within its range. Pre-authentication stores the PMK and its associated information in the PMK cache. When the wireless client connects to a wireless AP with which it has pre-authenticated, it uses the cached PMK information to reduce the time required to authenticate and connect."


WPA2 client pre-authentication is only possible with wireless access points that broadcast pre-authentication capability in Beacon and Probe Response messages.

We run EAP-TLS so I want to make sure the users arent having to re-auth every single time they roam to another AP. How can I enable this feature in the Controller to make sure the APs are broadcasting the pre-auth capability in their Beacon and Probe responses? Im having trouble finding it. Thanks.

Guru Elite

Re: Pre-Authentication and Roaming

That would be OKC or opportunistic key caching, which is enabled by default.  Just about every client except for Mac OSX supports this.

Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.

Re: Pre-Authentication and Roaming



Thanks so much for the response. After you mentioned OKC I researched it and found this right away. It explains Arubas support for this in perfect detail! Thanks again!





Search Airheads
Showing results for 
Search instead for 
Did you mean: