Wireless Access

Reply
Occasional Contributor II

Pre-Authentication and Roaming

Community,

 

Im looking into the wireless Pre-Authentication mechanism and was wondering where in the Aruba 3200 series controller I could find whether or not this is enabled. The "Pre-Authentication" im talking about is described below:

 

"Pre-authentication enables WPA2 wireless clients that are connected to one wireless AP to perform 802.1X authentication with other wireless APs within its range. Pre-authentication stores the PMK and its associated information in the PMK cache. When the wireless client connects to a wireless AP with which it has pre-authenticated, it uses the cached PMK information to reduce the time required to authenticate and connect."

System_CAPS_noteNote

WPA2 client pre-authentication is only possible with wireless access points that broadcast pre-authentication capability in Beacon and Probe Response messages.

We run EAP-TLS so I want to make sure the users arent having to re-auth every single time they roam to another AP. How can I enable this feature in the Controller to make sure the APs are broadcasting the pre-auth capability in their Beacon and Probe responses? Im having trouble finding it. Thanks.

Guru Elite

Re: Pre-Authentication and Roaming

That would be OKC or opportunistic key caching, which is enabled by default.  Just about every client except for Mac OSX supports this.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Pre-Authentication and Roaming

Colin,

 

Thanks so much for the response. After you mentioned OKC I researched it and found this right away. It explains Arubas support for this in perfect detail! Thanks again!

 

https://community.arubanetworks.com/aruba/attachments/aruba/115/1097/1/Aruba+OKC+Implementation.pdf

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: