Wireless Access

Reply

Pre-Authentication and Roaming

Community,

 

Im looking into the wireless Pre-Authentication mechanism and was wondering where in the Aruba 3200 series controller I could find whether or not this is enabled. The "Pre-Authentication" im talking about is described below:

 

"Pre-authentication enables WPA2 wireless clients that are connected to one wireless AP to perform 802.1X authentication with other wireless APs within its range. Pre-authentication stores the PMK and its associated information in the PMK cache. When the wireless client connects to a wireless AP with which it has pre-authenticated, it uses the cached PMK information to reduce the time required to authenticate and connect."

System_CAPS_noteNote

WPA2 client pre-authentication is only possible with wireless access points that broadcast pre-authentication capability in Beacon and Probe Response messages.

We run EAP-TLS so I want to make sure the users arent having to re-auth every single time they roam to another AP. How can I enable this feature in the Controller to make sure the APs are broadcasting the pre-auth capability in their Beacon and Probe responses? Im having trouble finding it. Thanks.

Guru Elite

Re: Pre-Authentication and Roaming

That would be OKC or opportunistic key caching, which is enabled by default.  Just about every client except for Mac OSX supports this.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************

Re: Pre-Authentication and Roaming

Colin,

 

Thanks so much for the response. After you mentioned OKC I researched it and found this right away. It explains Arubas support for this in perfect detail! Thanks again!

 

https://community.arubanetworks.com/aruba/attachments/aruba/115/1097/1/Aruba+OKC+Implementation.pdf

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: