Hi guys,
I've been facing a lot of connection and roaming issues on the network, clients were losing authentication, VoIP phones were losing IP address and Guests had to re-authenticate on CP. All these problems were treated in separate but after a few tests on the network, it seems like we've found a reason for the issue.
The fact is that the disconnections were occurring in specific IAP transitions (L2 Roaming), and we've noticed that these IAPs weren't in the same switch. So basically when we do roaming on IAPs that lay on the same switch everything seems fine but when they change to an IAP on another switch (even on the same cluster) the device loses connection. This is happening with all of the devices on the network which is also the cause of the other failures.
We are using Fortinet Fortiswitches managed by Fortigate, and speaking with the Fortinet reseller it seems like the switch has to receive the clients IP, not the APs MAC in order to complete roaming outside the switch.
It seems like it has something to do with the IAP Bridge Mode, is that correct? I should consider moving the entire network to Mesh for this to work? Are there any changes that could be made on both sides?
Thank you all.
A few helpful pieces of information:
IAP MODELS: 303, 305, 365
IAP SW VERSION: 8.3.0.0
AIRWAVE SW VERSION: 8.7.2.1
CLEARPASS SOFTWARE VERSION: 6.7.5
FORTISWITCH MODELS: FortiSwitch 424D-FPOE
FORTIGATE MODELS: FortiGate 600D