Wireless Access

Contributor II

802.1x roaming

Hello All,


Im just trying to understand the following:


When roaming on an 802.1x authenticated SSID, you have to go through a re-authentication process.


When you do this i was under the impression, that although you do not need an IP address to authenticating using 802.1x as its layer 2, that the controller would keep a record of your IP address and so would the client.


example logs below show that the controller isnt aware of the IP address of the client. This may be normal and it does make sense, however i am currently having an issue where when roaming, for a very short period of time the users get "no internet connection". Again this is probably unrelated however if the client does truely loose its IP during the re-auth process they wouldnt be able to get to the internet.


Aug 12 13:47:36 authmgr[3614]: <522158> <3614> <DBUG> |authmgr| Role Derivation for user N/A-a4:d9:31:69:5d:f5-[removed] N/A station Authenticated with auth type: Unknown auth type.
Aug 12 13:47:36 authmgr[3614]: <522142> <3614> <DBUG> |authmgr| Setting cached role to NULL for user a4:d9:31:69:5d:f5".
Aug 12 13:47:36 authmgr[3614]: <522266> <3614> <DBUG> |authmgr| Calling derive_role2 for user a4:d9:31:69:5d:f5
Aug 12 13:47:36 authmgr[3614]: <522016> <3614> <INFO> |authmgr| MAC=a4:d9:31:69:5d:f5 IP=?? Derived role 'visitors-nocorp' from Aruba VSA
Aug 12 13:47:36 authmgr[3614]: <522127> <3614> <DBUG> |authmgr| {L2} Update role from visitors-nocorp to visitors-nocorp for IP=N/A, MAC=a4:d9:31:69:5d:f5.


As you can see "IP=N/A". I am sure this is normal behaviour i am just trying to understand why the controller is not still aware as i was thinking this is part of 802.11r and roaming.


Any clarification would be helpful.



Ben Casey
Search Airheads
Showing results for 
Search instead for 
Did you mean: