Filter
Top Products
Wireless mobility
Mobility license
Mobility license
If you purchased an MSM7xx Mobility Controller, the Mobility license is factory-installed.
You do not need to install a license. For MSM7xx Access Controllers, you can purchase an
optional Mobility license. An MSM7xx Access Controller with an installed Mobility license, is
functionally identical to the corresponding MSM7xx Mobility Controller.
For information on how to work with and install licenses, see Managing licenses on
page 15-7.
Key concepts
All service controllers include basic Layer 2 (L2) mobility support allowing wireless users to
roam between APs within the same subnet. MSM7xx Mobility Controllers include the added
features WPA2 Opportunistic Key Caching and L3 Mobility.
WPA2 Opportunistic key caching
Using optimizations of 802.1X/802.11i authentication, WPA2 Opportunistic Key Caching
enables a wireless client to perform a full RADIUS authentication once and then re-use those
authentication credentials on each subsequent roam without the need to re-authenticate
through RADIUS. The service controller maintains updated key information on APs based on
the Mobility Neighborhood so that a wireless user can roam between APs without incurring a
full 802.1X RADIUS handshake delay.
WPA2 Opportunistic Key Caching provides secure and fast user authentication based on the
WPA2 and 802.1X standards. It:
Eliminates delays associated with reauthentication.
Provides hand-offs in less than 50 milliseconds, as required for time-sensitive services
such as voice.
Preserves a user's RADIUS-assigned parameters such as security and VLAN, enabling
smooth transition of all services to which the user has access.
How it works
With WPA 2 Opportunistic key caching, each wireless client has one set of encryption keys
that are shared by all APs in the “mobility neighborhood.” When a client roams to a new AP, it
sends a PMKID (see IEEE 802.11i for more information) with its re-association request. If this
PMKID matches the encryption keys for that client, then the client is able to bypass RADIUS
authentication and move directly to the 4-way encryption handshake.
Note The wireless client software must support Opportunistic Key Caching. The Microsoft
windows wireless client and the Juniper Odyssey client both support this.
11-2