Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1121
Views
4
Helpful
3
Replies

Fast Roaming and CCKM

vantipov
Level 1
Level 1

‎06-13-2007 06:29 AM - edited ‎07-03-2021 02:12 PM

We have a WISM blade with two controllers enabled. Single mobility group and no AP groups. We keep having random disconects when our users are in Citrix. Some sugestions I read say that I should enable CCKM. We turned on 802.1x+CCKM on one controller and it seems to work. When we turned on only CCKM mode we can no longer associate clients to any APs on that controller. When would you use CCKM only and when 802.1x+CCKM mode of key mgmt is preffered?

Labels:
0 Helpful
3 Replies 3

claeysg
Level 1
Level 1

‎06-13-2007 08:00 AM

if you select 802.1x + CCKM, both 802.1x and CCKM compatible clients will be able to associate and authenticate. This is the preferred option if you are in a mixed environment (devices supporting and not supporting CCKM).

If you devices cannot associate to the WLAN network when only CCKM is selected, this means that these devices are not CCKM capable.

Another way to verify this is by using the following command on the controller (via telnet):

show pmk-cache summary

Please note that both the driver and the supplicant used need to support CCKM. the windows supplicant for example (Wireless Zero Config) does not support CCKM.

Also, there are a lot of issues with the Intel Pro Set cards. Best it to use a Cisco card with the Cisco utility, at least for the tests.

I hope that it helps.

Rgds

Gaetan

vantipov
Level 1
Level 1
In response to claeysg

‎06-13-2007 08:32 AM

Thanks for your reply. show pmk-cache sum on my test controller tells me that there is no such command. I can do show pmk-cache all and I see a list of MACs. If I do this command on my controller that has all the APs on it - it shows the same list of MACs. Does 802.1x do the same caching as CCKM?

0 Helpful

claeysg
Level 1
Level 1
In response to vantipov

‎06-13-2007 11:48 PM

Hello,

This is the result of the command on my controller.

(Cisco Controller) >show pmk-cache all

PMK-CCKM Cache

Entry

Type Station Lifetime VLAN Override IP Override

------ -------------- -------- ------------------ ---------------

CCKM 00:19:79:49:98:bc 41925 0.0.0.0

You can also verify that your client uses CCKM with the following command

show client details "mac_add of the client"

this will give you

Authentication Key Management.................... CCKM

Rgds,

Gaetan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card