I have a question with regards to Local EAP. After you have created your Local EAP profile and applied it to an SSID a client with the appropriate certificate and local net user ID is authenticated. Once the user is authenticated does the client re-authenticate as he roams ? Are his credentials cached on the controller ?