I have tested it wiht EAP-FAST also with no difference with the roaming problem.

Do you see failures on the ACS side?

If not, may want to get a wlan sniff to see what is happening.

Also do you have CAC enabled? Is one difference between 7920 as the 7921 supports TSPEC and those messages are in the reassociation requests. Sounds like it may be failing and having to do a full authentication.

I can see the passed radius authentications on the ACS side when 7921g is roaming. The CAC/TSPEC is a good idea to inspect. I have no expercience on CAC/TSPEC but I will test it and let you if it was the case. Do you have some good document to point because I have no idea yet how to enable TSPEC on a autonymous accesspoints or disable it on a phone. I will get back to this topic after next week. (I'm on holiday).

It is documented in our 7921G Deployment Guide. See section on CAC at pages 19 and 44.

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/6_0/english/deployment/guide/7921dply.pdf

You can enable CAC under the QoS section on the AP webpage.

http://cisco.com/en/US/docs/wireless/access_point/12.4_3g_JA/configuration/guide/s43qos.html

Are you also using autonomous APs?

Or do the APs join a WLAN controller?

What authentication are you using?

How many seconds exactly is the voice gap?

Is the issue only in the rx path of the 7921? or is also a gap in the tx path, where the far end hears the gap as well?

You can attach your config for further assitance.

I think that I have some kind of solution for this problem - in our case.

I have been testing the solution for a day and it seems to be working.

I enabled the CAC on a accesspoints but it did not help with the authentication problem. Then I noticed one "note" from the document that migilles pointed "http://cisco.com/en/US/docs/wireless/access_point/12.4_3g_JA/configuration/guide/s43qos.html" - chapter 15 -igmp snooping.

I had previously enabled the igmp snooping because the 7921g documents told so - without any understanding what that was for. I disabled the snooping and 7921g did not anymore authenticate everytime it roamed. Now I can see on every romaing (CCKM FastRoaming) message instead of only (CCKM) and there is no gap when roaming.

I don't know how disabling igmp snooping affects the phone or a voice call yet.

So the configuration at the moment:

- ACS 4.1

- LEAP for WDS and phone

- 1242 autonymous accesspoints - will try to use also with 1121g

- CCM 4.2(3)

- CAC enabled - unlimited bandwidth

- IGMP snooping disabled

Hopefully the 1121g works also because we have those about 400.....

Should enable IGMP for multicast. I assume your voice call was unicast and not multicast, so should not have any impact here.

There is an issue with the autonomous AP (CSCsx07150), where CCKM is failing. This appears to be handing the TSPEC that we send for SCCP traffic (UP4).

The workaround here is to enable "admit-traffic" under the ssid config. In the AP webpage, it is listed as "Call Admission Control", which will add the admit-traffic command.

Below is an example:

dot11 ssid voice

vlan 21

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa cckm

admit-traffic

This will go into the next 7921/7925 Deployment Guide to ensure that admit-traffic is always enabled.