I remember reading somewhere that 802.1x has dynamic session-based encryption keys. The article mentioned that the key will change when it roams to a new AP. This will have some impact on VPN users. Is this true?
I will like to implement on my wireless users that they use 802.1x to authenicate and power up their VPN to access the Intranet. If the above is true, how do I go about solving it?
Another question is, if my AP is cisco 1200, and some of the client cards are a mixture of cisco aironets and other brands, is it possible for the AP to authenticate the Aironet cards using LEAP, and the other brands using EAP?