cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
814
Views
0
Helpful
6
Replies

Timeouts while Roaming from AP to AP

d.beaver
Level 1
Level 1

I have three 1230G AP's in an Emergency Room and have wireless carts that move throughout the area. The Three APs are running 12.3(2)JA2, are on channels 1, 6, & 11, and the clients are using the Cisco 350 cards. Only WEP is enabled.

We setup a constant ping to a device in the same subnet and our problem occurs as we move the cart and it roams to a new AP, we get four "Destination not Found" errors everytime, with each cart.

We have enabled WDS and have even taken WEP off to ensure a trouble-free connection and it still occurs. Is this a result of the version of code they have on the AP's or the clients? Has anyone else had this experience?

Thanks in advance for any insight.

6 Replies 6

wong34539
Level 6
Level 6

There may be problem with the code setting the TTL for the packet. Upgrading the code may result good.

scottmac
Level 10
Level 10

You may need to enable LEAP or EAP-FAST.

With the WDS enabled (Cisco's WDS is not the same as most other manufacturers), when the client authenticates, the designated WDS AP hashes & caches the credentials.

When a client roams, the hashed credentials are forwarded to the next likely AP. Since the client is already "authenticated" the handoff is much quicker than the full authentication & association handshake.

Even with open APs, the association handoff can take a while.

If the clients are enabled for "Power Save" mode, you may want to disable it (at least while roaming) ... one of the processes during re-association (handoff to another AP) is to also pass all frames buffered from the original AP while the client was "asleep."

IMHO, you'd also do well to move up to 12.3(7) if you can. We had some issues with 12.3.2 (and (4)).

Good Luck

Scott

Thanks guys. Scott, I am going to try and do the upgrade this week and see if that can cure my problems. I also didn't think about the Power Save mode, I will check it as well.

Thanks again all.

Dave

Are you referring to what Cisco calls "fast secure roaming" ? As far as I can tell, I believe there are specific encryption settings (TKIP+WEP) if I remember. It also looked like there are similar settings on the client side. But, with WDS running, will that alone speed the authentication process or are these encryption settings required ?

I'm experiencing the same symptoms as above but changing several hundred clients will be a booger.

Thanks !

Yes, Fast Secure Roaming is part of WDS. You are not limited to TKIP + WEP to do WDS. You could use LEAP or even EAP-FAST.

WDS does not require you to make settings on the client side, it is only between the ACS server and the AP's. Limitations are 60 AP's max if use an AP as the WDS server. However you must disable the radios on the WDS AP to support 60. If you have less than 30, you can use an AP that is in service.

WDS does not speed the initial authentication process, but it will make re-authentication while roaming quicker. The specific issues I have had do not seem to be effected by WDS. I am still getting timeouts when I roam and that is unacceptable with the type of applications I am using. Voice would even be worse, so that is why I was sure it was an IOS version upgrade.

Yep, I see now at certain client versions CCKM is enabled by default. The ap apparently needs "cipher:CKIP+CMIC" to enable fast roaming.

I'm curious, how can I confirm that the client is actually "fast roaming" ? Is it logged somewhere on the AP or WDS ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: