I have three 1230G AP's in an Emergency Room and have wireless carts that move throughout the area. The Three APs are running 12.3(2)JA2, are on channels 1, 6, & 11, and the clients are using the Cisco 350 cards. Only WEP is enabled.
We setup a constant ping to a device in the same subnet and our problem occurs as we move the cart and it roams to a new AP, we get four "Destination not Found" errors everytime, with each cart.
We have enabled WDS and have even taken WEP off to ensure a trouble-free connection and it still occurs. Is this a result of the version of code they have on the AP's or the clients? Has anyone else had this experience?
With the WDS enabled (Cisco's WDS is not the same as most other manufacturers), when the client authenticates, the designated WDS AP hashes & caches the credentials.
When a client roams, the hashed credentials are forwarded to the next likely AP. Since the client is already "authenticated" the handoff is much quicker than the full authentication & association handshake.
Even with open APs, the association handoff can take a while.
If the clients are enabled for "Power Save" mode, you may want to disable it (at least while roaming) ... one of the processes during re-association (handoff to another AP) is to also pass all frames buffered from the original AP while the client was "asleep."
IMHO, you'd also do well to move up to 12.3(7) if you can. We had some issues with 12.3.2 (and (4)).
Are you referring to what Cisco calls "fast secure roaming" ? As far as I can tell, I believe there are specific encryption settings (TKIP+WEP) if I remember. It also looked like there are similar settings on the client side. But, with WDS running, will that alone speed the authentication process or are these encryption settings required ?
I'm experiencing the same symptoms as above but changing several hundred clients will be a booger.
Yes, Fast Secure Roaming is part of WDS. You are not limited to TKIP + WEP to do WDS. You could use LEAP or even EAP-FAST.
WDS does not require you to make settings on the client side, it is only between the ACS server and the AP's. Limitations are 60 AP's max if use an AP as the WDS server. However you must disable the radios on the WDS AP to support 60. If you have less than 30, you can use an AP that is in service.
WDS does not speed the initial authentication process, but it will make re-authentication while roaming quicker. The specific issues I have had do not seem to be effected by WDS. I am still getting timeouts when I roam and that is unacceptable with the type of applications I am using. Voice would even be worse, so that is why I was sure it was an IOS version upgrade.