According to your case, the VPN connection is terminated when travel to other AP. Will the wireless connection terminated too ? If not, I beleive it is the VPN Concentrator issue and not related to the fast secure roaming. Please correct me if I am wrong.
Re: Fast secure roaming in a high school possible?
For seamless fast secure roaming at layer 3 (i.e. maintain client ip address even as you roam amongst APs on different subnets), you need a WLSM as your WDS device in a cat6000 chassis with sup720 to do gre in hardware. This is the only way you can maintain ipsec vpn as you roam unless you use a large layer 2 network spanning the school campus (not ideal).
On the client (mobile node) side, you need to support peap with cisco extensions, specifically CCKM.