Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
567
Views
5
Helpful
3
Replies

roaming problem

ahmedalshami
Level 1
Level 1

‎12-28-2006 09:20 AM - edited ‎07-03-2021 01:25 PM

i have

1230 ap (120.3.8)

7920 (4.0.0-01-08)

one SSID

authent: open

encryp: none

the two access point was configured and ( 30% overlap and more) when i tried to connect to the first access point (using wireless ip phone 7920 )its connect but when moving to the other AP its disconnect and having this message (authentication failed)

please advice and what must do

Labels:
0 Helpful
3 Replies 3

Rob Huffman
Hall of Fame
Hall of Fame

‎12-31-2006 06:22 AM

Hi Ahmed,

To support roaming for the 7920, you should probably look into setting up WDS. Have a look at the following;

Wireless Domain Services (WDS) act as a central authentication entity that supports a fast client rekey, rather than requiring a full RADIUS reauthentication each time the client roams. All access points and clients in a L2 domain 802.1X authenticate to a RADIUS server via the WDS that performs the role of 802.1X authenticator. Because all clients and access points authenticate via the WDS, the WDS is able to establish shared keys between itself and every other entity in the L2 domain. These shared keys enable CCKM fast secure roaming.One of the main purposes of WDS is to cache the user credentials as soon as the authentication server authenticates the client for the first time. On subsequent attempts, WDS authenticates the client on the basis of the cached information.

From this doc;

http://www.cisco.com/en/US/products/hw/wireless/ps4570/prod_technical_reference09186a00801c5223.html#wp39351

The WDS device performs these tasks on your WLAN:

Registers all client devices in the subnetwork, establishes session keys for the client devices, and caches the client security credentials. When a client roams to another AP, the WDS device forwards the client security credentials to the new AP.

From this excellent doc;

Wireless Domain Services FAQ

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00804d4421.shtml#intro

Wireless Domain Services Configuration

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c951f.shtml#step1

Hope this helps!

Rob

Please remember to rate helpful posts.....

Richard Atkin
Level 4
Level 4

‎01-20-2007 05:43 AM

If everything is open, then you don't need WDS. Most likely problem is that there is a configuration mismatch between the APs.

Check that;

- SSID / VLAN mappings are same on both APs

- Authentication / Encryption settings are same on both APs and the 7920

- Channel settings are different (ie, use 1 & 11)

HTH,

RA

0 Helpful

migilles
Cisco Employee
Cisco Employee
In response to Richard Atkin

‎01-20-2007 12:13 PM

There was an issue in 1.08 firmware where the phone would send a null BSSID in reassociation packets. This was fixed in 1.09 (CSCeg33605). Encourage to use 3.01 firmware. It is mentioned in the firmware release notes to use 1.09 or higher when using AP fw version 12.3(4)JA or higher.

"Note 1: Firmware version 1.0(9) or higher is required to interoperate with the 12.3(4)JA or later IOS releases for the Cisco Aironet access points as well as for the Cisco Airespace and some 3rd party access points."

http://ftp-sj.cisco.com/cisco/crypto/3DES/voice/ip-7900ser/cmterm-7920-sccp.3-0-1-Readme.htm

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card