Table of Contents
Advertisement
Chapter 14: Secure Mobility® MatriX
How Secure Mobility Works
The following figure illustrates how Secure Mobility works. For simplicity, two wireless
networks and one mobile user are shown. In practice, the number of mobile users and
WLANs is much greater.
The mobile user connects to WLAN 1 as he or she normally would, with or without an
IPSec tunnel.
The mobile user now moves through the enterprise and associates with WLAN 2 ( as
shown in Figure 14-3), which is on a separate subnet. Without Secure Mobility, this
connection would be dropped and the user would be forced to get a new IP address and
re-authenticate to the network.
BSC B senses the new mobile user on WLAN 2 ( as shown in Figure 14-4) and checks
with other BSCs on the network. The user is identified as roaming from WLAN 1.
The mobile user's traffic is redirected back to their original BSC A ( as shown in Figure
14-5), allowing the user to roam seamlessly without the need to re-authenticate or acquire
a new IP address. This is done without the need for client software and allows the user to
maintain their secure IPSec tunnel, if used.
14-4
S u b n e t 1
BSC - A
Po w er
R es e t
W G -2 1 0 0 W ir e le s s G a te w a y
W L A N 1
Mobile User
Figure 14-2: Secure Mobility: Phase 1
S u b n e t 1
BSC - A
Po w er
R es e t
W G -2 1 0 0 W ir e le s s G a te w a y
W L A N 1
User Moves to Subnet 2
Figure 14-3: Secure Mobility: Phase 2
S u b n e t 2
P O W E R FA UL T DA T A A L A R M
Router
P o w er
R e set
W G -2 1 0 0 W ire le s s G a t e w a y
W L A N 2
S u b n e t 2
P O W E R FA UL T DA T A A L A R M
Router
P o w er
R e set
W G -2 1 0 0 W ire le s s G a t e w a y
W L A N 2
BSC - B
BSC - B
Mobile User
Advertisement
Table of Contents
