Table of Contents
Advertisement
A single BSC in the Secure Mobility configuration is configured as the Mobility Node List
Master. The Mobility Node List Master maintains the status of all BSCs participating in the
Secure Mobility configuration.
Network Requirements
To effectively implement Secure Mobility, you must make sure that your network and
mobile environment meet the following conditions:
•
When mobile users roam, their traffic is redirected back to the user's original BSC.
Therefore, if there is a router or firewall between BSCs, ensure that GRE (Protocol 47)
and HTTPS traffic (TCP Port 443) is allowed to pass between the BSCs.
•
Mobile users should remain in radio contact with an access point while roaming. If
radio contact is lost briefly (i.e. moving out of range of an access point), the mobile
device will not require re-authentication when it returns to the coverage area of the
wireless network so long as its connection timeout has not expired (see
"Miscellaneous BSC Options" on page 10-24).
•
Each BSC's managed interface should be on a different subnet. Additionally, each
BSC's protected interface that is connected to a router should be on a different
BlueSecure™ Controller Setup and Administration Guide
S u b n e t 1
BSC - A
Po w e r
R e se t
W G -2 100 W ir eles s G atew ay
BSCs Communicate
to See if User was on
a Different Subnet Originally
W L A N 1
Figure 14-4: Secure Mobility: Phase 3
S u b n e t 1
BSC - A
Po w er
R e se t
W G - 210 0 W ir eles s G atew ay
Traffic is Re-directed,
Allowing User to Move
Seamlessly Between
Need to Re-authenticate
W L A N 1
Figure 14-5: Secure Mobility: Phase 4
S u b n e t 2
P O W E R FA U L T D A T A A L A R M
Router
Po w er
R e se t
W G - 210 0 W ire le ss G a te way
W L A N 2
S u b n e t 2
P O W E R FA U L T D A T A A L A R M
Router
P o w e r
R e se t
W G -21 00 W ire le ss G at ew a y
WLANs without the
W L A N 2
Secure Mobility®
BSC - B
BSC - B Detects
New User from BSC - A
Mobile User
BSC - B
Mobile User
14-5
Advertisement
Table of Contents
