Motorola RFS Series System Reference Manual page 161

Opportunistic Key Opportunistic Key Caching
Caching client on one Access Port with the same client when it roams over to another
Access Port. Upon roaming, the client does not have to conduct 802.1x
authentication and can start sending/receiving data sooner.
Pre-Authentication Selecting the
an 802.1x authentication with another switch (or device) before it roams to it. This
enables the roaming client to send and receive data sooner by not having to
conduct an 802.1x authentication after roaming. This is only supported when
802.1x EAP authentication is enabled.
9. Refer to the Status field for the current state of the requests made from applet. This field displays error
messages if something goes wrong in the transaction between the applet and the switch.
10.Click OK to use the changes to the running configuration and close the dialog.
11.Click Cancel to close the dialog without committing updates to the running configuration.
NOTE: Legacy MUs supporting WEP encryption and new MUs supporting 802.11i WPA/WPA2-TKIP
encryption can not co-exist on the same WLAN. The multi-cipher support feature allows you to enable
these two device types to co-exist on the same WLAN.
This feature allows using a combination of WEP encryption and 802.11i encryption on a per WLAN basis.
This is done by creating WLANs with the same SSID but with different BSSIDs and security cipher
combinations. The APs broadcast different beacons for the same SSID. The MUs associate with the AP based
on its configuration of SSID, BSSID, and security cipher.
This feature supports the following combinations of security ciphers:
• WEP 64 and WPA/WPA2-TKIP
• WEP 64 and WPA-CCPMP
• WEP 128 and WPA/WPA2-TKIP
• WEP 128 and WPA-CCMP
• WPA-CCMP and WPA/WPA2-TKIP
These security cipher combinations are available on a per WLAN basis.
The following are the limitations of this feature:
• You should make sure that the WLANs created with the same SSIDs are grouped into different WLAN
groups. This is because WLANs with common SSID should have unique BSSIDs.
• WEP 64 and TKIP/CCMP ciphers can not be part of the same WLAN group.
• When WEP 128/TKIP and CCMP ciphers are grouped in the same WLAN group, the BC/MC encryption is
downgraded to WEP 128/TKIP. So in scenarios where 'N only' MUs are present they may not able to
associate as those MUs do not support WEP 128/TKIP. In such cases WLANs with WEP 128/TKIP cipher
suites should be in a different WLAN group than those WLANs with CCMP cipher suites.
• When downgrading the firmware on the AP, WLANs with same SSIDs are not supported by the old
version of the firmware image and hence there could be errors while configuring the AP after booting up
with image. Only the first WLAN with the common SSID may get created.
• When exporting the configuration to an AP, which does not support this feature there could be errors
while configuring the AP. Only the first WLAN with the common SSID may get created.
allows the switch to use a PMK derived with a
Pre-Authentication option enables an associated MU to carry out
4-59
Network Setup