Cisco Cisco Clean Access 3.5
15-2
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 15 Device Management: Roaming
Overview
•
Clean Access Servers acting as virtual gateways only support roaming with other virtual gateway
Servers. Roaming can occur between Clean Access Servers that are operating as real-IP gateways
and NAT gateways, but not between these types and virtual gateways.
Servers. Roaming can occur between Clean Access Servers that are operating as real-IP gateways
and NAT gateways, but not between these types and virtual gateways.
How Roaming Works
When users first access a roaming-enabled network, they associate with a particular access point and
acquire an IP address. Also, authentication and security encryption parameters for the session are
established.
acquire an IP address. Also, authentication and security encryption parameters for the session are
established.
Figure 15-1
Session Established
When the user moves to the range of the new access point, the IP address of the user device allows the
second Cisco Clean Access Server to identify which Cisco Clean Access Server originated the session.
second Cisco Clean Access Server to identify which Cisco Clean Access Server originated the session.
All traffic from the user is tunneled to the original Server, and traffic for the client is tunneled from the
original Server to the current Server. From there, any filtering or other traffic handling measures or
policies are enforced.
original Server to the current Server. From there, any filtering or other traffic handling measures or
policies are enforced.
The traffic is then routed to the network as appropriate:
AP
AP
CAS-1
subnet
10.1.2.0
subnet
10.1.3.0
10.1.3.23
SSID=uninet
SSID=uninet
CAS-2
CAM
to the network