<
WiFi
EAP Controller Portal Authentication & Roaming Clients not Working
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
EAP Controller Portal Authentication & Roaming Clients not Working
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
2017-08-14 01:57:40
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
EAP Controller Portal Authentication & Roaming Clients not Working
2017-08-14 01:57:40
Tags:
Model :
Hardware Version :
Firmware Version :
ISP :
Hi,
Test setup with EAP245 and controller using Hotspot authentication - all works fine on 2.4.7 (Windows) and 2.4.8 (Linux). However when an authorised client moves from one band to the other the authorisation does not follow so a second voucher has to be used. I expected the authorisation should be tied to SSID and client MAC. Any tips on where to look to get the authorisation applied to both 2.4G and 5G
Anyone had problems with multiple AP's and roaming with Hotspot?
Thanks
Hardware Version :
Firmware Version :
ISP :
Hi,
Test setup with EAP245 and controller using Hotspot authentication - all works fine on 2.4.7 (Windows) and 2.4.8 (Linux). However when an authorised client moves from one band to the other the authorisation does not follow so a second voucher has to be used. I expected the authorisation should be tied to SSID and client MAC. Any tips on where to look to get the authorisation applied to both 2.4G and 5G
Anyone had problems with multiple AP's and roaming with Hotspot?
Thanks
#1
Options
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thread Manage
Announcement Manage
4 Reply
Posts: 230
Helpful: 18
Solutions: 0
Stories: 0
Registered: 2017-04-12
Re:EAP Controller Portal Authentication & Roaming Clients not Working
2017-08-16 15:29:14
Dual band APs typically include two wireless chipsets to allow a device to communicate with another wireless-enabled device.This two different wifi chipsets cannot work at the same time. They are two separate devices. EAP245 and the wifi client communicate according to the MAC address of the wifi devices and the two chipsets. So i think it absolutely normal for a dual-band AP.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#2
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
Re:EAP Controller Portal Authentication & Roaming Clients not Working
2017-08-16 17:15:09
Agreed, but this is sold as a business solution so the controller should check the client MAC and see it's been authorized for the SSID and grant access. The other business WiFi systems handle this. I also have my doubts the EAP system can handle roaming either and if it done by radio MAC then of course it wont.
I see the new PowerPoint docs just added completely omit this weakness
I see the new PowerPoint docs just added completely omit this weakness
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#3
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 4334
Helpful: 1042
Solutions: 173
Stories: 3
Registered: 2015-12-05
Re:EAP Controller Portal Authentication & Roaming Clients not Working
2017-08-16 20:18:35
MikeB wrote
Agreed, but this is sold as a business solution so the controller should check the client MAC and see it's been authorized for the SSID and grant access. The other business WiFi systems handle this. I also have my doubts the EAP system can handle roaming either and if it done by radio MAC then of course it wont.
Of course, yes, since the EAP245 supports band steering, it should be able to handle roaming as well (clients re-connecting using the same ESSID on APs are standardized in 802.11). Yes, they actually use the BSSID of a WiFi adapter (the MAC address) to connect to it, but in search for the BSSID they use the ESSID (WiFi network name).
So if clients gets de-authenticated, it must be caused by the EAPC. According to http://www.tp-link.com/us/faq-928.html, the EAP transmits both, the ESSID and the BSSID to the EAPC auth service, so this could be indeed a major flaw in EAPC authentication scheme.
༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#4
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
Re:EAP Controller Portal Authentication & Roaming Clients not Working
2017-08-16 22:10:21
Its a flaw as far as I can see but wanted to check incase I did a fat finger job!
Anyway I was onto support and they confirmed it doesn't work. They have confirmed same band roaming works so EAPC has the 802.11 re-authentication functionality but there is a bug in the ESS code module that's keeping the bands segregated.
I have requested a fix - looks like UBNT solution need for now:(
Anyway I was onto support and they confirmed it doesn't work. They have confirmed same band roaming works so EAPC has the 802.11 re-authentication functionality but there is a bug in the ESS code module that's keeping the bands segregated.
I have requested a fix - looks like UBNT solution need for now:(
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#5
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
2017-08-14 01:57:40
Posts: 4
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-14
Information
Helpful: 0
Views: 1115
Replies: 4
Voters 0
No one has voted for it yet.
Tags
Related Articles
Report Inappropriate Content
Transfer Module
New message