Layer 3 Roaming - Radius DOT1X

Adoos
Building a reputation

Layer 3 Roaming - Radius DOT1X

We have a 5 level office and are using layer 3 roaming.

 

Recently we have noticed when on a single floor, roaming between APs on that floor has problems. 

 

The issue is if i walk from one end of the building to another i'm roaming and staying connected but it drops IP addressing on the client machine. 

 

I would have thought it would be layer 2 while on the same floor roaming? 

 

Current version: MR 28.6

3 Replies 3
Ryan_Miles
Meraki Employee
Meraki Employee

Can you post a screenshot of your SSID config? Specifically the IP section with the L3 roaming config.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
Adoos
Building a reputation

Is this what you are after? 

 

Adoos_0-1666821937620.png

 

Ryan_Miles
Meraki Employee
Meraki Employee

Yes, thanks. I see RADIUS override is enabled. Are any clients receiving a VLAN attribute via RADIUS auth that would override what the AP would natively place a client onto?

 

With Distributed Layer 3 Roaming the roam should be a layer 2 roam in two scenarios

 

  • When the client moves between APs in the same tagged AP group (ex. between APs tagged with Eagle-L36 the client should remain on VLAN 205 and be a L2 roam)
  • Or, between APs in different tagged groups and the switchport connected to the AP carries the VLANs from other groups/floors. Ex. if the switchports connected to L37 APs allows VLAN 205 then a client should do a L2 roam between any L36 and L37 AP.

You said this was recently noticed. Was this not an issue before or did something change within the deployment? Is the problem specific to one floor or one specific AP or set of APs? Also, are there any regular bridged mode SSIDs in use? If yes, any roaming problems on them?

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels