topic Re: CCKM in Wireless https://community.cisco.com/t5/wireless/cckm/m-p/500062#M192650 <HTML><HEAD></HEAD><BODY><P>Found the answer to my question in the below. </P><P></P><P>Currently, LEAP and EAP-FAST are the only two EAP types that are supported in terms of CCKM and</P><P>thus the only two 802.1X authentication protocols that support Fast Secure Roaming. Cisco SWAN and</P><P>WLSM support all the other EAP types (PEAP, EAP-TLS, PEAP-GTC, and so on), but for these</P><P>protocols, the roaming time is not as fast as the CCKM-enabled ones. This is because without CCKM,</P><P>there is no caching of user credential in the WDS. This means that every time the client roams from one</P><P>access point to another, a full authentication is needed with the RADIUS server. It is still a Layer 3</P><P>roaming, so the client keeps the IP address, but the roaming time is not guaranteed to be under 100 ms.</P></BODY></HTML> Thu, 26 May 2005 17:09:38 GMT vsahagian 2005-05-26T17:09:38Z CCKM https://community.cisco.com/t5/wireless/cckm/m-p/500061#M192649 <P>Does the AP require CCKM enabled in order for WDS caching of security credentials or will other key management types such as WPA work?</P> Sun, 04 Jul 2021 17:48:55 GMT https://community.cisco.com/t5/wireless/cckm/m-p/500061#M192649 vsahagian 2021-07-04T17:48:55Z Re: CCKM https://community.cisco.com/t5/wireless/cckm/m-p/500062#M192650 <HTML><HEAD></HEAD><BODY><P>Found the answer to my question in the below. </P><P></P><P>Currently, LEAP and EAP-FAST are the only two EAP types that are supported in terms of CCKM and</P><P>thus the only two 802.1X authentication protocols that support Fast Secure Roaming. Cisco SWAN and</P><P>WLSM support all the other EAP types (PEAP, EAP-TLS, PEAP-GTC, and so on), but for these</P><P>protocols, the roaming time is not as fast as the CCKM-enabled ones. This is because without CCKM,</P><P>there is no caching of user credential in the WDS. This means that every time the client roams from one</P><P>access point to another, a full authentication is needed with the RADIUS server. It is still a Layer 3</P><P>roaming, so the client keeps the IP address, but the roaming time is not guaranteed to be under 100 ms.</P></BODY></HTML> Thu, 26 May 2005 17:09:38 GMT https://community.cisco.com/t5/wireless/cckm/m-p/500062#M192650 vsahagian 2005-05-26T17:09:38Z