user logs out of 802.11x and cyebroam firewall when roaming from AP to another

  • 1
  • Question
  • Updated 2 years ago
  • Answered
I have ZD 1100 set up with 12 7363 APs , i have one SSID using 802.11x Radius authentication through windoes server 2008 , Cyberoam UTM firewall is set as accounting server to log users in to firewall automatically , the problem is when a user roam from AP to another the ZD sends a log out event to the cyberoam which logs the user out of the firewall and hence the user loses internet connection is dropped for about 30-60 seconds untill the ZD sends cyberoam another reauthentication request. how do i prevent Ruckus ZD from sending a stop or log out event to the accounting server when the user is raoming and not disconnected.
Photo of Ali Hosny

Ali Hosny

  • 4 Posts
  • 1 Reply Like

Posted 2 years ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 2182 Posts
  • 300 Reply Likes
You might need to configure the Cyberoam device to allow 30-60 seconds before considering a user to be disconnected.
Every time an 802.1x client roams, it will perform re-authentication.
Photo of Ali Hosny

Ali Hosny

  • 4 Posts
  • 1 Reply Like
The cyberoam has no such option , is there an option to delay the sending of log off stop accounting packet for 30-60 seconds or even stop sending stop packets all together?
Photo of Ali Hosny

Ali Hosny

  • 4 Posts
  • 1 Reply Like
For anyone whos has the same problem , Actually found the solution in this article
https://support.ruckuswireless.com/an...
roaming-acct-interim-update has to be enabled throug cli to stop sending start/stop accounting requests while roaming . now SSO with cyberoam firewall is working flawlessly ,theoretically should work with any firewall .