Sophos WiFi APs - client roaming?

Can Sophos APs provide seamless client roaming? I haven't seen it in the literature. I'm looking for some bring similar to Aruba's client match or Ubiquiti's zero handoff.

For a little background, I'm about to install some new XG appliances (210 and 125) for a couple of offices, but I also need to install several wifi access points. I like the idea of a vertically integrated solution by adding several Sophos AP55 or AP55cs... The hardware looks good, but roaming is an important feature for at least one of the offices. The XG essentially acts like a wireless controller so this seems like it *should* be possible but I don't know.

  • AP assisted client roaming should be supported if the client also supports it (from the UTM9 help):
    UTM supports the IEEE 802.11r standard in WPA2 (PSK/Enterprise) networks to reduce roaming times. Clients also need to support the IEEE 802.11r standard.


     

  • Hi Rick,

    Yes, Sophos AP(s) provide client roaming (only available with WPA2 Personal/Enterprise encryption mode). Simply enable Fast Transition in the Wireless Configurations | Advance tab, as mentioned in the previous post by Vilic.

    Thanks

  • In reply to sachingurung:

    sachingurung

     

    You need to configure a Mesh Network of AP(s), for your requirement.

    Later you can enable Fast Transition in the wireless configurations as mentioned in the previous post by Vilic.

     

     
    Why is it required to make a mesh of AP's? I use the UTM, do you mean to crete a group of AP's in the UTM first?
     
     
  • In reply to twister5800:

    Also do I need both Mesh and Fast Transition this this to work?

  • In reply to BrianTesoroni:

    I am also wondering about this? I have fast transition on but it still seems that some of the Mac computers have issues roaming, we have to power off wifi and back on to reconnect at times. Also do I loose the band if I setup a mesh mode?

  • In reply to Brian Hawkins:

    I don't believe AP55 mesh, only AP100. AP55 is supposed to sometime in the future from memory.

  • In reply to rfcat_vk:

    I have 5 AP100c's in my installation, all tied to the same managed POE switch, currently with fast transition enabled on the XG. I was hoping to have it clarified if a Mesh network is still needed or does the switch check that requirement?

  • In reply to Brian Hawkins:

    Hi Brian, we are having the same Problem with Macbook Air Computers.

    Roaming doesn't work at all. All 3 Airport Extreme Access points are in Bridge mode connected to a Sophos UTM 9.

    All Clients have to disable/enable Wifi after moving into the area of another Airport Extreme Access Point

  • In reply to sachingurung:

    Hi,

     

    Just after some clarity as I have computers facing trouble when moving around the office.

     

    for client roaming, do i need to create a mesh network or will a wireless network added to the necessary APs suffice?

     

    My APs are set up in bridged to lan mode..

     

    thanks

  • In reply to Yahyaa Bham:

    Hi Yahyaa,

    Mesh network is not needed for fast-transition. 

    Thanks

  • How about client roaming in V16.05.8 MR8.

    I can't see the following setting in MR8.

    The setting in MR8 as following.

    How to enable the fast-transition in MR8?

    Does Sophos XG give up the function?

    Shunze

  • In reply to secure cmsa_secure:

    Dear All,

    The Fast Transition option will only show with AES encryption.

    TKIP or TKIP/AES compatible will not show the Fast Transition option.

    Shunze

  • In reply to secure cmsa_secure:

    Hello,

    Fast Transition (available only if WPA2 Personal/Enterprise security mode is selected)
    Wireless networks with WPA2 security use the IEEE 802.11r standard. If you want to prevent this, select Disabled from the drop-down list

    http://docs.sophos.com/nsg/sophos-firewall/v17.0.0/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp/WPNetworkEdit.html#

     

    Regards, Ronak.