I want to deploy WiFi on two sites, both having an UTM to manage WiFi. I would like to allow users to travel between sites and connect to the same WLAN (i.e., the same SSID) on both sites.
The sites are also connected via VPN. I can use a common RADIUS server from both sites, so cross-site credentials are not a problem. But does this mean that all I need to do is create WLANs with the same SSID in both UTM configurations? I suspect that the answer is "no", for otherwise anybody could just setup a rogue AP with the desireed SSID and might capture the credentials when folks attempt to connect to them. In fact, in a test setup, Windows 10 clients "knowing" one of the sites will not simply connect to the other site; it causes confusion and takes (sometimes repeated) removal of known networks and rescan until connecting to the other site works. If my suspicion is right, there must be some additional secret dentifier that is different per UTM. Is there? If so, can I make both UTMs use the same secrets identifier?
(Alternatively, can I manage both sites WiFi centrally from a single UTM? I am afraid no because APs seem to contact only a local UTM)
This thread was automatically locked due to age.