Specifications
Secure Mobility®
BlueSecure™ Controller Setup and Administration Guide 14-5
A single BSC in the Secure Mobility configuration is configured as the Mobility Node List
Master. The Mobility Node List Master maintains the status of all BSCs participating in the
Secure Mobility configuration.
Network Requirements
To effectively implement Secure Mobility, you must make sure that your network and
mobile environment meet the following conditions:
• When mobile users roam, their traffic is redirected back to the user's original BSC.
Therefore, if there is a router or firewall between BSCs, ensure that GRE (Protocol 47)
and HTTPS traffic (TCP Port 443) is allowed to pass between the BSCs.
• Mobile users should remain in radio contact with an access point while roaming. If
radio contact is lost briefly (i.e. moving out of range of an access point), the mobile
device will not require re-authentication when it returns to the coverage area of the
wireless network so long as its connection timeout has not expired (see
“Miscellaneous BSC Options” on page 10-24).
• Each BSC's managed interface should be on a different subnet. Additionally, each
BSC's protected interface that is connected to a router should be on a different
Figure 14-4: Secure Mobility: Phase 3
Figure 14-5: Secure Mobility: Phase 4
POW ERFA ULT DATA ALARM
WLAN 1
Subnet 1
WLAN 2
Subnet 2
Power Reset
D
I
S
K
P
W
R
WG-2100 Wireless Gateway
Power Reset
D
I
S
K
P
W
R
WG-2100 Wireless Gateway
Mobile User
BSC - A BSC - B
Router
BSCs Communicate
to See if User was on
a Different Subnet Originally
BSC - B Detects
New User from BSC - A
POWER FAU LT DATA ALARM
WLAN 1
Subnet 1
WLAN 2
Subnet 2
Power Reset
D
I
S
K
P
W
R
WG-210 0 Wireles s Gatew ay
Power Reset
D
I
S
K
P
W
R
WG-2100 Wireless Gateway
Mobile User
BSC - A BSC - B
Router
Traffic is Re-directed,
Allowing User to Move
Seamlessly Between
WLANs without the
Need to Re-authenticate