1

We are setting up an office with a Ubiquiti Unifi Security Gateway and three UAP-AC access points. The controller is running on a local Linux machine.

Most of the setup works fine. We are using a RADIUS server running on a Synology DS 2015xs for WPA2-Enterprise authentication. However, our clients cannot roam from one WAP to another. If a client is connected in one room and moves to another room it can take about five minutes until the client is assigned an IP address at the new location. In the meantime clients usually acquire self-assigned IP addresses and cannot connect to the internet or network. If the same client moves back to the first room, it will again take up to five minutes to regain a connection.

A client that stays within the same location can connect and acquire an IP address within a few seconds.

It is as if clients are "sticky" and remain associated with a particular AP for a long time. When a client is eventually released from that AP it can connect to a different AP but then will stay attached to that AP and will have to wait again before connecting to a different one.

I have ensured that the WPA2-Enterprise authentication is not the problem. All clients authenticate against the RADIUS server within a few seconds even if they need several minutes to acquire an IP address. I have also tested this with an open network and see the same problem.

oceanhug
  • 121
  • 4

1 Answers1

0

I am an independent IT consultant, and have been dipping my foot into the Ubiquiti UniFi world increasingly over the last couple of years. Two UAP Pro (pre AC) WAPs in a long narrow office space, and an extremely dense RF environment in downtown SF Financial District. MetaGeek InSSIDer util shows several hundred signals.

When I installed it, I cranked up both WAPs to full transmit power, naively thinking it might override the extremely competitive noise. In later analysis I saw that a client would try to roam, and it would get "sticky" to the first WAP it connected to, even when it was closer to the second one it was immediately next to.

In fact, as I have recently learned, it is better for the power to be pulled back on BOTH WAPs so that a client will let go of the first one, and then very quickly find the second. In the UBNT Community Forums you will find a good discussion of the ZeroHandOff details by a smart and skeptical engineer user by searching there.

My recollection of a reference I found in the UBNT Forums is that you set up the signal at the user to be -64Dbm rather than max, so it is actually able to let go of the first to go to the second WAP. He has made me want to question the ZH importance after reading. I will see if I can provide a link.

Sorry to be so generic, but I saw the question and thought I would respond, as this is my first time in this web venue.

Diamond
  • 8,791
  • 3
  • 22
  • 37
Robert L
  • 1
  • 1