Wireless Access

Experts!

 

Sorry for disturbing, we want build our own location system from RTLS packets collected from ARUBA AP, but found there is little information about this from internet and it's diffcult to decode the information in RTLS packets. Now we could only decode the packets header. Do you have experience in this and could shed some light on this:

 

For example, below information is the whole packet contents:

00:14:fc:c5:01:00:00:5c:9c:1c:12:ce:8f:06:00:00:00:02:00:00:00:13:fc:c3:02:00:00:1c:9c:1c:12:ce:8f:06:00:00:9c:1c:12:68:f0:62:5d:0a:06:c4:02:01:9c:1c:12:68:f0:60:9c:1c:12:68:f0:62:00:00:00:01:00:13:fc:c4:02:00:00:1c:9c:1c:12:ce:8f:06:00:00:08:57:00:19:0c:5f:5d:00:06:d9:01:01:9c:1c:12:68:f0:60:9c:1c:12:68:f0:64:00:00:00:01:eb:de:e8:ab:ce:05:d6:f2:5a:ea:9a:2c:e8:ea:5e:f8:11:62:c0:38

 

We could decode the packet header:

bytes[0-1]   00:14                      Message type: AR_COMPOUND_MESSAGE_REPORT

bytes[2-3]   fc:c5                               Message id:  fc:c5

bytes[3-4]   01:00                      Major vision: 01 Minor Vision :00

bytes[5-6]   00:5c                      Data Length

bytes[7-12]  9c:1c:12:ce:8f:06            AP MAC address

bytes[13-14] 00:00                             Padding

 

But from offset 14bytes we couldn't found any clue to decode it:

00:02:00:00:00:13:fc:c3:02:00:00:1c:9c:1c:12:ce:8f:06:00:00:9c:1c:12:68:f0:62:5d:0a:06:c4:02:01:9c:1c:12:68:f0:60:9c:1c:12:68:f0:62:00:00:00:01:00:13:fc:c4:02:00:00:1c:9c:1c:12:ce:8f:06:00:00:08:57:00:19:0c:5f:5d:00:06:d9:01:01:9c:1c:12:68:f0:60:9c:1c:12:68:f0:64:00:00:00:01:eb:de:e8:ab:ce:05:d6:f2:5a:ea:9a:2c:e8:ea:5e:f8:11:62:c0:38

 

I suspect Aruba will consider the contents to be somewhat proprietary.

 

I've been looking at the API for data from the Aruba ALE server - the ALE server collects the Aruba proprietary data from iAP, Controller and Airwave, interprets it and transmits it in a well defined format.

 

Now that I type this, I'm thinking that studying the ALE API document, you might be able to interpret the raw RTLS data, but might be easier to use ALE to translate.

I too am VERY interested in this.  We have to build an ALE-like sniffer and RTLS seems like the right way to go.  I'm anxiously looking for anyone/help/advice that has done or tried this...

Hi Chris,

check this: https://github.com/lukaskaplan/aruba-rtls

It is my testing script, maybe it can be good source of information for start...

Lukas

Thank you so much!

I'm still new to Aruba "stuff". So, I can setup my IAP's (or controller)'s
RTLS to point to this type of listener, yes?

What I dont understand is that the setup interface on the IAP or controller
wants some "key". What key is that? How do I get it? I think the docs say
it is the "secret" key and not sure where I get that for these devices...

Chris Stakutis
978 764 3488

You can write there what you want, but it has to be same on both sides (controller and RTLS script).

Really? Hmmm. So, just to clarify...

When I configure the RTLS page on the IAS or Controller, in the 'secret key
field' I invent some value, then, in the RTLS receiving code I use the same
value and all will be happy?

BTW, thank you for your help!

Chris Stakutis
978 764 3488
*Alexa "My Life" service for aging/elderly*
http://www.wholehealthplustechnology.com
http://www.concordsoftwareandexecutiveconsulting.com/

Have you solved the problem? Can I get your solution？Or you can give me an example about the AR_ACK packet??  Thank you.

AR_ACK is easy. 

1) You will recieve AR_AP_NOTIFICATION, it is 36 byte. First 16 bytes are Header and last 20 bytes are "checksum". There is no payload.

2) You have to get this header, change first 2 bytes from 0x0015 to 0x0010.

3) Create new checksum of new header (HMAC sha1).

4) Send new header with new checksum (no payload) - 36 bytes back to controller.

It is all