Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Help with understanding assoication process of wireless client

This thread has been viewed 1 times

  • 1.  Help with understanding assoication process of wireless client

    Posted May 15, 2014 02:39 PM

    can someone please help me understand association process of wireless client.


    when i ran debug from controller i see below request and response , but would like to understand in detail, if any documention which explains this would be much helpfull to me.

     

    sap-term-start - ?

    station-term-start-

    client-finish

    server-finis

    sever-finish ack

    inner-eap-id-resp

    inner-eap-id-resp

    eap-mschap-chlg

    eap-mschap-response

    and so on

     

     

    thanks for help in advance.



  • 2.  RE: Help with understanding assoication process of wireless client
    Best Answer

    Posted May 15, 2014 03:06 PM

    Client ---Probe---> AP Client ---Probe---> AP

    AP ---Probe Response---> Client

     

    Then,

     

    Client ---802.11 Authentication Request---> AP

    AP ---802.11 Authentication Response---> Client

    Client ---802.11 Association Request---> AP

    AP ---802.11 Association Response---> Client

     

    Now, the client can pass traffic to the AP, so we go into the network authentication. If EAP:

     

    AP ---EAP Indentity Request---> Client

    Client ---EAP Indentity Response---> AP

    AP ---EAP Indentity Response---> RADIUS

    RADIUS ---EAP Request EAP Type---> Client

    Client ---EAP Response EAP Type---> RADIUS

    RADIUS <---EAP conversation (challenges etc)---> Client

    RADIUS ---EAP Success---> Client

     

    Next, WPA handshake,

     

    AP ---ANonce---> Client

    Client contructs Pairwise Transient Key

    Client ---SNonce---> AP

    AP ---Group Temporal Key + MIC---> Client

    Client ---ACK---> AP
    AP ---Probe Response---> Client

    Then,

    Client ---802.11 Authentication Request---> AP
    AP ---802.11 Authentication Response---> Client
    Client ---802.11 Association Request---> AP
    AP ---802.11 Association Response---> Client

    Now, the client can pass traffic to the AP, so we go into the network authentication. If EAP:

    AP ---EAP Indentity Request---> Client
    Client ---EAP Indentity Response---> AP
    AP ---EAP Indentity Response---> RADIUS
    RADIUS ---EAP Request EAP Type---> Client
    Client ---EAP Response EAP Type---> RADIUS
    RADIUS <---EAP conversation (challenges etc)---> Client
    RADIUS ---EAP Success---> Client

    Next, WPA handshake,

    AP ---ANonce---> Client
    *Client contructs Pairwise Transient Key (PMK from EAP/PSK, ANonce, SNonce, AP MAC, Client MAC)* 
    Client ---SNonce---> AP
    AP ---Group Temporal Key + MIC---> Client
    Client ---ACK---> AP



  • 3.  RE: Help with understanding assoication process of wireless client

    Posted Sep 15, 2014 06:19 AM

    any document which will gives us good explanation.