The virtual uncontrolled port on the authenticator opens and allow EAP-traffic through (the red line). Phase 2: Starts with the authenticator (WLC) sends request identity to the supplicant (client) and the supplicant respond.Phase 1: Establish 802.11 data link: probe request/response, authentication and association between the client and the AP.The traffic flow in this network is like this Mac-address on wifi-nic: 5c 51 81 22 4d a1 – WLC (authenticator): Wlan with wpa2-aes and 802.1X, access point in flexconnect with native vlan to 1716 and the flex WLAN mapped to vlan 2000 Free Radius server, configured for EAP-PEAP and EAP-MSCHAPv2
– Router, two LAN-subinterfaces and internal dhcp-server for both subinterfaces, nat against internet – SW2, all vlans enabled on all trunkports – SW2 with AP, trunk against AP with vlan 1716 (ap management) and vlan 2000 (flex WLAN), 1716 as native vlan How to capture frames in Wireshark on a network with WPA2 Enterprise and AP in FlexConnect using MacBook
0 kommentar(er)
