CTS-to-self "flooding"
Last Post: July 17, 2008:
-
Well, remember, the CTS-to-self frame "flood" isn't constant. So I can run my sniffer trace and not see it for awhile. It comes and goes. And now I'm wondering if it has to do with my authentication method.
I started off using WPA2 with EAP-PEAP, AES, and EAP-GTC for the outer tunneled authentication. All of my MC70's generated the CTS-to-self "floods" and they cooresponded with my RADUIS server log which showed "Authen OK" in rapid succession for the same client.
Moreover, when I used debug client xx:xx:xx:xx:xx:xx and debug aaa events enable on my WiSM controller's, I would see EAPOL messages scrolling by at the same rate as the RADIUS server log was filling up.
I changed from WPA2 to WEP, but I haven't seen CTS-to-self "floods" in my sniffer traces... YET. Nor have I see my WiSM controller logs showing the rapid EAPOL message logging. I may never.
So, maybe it's something with EAP-PEAP which generates lower level MAC layer CTS-to-self frames.
Who knows? Someone help!
- 1