Forum

  • When operating in an 802.11i-compliant ESS, where all devices are 802.11i compliant...

    What Ethertype is used over the DS when a client station preauthenticates to a nearby AP? Why is this Ethertype used?

    Devinator

  • EAPOL because an IP address will not be assigned until the 802.1x authentication is completed.

    Wade Mackey

  • By (Deleted User)

    0x88-C7


    helps establish a faster client to AP connection using the EAPOL and PMK (Pariwise Master Key).

  • NICE WORK Compughter! Very nice indeed! That was an obscure fact that's very important. I have a whitepaper on RSN Fast Roaming coming out shortly that addresses this.

    Devinator

  • This means that the PMK is not sent from the current AP to the new AP upon reassociation, correct? In lamens terms, that means that roaming is no faster with 802.11i unless either, A) the station has already associated with the new AP previously and PMK caching is used, or B) Preauthentication has occured between the station and the new AP (using the current AP as sort of a conduit between the two).

    When I think about it, sending the PMK on the DS would have to be a potential vulnerability. I just remember during the CWSP TTT class in June it was mentioned that roaming was faster when TKIP and CCMP are used (as compared to WEP). I must have misinterpreted what exactly was going on to make roaming faster. I thought it was always faster, but it looks like it is only faster if Preauth or PMK caching is used.

    If I'm wrong about any of this, please let me know.

  • you are correct... when the client roams back to a previous AP (where a PMKSA is cached) or preauthenticates to another AP through the current AP and DS, then roaming is fast. otherwise, it's not fast.

  • Learn something new every day when you visit this message board. Thanks, Devin.

  • Glad I could be of service.

Page 1 of 1
  • 1