No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
STA Access

STA Access

STA access includes three phases: scanning, link authentication, and association.

Scanning

A STA can actively or passively scan wireless networks.

Active Scanning

In active scanning, a STA periodically searches for surrounding wireless networks. The STA can send two types of Probe Request frames: containing SSID and not containing SSID.
  • The STA sends a Probe Request frame containing an SSID in each channel to search for the RU with the same SSID. Only the RU with the same SSID will respond to the STA. For example, in Figure 16-9, the STA sends a Probe Request frame containing SSID huawei to search for an RU with SSID huawei.

    This method applies to the scenario where a STA actively scans wireless networks to access a specified wireless network.

    Figure 16-9  Active scanning by sending a Probe Request frame containing an SSID

  • The STA periodically broadcasts a Probe Request frame that does not contain an SSID in the supported channels as shown in Figure 16-10. The RUs return Probe Response frames to notify the STA of the wireless services they can provide.

    This method applies to the scenario where a STA actively scans wireless networks to determine whether wireless services are available.

    Figure 16-10  Active scanning by sending a Probe Request frame containing no SSID

Passive Scanning

In Figure 16-11, a STA listens on the Beacon frames that an RU periodically sends in each channel to obtain RU information. A Beacon frame contains information including the SSID and supported rate.

To save power of a STA, enable the STA to passively scan wireless networks. In most cases, VoIP terminals passively scan wireless networks.

Figure 16-11  Passive scanning process

Link Authentication

To ensure wireless link security, an RU needs to authenticate STAs that attempt to access the RU. IEEE 802.11 defines two authentication modes: open system authentication and shared key authentication.
  • Open system authentication: indicates no authentication. STAs are successfully authenticated as long as the RU to be associated supports this mode, as shown in Figure 16-12.
    Figure 16-12  Open system authentication

  • Shared key authentication: requires that the STA and RU have the same shared key preconfigured. The RU checks whether the STA has the same shared key to determine whether the STA can be authenticated. If the STA has the same shared key as the RU, the STA can be authenticated. Otherwise, the STA cannot be authenticated.
    Figure 16-13  Shared key authentication

    Figure 16-13 shows the shared key authentication process:
    1. The STA sends an Authentication Request packet to the RU.
    2. The RU generates a challenge and sends it to the STA.
    3. The STA uses the preconfigured key to encrypt the challenge and sends it to the RU.
    4. The RU uses the preconfigured key to decrypt the encrypted challenge and compares the decrypted challenge with the challenge sent to the STA. If the two challenges are the same, the STA can be authenticated. Otherwise, the STA cannot be authenticated.

Association

Client association refers to link negotiation. After link authentication is complete, a STA initiates link negotiation using Association packets, as shown in Figure 16-14.

Figure 16-14  STA association

  1. The STA sends an Association Request packet to the RU. The Association Request packet carries the STA's parameters and the parameters that the STA selects according to the service configuration, including the transmission rate, channel, QoS capabilities, access authentication algorithm, and encryption algorithm.
  2. The RU receives the Association Request packetand sends the CAPWAP packet to the central AP.
  3. The central AP determines whether to authenticate the STA according to the received Association Request packet and replies with an Association Response packet.
  4. The RU receives Association Response packet and sends it to the STA.
    NOTE:
    The STA determines whether it needs to be authenticated according to the received Association Response packet:
    • If the STA does not need to be authenticated, the STA can access the wireless network.
    • If the STA needs to be authenticated, the STA initiates user access authentication. After being authenticated, the STA can access the wireless network. For details about user access authentication, see User Access and Authentication Configuration Guide.
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116998

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next