We have an issue where we have a wlan, and walk round pinging, and when the laptop connects to new AP, it does a full backend radius authentication (802.1x) YUK!!
So, just haveing a look at the standards.
SSID for WLAN is hidden so dont see beacons that advertise RSN capabilities. Would that be correct?
1. LT sends probe request (no RSN field in 802.11 managment frame)
2. AP sends probe response with RSNIE field (but no RSN capabilities SUB-FIELD which includes the pre-auth part) - IS THIS CORRECT or should the AP have the RSN capabilities sub-field in it that advertises to the laptop that it can support pre-auth with WPA2?
3. Laptop now sents an authentication request to the AP, with the RSNIE field, *** AND *** with the RSN capabilities SUB-FIELD saying "RSN Pre-auth capabilities: Transmitter does not support pre-authentication" = Value of Zero
4. AP sends Associaction response with no RSNIE field.
So the real question is Step 2:
IS THIS CORRECT or should the AP have the RSN capabilities sub-field in it that advertises to the laptop that it can support pre-auth with WPA2?
It looks like that in step3, the LT is saying I dont support the RSN pre-auth capability and we are working on this to try and fix it, but is the LT sending this as a response, BECAUSE the AP did not advertise it?
Many thx all for the valued help.