Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.11i Robust Security Network (RSN) framework

Hi Guys,

So the RSN defines 5 phases. I was just wondering if i could clarify a couple of points after reading most of the important parts of the doc (I think).

What I life I have :)

Lets say we are running WPA2 with EAP-TLS

Phase 1 - Discovery

Under this phase, is any security actually done here, or does it just exchange its capabilities between the STA and AP?

NOTE: After this phase is completed, the STA does not show up in windows as being connected correct?

Phase 2 - Authentication

At this stage, the eap-stuff is done, ie, exchange certs and all that jazz, with a radius server etc.

Note 1: at this stage, none of the PMK, PTK, GTK, key exchange mechanisms has happened yet, SO I can still see the TLS stuff un-encrypted in my packet capture correct?

NOTE 2: I still dont see the windows wireless network connected yet from my laptop. Would that be correct?

Phase 3 - Key Management

This is now where all the keys are exchanged that now protect all of my data and take the PMK and generate the PTK and then starts to encrypt my data from the STA to the AP?

NOTE: This is where my windows laptop pops up with a nice message saying aquiring IP address and then the magic "Connected"

Now, have I got this completely wrong.

I am a tad confused.

Many thx


New Member

Re: 802.11i Robust Security Network (RSN) framework

Hi all,

Did a bit more reading last night and still a tad confused at which point, the PC shows the "connect" status.

So much contradicting infor on the www :)



CreatePlease login to create content