Successful wifi 802.1x Connection with a client station log

>This is for EAP-PEAP(MSCHAPV2) and you see 8 EAP IDs and 8 msg ids in this sucessfull Exchanges.

>You will also see the EAP codes between the suppliant <–> authenticator and msg code between authenticator <–> authentication server.
>You get to see the 802.11i fourway handshake to complete the PTK and GTK encryption keys generation for secured data transfer over the AIR.
>Once after the layer2 authentication over the client sends IP request on L3.
>Wifi controller discovers and add the MAC address and the respected IP address in its BDB.

2016-Dec-23 11:16:15.382003 | 78:4f:43:29:a2:a8 | Station Assign | <AID=1>[bgn](v0) assigned to <AP=3> ESSID=smart_connect B-BSSID=00:0c:e6:02:40:83 Ch=6 reason=Station probed
2016-Dec-23 11:16:15.409153 | 78:4f:43:29:a2:a8 | 802.11 State | <AID=1>[bgn](v0) state change <old=Unauthenticated><new=Associated><AP[3]=00:0c:e6:35:70:10> ESSID=smart_connect Ch=6 B-<BSSID=00:0c:e6:02:40:83>
2016-Dec-23 11:16:15.409599 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=0> <EAP code=request> <EAP ID=1> <EAP type=Identity> sent
2016-Dec-23 11:16:15.409634 | 78:4f:43:29:a2:a8 | 802.11 State | <AID=1>[bgn](v0) state change <old=Unauthenticated> <new=Associated> <AP=3> ESSID=smart_connect Ch=6 B-<BSSID=00:0c:e6:02:40:83>
2016-Dec-23 11:16:15.412198 | 78:4f:43:29:a2:a8 | CP User Authentication | Received smm-clear from wncreg <User=test@foritnet.com> <Auth type= Radius User> <Captive Portal Profile= Smart_connect>
2016-Dec-23 11:16:15.556572 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=1>
2016-Dec-23 11:16:15.556806 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=0> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:15.572894 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=2> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:15.636758 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=2>
2016-Dec-23 11:16:15.636763 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=1> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:15.667097 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=3> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:15.726747 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=3>
2016-Dec-23 11:16:15.726751 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=2> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:15.755076 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=4> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:15.806708 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=4>
2016-Dec-23 11:16:15.806712 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=3> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:15.856416 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=5> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:15.916656 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=5>
2016-Dec-23 11:16:15.916661 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=4> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:15.945510 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=6> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:15.996644 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=6>
2016-Dec-23 11:16:15.996648 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=5> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:16.010998 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=7> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:16.076481 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=7>
2016-Dec-23 11:16:16.076625 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=6> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:16.242356 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=request><EAP ID=8> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:16.296473 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=response><EAP ID=8>
2016-Dec-23 11:16:16.296629 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius <msg code=access_request><msg ID=7> sent <ip=192.168.138.231>:<port=1812>
2016-Dec-23 11:16:16.298428 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> Radius ACCESS-ACCEPT received : Session Timeout: 448981 sec, VLAN Tag : 0, Filter id : , CUI : None
2016-Dec-23 11:16:16.298587 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> <pkt type=EAP_PACKET> <EAP code=success><EAP ID=8> <info=relay eap-request from Radius> sent
2016-Dec-23 11:16:16.299526 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> M1 <msg type=EAPOL_KEY> PTK sent
2016-Dec-23 11:16:16.416797 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> M2 <pkt type=EAPOL_KEY> MIC Verified
2016-Dec-23 11:16:16.417688 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> M3 <msg type=EAPOL_KEY> WPA2 PTK Negotiation sent
2016-Dec-23 11:16:16.476605 | 78:4f:43:29:a2:a8 | 1X Authentication | <AID=1> M4 <pkt type=EAPOL_KEY> <key type=Unicast Key> Key Pairwise
2016-Dec-23 11:16:17.920539 | 78:4f:43:29:a2:a8 | DHCP | <msg_type=DISCOVER><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2016-Dec-23 11:16:17.921364 | 78:4f:43:29:a2:a8 | DHCP | <msg_type=OFFER><server_ip=192.168.242.1><server_mac=00:09:0f:09:ff:11><offered_ip=192.168.242.85>
2016-Dec-23 11:16:18.928163 | 78:4f:43:29:a2:a8 | DHCP | <msg_type=REQUEST><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2016-Dec-23 11:16:18.929344 | 78:4f:43:29:a2:a8 | IP Address Discovered | <Old IP discovery Method=none><Old IP=0.0.0.0><New IP discovery Method=dhcp><New IP=192.168.242.85>
2016-Dec-23 11:16:18.929517 | 78:4f:43:29:a2:a8 | DHCP | <msg_type=ACK><server_ip=192.168.242.1><server_mac=00:09:0f:09:ff:11><offered_ip=192.168.242.85>
2016-Dec-23 11:16:20.221679 | 78:4f:43:29:a2:a8 | Station Assign | <AID=1>[bgn](v0) removed from <AP=3> ESSID=Guest B-BSSID=00:0c:e6:02:c3:55 Ch=6 reason=Inactivity timer expired

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s