I usd wireshark1.6.2 in Ubuntu 11.10 to capture wpa2 authentication packet, but in WPA2-PSK or EAP—TLS authentication methods I only capture EPAOL key switch packet and sequent DHCP、TCP packet ,can not capture eap-request/response packet. Why?How can i solve this problem? asked 29 Dec '11, 04:05  zqm0209 |
One Answer:
WPA2-PSK uses 4 EAPoL Key frames to do the authentication and authorization. After the client successfully exchanges those frames with the AP, DHCP assigns an IP address, so what you see there is perfectly the way it works. For EAP-TLS please specify more details about your setup answered 29 Dec '11, 04:12  Landi |
it is strange.when I first used EAP-TLS authenticate to the WLAN,I catch the eap-request/response packet,here is the packet: http://sharesend.com/3ks99 but when I reconnect the network,I cannot catch the eap-request/responset frame,even I close the free-radius server and use wrong authentication message,the authentication is still success.Here is the packet file in this situation: http://sharesend.com/lwpga
My authentication server is free-radius2.1.2,AP is DLink DIR-618,USB wrieless Adapter is TP-Link TL-WN821N.
Try just to reboot your AP, that should force the whole EAP process to renew, I guess your AP kind of "remembers" successful EAP authentication
Thanks.You are right,after reboot my ap, I can capture the packet.