1. Beacons are frames broadcast by the access point to
advertise the SSID of the WLAN to wireless clients
Probes are frames used by WLAN clients to find a
WLAN network
Authentication and Association is the process for
establishing the data link between an access point and
a WLAN client
2. The Join Process:
Beacons are broadcast at regular intervals by an access
point. Beacons allow a client to discover what WLANS are
available in the current location.
◦ It populates the Wireless connection list on a Windows host
Probes are sent by client stations on multiple channels. The
probe request contains the SSID of the WLAN the client
wants to join and supported bit rates.
◦ A client can send out a probe request with no SSID specified. All
access points that receive the probe will respond except those with
broadcast SSID disabled.
The access point responds with a probe response that
includes the SSID, supported data rates and security
standard e.g. WPA2
3. To authenticate the wireless client to the access point
Open authentication (NULL request)
◦ The client device requests authentication to the access point
◦ Four hello packets with NULL verification (no password or keys are provided or
expected) exchanged and the access points responds with YES
◦ Open authentication allows the device to start the join process – Choose OPEN to
allow WPA and WPA2 security protocols provide strong authentication at a later
stage
◦ This is the current default method
Shared key authentication
◦ This method uses a WEP Wired Equivalency Protection key
The client device sends an authentication request to the access point.
The access point sends a challenge back to the client
The client encrypts the challenge with the shared WEP key and sends it back to the
access point.
The access point decrypts the encrypted challenge and if it matches the original challenge
the access point authenticates the client
◦ WEP was an interim security protocol used while WPA was in development.
◦ Don’t use WEP as it can be broken very quickly
4. Association
The client device scans all channels and listens for beacons
and responses to probes
The client device associates to the access point with the
strongest signal (if EBSS)
The SSID, MAC address and security settings are sent from
the client device to the access point
The access point maps a logical port called the association
identifier AID for the WLAN to the clients MAC address (its
like a port on a switch)
The wireless device has joined the WLAN