Cisco WLC WPA2 PSK Authentication

This topic is to discuss the following lesson:

Hey Everyone,
i would like to know when a mobile device connect to a wireless . The Wlan is configured with Mac filtering and PSK. Everything is working well. My question is when a mobile device connect to the WLAN , what is the first step is doing the WLC controller? We put the psk , to access the Wlan but when is he asking the MAC? Is it already in the frame ?
Thanks
Mina

Hello Mina

It is possible to configure both MAC filtering and PSK at the same time. The MAC filtering will take place first. Once the device passes the MAC filtering, it will then go on to be authenticated using PSK.

I hope this has been helpful!

Laz

Thank you Mr.Laz. Now i understand. I do have another question amd i am trying to understand how it works. The subject is Certificate-Based Authentication.
I will try to explain and tell me if i am wrong. I looked in Internet to find an explanation but i don’t understand it so well.
So there is Certificate Authority and 2 devices. If i want to talk with a server, the PC will present his certificate who was signed By the CA. The server has also a certificate signed by the same CA. So when i want to talk with the server and i present my certificate then the server will check my certificate is really signed or not by the CA and its validity. If ok i am granted access to the network. But in the same time i will authenticate also the server, i think i do the same thing and i will look for the signature of the CA and its validity. Did i explain it well? How it works with the keys or the exchange. i am so sorry if i ask too much :slight_smile: one last thing , why we really need to install a root CA in our devices?
Best regards
Mina

Hello Mina

Before answering your question, I suggest you go through the following two lessons that will most likely clarify some of your questions about certificates:


For this particular question:

It really depends upon the method of authentication that you are using. In the wireless authentication lesson, you will see that for PEAP, you don’t need a certificate in the user devices, while EAP-TLS does.

I hope this has been helpful!

Laz

1 Like