The current article outlines the packet exchange between an Access Point and a WLAN station till association partaking in an 802.1X authentication mechanism. The WPA mechanism is shown here
- The Access Point sends a beacon indicating support of 802.1X authentication in the WPA element Authentication key management field
- The WLAN station sends a Probe request to the Access Point on receiving the beacon
- The Access Point responds with a probe response frame with the WPA Information Element incorporated with the AKM set to 802.1X and the unicast and multicast cipher suite supported
- The Access Point and the WLAN Station then exchange 802.11 Authentication frames with the 802.11 authentication mechanism set to Open system Authentication. The existence of WPA element and AKM set to 1 (802.1X) indicates that a higher layer authentication will be attempted after association
- The WLAN station sends an Association request with the WPA Information element incorporated indicating its support for the 802.1X authentication mechanism. The Access Point responds with an Association response
- At the end of the association response frame, the controlled data port is still blocked and will be only enabled after the EAP and 4-way EAPOL exchange