How Does My Device Connect to Wi-Fi Access Points?

  1. Homepage
  2. Access Point
  3. How Does My Device Connect to Wi-Fi Access Points?

Have you ever wondered how your device connects to an Access Point? If you’ve got strong Wi-Fi and broadband, then connecting your device to a network can feel instant. But there are actually several states and sequences that a device and Access Point need to work through in order for you to connect and be able to send and receive data. 

What is an Access Point?

An Access Point, or AP, is a bridge that bridges traffic between mobile stations (for example, laptops, tablets, smartphones) and other devices on a network. Before a mobile station can send data traffic through an AP, it must be in an appropriate connection state. There are three 802.11 connection states. 

These connection states are:

  • Not authenticated or associated
  • Authenticated but not yet associated.
  • Authenticated and associated. 

For bridging to occur, a mobile station must be in an authenticated and associated state.

In order to get to an authenticated and associated state, the mobile station and AP will exchange a series of 802.11 management frames.

802.11 Management Frames

A mobile station (for example your laptop, smartphone or tablet) always starts out as not authenticated and associated.

Probe Request

  • The mobile station will send a Probe Request to discover 802.11 networks within its proximity. 
  • A Probe Request advertises the mobile stations supported data rates and 802.11 capabilities, for example 802.11n. 
  • The Probe Request is sent from the mobile station to the destination layer-2 address and BSSID of ff:ff:ff:ff:ff:ff resulting in all AP’s that receive the request to respond.

Probe Response

  • APs receiving the Probe Request check to see if the mobile station has at least one common supported data rate.
  • If they have compatible data rates, a probe response is sent advertising the SSID (wireless network name), supported data rates, encryption types if required, and other 802.11 capabilities of the AP. 
  •  A mobile station chooses compatible networks from the Probe Responses it receives. Compatibility could be based on encryption type. 
  • Once compatible networks are discovered the mobile station will attempt low-level 802.11 authentication with compatible APs. 

Keep in mind that 802.11 authentication is not the same as WPA2 or 802.1X authentication mechanisms which occur after a mobile station is authenticated and associated. Originally 802.11 authentication frames were designed for WEP encryption however this security scheme has been proven to be insecure and therefore deprecated. Because of this 802.11 authentication frames are open and almost always succeed. 

Authentication Open Sequence 1

  • A mobile station sends a low-level 802.11 Authentication frame to an AP setting the authentication to open and the sequence to 0x0001.

Authentication Open Sequence 2

  • The AP receives the Authentication frame and responds to the mobile station with authentication frame set to open indicating a sequence of 0x0002.
  • If an AP receives any frame other than an Authentication or Probe Request from a mobile station that is not authenticated it will respond with a deauthentication frame placing the mobile into an unauthenticated and unassociated state. 
  • The station will have to begin the Association process from the low level authentication step. At this point the mobile station is authenticated but not yet associated. 
  • Some 802.11 capabilities allow a mobile station to low-level authenticate to multiple APs. This speeds up the Association process when moving between APs. A mobile station can be 802.11 authenticated to multiple APs however it can only be actively associated and transferring data through a single AP at a time.  

Association Request

  • A mobile station will send an Association request to the AP that it has determined it would like to associate to. 
  • The Association request contains chosen encryption types if required and other compatible 802.11 capabilities. 
  • If an AP receives a frame from a mobile station that is authenticated but not yet associated, it will respond with a disassociation frame placing the mobile into an authenticated but unassociated state. 

Association Response

  • If the elements in the Association request match the capabilities of the AP, the AP will create an Association ID for the mobile station and respond with an association response with a success message granting network access to the mobile station.  

Data Transfer

  • The mobile station is now successfully associated to the AP and data transfer can begin.

It’s worth noting that if WPA/WPA2 or 802.1X authentication is required on the wireless network, the mobile station will not be able to send data until dynamic keying and authentication have taken place after the 802.11 Association is complete.

by admin
11 Views0
Tags:

© 2019 GEEKABIT LTD | UK WI-FI CONSULTANT | WI-FI EXPERTS FOR BUSINESS | WI-FI HELP LONDON, CARDIFF, HAMPSHIRE | WI-FI ASSISTANCE HAMPSHIRE