802.11 Client Authentication Process

 

Based on 802.11 specifications, the client authentication process consists of the following:

1) Access points (APs) continuously send out beacon frames which are picked up by nearby WLAN clients, advertising their SSIDs and data rates

2) The client broadcasts probe request frames on every channel, to all APs. Probe requests advertise the mobile stations supported data rates and 802.11 capabilities such as 802.11n

3) Access points within range respond with a probe response frame, advertising the SSID (wireless network name), supported data rates, encryption types if required, and other 802.11 capabilities of the AP

4) The client decides which AP is the best for access (based on compatibility with received probe responses) and sends an authentication request to the AP it deems best to connect to

5) The access point sends an authentication reply, inviting the client to authenticate to the SSID

6) Upon successful authentication, the client sends an association request frame to the access point

7) The access point will reply with an association response with a success message, granting network access to the client

The client is now able to pass traffic to the access point