CLEventFrames |
|
This textual convention defines the possible
802.11 management frame subtypes.
cLAssocRequestFrm - 802.11 Association Request
frame
cLAssocResponseFrm - 802.11 Association Response
frame
cLReAssocRequestFrm - 802.11 Reassociation
Request frame
cLReAssocResponseFrm - 802.11 Reassociation
Response frame
cLProbeRequestFrm - 802.11 Probe Request frame
cLProbeResponseFrm - 802.11 Probe Response
frame
cLReserved1 - Reserved for future use
cLReserved2 - Reserved for future use
cLBeaconFrm - 802.11 Beacon frame
cLAtimFrm - 802.11 Adhoc Traffic Indication
Map frame
cLDissociationFrm - 802.11 Dissociation
frame
cLAuthenticationFrm - 802.11 Authentication
frame
cLDeAuthenticationFrm - 802.11 Deauthentication
frame |
TEXTUAL-CONVENTION |
|
|
|
|
BITS |
cLAssocRequestFrm(0), cLAssocResponseFrm(1), cLReAssocRequestFrm(2), cLReAssocResponseFrm(3), cLProbeRequestFrm(4), cLProbeResponseFrm(5), cLReserved1(6), cLReserved2(7), cLBeaconFrm(8), cLAtimFrm(9), cLDissociationFrm(10), cLAuthenticationFrm(11), cLDeAuthenticationFrm(12) |
|
CLMfpEventType |
|
The type of the MFP anomaly event.
invalidMic - The MFP Validation has identified
that the MIC carried by a particular management
frame is invalid.
invalidSeq - The MFP validation has identified
that a particular management frame is carrying an
invalid sequence number. Note that an invalid
sequence number error can also be detected due to an
incorrect timestamp in the MFP information element.
The incorrect timestamp could possibly be due to the
fact that the detecting AP's time window is not in
synchronization with that of other APs in the
MFP framework.
noMic - The MFP validation has detected a management
frame without the MFP information element.
unexpectedMic - The MFP validation has detected a
management frame as carrying a MIC value when
protection is not enabled on the WLAN.
ccmpDecryptError - An MFP frame that was apparently
received from a client in an AES-CCMP encrypted
session was rejected by the Access Point because it
could not be decrypted.
ccmpInvalidMhdrIe - An MFP frame that was apparently
received from a client in an AES-CCMP encrypted
session was rejected by the Access Point because it
contained an invalid MHDR information element, or the
MHDR information element was not present.
ccmpInvalidReplayCtr - An MFP frame that was apparently
received from a client in an AES-CCMP encrypted session
was rejected by the Access Point because the replay
counter was not valid.
tkipInvalidIcv - An MFP frame that was apparently
received from a client in a TKIP encrypted session was
rejected by the Access Point because it contained an
invalid Integrity Check Value.
tkipInvalidMic - An MFP frame that was apparently
received from a client in a TKIP encrypted session was
rejected by the Access Point because the message
integrity check failed.
tkipInvalidMhdrIe - An MFP frame that was apparently
received from a client in a TKIP encrypted session was
rejected by the Access Point because it contained an
invalid MHDR information element, or the MHDR
information element was not present.
tkipInvalidReplayCtr - An MFP frame that was apparently
received from a client in a TKIP encrypted session was
rejected by the Access Point because it the replay
counter was not valid.
bcastDisassociationFrameRcvd - The Access Point detected
a broadcast disassociation frame. Broadcast
disassociation frames are rejected by CCXv5 compliant
devices.
bcastDeauthenticationFrameRcvd - The Access Point
detected a broadcast deauthentication frame. Broadcast
deauthentication frames are rejected by CCXv5 compliant
devices.
bcastActionFrameRcvd - The Access Point detected a
broadcast action frame. Broadcast action frames are
rejected by CCXv5 compliant devices. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
invalidMic(1), invalidSeq(2), noMic(3), unexpectedMic(4), ccmpNoEncryptError(16), ccmpDecryptError(17), ccmpInvalidReplayCtr(19), tkipNoEncryptError(20), tkipInvalidIcv(21), tkipInvalidMic(22), tkipInvalidMhdrIe(23), tkipInvalidReplayCtr(24), bcastDisassociationFrameRcvd(32), bcastDeauthenticationFrameRcvd(33), bcastActionFrameRcvd(34) |
|
ciscoLwappTextualConventions |
1.3.6.1.4.1.9.9.514 |
This module defines textual conventions used
throughout the Cisco enterprise MIBs
designed for implementation on Central
Controllers that terminate the Light Weight
Access Point Protocol from LWAPP Access
Points.
The relationship between CC and the LWAPP APs
can be depicted as follows:
+......+ +......+ +......+ +......+
+ + + + + + + +
+ CC + + CC + + CC + + CC +
+ + + + + + + +
+......+ +......+ +......+ +......+
.. . . .
.. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+ +......+
+ + + + + + + + + +
+ AP + + AP + + AP + + AP + + AP +
+ + + + + + + + + +
+......+ +......+ +......+ +......+ +......+
. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+ +......+
+ + + + + + + + + +
+ MN + + MN + + MN + + MN + + MN +
+ + + + + + + + + +
+......+ +......+ +......+ +......+ +......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends it to the controller to which
it is logically connected.
Advanced Encryption Standard ( AES )
In cryptography, the Advanced Encryption Standard
(AES), also known as Rijndael, is a block cipher
adopted as an encryption standard by the US
government. It is expected to be used worldwide
and analysed extensively, as was the case with its
predecessor, the Data Encryption Standard (DES).
AES was adopted by National Institute of Standards
and Technology (NIST) as US FIPS PUB 197 in
November 2001 after a 5-year standardisation
process.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity is also referred to as 'controller'.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
Central Controller.
Management Frame Protection ( MFP )
A proprietary mechanism devised to integrity protect
the otherwise unprotected management frames of the
802.11 protocol specification.
Message Integrity Check ( MIC )
A checksum computed on a sequence of bytes and made
known to the receiving party in a data communication,
to let the receiving party make sure the bytes
received were not compromised enroute.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point.
Temporal Key Integrity Protocol ( TKIP )
A security protocol defined to enhance the limitations
of WEP. Message Integrity Check and per-packet keying
on all WEP-encrypted frames are two significant
enhancements provided by TKIP to WEP.
Wired Equivalent Privacy ( WEP )
A security method defined by 802.11. WEP uses a
symmetric key stream cipher called RC4 to encrypt the
data packets.
802.11n
802.11n builds upon previous 802.11 standards by
adding MIMO (multiple-input multiple-output). MIMO
uses multiple transmitter and receiver antennas to
allow for increased data throughput through spatial
multiplexing and increased range.
Control/Extension Channel
A single 802.11 channel is 20 MHz wide. 802.11n allows
the use of channels of width 40 MHz by combining two
20 MHz channels. The channels are known as the primary
or control channel and secondary or extension channel.
Both the channels are used for transmission
and reception of data.
REFERENCE
[1] Part 11 Wireless LAN Medium Access Control ( MAC )
and Physical Layer ( PHY ) Specifications.
[2] Draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol.
[3] Enhanced Wireless Consortium MAC Specification,
v1.24.
[4] Enhanced Wireless Consortium PHY Specification,
v1.27. |
MODULE-IDENTITY |
|
|
|