CAPWAP IEEE 802.11 Management Packets Fields - Big or Little Endian? Plus Authentication Algorithm = 2 (?)
Hey, hope this is the right place for this kind of issue.
So I've been dealing with Authentication/Deauth and Association WLAN packets, and noticed that some fields are parsed by Wireshark's dissectors as little Endian, but are sent by Cisco WLC as big Endian (at least I think they are).
The Deauthentication packet sent with reason code bytes of - 0017. This is parsed by Wireshark as little Endian, which is 0x1700. There is no reason code known for this number (5888). On the other side, if we parse this as big Endian, we get 0x0017 = 23 - IEEE 802.1X authentication failed, which makes sense.
This is the packet:
These are the reason codes:
On the same note, I see Authentication packets sent with the Authentication Algorithm of 0x002 (which is parsed by wireshark as 512 - unknown due to the issue above). But, as far as I know, there are only 2 possible Algorithms:
0 - Open System.
1 - Shared Key.
What is 2?
If anyone came across any of these issues, I would love to hear your insights.
Cisco DNA Center
What's new in Cisco DNA Center 2.1.2
Cisco DNA Center 2.1.2.x Features and Capabilities
Cisco DNA Center -Intent Based Networki...
A major international airport is looking to build a cutting-edge new terminal, designed to run 24/7 with no interruptions. With the airport always on round the clock, a critical component required to support this is the surveillance infrastructure, which ...
Dear expert,I am facing an issue which you may come across before. Grateful if you would teach me how to do it.I have a Cisco WS-C3650-24TS switch in MZ which I would like to configure so that on the GigabitEthernet1 / 0/1 portis configured with VLAN 100,...
Hi AllWe are looking at some new switches for our top of racks in our DC.We have looked at the 9300 series UX models with the big buffers which is classed as a high scale model.I have tried to look at some Nexus models for top of rack, but there appears t...