Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1020
Views
0
Helpful
2
Replies

802.11r remote key holder cipher for OpenWRT

YUSUKEKONNO71389
Level 1
Level 1

‎07-07-2021 02:38 PM

Hello

I have two WAP125 and two WAP150 and 802.11r work well on the 4 WAPs.

Then I tried to join a OpenWRT machine above 802.11r network.

WAP's key holder cipher format is 16 chars of any string and OpenWRT's 32 chars of hex.

I put ascii code of WAP to OpenWRT as following:

 WAP:'0123456789ABCDEF'

 OpenWRT:'30313233343536373839414243444546'

It seems that this cipher key does not work well.

Do you have any idea ?

 

 

 

Labels:
0 Helpful
2 Replies 2

Martin Aleksandrov
Cisco Employee
Cisco Employee

‎07-13-2021 02:29 AM

Hi  YUSUKEKONNO71389,

 

Unless you can change the RRB (the key used to encrypt PRM protocol messages) key length in your OpenWRT to be 16 characters the fast roaming could not work as expected. The WAP RRP key length is fixed to 16 chars and can't be changed to 32.

 

https://www.cisco.com/c/en/us/td/docs/wireless/access_point/csbap/wap150_361/Administration/Guide/EN-US/b_WAP150_361_Admin_Guide/b_WAP150_Admin_Guide_chapter_0101.html 

 

Thanks,

Martin

0 Helpful

YUSUKEKONNO71389
Level 1
Level 1
In response to Martin Aleksandrov

‎07-14-2021 04:04 AM

Thank you Martin.

 

I tried to capture inter-ap r0/r1 key push/pull request over ethernet.

Then I found that inter-ap protocol implementations of WAP and OpenWrt are completely different.

WAP uses ethertype 0x890d and OpenWrt uses 0x88b7.

The inter-ap protocol is not standardized at IEEE 802.11r 2008.

I will give up joining OpenWrt to pre-existing WAP network.

 

 

0 Helpful
Customers Also Viewed These Support Documents