RFC CAPWAP Protocol Base MIB May CAPWAP Control Channel: A bi-directional flow defined by the AC IP Address, WTP IP Address, AC control. The Control And Provisioning of Wireless Access Points (CAPWAP) protocol is a standard, The protocol specification is described in RFC RFC (part 1 of 6): Control And Provisioning of Wireless Access Points ( CAPWAP) Protocol Specification.

Author: Talabar Kagrel
Country: Iceland
Language: English (Spanish)
Genre: Literature
Published (Last): 17 February 2009
Pages: 317
PDF File Size: 10.53 Mb
ePub File Size: 11.39 Mb
ISBN: 840-1-23387-261-7
Downloads: 60372
Price: Free* [*Free Regsitration Required]
Uploader: Migore

Finally configuration takes place, and the AP is set into active mode. Once received, the controller moves to the Acquiring phase without responding yet. It claims that the physical security of the LAN prevents most attackers from accessing the stream between controller and AP, but does not guarantee against traffic sniffing beyond the scope of LWAPP, and suggests that in the requirement of full end to end encryption, IPsec be used.

Overview of CAPWAP (Cisco Wireless LAN Controllers)

Many vendors use this to their advantage, and create product differentiation by including features into their wireless products, such as firewall capability in their controller hardware.

Wireless controllers have some general tasks that they perform. During this initialization, capwal well as operation, periodic control messages must be exchanged between the AP and the controller, for management and statistical purposes.

A controller must respond with a Discovery Response.

Overview of CAPWAP (Cisco Wireless LAN Controllers)

This leaves the time-critical applications of wireless control and access in the WTP, making efficient use of the computing power available in WTPs, which are subject to severe cost pressure.


The challenges facing wireless networks with regard to standardized management and provisioning are difficult. As shown in Figure 1the wireless capap received from a mobile device, which is referred to in this specification as a Station STAare directly encapsulated by the WTP and forwarded to the AC.

In either case, the L2 wireless management frames are processed locally. To provide an extensible protocol that is not bound to a specific wireless technology.

Current vendor solutions and interoperability is also covered, and the current state and trends in the enterprise WLAN market are discussed.

This state updates the encryption keys on both devices, which is used to encrypt all further rvc, until a new key is requested.

Cpawap, the process is slow, as upgrade paths are not necessarily direct and simple. Communication between a controller and AP must be encrypted, as all data sent to and received by the AP will be tunneled over the local LAN to or from the controller.

Major vendors have also expressed rff over the demand from customers for interoperable WLAN infrastructure. Additionally, because of its generic design, the network location of an AP and controller do not necessarily have to be within the same broadcast domain. Critics of SLAPP argue that it is an incomplete specification, as it enforces no minimal compatibility. The testing was conducted with computers running Linux, with wireless cards as their radio, and wired interfaces as their link to the controller.

RFC – part 1 of 6

Because they are standalone devices, they also cause difficulties when managing a growing network of many devices, as firmware and configuration must be handled on rtc individual basis for each device.


As previously discussed, in the typical AP-controller architecture, access points are not layer 2 or 3 devices.

LWAPP tried to solve the specific problem of associating APs to controllers, and managing firmware and configuration updates. The physical or network entity that contains an RF antenna and wireless Physical Layer PHY to transmit and receive station traffic for wireless access networks.

Insertion of Unprotected Records The wireless key exchange is handled in a fully encrypted fashion, by utilizing preshared keys PSKsor a capwp certificate model.

Vapwap centralize the authentication and policy enforcement functions for a wireless network. Primary Discovery Request Message Overall convergence for the APs to come online will take longer in this scenario. Discovery – New APs must seek out a controller with which to associate. The AP transitions to the Securing phase when a “client hello” message has been received.

Acquiring – This state represents both devices connecting to each other, ca;wap begin encrypting their communications. Fit APs are a combination of the Thin and Thick metaphors. The AP then downloads the firmware, and once completed, enters the Reset state, and then attempts to rejoin a controller. The AP would only implement the The controller and AP will exchange 2 types of messages: