Chapter 7 Wireless LAN
7.11.4.4 Example WPS Network SetupThis section shows how security settings are distributed in an example WPS setup.
The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information.
Figure 78 WPS: Example Network Step 1
ENROLLEE |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| REGISTRAR |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| ||||||||||||||||
|
|
|
|
|
|
|
|
|
| SECURITY INFO | ||||||||||||||||||
CLIENT 1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| AP1 |
In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network. In this case, AP1 must be the registrar, since it is configured (it already has security information for the network). AP1 supplies the existing security information to Client 2.
Figure 79 WPS: Example Network Step 2
REGISTRAR
EXISTING CONNECTION
CLIENT 1
ENROLLEE
AP1
|
|
|
|
|
|
|
|
| O |
|
|
|
|
|
|
|
| F | |
|
|
|
|
|
|
| N |
| |
|
|
|
|
|
| I |
|
| |
|
|
|
|
| Y |
|
|
| |
|
|
|
| T |
|
|
|
| |
|
|
|
| I |
|
|
|
|
|
|
|
| R |
|
|
|
|
| |
|
| U |
|
|
|
|
|
| |
| C |
|
|
|
|
|
|
| |
E |
|
|
|
|
|
|
|
| |
S |
|
|
|
|
|
|
|
|
|
CLIENT 2
In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access
180 |
| |
| ||
|
|
|