WPA3-Personal PSK passphrase mismatch
WPA3-Personal PSKパスフレーズを間違えて入力した場合のログを見てみましょう。
Auth Commit、Auth Confirm まで確認できますが、Assoc Request/Response および 4-way handshake を実施していないことが分かります。
AP505# show ap debug auth-trace-buf Auth Trace Buffer ----------------- <none> AP505# show ap debug mgmt-frames Traced 802.11 Management Frames ------------------------------- Timestamp stype SA DA BSS signal Misc --------- ----- -- -- --- ------ ---- Jul 1 11:21:08.144 auth b8:3a:5a:8b:36:d0 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 15 SAE-Confirm:0 Jul 1 11:21:08.143 auth 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 b8:3a:5a:8b:36:d0 0 SAE-Confirm:0 Jul 1 11:21:08.116 auth b8:3a:5a:8b:36:d0 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 15 SAE-Commit:0 Jul 1 11:21:08.080 auth 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 b8:3a:5a:8b:36:d0 0 SAE-Commit:0
また、show log security コマンドにて、Auth Confirm でエラーが発生しているログが確認できます。
AP505# show log security Jul 1 11:21:08 wpa3_sae[5462]: <135917> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_confirm,(1601) station= 84:ab:1a:11:d2:f6 Error while process peer's confirm. Reason: Confirm did not verify Jul 1 11:21:08 wpa3_sae[5462]: <135906> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_authentication_frame, station= 84:ab:1a:11:d2:f6 State machine failed in process confirm Jul 1 11:21:08 wpa3_sae[5462]: <135919> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_mgmt_frame,(232) station= 84:ab:1a:11:d2:f6 Error: Fatal error while processing auth frame Jul 1 11:21:08 wpa3_sae[5462]: <135014> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_sae_event(294)(thread-id: 0): Received fatal error for station= 84:ab:1a:11:d2:f6 while Processing sae event
[English Version]
Let's see when WPA3-Personal PSK passphrase mismatch happens.
We can see Auth Commit and Auth Confirm, but we can not see Assoc Request/Response and 4-way handshake.
AP505# show ap debug auth-trace-buf Auth Trace Buffer ----------------- <none> AP505# show ap debug mgmt-frames Traced 802.11 Management Frames ------------------------------- Timestamp stype SA DA BSS signal Misc --------- ----- -- -- --- ------ ---- Jul 1 11:21:08.144 auth b8:3a:5a:8b:36:d0 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 15 SAE-Confirm:0 Jul 1 11:21:08.143 auth 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 b8:3a:5a:8b:36:d0 0 SAE-Confirm:0 Jul 1 11:21:08.116 auth b8:3a:5a:8b:36:d0 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 15 SAE-Commit:0 Jul 1 11:21:08.080 auth 84:ab:1a:11:d2:f6 b8:3a:5a:8b:36:d0 b8:3a:5a:8b:36:d0 0 SAE-Commit:0
From show log security, we can see Auth Confirm error.
AP505# show log security Jul 1 11:21:08 wpa3_sae[5462]: <135917> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_confirm,(1601) station= 84:ab:1a:11:d2:f6 Error while process peer's confirm. Reason: Confirm did not verify Jul 1 11:21:08 wpa3_sae[5462]: <135906> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_authentication_frame, station= 84:ab:1a:11:d2:f6 State machine failed in process confirm Jul 1 11:21:08 wpa3_sae[5462]: <135919> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_mgmt_frame,(232) station= 84:ab:1a:11:d2:f6 Error: Fatal error while processing auth frame Jul 1 11:21:08 wpa3_sae[5462]: <135014> <ERRS> |AP AP505@192.168.210.215 wpa3_sae| process_sae_event(294)(thread-id: 0): Received fatal error for station= 84:ab:1a:11:d2:f6 while Processing sae event