Forum

PMK Lifetime in AP

1 posts by 1 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: September 23, 2008:

By bprithvi September 23, 2008

Reply

If Session-timeout period is expired, will AP delete the PMKSA for a client?

In my network, when a wireless user is authenticated by a RADIUS server, AP receives an ACCESS ACCEPT packet with session-timeout period of 30 mins. After 30 mins, AP send De-auth to that wireless client. The same client again tries to Re-associate with AP using PMK Caching. (Client is not authentication using full 802.1x since its using PMK caching). But this time AP is not maintain any session, client stays connected even after 30 mins.

Is this expected behavior?
I thought AP will delete PMK key once the session timeout period is expired. In that case, AP should ignore the cached PMK send by the client.

Please clarify me. Thanks in advance.

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn