This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 13 and 14
Revision 13 as of 2007-07-05 09:34:44
Size: 2531
Editor: JaapKeuter
Comment: Additional comments
Revision 14 as of 2008-04-12 17:50:22
Size: 2545
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 12: Line 12:
 * ["UDP"]: PANA uses ["UDP"] as its transport protocol. The well known UDP port for PANA traffic is not assigned yet.  * [[UDP]]: PANA uses [[UDP]] as its transport protocol. The well known UDP port for PANA traffic is not assigned yet.
Line 28: Line 28:
 * attachment:SampleCaptures/pana.cap  * [[attachment:SampleCaptures/pana.cap]]
Line 31: Line 31:
A complete list of PANA display filter fields can be found in the [http://www.wireshark.org/docs/dfref/p/pana.html display filter reference] A complete list of PANA display filter fields can be found in the [[http://www.wireshark.org/docs/dfref/p/pana.html|display filter reference]]
Line 43: Line 43:
 * [http://ietf.org/html.charters/pana-charter.html]  * [[http://ietf.org/html.charters/pana-charter.html]]
Line 46: Line 46:
 * [http://ietf.org/rfc/rfc4016.txt RFC4016] Protocol for Carrying Authentication and Network Access (PANA) - Threat Analysis and Security Requirements
 * [http://ietf.org/rfc/rfc4058.txt RFC4058] Protocol for Carrying Authentication for Network Access (PANA) - Requirements
 * [[http://ietf.org/rfc/rfc4016.txt|RFC4016]] Protocol for Carrying Authentication and Network Access (PANA) - Threat Analysis and Security Requirements
 * [[http://ietf.org/rfc/rfc4058.txt|RFC4058]] Protocol for Carrying Authentication for Network Access (PANA) - Requirements
Line 57: Line 57:
Q:In the [http://www.ietf.org/internet-drafts/draft-ietf-pana-pana-17.txt pana_draft_17] the pana header contains a session identifier. Wireshark dont take car of it. is it a interpretation error? Q:In the [[http://www.ietf.org/internet-drafts/draft-ietf-pana-pana-17.txt|pana_draft_17]] the pana header contains a session identifier. Wireshark dont take car of it. is it a interpretation error?

Protocol for carrying Authentication for Network Access (PANA)

PANA is a protocol used to authenticate users before granting network access. PANA is an IP based protocol and it enables the client to interact with a back-end AAA server, deployed in the network provide's domain. It enables the client to authenticate against the AAA server without using link-layer specific mechanisms or knowing the specific AAA protocol. PANA can be used on both multi-access and point-to-point links and it supports various authentication methods, dynamic network provider selection, and roaming clients. PANA does not define any new authentication mechanism but uses EAP to transfer authentication related data. Any authentication method on top of EAP can be used in PANA.

History

XXX - add a brief description of PANA history

Protocol dependencies

  • UDP: PANA uses UDP as its transport protocol. The well known UDP port for PANA traffic is not assigned yet.

Example traffic

XXX - Add example decoded traffic for this protocol here (as plain text or Wireshark screenshot).

Wireshark

The PANA dissector is fully functional.

Preference Settings

There are no PANA related preference settings.

Example capture file

Display Filter

A complete list of PANA display filter fields can be found in the display filter reference

  • Show only the PANA based traffic:

     pana 

Capture Filter

XXX

IETF PANA Working Group

Current RFCs

  • RFC4016 Protocol for Carrying Authentication and Network Access (PANA) - Threat Analysis and Security Requirements

  • RFC4058 Protocol for Carrying Authentication for Network Access (PANA) - Requirements

Discussion

Q:I don't think a capture filter named "pana" will work. - UlfLamping

R:It will work if packets are decoded as pana.

R:As display filter yes, but not as capture filter. - JaapKeuter

Q:In the pana_draft_17 the pana header contains a session identifier. Wireshark dont take car of it. is it a interpretation error?

R:pana.sid is used for session ID. If there is an error please file a bug report with a capture file showing it. - JaapKeuter

PANA (last edited 2010-10-12 16:55:02 by YasuyukiTanaka)