Test 1
TEST 1
Test Case: BIS-3.1.1
Test Name: TC_VERIFY_MUTUAL_AUTHENTICATION_OF_WIRELESS_COMMUNICATIONS
Objective:
To verify that mutual authentication is enforced during wireless communication setup and that the device both authenticates and is authenticated before establishing a secure session.
Tools Used:
Wireshark (for packet capture)
RADIUS Server (for EAP authentication)
OpenSSL (for certificate validation)
Test AP (802.1X/EAP capable)
Wireless client/server
Test Execution Steps:
Review vendor documentation on wireless mutual authentication and supported security mechanisms.
Configure the wireless test environment with 802.1X authentication using a RADIUS server and valid digital certificates (EAP-TLS preferred).
Attempt to establish a wireless session between the DUT and the test AP.
Use Wireshark to capture handshake traffic and verify:
Both client and server certificates are exchanged.
Mutual authentication completes before session setup.
Attempt to connect using:
An invalid server certificate – should be rejected by DUT.
An invalid client certificate – should be rejected by AP.
Document system logs, packet traces, and any alerts triggered.
Expected Results for Pass:
Wireless communication is established only after successful mutual authentication.
The DUT rejects connections when the AP/server presents an invalid certificate.
The AP/server rejects the DUT when it presents an invalid or expired certificate.
All interactions align with standard secure authentication protocols like EAP-TLS.
Test Observations:
(To be filled post-execution)
DUT rejected invalid server certificate.
Successful mutual authentication with valid certs.
Session established over WPA2-Enterprise using EAP-TLS.
Evidence Provided:
Wireshark packet capture logs
Authentication logs from RADIUS server and DUT
Screenshots of wireless configuration and certificate setup
Test Case Result:
☑ PASS ☐ FAIL
Overall Test Result:
☑ PASS ☐ FAIL
Last updated
Was this helpful?