Re: problem connecting EAP/TLS wireless network

From: Dan Williams <dcbw redhat com>
To: arnold wang inovis com
Cc: networkmanager-list gnome org
Subject: Re: problem connecting EAP/TLS wireless network
Date: Fri, 22 Sep 2006 17:50:16 -0400

On Fri, 2006-09-22 at 13:39 -0700, Arnold Wang wrote:
> I'm having trouble to connect to my company's EAP/TLS wireless network
> using NM. I'm running FC5 on my laptop and the NIC is Linksys WPC54G
> using ndiswrapper driver. The NM is 0.6.4. The wpa_supplicant driver is
> 0.4.8.
> This combination works great with my home WPA2/AES wireless network. The
> problem is with my company's EAS/TLS network. When I tried to connect to
> the network, I was prompted to enter the WEP key. According to my
> understanding of EAP/TLS, the keys are dynamically generated. I
> shouldn't be prompted at all.

It looks like you need a better version of ndiswrapper, if that's what
you're using for your card.  What version do you have?

Dan


> I configured the software components in the following:
> ------
> /etc/sysconfig/wpa_supplicant:
> # wlan0 and wifi0
> # INTERFACES="-iwlan0 -iwifi0"
> INTERFACES="-iwlan0"
> # ndiswrapper and prism
> # DRIVERS="-Dndiswrapper -Dprism"
> DRIVERS="-Dndiswrapper"
> -----
> /etc/wpa_supplicant/wpa_supplicant.conf
> ctrl_interface=/var/run/wpa_supplicant
> ctrl_interface_group=wheel
> ap_scan=2
> 
> network={
>         ssid="any"
>         key_mgmt=NONE
> }
> -----
> NM configuration:
> Network Name:	qrslan(SSID)
> Wireless Security: WPA Enterprise
> EAP:	TLS
> Key Type:	Dynamic WEP
> identity:	awang itlogon com(ID for RADIUS)
> I have all the certificates configured as well.
> The followings are the error messages I can find, which don't tell much:
> ------
> /var/log/messages:
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) started...
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 1 of 5 (Device Prepare) started...
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 2 of 5 (Device Configure) scheduled...
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 1 of 5 (Device Prepare) complete.
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 2 of 5 (Device Configure) starting...
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0/wireless): access point 'qrslan' is encrypted, but NO valid key
> exists.  New key needed.
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) New wireless user key requested for network 'qrslan'.
> Sep 22 13:27:10 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) Stage 2 of 5 (Device Configure) complete.
> Sep 22 13:27:33 arnoldw2 NetworkManager: <information>  Activation
> (wlan0) New wireless user key request for network 'qrslan' was canceled.
> (I clicked cancel on the prompt)
> ---debug messages when I started wpa_supplicant manually
> Initializing interface 'wlan0' conf
> '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'ndiswrapper'
> ctrl_interface 'N/A'
> Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' ->
> '/etc/wpa_supplicant/wpa_supplicant.conf'
> Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf'
> ctrl_interface='/var/run/wpa_supplicant'
> ctrl_interface_group=10 (from group name 'wheel')
> ap_scan=1
> Line: 5 - start of a new network block
> ssid - hexdump_ascii(len=3):
>      61 6e 79                                          any
> key_mgmt: 0x4
> Priority group 0
>    id=0 ssid='any'
> Initializing interface (2) 'wlan0'
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> SIOCGIWRANGE: WE(compiled)=20 WE(source)=18 enc_capa=0xf
>   capabilities: key_mgmt 0xf enc 0xf
> Own MAC address: 00:0c:41:e3:ca:ad
> Driver does not support WPA.
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> Setting scan request: 0 sec 100000 usec
> Added interface wlan0
> Wireless event: cmd=0x8b06 len=8
> RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Scan timeout - try to get results
> Received 607 bytes of scan results (3 BSSes)
> Scan results: 3
> Selecting BSS from priority group 0
> 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - no WPA/RSN IE
> No suitable AP found.
> Setting scan request: 5 sec 0 usec
> Wireless event: cmd=0x8b1a len=8
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:00:00:00:00:00
> Added BSSID 00:00:00:00:00:00 into blacklist
> State: SCANNING -> DISCONNECTED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> Wireless event: cmd=0x8b2a len=8
> Wireless event: cmd=0x8b06 len=8
> Wireless event: cmd=0x8c07 len=40
> AssocReq IE wireless event - hexdump(len=32): 00 08 48 65 6c 70 44 65 73
> 6b 01 04 82 84 0b 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> Wireless event: cmd=0x8c08 len=14
> AssocResp IE wireless event - hexdump(len=6): 01 04 82 84 0b 16
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:06:25:a0:d1:98
> Association info event
> req_ies - hexdump(len=32): 00 08 48 65 6c 70 44 65 73 6b 01 04 82 84 0b
> 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> resp_ies - hexdump(len=6): 01 04 82 84 0b 16
> WPA: clearing own WPA/RSN IE
> State: DISCONNECTED -> ASSOCIATED
> Associated to a new BSS: BSSID=00:06:25:a0:d1:98
> No keys have been configured - skip key clearing
> No network configuration found for the current AP
> State: ASSOCIATED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Wireless event: cmd=0x8b1a len=8
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:00:00:00:00:00
> Added BSSID 00:06:25:a0:d1:98 into blacklist
> State: SCANNING -> DISCONNECTED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> Wireless event: cmd=0x8b2a len=8
> Wireless event: cmd=0x8b06 len=8
> Wireless event: cmd=0x8c07 len=40
> AssocReq IE wireless event - hexdump(len=32): 00 08 48 65 6c 70 44 65 73
> 6b 01 04 82 84 0b 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> Wireless event: cmd=0x8c08 len=14
> AssocResp IE wireless event - hexdump(len=6): 01 04 82 84 0b 16
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:06:25:a0:d1:98
> Association info event
> req_ies - hexdump(len=32): 00 08 48 65 6c 70 44 65 73 6b 01 04 82 84 0b
> 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> resp_ies - hexdump(len=6): 01 04 82 84 0b 16
> WPA: clearing own WPA/RSN IE
> State: DISCONNECTED -> ASSOCIATED
> Associated to a new BSS: BSSID=00:06:25:a0:d1:98
> No keys have been configured - skip key clearing
> No network configuration found for the current AP
> State: ASSOCIATED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> Scan timeout - try to get results
> Received 607 bytes of scan results (3 BSSes)
> Scan results: 3
> Selecting BSS from priority group 0
> 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - no WPA/RSN IE
> No APs found - clear blacklist and try again
> Removed BSSID 00:06:25:a0:d1:98 from blacklist (clear)
> Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
> Selecting BSS from priority group 0
> 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
>    skip - no WPA/RSN IE
> 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - no WPA/RSN IE
> No suitable AP found.
> Setting scan request: 5 sec 0 usec
> CTRL-EVENT-TERMINATING - signal 2 received
> Removing interface wlan0
> State: DISCONNECTED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> No keys have been configured - skip key clearing
> Cancelling scan request
> 
> 
> 
> 
> 
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list

Follow-Ups:
- Re: problem connecting EAP/TLS wireless network
  - From: Arnold Wang

References:
- connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Ertugrul Harman
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Dan Williams
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: David Abrahams
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Ertugrul Harman
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Darren Albers
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Ertugrul Harman
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Darren Albers
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Ertugrul Harman
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Dan Williams
- Re: connecting to a WPA secured wireless network often fails and takes a very long time
  - From: Darren Albers
- problem connecting EAP/TLS wireless network
  - From: Arnold Wang

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]