Re: problem connecting EAP/TLS wireless network
- From: Arnold Wang <arnold wang inovis com>
- To: Dan Williams <dcbw redhat com>
- Cc: networkmanager-list gnome org
- Subject: Re: problem connecting EAP/TLS wireless network
- Date: Fri, 22 Sep 2006 16:59:15 -0700
BTW, I tried manually configuring NIC with the following
wpa_supplicant.conf file and it worked fine.
[root arnoldw2 ~]# more /etc/wpa_supplicant/wpa_supplicant.conf.eap
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=2
fast_reauth=1
network={
ssid="qrslan"
key_mgmt=IEEE8021X
eap=TLS
identity="awang itlogon com"
ca_cert="/etc/wpa_supplicant/.credential/itlogon.pem"
client_cert="/etc/wpa_supplicant/.credential/awang.pem"
private_key="/etc/wpa_supplicant/.credential/awang.prv"
eapol_flags=3
}
On Fri, 2006-09-22 at 15:34 -0700, Arnold Wang wrote:
> I upgraded the ndiswrapper to 1.23, which is the latest stable version,
> and I'm still experiencing the same problem.
> [root arnoldw2 ~]# dmesg | grep ndis
> ndiswrapper version 1.23 loaded (preempt=no,smp=no)
> ndiswrapper: driver lsbcmnds (The Linksys Group, Inc.,02/14/2005,
> 3.90.36.0) loaded
> ndiswrapper: using irq 11
>
>
> On Fri, 2006-09-22 at 14:54 -0700, Arnold Wang wrote:
> > Thanks for the responding.
> > I'm using ndiswrapper 1.18 and the Linksys driver is 3.90.36.0. I
> > understand the ndiswrapper is not the latest, however I assume it should
> > be OK since it works fine with my home network.
> > I'll try to compile the latest from source.
> >
> > On Fri, 2006-09-22 at 17:50 -0400, Dan Williams wrote:
> > > On Fri, 2006-09-22 at 13:39 -0700, Arnold Wang wrote:
> > > > I'm having trouble to connect to my company's EAP/TLS wireless network
> > > > using NM. I'm running FC5 on my laptop and the NIC is Linksys WPC54G
> > > > using ndiswrapper driver. The NM is 0.6.4. The wpa_supplicant driver is
> > > > 0.4.8.
> > > > This combination works great with my home WPA2/AES wireless network. The
> > > > problem is with my company's EAS/TLS network. When I tried to connect to
> > > > the network, I was prompted to enter the WEP key. According to my
> > > > understanding of EAP/TLS, the keys are dynamically generated. I
> > > > shouldn't be prompted at all.
> > >
> > > It looks like you need a better version of ndiswrapper, if that's what
> > > you're using for your card. What version do you have?
> > >
> > > Dan
> > >
> > >
> > > > I configured the software components in the following:
> > > > ------
> > > > /etc/sysconfig/wpa_supplicant:
> > > > # wlan0 and wifi0
> > > > # INTERFACES="-iwlan0 -iwifi0"
> > > > INTERFACES="-iwlan0"
> > > > # ndiswrapper and prism
> > > > # DRIVERS="-Dndiswrapper -Dprism"
> > > > DRIVERS="-Dndiswrapper"
> > > > -----
> > > > /etc/wpa_supplicant/wpa_supplicant.conf
> > > > ctrl_interface=/var/run/wpa_supplicant
> > > > ctrl_interface_group=wheel
> > > > ap_scan=2
> > > >
> > > > network={
> > > > ssid="any"
> > > > key_mgmt=NONE
> > > > }
> > > > -----
> > > > NM configuration:
> > > > Network Name: qrslan(SSID)
> > > > Wireless Security: WPA Enterprise
> > > > EAP: TLS
> > > > Key Type: Dynamic WEP
> > > > identity: awang itlogon com(ID for RADIUS)
> > > > I have all the certificates configured as well.
> > > > The followings are the error messages I can find, which don't tell much:
> > > > ------
> > > > /var/log/messages:
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) started...
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 1 of 5 (Device Prepare) started...
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 2 of 5 (Device Configure) scheduled...
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 1 of 5 (Device Prepare) complete.
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 2 of 5 (Device Configure) starting...
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0/wireless): access point 'qrslan' is encrypted, but NO valid key
> > > > exists. New key needed.
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) New wireless user key requested for network 'qrslan'.
> > > > Sep 22 13:27:10 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) Stage 2 of 5 (Device Configure) complete.
> > > > Sep 22 13:27:33 arnoldw2 NetworkManager: <information> Activation
> > > > (wlan0) New wireless user key request for network 'qrslan' was canceled.
> > > > (I clicked cancel on the prompt)
> > > > ---debug messages when I started wpa_supplicant manually
> > > > Initializing interface 'wlan0' conf
> > > > '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'ndiswrapper'
> > > > ctrl_interface 'N/A'
> > > > Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' ->
> > > > '/etc/wpa_supplicant/wpa_supplicant.conf'
> > > > Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf'
> > > > ctrl_interface='/var/run/wpa_supplicant'
> > > > ctrl_interface_group=10 (from group name 'wheel')
> > > > ap_scan=1
> > > > Line: 5 - start of a new network block
> > > > ssid - hexdump_ascii(len=3):
> > > > 61 6e 79 any
> > > > key_mgmt: 0x4
> > > > Priority group 0
> > > > id=0 ssid='any'
> > > > Initializing interface (2) 'wlan0'
> > > > EAPOL: SUPP_PAE entering state DISCONNECTED
> > > > EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> > > > EAPOL: SUPP_BE entering state INITIALIZE
> > > > EAP: EAP entering state DISABLED
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > SIOCGIWRANGE: WE(compiled)=20 WE(source)=18 enc_capa=0xf
> > > > capabilities: key_mgmt 0xf enc 0xf
> > > > Own MAC address: 00:0c:41:e3:ca:ad
> > > > Driver does not support WPA.
> > > > wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> > > > Setting scan request: 0 sec 100000 usec
> > > > Added interface wlan0
> > > > Wireless event: cmd=0x8b06 len=8
> > > > RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> > > > RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> > > > State: DISCONNECTED -> SCANNING
> > > > Starting AP scan (broadcast SSID)
> > > > Scan timeout - try to get results
> > > > Received 607 bytes of scan results (3 BSSes)
> > > > Scan results: 3
> > > > Selecting BSS from priority group 0
> > > > 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
> > > > skip - no WPA/RSN IE
> > > > No suitable AP found.
> > > > Setting scan request: 5 sec 0 usec
> > > > Wireless event: cmd=0x8b1a len=8
> > > > Wireless event: cmd=0x8b15 len=20
> > > > Wireless event: new AP: 00:00:00:00:00:00
> > > > Added BSSID 00:00:00:00:00:00 into blacklist
> > > > State: SCANNING -> DISCONNECTED
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> > > > wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > > > Wireless event: cmd=0x8b2a len=8
> > > > Wireless event: cmd=0x8b06 len=8
> > > > Wireless event: cmd=0x8c07 len=40
> > > > AssocReq IE wireless event - hexdump(len=32): 00 08 48 65 6c 70 44 65 73
> > > > 6b 01 04 82 84 0b 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> > > > Wireless event: cmd=0x8c08 len=14
> > > > AssocResp IE wireless event - hexdump(len=6): 01 04 82 84 0b 16
> > > > Wireless event: cmd=0x8b15 len=20
> > > > Wireless event: new AP: 00:06:25:a0:d1:98
> > > > Association info event
> > > > req_ies - hexdump(len=32): 00 08 48 65 6c 70 44 65 73 6b 01 04 82 84 0b
> > > > 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> > > > resp_ies - hexdump(len=6): 01 04 82 84 0b 16
> > > > WPA: clearing own WPA/RSN IE
> > > > State: DISCONNECTED -> ASSOCIATED
> > > > Associated to a new BSS: BSSID=00:06:25:a0:d1:98
> > > > No keys have been configured - skip key clearing
> > > > No network configuration found for the current AP
> > > > State: ASSOCIATED -> DISCONNECTED
> > > > No keys have been configured - skip key clearing
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > State: DISCONNECTED -> SCANNING
> > > > Starting AP scan (broadcast SSID)
> > > > Wireless event: cmd=0x8b1a len=8
> > > > Wireless event: cmd=0x8b15 len=20
> > > > Wireless event: new AP: 00:00:00:00:00:00
> > > > Added BSSID 00:06:25:a0:d1:98 into blacklist
> > > > State: SCANNING -> DISCONNECTED
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> > > > wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> > > > wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > > > Wireless event: cmd=0x8b2a len=8
> > > > Wireless event: cmd=0x8b06 len=8
> > > > Wireless event: cmd=0x8c07 len=40
> > > > AssocReq IE wireless event - hexdump(len=32): 00 08 48 65 6c 70 44 65 73
> > > > 6b 01 04 82 84 0b 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> > > > Wireless event: cmd=0x8c08 len=14
> > > > AssocResp IE wireless event - hexdump(len=6): 01 04 82 84 0b 16
> > > > Wireless event: cmd=0x8b15 len=20
> > > > Wireless event: new AP: 00:06:25:a0:d1:98
> > > > Association info event
> > > > req_ies - hexdump(len=32): 00 08 48 65 6c 70 44 65 73 6b 01 04 82 84 0b
> > > > 16 dd 06 00 40 96 01 01 00 dd 06 00 10 18 02 00 00
> > > > resp_ies - hexdump(len=6): 01 04 82 84 0b 16
> > > > WPA: clearing own WPA/RSN IE
> > > > State: DISCONNECTED -> ASSOCIATED
> > > > Associated to a new BSS: BSSID=00:06:25:a0:d1:98
> > > > No keys have been configured - skip key clearing
> > > > No network configuration found for the current AP
> > > > State: ASSOCIATED -> DISCONNECTED
> > > > No keys have been configured - skip key clearing
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > Scan timeout - try to get results
> > > > Received 607 bytes of scan results (3 BSSes)
> > > > Scan results: 3
> > > > Selecting BSS from priority group 0
> > > > 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
> > > > skip - no WPA/RSN IE
> > > > No APs found - clear blacklist and try again
> > > > Removed BSSID 00:06:25:a0:d1:98 from blacklist (clear)
> > > > Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
> > > > Selecting BSS from priority group 0
> > > > 0: 00:0f:24:b6:9c:10 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 1: 00:0f:24:1d:0f:50 ssid='qrslan' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
> > > > skip - no WPA/RSN IE
> > > > 2: 00:06:25:a0:d1:98 ssid='HelpDesk' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
> > > > skip - no WPA/RSN IE
> > > > No suitable AP found.
> > > > Setting scan request: 5 sec 0 usec
> > > > CTRL-EVENT-TERMINATING - signal 2 received
> > > > Removing interface wlan0
> > > > State: DISCONNECTED -> DISCONNECTED
> > > > No keys have been configured - skip key clearing
> > > > EAPOL: External notification - portEnabled=0
> > > > EAPOL: External notification - portValid=0
> > > > No keys have been configured - skip key clearing
> > > > Cancelling scan request
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > NetworkManager-list mailing list
> > > > NetworkManager-list gnome org
> > > > http://mail.gnome.org/mailman/listinfo/networkmanager-list
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]