Re: Issues with WPA Enterprise + NetworkManager

From: Dan Williams <dcbw redhat com>
To: Thomas Rix <ThomasRix gmx de>
Cc: networkmanager-list gnome org
Subject: Re: Issues with WPA Enterprise + NetworkManager
Date: Fri, 16 Jan 2009 14:23:22 -0500
On Thu, 2009-01-15 at 13:46 +0100, Thomas Rix wrote:
> Hi.
> 
> I'm having trouble to connect to the wireless network at my university.
> 
> It uses WPA Enterprise with PEAP authentication, TKIP encryption and a 
> CA-certificate.
> 
> This is what I enter in KNetworkManager:
> Security: WPA Enterprise
> EAP method: PEAP
> Identity: my username
> Password: my password
> CA-certificate: /etc/ssl/certs/cacert.pem (I copied it there, downloaded 
> from the university's homepage, I also got 3 other certs with the 
> suffixes .crt, .cer and .der)
> Phase 2 method: MSCHAPv2
> 
> When I try to connect to the network the symbol in the systray starts 
> working and ends up with a gray globe saying not connected. The logfile 
> output of my latest connection attempt is attached in the 
> NetworkManager.log file.
> 
> My system is a DELL Inspiron 1720 with openSUSE 11.1 x86_64. Wireless 
> adapter is an Intel PRO/Wireless 3945ABG. Configuration is set via DHCP.
> 
> Connecting to my WLAN at home with WPA2-PSK works fine, so the driver 
> isn't the problem.

The bug looks to be in KNetworkManager, since it's passing "ca_path"
instead of the CA certificate you've given it.  You have two options:
try to figure out from your distro why KNetworkManager isn't passing
your chosen CA certificate to NM (it may have legitimate reasons for
doing so), or you can add your CA certificate to the OpenSSL system CA
directory for your distro, which is a bit complicated.

Dan

> Thomas
> plain text document attachment (NetworkManager.log)
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) starting connection 'eduroam'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): device state change: 3 -> 4
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): device state change: 4 -> 5
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0/wireless): access point 'eduroam' has security, but secrets are required.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): device state change: 5 -> 6
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): device state change: 6 -> 4
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): device state change: 4 -> 5
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0/wireless): connection 'eduroam' has security, and secrets exist. No new secrets needed.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'ssid' value 'eduroam'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'scan_ssid' value '1'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'key_mgmt' value 'WPA-EAP'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'pairwise' value 'TKIP CCMP'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'group' value 'TKIP CCMP'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'password' value '<omitted>'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'eap' value 'PEAP'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'fragment_size' value '1300'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'phase2' value 'auth=MSCHAPV2'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'identity' value '<my identity>'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'ca_path' value '/etc/ssl/certs'
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: set interface ap_scan to 1
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): supplicant connection state: disconnected -> scanning
> Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): supplicant connection state: scanning -> disconnected
> Jan 14 09:54:31 linux-im9r NetworkManager: <info> wlan0: link timed out.
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> Activation (wlan0/wireless): association took too long.
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> (wlan0): device state change: 5 -> 6
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> Activation (wlan0/wireless): asking for new secrets
> Jan 14 09:54:41 linux-im9r NetworkManager: <WARN> get_secrets_cb(): Couldn't get connection secrets: Requested setting is empty.
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> (wlan0): device state change: 6 -> 9
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> Activation (wlan0) failed for access point (eduroam)
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> Marking connection 'eduroam' invalid.
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> Activation (wlan0) failed.
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> (wlan0): device state change: 9 -> 3
> Jan 14 09:54:41 linux-im9r NetworkManager: <info> (wlan0): deactivating device (reason: 0).
> _______________________________________________ NetworkManager-list mailing list NetworkManager-list gnome org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Follow-Ups:
- Re: Issues with WPA Enterprise + NetworkManager
  - From: Helmut Schaa
References:
- Issues with WPA Enterprise + NetworkManager
  - From: Thomas Rix
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]