Re: Issues with WPA Enterprise + NetworkManager

From: Thomas Rix <ThomasRix gmx de>
To: networkmanager-list gnome org
Cc: Helmut Schaa <helmut schaa googlemail com>
Subject: Re: Issues with WPA Enterprise + NetworkManager
Date: Sat, 17 Jan 2009 16:07:44 +0100



Helmut Schaa schrieb:

Am Freitag, 16. Januar 2009 schrieb Dan Williams:

On Thu, 2009-01-15 at 13:46 +0100, Thomas Rix wrote:

I'm having trouble to connect to the wireless network at my university.


[...]

Connecting to my WLAN at home with WPA2-PSK works fine, so the driverisn't the problem.
The bug looks to be in KNetworkManager, since it's passing "ca_path"
instead of the CA certificate you've given it.


Nah, NetworkManager adds "ca_path", not KNetworkManager. However, KNM does
not serialize the cert correctly. That's why certificates are deactivated
currently.

You have two options:try to figure out from your distro why KNetworkManager isn't passing
your chosen CA certificate to NM (it may have legitimate reasons for
doing so), or you can add your CA certificate to the OpenSSL system CA
directory for your distro, which is a bit complicated.


If you want to use KNM with a ca_cert (which is not needed for PEAP but highly
recommended) you have to copy it to the sytem CA directory as Dan suggested.

If I find some time I will try this out. According to my university theCA cert is needed to connect. On Windows Vista (which I used before) Ineeded it to be able to connect to the AP. Without it was not possible.

[...]

Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'ssid' value 'eduroam'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'scan_ssid' value '1'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'key_mgmt' value 'WPA-EAP'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'pairwise' value 'TKIP CCMP'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'group' value 'TKIP CCMP'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'password' value '<omitted>'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'eap' value 'PEAP'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'fragment_size' value '1300'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'phase2' value 'auth=MSCHAPV2'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'identity' value '<my identity>'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: added 'ca_path' value '/etc/ssl/certs'
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
Jan 14 09:54:16 linux-im9r NetworkManager: <info> Config: set interface ap_scan to 1
Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): supplicant connection state: disconnected -> scanning
Jan 14 09:54:16 linux-im9r NetworkManager: <info> (wlan0): supplicant connection state: scanning -> disconnected
Jan 14 09:54:31 linux-im9r NetworkManager: <info> wlan0: link timed out.


wpa_supplicant wasn't able to establish a connection, it did not even find
an appropriate AP. Not sure why. Are you able to scan for the APs you're
trying to connect to?


The AP is visible in KNM and so i guess it is scanned correctly.


Thomas

Follow-Ups:
- Re: Issues with WPA Enterprise + NetworkManager
  - From: Beso

References:
- Issues with WPA Enterprise + NetworkManager
  - From: Thomas Rix
- Re: Issues with WPA Enterprise + NetworkManager
  - From: Dan Williams
- Re: Issues with WPA Enterprise + NetworkManager
  - From: Helmut Schaa

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]