| Hello Thomas,
Thanks a lot for your reply. This is really helpful.
But because we do not have a way to use the latest version it would be wonderful to find a workaround.
I tried to disable wps in the wpa_supplicant config [1] file but this did not work. Is this the right way to adjust it? Is this even the wpa_supplicant config used by network manager?
Thanks a lot and best regards,
Florian
[1] Added to /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev wps_disabled=1 update_config=1 country=DE
On Wed, 2021-04-07 at 17:18 +0200, Florian Klein wrote:Dear Network Manager Experts,
we are opening an Access Point with network manager (on a RPI4 with
Raspbian) and everything is working fine except that when connecting
from Windows 10 we are asked for a pin first (probably wps pin) instead
of getting shown directly the passphrase field to enter. This is not
observed on Mac and Linux.
Our wifi-ap configuration:
sudo nmcli c add con-name wifi-ap type wifi ssid test ifname
wlan0 save yes autoconnect yes 802-11-wireless.mode ap 802-11-
wireless.band bg ipv4.method shared wifi-sec.key-mgmt wpa-psk wifi-
sec.psk "test1234"
We already tried multiple configurations from the provided page:
https://developer.gnome.org/NetworkManager/stable/settings-802-11-wireless-security.html
like:
- wps-method 1
- proto rsn
- pairwise ccmp
But nothing really helped. Would be fantastic to get your support here.
Thanks
Hi Florian,in another email you said that you are using Version 1.14.6, fromRaspian10. That's is quite an old version and it might be interestingto try a recent version. But in practice, I don't think your questionwill be solved by that, so OK.NetworkManager's "wifi.mode ap" is something simple that is mainlyaimed for simple setups. The reason is that if you run a "serious"access point, you might want to configure countless parameters relatedto Wi-Fi, but then also want more control over the DHCP and DNS server.NetworkManager does that all, but the configuration options are notthat extended. So, consider whether NetworkManager is the right choicehere. But we really want NetworkManager to be stellar also in suchcases, so it's not that we say: "such usecase is not supported". But:"maybe it doesn't work that well yet, but we'd hope to improve on that(e.g. by adding new configuration options and fix issues in certainuse-cases)".OK, more to your actual question...NetworkManager uses wpa_supplicant's AP mode. wpa_supplicant is thesibling of hostapd, and both are highly configurable. Your problemindeed seems to be related to WPS. I am not familiar with this, so Idon't know the solution. I would think you first should understand howto configure this in wpa_supplicant (or hostapd). And then, in a secondstep, how to bring NetworkManager to get that right.What NetworkManager does, is relatively simple. Enable `level=TRACE`logging (see [1]), then NetworkManager will log the options that itsets in supplicant, like Config: added 'mode' value '2'('2' means AP mode). NetworkManager configures wpa_supplicant via theD-Bus API.I think there is a "wps_disabled" option in wpa_supplicant.conf. It'snot clear whether "wps_disabled" is really the right solution to yourproblem. But if it is, you might be able to set that inwpa_supplicant.conf so that it gets honored.If it's really about wps_disabled, I guess you could also re-compilesupplicant package without WPS support. Would be at least interestingas a try.If that is the right solution, then maybe this should be set byNetworkManager (but I think the flag is currenlty not configurable viaD-Bus(?)). Anyway, it would be interesting later to improveNetworkManager to get this right.[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/contrib/fedora/rpm/NetworkManager.conf#L49hope this gave you some ideas,best,Thomas
|
