GSM: MBIM: How to select authentication type PAP, CHAP etc.



Hi,

I've got a question to understand, how the authentication type of a GSM connection
using MBIM protocol can be configured by NM.

Found the GSM based settings here:
https://developer.gnome.org/NetworkManager/stable/settings-gsm.html

I'm using NM and MM on an embedded system, speaking MBIM protocol to the GSM
modem (Telit LE910-EU1) connected via USB.

Using a SIM from T-Mobile works, but Vodafone not. Both APNs are configured for
PAP authentication with username and password.
The error message shown at the Vodafone GDSP platform is 'Invalid authentication method'.
Putting the Vodafone SIM into another device not using NM and MM works (4G LTE).
This device is using a proprietary driver, AT-commands and PPP with the same modem type.
The 'Invalid authentication message' lead me to the question:

How can I select the preferred authentication type to be written into the PDP context
using NM? Note that the modem uses MBIM and not PPP protocol.

With mmcli, I'm able to set the 'allowed-auth' option to one of none, pap, chap, mschap,
mschapv2 or eap during bearer creation.

Since MM 1.16.0, if the connection attempt includes user/password information but no
explicit authentication type, CHAP will now be used by default instead of PAP.
I'm scared about this change, because an update of MM from 1.14 to 1.16 might cause all
GSM connected devices to be lost, because NM doesn't define an authentication type
(but that's a topic for the MM mailing list).

With NM, I've created the GSM connection entry by following command:
# nmcli con add type gsm ifname cdc-wdm0 con-name gsm-connection apn gdspvpn.test.com user test password test
(no real APN, user and password shown here)

# nmcli -v
nmcli tool, version 1.22.10

# nmcli con edit gsm-connection

===| nmcli interactive connection editor |===

Editing existing 'gsm' connection: 'gsm-connection'

Type 'help' or '?' for available commands.
Type 'print' to show all the connection properties.
Type 'describe [<setting>.<prop>]' for detailed property description.

You may edit the following settings: connection, gsm, serial, ppp, match, ipv4, ipv6, tc, proxy
nmcli> print
===============================================================================
                  Connection profile details (gsm-connection)
===============================================================================
connection.id:                          gsm-connection
connection.uuid:                        f796efec-8336-45c8-9b05-856f25c33e90
connection.stable-id:                   --
connection.type:                        gsm
connection.interface-name:              cdc-wdm0
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.autoconnect-retries:         -1 (default)
connection.multi-connect:               0 (default)
connection.auth-retries:                -1
connection.timestamp:                   0
connection.read-only:                   no
connection.permissions:                 --
connection.zone:                        --
connection.master:                      --
connection.slave-type:                  --
connection.autoconnect-slaves:          -1 (default)
connection.secondaries:                 --
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        default
connection.mdns:                        -1 (default)
connection.llmnr:                       -1 (default)
connection.wait-device-timeout:         -1
-------------------------------------------------------------------------------
ipv4.method:                            auto
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
ipv4.addresses:                         --
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.routing-rules:                     --
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    --
ipv4.dhcp-iaid:                         --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.dhcp-hostname-flags:               0x0 (none)
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
-------------------------------------------------------------------------------
ipv6.method:                            auto
ipv6.dns:                               --
ipv6.dns-search:                        --
ipv6.dns-options:                       --
ipv6.dns-priority:                      0
ipv6.addresses:                         --
ipv6.gateway:                           --
ipv6.routes:                            --
ipv6.route-metric:                      -1
ipv6.route-table:                       0 (unspec)
ipv6.routing-rules:                     --
ipv6.ignore-auto-routes:                no
ipv6.ignore-auto-dns:                   no
ipv6.never-default:                     no
ipv6.may-fail:                          yes
ipv6.ip6-privacy:                       -1 (unknown)
ipv6.addr-gen-mode:                     stable-privacy
ipv6.ra-timeout:                        0 (default)
ipv6.dhcp-duid:                         --
ipv6.dhcp-iaid:                         --
ipv6.dhcp-timeout:                      0 (default)
ipv6.dhcp-send-hostname:                yes
ipv6.dhcp-hostname:                     --
ipv6.dhcp-hostname-flags:               0x0 (none)
ipv6.token:                             --
-------------------------------------------------------------------------------
gsm.auto-config:                        no
gsm.number:                             --
gsm.username:                           test
gsm.password:                           <hidden>
gsm.password-flags:                     0 (none)
gsm.apn:                                gdspvpn.test.com
gsm.network-id:                         --
gsm.pin:                                <hidden>
gsm.pin-flags:                          0 (none)
gsm.home-only:                          no
gsm.device-id:                          --
gsm.sim-id:                             --
gsm.sim-operator-id:                    --
gsm.mtu:                                auto
-------------------------------------------------------------------------------
proxy.method:                           none
proxy.browser-only:                     no
proxy.pac-url:                          --
proxy.pac-script:                       --
-------------------------------------------------------------------------------
nmcli>

What I'm missing is a setting like 'gsm.auth-type'.
Can anyone point me in the right direction?
Thanks in advance

Carsten


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]