You are not logged in.
- Topics: Active | Unanswered
#1 2017-05-25 13:54:19
- Ayeye
- Member
- Registered: 2013-09-24
- Posts: 6
NetworkManager fails to connect WPA2-Enterprise
Good morning to everyone,
I'm in trouble with NetworkManager: I can't connect to the university WiFi anymore. I tested it with both the private networks, with WPA2-Enterprise key, but no good results. The problem occured few days ago, before it worked well. I try to revert the packages to two weeks ago, hoping that an upgrade may break something, but I still fail to connect to the network.
Moreover:
- the login credentials are correct, at the moment I'm using them for the smartphone connection and I've not problems.
- no problems occur trying to connect to a private network with WPA/WEP key.
Following the other system information:
──── dmesg | grep wlp58
[20021.221619] wlp58s0: authenticate with 2c:3e:cf:cf:73:03
[20021.275673] wlp58s0: send auth to 2c:3e:cf:cf:73:03 (try 1/3)
[20021.278749] wlp58s0: authenticated
[20021.285491] wlp58s0: associate with 2c:3e:cf:cf:73:03 (try 1/3)
[20021.294367] wlp58s0: RX AssocResp from 2c:3e:cf:cf:73:03 (capab=0x431 status=0 aid=12)
[20021.298988] wlp58s0: associated
[20021.299124] IPv6: ADDRCONF(NETDEV_CHANGE): wlp58s0: link becomes ready
[20023.929896] wlp58s0: deauthenticated from 2c:3e:cf:cf:73:03 (Reason: 2=PREV_AUTH_NOT_VALID)
[20038.765349] wlp58s0: authenticate with 2c:3e:cf:cf:73:03
[20038.818690] wlp58s0: send auth to 2c:3e:cf:cf:73:03 (try 1/3)
[20038.820647] wlp58s0: authenticated
[20038.824037] wlp58s0: associate with 2c:3e:cf:cf:73:03 (try 1/3)
[20038.828214] wlp58s0: RX AssocResp from 2c:3e:cf:cf:73:03 (capab=0x431 status=0 aid=12)
[20038.830978] wlp58s0: associated
[20041.432046] wlp58s0: deauthenticated from 2c:3e:cf:cf:73:03 (Reason: 2=PREV_AUTH_NOT_VALID)──── journalctl -u NetworkManager
May 25 15:27:20 betelgeuse NetworkManager[12125]: <warn> [1495718840.1370] device (wlp58s0): Activation: (wifi) asking for new secrets
May 25 15:27:24 betelgeuse NetworkManager[12125]: <info> [1495718844.9303] device (wlp58s0): supplicant interface state: scanning -> inactive
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0175] keyfile: update /etc/NetworkManager/system-connections/eduroam (2e8e58c2-a345-4cda-8c22-fb85a8fd4c85
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0343] device (wlp58s0): state change: need-auth -> prepare (reason 'none') [60 40 0]
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0352] device (wlp58s0): state change: prepare -> config (reason 'none') [40 50 0]
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0356] device (wlp58s0): Activation: (wifi) connection 'eduroam' has security, and secrets exist. No new s
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0356] Config: added 'ssid' value 'eduroam'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0356] Config: added 'scan_ssid' value '1'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'key_mgmt' value 'WPA-EAP'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'proto' value 'RSN'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'pairwise' value 'CCMP'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'group' value 'CCMP TKIP'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'password' value '<hidden>'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'eap' value 'PEAP'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'fragment_size' value '1266'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'phase2' value 'auth=MSCHAPV2'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'ca_cert' value '/home/banana/.cat_installer/ca.pem'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0357] Config: added 'altsubject_match' value 'DNS:janus.sissa.it'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0358] Config: added 'identity' value 'ndemo@sissa.it'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0358] Config: added 'anonymous_identity' value 'anonymous@sissa.it'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0358] Config: added 'bgscan' value 'simple:30:-65:300'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0358] Config: added 'proactive_key_caching' value '1'
May 25 15:27:37 betelgeuse NetworkManager[12125]: <info> [1495718857.0520] device (wlp58s0): supplicant interface state: inactive -> scanning
May 25 15:27:41 betelgeuse NetworkManager[12125]: <info> [1495718861.9412] device (wlp58s0): supplicant interface state: scanning -> authenticating
May 25 15:27:41 betelgeuse NetworkManager[12125]: <info> [1495718861.9482] device (wlp58s0): supplicant interface state: authenticating -> associating
May 25 15:27:41 betelgeuse NetworkManager[12125]: <info> [1495718861.9585] device (wlp58s0): supplicant interface state: associating -> associated
May 25 15:27:44 betelgeuse NetworkManager[12125]: <warn> [1495718864.5888] sup-iface[0x23e1bc0,wlp58s0]: connection disconnected (reason 2)
May 25 15:27:44 betelgeuse NetworkManager[12125]: <info> [1495718864.5973] device (wlp58s0): supplicant interface state: associated -> disconnected──── nmcli connection show eduroam
connection.id: eduroam
connection.uuid: 2e8e58c2-a345-4cda-8c22-fb85a8fd4c85
connection.stable-id: --
connection.interface-name: --
connection.type: 802-11-wireless
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
connection.timestamp: 0
connection.read-only: no
connection.permissions: user:banana
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries: --
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
802-1x.eap: peap
802-1x.identity: ndemo@sissa.it
802-1x.anonymous-identity: anonymous@sissa.it
802-1x.pac-file: --
802-1x.ca-cert: /home/banana/.cat_installer/ca.pem
802-1x.ca-cert-password: <hidden>
802-1x.ca-cert-password-flags: 0 (none)
802-1x.ca-path: --
802-1x.subject-match: --
802-1x.altsubject-matches: DNS:janus.sissa.it
802-1x.domain-suffix-match: --
802-1x.client-cert: --
802-1x.client-cert-password: <hidden>
802-1x.client-cert-password-flags: 0 (none)
802-1x.phase1-peapver: --
802-1x.phase1-peaplabel: --
802-1x.phase1-fast-provisioning: --
802-1x.phase1-auth-flags: 0 (none)
802-1x.phase2-auth: mschapv2
802-1x.phase2-autheap: --
802-1x.phase2-ca-cert: 0 (none)
802-1x.phase2-ca-cert-password: --
802-1x.phase2-ca-cert-password-flags: <hidden>
802-1x.phase2-ca-path: --
802-1x.phase2-subject-match: --
802-1x.phase2-altsubject-matches: --
802-1x.phase2-domain-suffix-match: --
802-1x.phase2-client-cert: --
802-1x.phase2-client-cert-password: <hidden>
802-1x.phase2-client-cert-password-flags:0 (none)
802-1x.password: <hidden>
802-1x.password-flags: 0 (none)
802-1x.password-raw: <hidden>
802-1x.password-raw-flags: 0 (none)
802-1x.private-key: --
802-1x.private-key-password: <hidden>
802-1x.private-key-password-flags: 0 (none)
802-1x.phase2-private-key: --
802-1x.phase2-private-key-password: <hidden>
802-1x.phase2-private-key-password-flags:0 (none)
802-1x.pin: <hidden>
802-1x.pin-flags: 0 (none)
802-1x.system-ca-certs: no
802-1x.auth-timeout: 0
802-11-wireless.ssid: eduroam
802-11-wireless.mode: --
802-11-wireless.band: --
802-11-wireless.channel: 0
802-11-wireless.bssid: --
802-11-wireless.rate: 0
802-11-wireless.tx-power: 0
802-11-wireless.mac-address: --
802-11-wireless.cloned-mac-address: --
802-11-wireless.generate-mac-address-mask:--
802-11-wireless.mac-address-blacklist: --
802-11-wireless.mac-address-randomization:default
802-11-wireless.mtu: auto
802-11-wireless.seen-bssids: --
802-11-wireless.hidden: no
802-11-wireless.powersave: default (0)
802-11-wireless-security.key-mgmt: wpa-eap
802-11-wireless-security.wep-tx-keyidx: 0
802-11-wireless-security.auth-alg: --
802-11-wireless-security.proto: rsn
802-11-wireless-security.pairwise: ccmp
802-11-wireless-security.group: ccmp,tkip
802-11-wireless-security.leap-username: --
802-11-wireless-security.wep-key0: <hidden>
802-11-wireless-security.wep-key1: <hidden>
802-11-wireless-security.wep-key2: <hidden>
802-11-wireless-security.wep-key3: <hidden>
802-11-wireless-security.wep-key-flags: 0 (none)
802-11-wireless-security.wep-key-type: 0 (unknown)
802-11-wireless-security.psk: <hidden>
802-11-wireless-security.psk-flags: 0 (none)
802-11-wireless-security.leap-password: <hidden>
802-11-wireless-security.leap-password-flags:0 (none)
ipv4.method: auto
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: (default)
ipv4.dns-priority: 0
ipv4.addresses: --
ipv4.gateway: --
ipv4.routes: --
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: auto
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: (default)
ipv6.dns-priority: 0
ipv6.addresses: --
ipv6.gateway: --
ipv6.routes: --
ipv6.route-metric: -1
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: -1 (unknown)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
ipv6.token: --
proxy.method: none
proxy.browser-only: no
proxy.pac-url: --
proxy.pac-script: --The problem looks like the credentials are wrong, but I checked all times and they are correct (I remind I'm using the same credentials on the smartphone and everything works). Also, the file `/etc/NetworkManager/system-connections/eduroam` contains the right informations, so I really don't understand why the connection keep failing.
Any idea?
Offline
#2 2017-06-06 13:15:12
- Ayeye
- Member
- Registered: 2013-09-24
- Posts: 6
Re: NetworkManager fails to connect WPA2-Enterprise
Up
Offline
#3 2017-06-06 13:25:09
- hanckmann
- Member
- Registered: 2009-08-15
- Posts: 5
Re: NetworkManager fails to connect WPA2-Enterprise
Same problem here. I am using it at work (hence it is very problematic).
@Ayeye: which packages did you revert and to which version to get it working again? I did not manage to revert my packages such that I got it to work.
Offline
#4 2017-06-06 13:37:27
- Ayeye
- Member
- Registered: 2013-09-24
- Posts: 6
Re: NetworkManager fails to connect WPA2-Enterprise
I reverted all the packages to a week before the network crash happened (https://wiki.archlinux.org/index.php/Ar … cific_date), but the problem was not solved.
Anyway, at the moment I can't use any WPA2 Enterprise networks, despite enabling testing repository. Because the community can't help me, I will switch distro in few days if problem won't be solved.
Offline
#5 2017-06-06 23:44:36
- R00KIE
- Forum Fellow
- From: Between a computer and a chair
- Registered: 2008-09-14
- Posts: 4,734
Re: NetworkManager fails to connect WPA2-Enterprise
@Ayeye
Don't bump your threads https://wiki.archlinux.org/index.php/Co … ct#Bumping
There is an open bug about wpa_supplicant not being able to decrypt the certificates but if you have tried enabling testing and version 1:2.6-6 didn't work then it's probably a different problem which I have also stumbled upon. If you are up to recompiling the wpa_supplicant package you could try linking it against openssl 1.0.
Get the source files for wpa_supplicant with asp (see https://www.archlinux.org/news/deprecation-of-abs/ ) and try with this PKGBUILD and see if it works:
# $Id$
# Maintainer: Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
# Contributor: Thomas Bächler <thomas@archlinux.org>
pkgname=wpa_supplicant
pkgver=2.6
pkgrel=6
epoch=1
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="http://hostap.epitest.fi/wpa_supplicant"
arch=('i686' 'x86_64')
depends=('openssl-1.0' 'libdbus' 'readline' 'libnl')
optdepends=('wpa_supplicant_gui: wpa_gui program')
license=('GPL')
install=wpa_supplicant.install
source=(https://w1.fi/releases/${pkgname}-${pkgver}.tar.gz{,.asc}
config)
validpgpkeys=('EC4AA0A991A5F2464582D52D2B6EF432EFC895FA') # Jouni Malinen
sha256sums=('b4936d34c4e6cdd44954beba74296d964bc2c9668ecaa5255e499636fe2b1450'
'SKIP'
'e7724868cda101f94962dd247c859cab581bc51080ae967b9e6409502d5193d4')
prepare() {
cd "$srcdir/$pkgname-$pkgver/$pkgname"
cp "$srcdir/config" ./.config
}
build() {
cd "$srcdir/$pkgname-$pkgver/$pkgname"
# The Makefile does not pick up our CPPFLAGS
export CFLAGS="$CPPFLAGS $CFLAGS"
export CFLAGS="$CFLAGS -I/usr/include/openssl-1.0"
export LIBS="-L/usr/lib/openssl-1.0"
export LIBS_p="-L/usr/lib/openssl-1.0"
make LIBDIR=/usr/lib BINDIR=/usr/bin
make LIBDIR=/usr/lib BINDIR=/usr/bin eapol_test
}
package() {
cd "$srcdir/$pkgname-$pkgver/$pkgname"
make LIBDIR=/usr/lib BINDIR=/usr/bin DESTDIR="$pkgdir" install
install -Dm755 eapol_test "$pkgdir/usr/bin/eapol_test"
install -d -m755 "$pkgdir/etc/wpa_supplicant"
install -Dm644 wpa_supplicant.conf \
"$pkgdir/usr/share/doc/wpa_supplicant/wpa_supplicant.conf"
install -d -m755 "$pkgdir/usr/share/man/man"{5,8}
install -m644 doc/docbook/*.5 "$pkgdir/usr/share/man/man5/"
install -m644 doc/docbook/*.8 "$pkgdir/usr/share/man/man8/"
rm -f "$pkgdir/usr/share/man/man8/wpa_"{priv,gui}.8
install -d -m755 "$pkgdir/usr/share/dbus-1/system-services"
install -m644 \
dbus/fi.{epitest.hostap.WPASupplicant,w1.wpa_supplicant1}.service \
"$pkgdir/usr/share/dbus-1/system-services/"
install -Dm644 dbus/dbus-wpa_supplicant.conf \
"$pkgdir/etc/dbus-1/system.d/wpa_supplicant.conf"
install -d -m755 "$pkgdir/usr/lib/systemd/system"
install -m644 systemd/*.service "$pkgdir/usr/lib/systemd/system/"
}R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K
Offline
#6 2017-06-14 14:43:46
- Ayeye
- Member
- Registered: 2013-09-24
- Posts: 6
Re: NetworkManager fails to connect WPA2-Enterprise
Also linking the OpenSSL 1.0, I can't connect.
Some hints in order to identify, at least, the real problem?
Offline
#7 2017-06-14 15:55:35
- R00KIE
- Forum Fellow
- From: Between a computer and a chair
- Registered: 2008-09-14
- Posts: 4,734
Re: NetworkManager fails to connect WPA2-Enterprise
Then you have to connect manually with wpa_supplicant and a dhcp client and look at the output and try to see where the problem is. Don't forget to disable networkmanager or any other connection manager you may be using while trying to connect manually.
R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K
Offline