Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

t12ek · 2007-09-11 16:59:49

Okay, I've been poking around at this for a while now, and I haven't been able to figure it out yet. I'm trying to get wpa_supplicant to connect to my school's wireless WPA network. I've managed to get it connected using Network Manager, but I'd rather have a tool that can connect to it WITHOUT using a GUI (I've been using WMs more lately than DEs, so I'd much rather have something CLI that I can script).

Okay, some details about the network. Using nm-applet (GNOME frontend for Network Manager), I use the fllowing settings to connect:
Network Name: UA_WPA
EAP Method: PEAP
Key Type: TKIP
Phase2 Type: MSCHAPv2
Identity: <user>
Password: <pass>

and I leave the rest blank, and it (usually) connects just fine.
Note: the SSID is hidden.

Relevant portions of my wpa_supplicant.conf are as follows:

# IEEE 802.1X/EAPOL version
eapol_version=1

# AP scanning/selection
ap_scan=1

# EAP fast re-authentication
fast_reauth=0

#EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel
#(e.g., Radiator)
network={
    ssid="UA_WPA"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=PEAP
    pairwise=TKIP
    identity="<user>"
    password="<pass>"
    #ca_cert="/etc/cert/ca.pem"
    phase1="peaplabel=1"
    phase2="auth=MSCHAPV2"
    priority=7
}

This does NOT work. When running wpa_supplicant with the debug option it usually tells me that it can't find a matching SSID. However, I've tried it in an area where the SSID IS broadcast, and it still doesn't work (though I can't remember what the error is). I'll try it again there later and post with the error message there. I've also tried changing ap_scan to 2, but that didn't help either.

My wireless card is an Intel 2915ABG, using the ipw2200 driver from the repos.

Any help getting this to work would be greatly appreciated. And, as I said earlier, I don't really care if it's using wpa_supplicant or not, as long as it's all done without a GUI component.

t12ek · 2007-09-13 08:28:03

Well, unfortunately, I can't really poke at this anymore. My laptop ran into some hardware issues and is currently, and possibly permanently out of commission.

klixon · 2007-09-13 09:54:11

For completeness-sake, my uneducated guess would be to put this in the network-part of your wpa-supplicant.conf:

    scan_ssid=0

instead of the 1 that's there.
As you say, the ssid is hidden, so scanning for it would result in failure i guess.

t12ek · 2007-09-15 02:29:41

From the sample wpa_supplicant.conf:

# scan_ssid:
#    0 = do not scan this SSID with specific Probe Request frames (default)
#    1 = scan with SSID-specific Probe Request frames (this can be used to
#        find APs that do not accept broadcast SSID or use multiple SSIDs;
#        this will add latency to scanning, so enable this only when needed)

So... looks like that likely isn't the solution. Of course, this is all just speculation now, until I can resolve the hardware issues or get a new laptop.

sabooky · 2007-09-17 00:26:14

try:

ap_scan=2

Thats how i finally got mine to work. Also, run wpa_supplicant with the -d flag and watch for what it says, might help you figure out the sorce of the prob.

n37 · 2009-09-04 18:34:27

I had the same problem with my router with hidden ssid. Setting ap_scan=2 was the solution.

Arch Linux

#1 2007-09-11 16:59:49

Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

#2 2007-09-13 08:28:03

Re: Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

#3 2007-09-13 09:54:11

Re: Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

#4 2007-09-15 02:29:41

Re: Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

#5 2007-09-17 00:26:14

Re: Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

#6 2009-09-04 18:34:27

Re: Help with wpa_supplicant (PEAP + TKIP + MSCHAPv2 + Hidden SSID)

Board footer