You are not logged in.

Pages: 1

#1 2014-07-04 03:32:16

polks
Member
Registered: 2014-07-02
Posts: 7

[SOLVED]Wpa_supplicant on WPA2-Enterprise

Hi, this is the second time trying to set the university wireless set up, this time Im getting closer but the learning curve is getting steeper and I dont seem to be able to wrap my head around whats going wrong hmm

uname -a
Linux Arch 3.15.2-1-ARCH #1 SMP PREEMPT Fri Jun 27 07:41:19 CEST 2014 x86_64 GNU/Linux

Wireless driver

pacman -Qi broadcom-wl
Name           : broadcom-wl
Version        : 6.30.223.141-9
Description    : Broadcom 802.11abgn hybrid Linux networking device driver
Architecture   : x86_64
pacman -Qi wpa_supplicant
Name           : wpa_supplicant
Version        : 2.1-3
Description    : A utility providing key negotiation for WPA wireless networks
Architecture   : x86_64
pacman -Qi dhcpcd
Name           : dhcpcd
Version        : 6.4.0-1
Description    : RFC2131 compliant DHCP client daemon
Architecture   : x86_64
lspci | grep 802
02:00.0 Network controller: Broadcom Corporation BCM43228 802.11a/b/g/n
cat /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant 
ap_scan=2 
fast_reauth=1 
network={ 
        scan_ssid=1 
        ssid="ssid" 
        key_mgmt=WPA-EAP 
        eap=PEAP 
        identity="identity" 
        ca_cert="/etc/cert/pca3-g5ss.cer" 
        phase1="peaplabel=1" 
        phase2="auth=MSCHAPV2" 
        password="passwd" 
} 
sudo wpa_supplicant -i wlp2s0 -c /etc/wpa_supplicant/wpa_supplicant.conf
Successfully initialized wpa_supplicant 
wlp2s0: CTRL-EVENT-SCAN-STARTED 
wlp2s0: Trying to associate with 08:17:35:c7:0d:c1 (SSID='ssid' freq=2437 MHz) 
wlp2s0: Associated with 08:17:35:c7:0d:c1 
wlp2s0: CTRL-EVENT-EAP-STARTED EAP authentication started 
wlp2s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25 
wlp2s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected 
wlp2s0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5' 
wlp2s0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at [url]https://www.verisign.com/rpa[/url] (c)10/CN=VeriSign Class 3 International Server CA - G3' 
wlp2s0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=CA/ST=Paris/L=college/O=networke de college/OU=DGTIC/CN=accesreseau.ucollege.ca' 
EAP-MSCHAPV2: Authentication succeeded 
wlp2s0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully 
[after a few minutes i dont know why]
wlp2s0: CTRL-EVENT-DISCONNECTED bssid=08:17:35:c7:0d:c1 reason=0 
wlp2s0: CTRL-EVENT-SCAN-STARTED 
wlp2s0: Trying to associate with 10:8c:cf:10:76:be (SSID='ssid' freq=5180 MHz) 
wlp2s0: Associated with 10:8c:cf:10:76:be 
wlp2s0: CTRL-EVENT-EAP-STARTED EAP authentication started 
wlp2s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25 
wlp2s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected 
wlp2s0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully 
[from then on it starts looping]

Verbose wpa_supplicant debug 

sudo wpa_supplicant -d -i wlp2s0 -c /etc/wpa_supplicant/wpa_supplicant.conf

http://bpaste.net/show/433129/

iwconfig
eno1      no wireless extensions. 
wlp2s0    IEEE 802.11abg  ESSID:"ssid"  
          Mode:Managed  Frequency:5.18 GHz  Access Point: 10:8C:CF:10:76:BE   
          Retry short limit:7   RTS thr:off   Fragment thr:off 
          Power Management:off 
          
lo        no wireless extensions. 
sudo dhcpcd wlp2s0 --debug 
dhcpcd[679]: version 6.4.0 starting 
dhcpcd[679]: wlp2s0: disabling kernel IPv6 RA support 
dhcpcd[679]: wlp2s0: executing `/usr/lib/dhcpcd/dhcpcd-run-hooks' PREINIT 
dhcpcd[679]: wlp2s0: executing `/usr/lib/dhcpcd/dhcpcd-run-hooks' NOCARRIER 
dhcpcd[679]: wlp2s0: waiting for carrier 
dhcpcd[679]: timed out 
dhcpcd[679]: wlp2s0: restoring kernel IPv6 RA support 
dhcpcd[679]: exited

Btw, both  wpa and dhcpcd work very well with WPA2-PSK at home and interestingly enough networkmanager works with the university network

Last edited by polks (2014-07-04 18:51:56)

Offline

#2 2014-07-04 12:35:02

sekret
Member
Registered: 2013-07-22
Posts: 284

Re: [SOLVED]Wpa_supplicant on WPA2-Enterprise

I'm bad at debugging this, but I basically do the same as you and it works. The only difference is that I use the open source driver for my card

01:00.0 Network controller: Broadcom Corporation BCM4313 802.11bgn Wireless Network Adapter (rev 01)

and my university uses

key_mgmt=WPA-EAP
eap=TTLS

so I have to ask are you sure about eap=PEAP?

Offline

#3 2014-07-04 15:47:39

polks
Member
Registered: 2014-07-02
Posts: 7

Re: [SOLVED]Wpa_supplicant on WPA2-Enterprise

Yes I'm pretty sure, or else I don't think the server would have responded with a success
line 588 

EAP-MSCHAPV2: Authentication succeededy

I agree it's pretty stupid from their part as mschapv2 is not secure anymore but thats what they say on their support page

Offline

#4 2014-07-04 18:51:13

polks
Member
Registered: 2014-07-02
Posts: 7

Re: [SOLVED]Wpa_supplicant on WPA2-Enterprise

It werked!

It was indeed PEAP but it needed some tweaking, this is the working config file
ctrl_interface=/var/run/wpa_supplicant
ap_scan=2
fast_reauth=1
network={
        scan_ssid=1
        ssid="ssid"
        key_mgmt=WPA-EAP
        eap=PEAP
        identity="identity"
        ca_cert="/etc/cert/pca3-g5ss.cer"
        phase1="peaplabel=auto peapver=0 "
        phase2="auth=MSCHAPV2"
        password="passwd"
}

Now I have an other problem, the Wireless indicator in i3status stays down even when the network is up and running but I think Ill go to the desktop environment for that.

Offline

Pages: 1

Board footer

Powered by FluxBB