[rt2x00-users] [2.6.39][RT2860] Not able to connect to a secured wireless router with this encryption PEAP with TKIP/MSCHAPv2 or PEAP-TTLS

Matthieu Baerts matttbe at gmail.com
Fri May 6 22:41:27 EST 2011


Le jeudi 05 mai 2011 à 21:34 +0200, Gertjan van Wingerde a écrit :
> Hi Matthieu,
> 
> On 05/05/11 01:17, Matthieu Baerts wrote:
> > Hello everybody!
> > 
> > I'm using a Ralink RT2860 wireless card on Ubuntu Oneiric with the
> > version 2.6.39-0.5-generic of the kernel (2.6.39-rc5) on a x86_64
> > architecture.
> > This wireless card and its drivers (rt2800pci) works well except if I
> > try to connect to a secured wireless router with PEAP with
> > TKIP/MSCHAPv2. I was able to connect to this network before but not now
> > (I'm not sure I was using your firmware).
> > 
> > Note that I was able to connect to this network only after having
> > blacklisted your modules and use the staging module rt2860sta:
> >     $ sudo rmmod rt2800pci rt2860sta rt2x00pci
> >     $ sudo rmmod rt2800lib rt2x00lib
> >     $ sudo modprobe rt2860sta
> > 
> > This is my wpa_supplicant.conf used by Wicd:
> >     ctrl_interface=/var/run/wpa_supplicant
> >     network={
> >             ssid="student.UCLouvain"
> >             scan_ssid=0
> >             proto=WPA
> >             key_mgmt=WPA-EAP
> >             pairwise=TKIP
> >             group=TKIP
> >             eap=PEAP
> >             identity="USER at wifi.uclouvain.be"
> >             password="PASSWORD"
> >             ca_cert="/PATH/TO/chain-radius.pem"
> >             phase1="peaplabel=0"
> >             phase2="auth=MSCHAPV2"
> > }
> > 
> > We can also connect to this network by using PEAP-TTLS encryption but it
> > didn't work too...
> > More information there: http://uclouvain.be/168492.html (sorry, it's in
> > French...)
> > 
> > I can reproduce it each time on this network (this is the network of my
> > university and this kind of encryption is used almost everywhere in
> > Europe (~eduroam)).
> > 
> > Some informations:
> > * The output of dmesg:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112335/+files/dmesg_040511.txt.gz
> >         There are some errors:
> >             [ 39.100490] phy0 -> rt2800pci_mcu_status: Error - MCU
> >         request failed, no response from hardware
> >             [ 39.170917] ADDRCONF(NETDEV_UP): wlan0: link is not ready
> > 
> > * The output of `lspci -vnvn`:
> >  - before the blacklisting:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112344/+files/lspci_-vnvn.txt.gz
> >  - after the blacklisting:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112345/+files/lspci_-vnvn_after.txt.gz
> > 
> > More details in my bug report:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215
> > 
> > 
> > Thank you for your help and your drivers! Don't hesitate to tell me
> > something to do if it's needed ;)
> > 
> > 
> > PS: I had this bug on Natty too last week (sorry, no time to report
> > it :-/) so with the older kernel (2.6.38).
> > 
> 
> Hmm, interesting. Do you have any output from wpa_supplicant?
> 
> Also, you might want to try if disabling hardware encryption works.
> Just load the module with the parameter nohwcrypt=1.
> 
> ---
> Gertjan

Hello,

Thank you for this answer!
This is what I did:

================

        $ sudo ifconfig wlan0 down
        $ sudo ifconfig wlan0 up
        $ ifconfig wlan0
                wlan0     Link encap:Ethernet  HWaddr 00:1(...) 
                          adr inet6: fe80::215:afff:fe9e:8e81/64
                Scope:Lien
                          UP BROADCAST MULTICAST  MTU:1500  Metric:1
                          Packets reçus:6 erreurs:0 :0 overruns:0
                frame:0
                          TX packets:15 errors:0 dropped:0 overruns:0
                carrier:0
                          collisions:0 lg file transmission:1000 
                          Octets reçus:3249 (3.2 KB) Octets
                transmis:2585 (2.5 KB)
        
        $ iwconfig wlan0
                wlan0     IEEE 802.11bgn  ESSID:"student.UCLouvain"  
                          Mode:Managed  Frequency:2.462 GHz  Access
                Point: Not-Associated   
                          Tx-Power=20 dBm   
                          Retry  long limit:7   RTS thr:off   Fragment
                thr:off
                          Power Management:on
                  
        $ sudo wpa_supplicant -Dwext -iwlan0
        -c/var/lib/wicd/configurations/001a308ceab1 -B -d
                Initializing interface 'wlan0' conf
                '/var/lib/wicd/configurations/001a308ceab1' driver
                'wext' ctrl_interface 'N/A' bridge 'N/A'
                Configuration file
                '/var/lib/wicd/configurations/001a308ceab1' ->
                '/var/lib/wicd/configurations/001a308ceab1'
                Reading configuration file
                '/var/lib/wicd/configurations/001a308ceab1'
                ap_scan=1
                ctrl_interface='/var/run/wpa_supplicant'
                Priority group 0
                   id=0 ssid='student.UCLouvain'
                WEXT: cfg80211-based driver detected
                SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
                  capabilities: key_mgmt 0xf enc 0xf flags 0x0
                netlink: Operstate: linkmode=1, operstate=5
                Own MAC address: 00:1(...)
                wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_countermeasures
                RSN: flushing PMKID list in the driver
                Setting scan request: 0 sec 100000 usec
                WPS: UUID based on MAC address - hexdump(len=16): 5c 02
                a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
                EAPOL: SUPP_PAE entering state DISCONNECTED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: KEY_RX entering state NO_KEY_RECEIVE
                EAPOL: SUPP_BE entering state INITIALIZE
                EAP: EAP entering state DISABLED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: Supplicant port status: Unauthorized
                Using existing control interface directory.
                ctrl_iface bind(PF_UNIX) failed: Address already in use
                ctrl_iface exists and seems to be in use - cannot
                override it
                Delete '/var/run/wpa_supplicant/wlan0' manually if it is
                not used anymore
                Failed to initialize control interface
                '/var/run/wpa_supplicant'.
                You may have another wpa_supplicant process already
                running or the file was
                left by an unclean termination of wpa_supplicant in
                which case you will need
                to manually remove this file before starting
                wpa_supplicant again.
                
                Failed to add interface wlan0
                No keys have been configured - skip key clearing
                State: DISCONNECTED -> DISCONNECTED
                wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
                netlink: Operstate: linkmode=-1, operstate=5
                EAPOL: External notification - portEnabled=0
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: External notification - portValid=0
                EAPOL: Supplicant port status: Unauthorized
                wpa_driver_wext_set_countermeasures
                No keys have been configured - skip key clearing
                Cancelling scan request
                Cancelling authentication timeout
                netlink: Operstate: linkmode=0, operstate=6
        
        $ sudo dhclient wlan0 -v
                Internet Systems Consortium DHCP Client 4.1.1-P1
                Copyright 2004-2010 Internet Systems Consortium.
                All rights reserved.
                For info, please visit
                https://www.isc.org/software/dhcp/
                
                Listening on LPF/wlan0/00:1(...)
                Sending on   LPF/wlan0/00:1(...)
                Sending on   Socket/fallback
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 3
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 6
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 10
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 10
        ^C
        
        $ sudo rmmod rt2800pci 
        $ sudo modprobe rt2800pci nohwcrypt=1
        $ sudo wpa_supplicant -Dwext -iwlan0
        -c/var/lib/wicd/configurations/001a308ceab1 -B -d
                Initializing interface 'wlan0' conf
                '/var/lib/wicd/configurations/001a308ceab1' driver
                'wext' ctrl_interface 'N/A' bridge 'N/A'
                Configuration file
                '/var/lib/wicd/configurations/001a308ceab1' ->
                '/var/lib/wicd/configurations/001a308ceab1'
                Reading configuration file
                '/var/lib/wicd/configurations/001a308ceab1'
                ap_scan=1
                ctrl_interface='/var/run/wpa_supplicant'
                Priority group 0
                   id=0 ssid='student.UCLouvain'
                WEXT: cfg80211-based driver detected
                SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
                  capabilities: key_mgmt 0xf enc 0xf flags 0x0
                netlink: Operstate: linkmode=1, operstate=5
                Own MAC address: 00:1(...)
                wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_countermeasures
                RSN: flushing PMKID list in the driver
                Setting scan request: 0 sec 100000 usec
                WPS: UUID based on MAC address - hexdump(len=16): 5c 02
                a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
                EAPOL: SUPP_PAE entering state DISCONNECTED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: KEY_RX entering state NO_KEY_RECEIVE
                EAPOL: SUPP_BE entering state INITIALIZE
                EAP: EAP entering state DISABLED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: Supplicant port status: Unauthorized
                Using existing control interface directory.
                ctrl_iface bind(PF_UNIX) failed: Address already in use
                ctrl_iface exists and seems to be in use - cannot
                override it
                Delete '/var/run/wpa_supplicant/wlan0' manually if it is
                not used anymore
                Failed to initialize control interface
                '/var/run/wpa_supplicant'.
                You may have another wpa_supplicant process already
                running or the file was
                left by an unclean termination of wpa_supplicant in
                which case you will need
                to manually remove this file before starting
                wpa_supplicant again.
                
                Failed to add interface wlan0
                No keys have been configured - skip key clearing
                State: DISCONNECTED -> DISCONNECTED
                wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
                netlink: Operstate: linkmode=-1, operstate=5
                EAPOL: External notification - portEnabled=0
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: External notification - portValid=0
                EAPOL: Supplicant port status: Unauthorized
                wpa_driver_wext_set_countermeasures
                No keys have been configured - skip key clearing
                Cancelling scan request
                Cancelling authentication timeout
                netlink: Operstate: linkmode=0, operstate=6
        
        $ sudo dhclient wlan0 -v
                Internet Systems Consortium DHCP Client 4.1.1-P1
                Copyright 2004-2010 Internet Systems Consortium.
                All rights reserved.
                For info, please visit
                https://www.isc.org/software/dhcp/
                
                Listening on LPF/wlan0/00:1(...)
                Sending on   LPF/wlan0/00:1(...)
                Sending on   Socket/fallback
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 3
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 8
                DHCPOFFER of 130.104.103.XXX from 192.168.3.249
                DHCPREQUEST of 130.104.103.XXX on wlan0 to
                255.255.255.255 port 67
                DHCPACK of 130.104.103.XXX from 192.168.3.249
                bound to 130.104.103.XXX -- renewal in 448 seconds.

================

It says that the connexion is established but in fact, no...

================

        $ ifconfig wlan0
                wlan0     Link encap:Ethernet  HWaddr 00:1(...)  
                          BROADCAST MULTICAST  MTU:1500  Metric:1
                          Packets reçus:36 erreurs:0 :0 overruns:0
                frame:0
                          TX packets:76 errors:0 dropped:0 overruns:0
                carrier:0
                          collisions:0 lg file transmission:1000 
                          Octets reçus:12928 (12.9 KB) Octets
                transmis:13424 (13.4 KB)
        
        $ iwconfig wlan0
                wlan0     IEEE 802.11bgn  ESSID:off/any  
                          Mode:Managed  Frequency:2.462 GHz  Access
                Point: Not-Associated   
                          Tx-Power=20 dBm   
                          Retry  long limit:7   RTS thr:off   Fragment
                thr:off
                          Power Management:off
                  
================

These modules was loaded:
        rt2800lib  rt2800pci  rt2860sta  rt2x00lib  rt2x00pci 
And I'm still not able to connect to this network:

================
        
        $ sudo dhclient wlan0 -v
                Internet Systems Consortium DHCP Client 4.1.1-P1
                Copyright 2004-2010 Internet Systems Consortium.
                All rights reserved.
                For info, please visit
                https://www.isc.org/software/dhcp/
                
                Listening on LPF/wlan0/00:1(...)
                Sending on   LPF/wlan0/00:1(...)
                Sending on   Socket/fallback
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 3
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 8
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 8
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 13
                ^C

================

But after having removed all rt* modules and then loaded rt2800pci
module, it works!

================

        $ sudo rmmod rt2x00pci rt2800pci rt2860sta rt2800lib rt2x00lib
                ERROR: Module rt2x00pci is in use by rt2800pci
                ERROR: Module rt2x00lib is in use by rt2x00pci
        
        $ sudo rmmod rt2x00pci rt2800pci rt2860sta rt2800lib rt2x00lib
                ERROR: Module rt2800pci does not exist in /proc/modules
                ERROR: Module rt2860sta does not exist in /proc/modules
                ERROR: Module rt2800lib does not exist in /proc/modules
        
        $ sudo modprobe rt2800pci nohwcrypt=1
        
        $ sudo wpa_supplicant -Dwext -iwlan0
        -c/var/lib/wicd/configurations/001a308ceab1 -B -d
                Initializing interface 'wlan0' conf
                '/var/lib/wicd/configurations/001a308ceab1' driver
                'wext' ctrl_interface 'N/A' bridge 'N/A'
                Configuration file
                '/var/lib/wicd/configurations/001a308ceab1' ->
                '/var/lib/wicd/configurations/001a308ceab1'
                Reading configuration file
                '/var/lib/wicd/configurations/001a308ceab1'
                ap_scan=1
                ctrl_interface='/var/run/wpa_supplicant'
                Priority group 0
                   id=0 ssid='student.UCLouvain'
                WEXT: cfg80211-based driver detected
                SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
                  capabilities: key_mgmt 0xf enc 0xf flags 0x0
                netlink: Operstate: linkmode=1, operstate=5
                Own MAC address: 00:1(...)
                wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
                seq_len=0 key_len=0
                wpa_driver_wext_set_countermeasures
                RSN: flushing PMKID list in the driver
                Setting scan request: 0 sec 100000 usec
                WPS: UUID based on MAC address - hexdump(len=16): 5c 02
                a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
                EAPOL: SUPP_PAE entering state DISCONNECTED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: KEY_RX entering state NO_KEY_RECEIVE
                EAPOL: SUPP_BE entering state INITIALIZE
                EAP: EAP entering state DISABLED
                EAPOL: Supplicant port status: Unauthorized
                EAPOL: Supplicant port status: Unauthorized
                Added interface wlan0
                Daemonize..
        
        $ sudo dhclient wlan0 -v
                Internet Systems Consortium DHCP Client 4.1.1-P1
                Copyright 2004-2010 Internet Systems Consortium.
                All rights reserved.
                For info, please visit
                https://www.isc.org/software/dhcp/
                
                Listening on LPF/wlan0/00:1(...)
                Sending on   LPF/wlan0/00:1(...)
                Sending on   Socket/fallback
                DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
                interval 3
                DHCPOFFER of 130.104.103.XXX from 192.168.3.249
                DHCPREQUEST of 130.104.103.XXX on wlan0 to
                255.255.255.255 port 67
                DHCPACK of 130.104.103.XXX from 192.168.3.249
                bound to 130.104.103.XXX -- renewal in 390 seconds.

================

And some other things:

================

        $ sudo lspci -vnvn
                0a:00.0 Network controller [0280]: Ralink corp. RT2860
                [1814:0781]
                	Subsystem: Ralink corp. Device [1814:2790]
                	Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV-
                VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-
                	Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast
                >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
                	Latency: 0, Cache Line Size: 64 bytes
                	Interrupt: pin A routed to IRQ 19
                	Region 0: Memory at c2000000 (32-bit, non-prefetchable)
                [size=64K]
                	Capabilities: [40] Power Management version 2
                		Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0
                +,D1-,D2-,D3hot+,D3cold-)
                		Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME+
                	Capabilities: [50] MSI: Enable- Count=1/32 Maskable-
                64bit+
                		Address: 0000000000000000  Data: 0000
                	Capabilities: [70] Express (v1) Endpoint, MSI 00
                		DevCap:	MaxPayload 128 bytes, PhantFunc 0, Latency L0s
                <128ns, L1 <2us
                			ExtTag- AttnBtn- AttnInd- PwrInd- RBE+ FLReset-
                		DevCtl:	Report errors: Correctable- Non-Fatal- Fatal-
                Unsupported-
                			RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop-
                			MaxPayload 128 bytes, MaxReadReq 512 bytes
                		DevSta:	CorrErr+ UncorrErr- FatalErr- UnsuppReq+
                AuxPwr- TransPend-
                		LnkCap:	Port #0, Speed 2.5GT/s, Width x1, ASPM L0s L1,
                Latency L0 <512ns, L1 <64us
                			ClockPM- Surprise- LLActRep- BwNot-
                		LnkCtl:	ASPM Disabled; RCB 128 bytes Disabled-
                Retrain- CommClk+
                			ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
                		LnkSta:	Speed 2.5GT/s, Width x1, TrErr- Train- SlotClk
                + DLActive- BWMgmt- ABWMgmt-
                	Capabilities: [100 v1] Advanced Error Reporting
                		UESta:	DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt-
                UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq+ ACSViol-
                		UEMsk:	DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt-
                UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
                		UESvrt:	DLP+ SDES- TLP- FCP+ CmpltTO- CmpltAbrt-
                UnxCmplt- RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol-
                		CESta:	RxErr- BadTLP- BadDLLP- Rollover- Timeout-
                NonFatalErr+
                		CEMsk:	RxErr- BadTLP- BadDLLP- Rollover- Timeout-
                NonFatalErr+
                		AERCap:	First Error Pointer: 00, GenCap+ CGenEn-
                ChkCap+ ChkEn-
                	Kernel driver in use: rt2800pci
                	Kernel modules: rt2860sta, rt2800pci
                
        $ ifconfig wlan0
                wlan0     Link encap:Ethernet  HWaddr 00:1(...)  
                          inet adr:130.104.103.XXX
                Bcast:130.104.103.255  Masque:255.255.248.0
                          adr inet6: fe80::215:afff:fe9e:8e81/64
                Scope:Lien
                          UP BROADCAST RUNNING MULTICAST  MTU:1500
                Metric:1
                          Packets reçus:15211 erreurs:0 :0 overruns:0
                frame:0
                          TX packets:12583 errors:0 dropped:0 overruns:0
                carrier:0
                          collisions:0 lg file transmission:1000 
                          Octets reçus:17557560 (17.5 MB) Octets
                transmis:1486718 (1.4 MB)
        
        $ iwconfig wlan0
                wlan0     IEEE 802.11bgn  ESSID:"student.UCLouvain"  
                          Mode:Managed  Frequency:2.462 GHz  Access
                Point: 00:1A:30:8C:EA:B1   
                          Bit Rate=54 Mb/s   Tx-Power=20 dBm   
                          Retry  long limit:7   RTS thr:off   Fragment
                thr:off
                          Power Management:off
                          Link Quality=56/70  Signal level=-54 dBm  
                          Rx invalid nwid:0  Rx invalid crypt:0  Rx
                invalid frag:0
                          Tx excessive retries:427  Invalid misc:0
                Missed beacon:0

================

I hope it will help you to find the problem!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://rt2x00.serialmonkey.com/pipermail/users_rt2x00.serialmonkey.com/attachments/20110506/dc2767a6/attachment-0001.bin>


More information about the users mailing list