[rt2x00-users] [2.6.39][RT2860] Not able to connect to a secured wireless router with this encryption PEAP with TKIP/MSCHAPv2 or PEAP-TTLS
Matthieu Baerts
matttbe at gmail.com
Fri May 6 22:41:27 EST 2011
Le jeudi 05 mai 2011 à 21:34 +0200, Gertjan van Wingerde a écrit :
> Hi Matthieu,
>
> On 05/05/11 01:17, Matthieu Baerts wrote:
> > Hello everybody!
> >
> > I'm using a Ralink RT2860 wireless card on Ubuntu Oneiric with the
> > version 2.6.39-0.5-generic of the kernel (2.6.39-rc5) on a x86_64
> > architecture.
> > This wireless card and its drivers (rt2800pci) works well except if I
> > try to connect to a secured wireless router with PEAP with
> > TKIP/MSCHAPv2. I was able to connect to this network before but not now
> > (I'm not sure I was using your firmware).
> >
> > Note that I was able to connect to this network only after having
> > blacklisted your modules and use the staging module rt2860sta:
> > $ sudo rmmod rt2800pci rt2860sta rt2x00pci
> > $ sudo rmmod rt2800lib rt2x00lib
> > $ sudo modprobe rt2860sta
> >
> > This is my wpa_supplicant.conf used by Wicd:
> > ctrl_interface=/var/run/wpa_supplicant
> > network={
> > ssid="student.UCLouvain"
> > scan_ssid=0
> > proto=WPA
> > key_mgmt=WPA-EAP
> > pairwise=TKIP
> > group=TKIP
> > eap=PEAP
> > identity="USER at wifi.uclouvain.be"
> > password="PASSWORD"
> > ca_cert="/PATH/TO/chain-radius.pem"
> > phase1="peaplabel=0"
> > phase2="auth=MSCHAPV2"
> > }
> >
> > We can also connect to this network by using PEAP-TTLS encryption but it
> > didn't work too...
> > More information there: http://uclouvain.be/168492.html (sorry, it's in
> > French...)
> >
> > I can reproduce it each time on this network (this is the network of my
> > university and this kind of encryption is used almost everywhere in
> > Europe (~eduroam)).
> >
> > Some informations:
> > * The output of dmesg:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112335/+files/dmesg_040511.txt.gz
> > There are some errors:
> > [ 39.100490] phy0 -> rt2800pci_mcu_status: Error - MCU
> > request failed, no response from hardware
> > [ 39.170917] ADDRCONF(NETDEV_UP): wlan0: link is not ready
> >
> > * The output of `lspci -vnvn`:
> > - before the blacklisting:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112344/+files/lspci_-vnvn.txt.gz
> > - after the blacklisting:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215/+attachment/2112345/+files/lspci_-vnvn_after.txt.gz
> >
> > More details in my bug report:
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/777215
> >
> >
> > Thank you for your help and your drivers! Don't hesitate to tell me
> > something to do if it's needed ;)
> >
> >
> > PS: I had this bug on Natty too last week (sorry, no time to report
> > it :-/) so with the older kernel (2.6.38).
> >
>
> Hmm, interesting. Do you have any output from wpa_supplicant?
>
> Also, you might want to try if disabling hardware encryption works.
> Just load the module with the parameter nohwcrypt=1.
>
> ---
> Gertjan
Hello,
Thank you for this answer!
This is what I did:
================
$ sudo ifconfig wlan0 down
$ sudo ifconfig wlan0 up
$ ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr 00:1(...)
adr inet6: fe80::215:afff:fe9e:8e81/64
Scope:Lien
UP BROADCAST MULTICAST MTU:1500 Metric:1
Packets reçus:6 erreurs:0 :0 overruns:0
frame:0
TX packets:15 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 lg file transmission:1000
Octets reçus:3249 (3.2 KB) Octets
transmis:2585 (2.5 KB)
$ iwconfig wlan0
wlan0 IEEE 802.11bgn ESSID:"student.UCLouvain"
Mode:Managed Frequency:2.462 GHz Access
Point: Not-Associated
Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment
thr:off
Power Management:on
$ sudo wpa_supplicant -Dwext -iwlan0
-c/var/lib/wicd/configurations/001a308ceab1 -B -d
Initializing interface 'wlan0' conf
'/var/lib/wicd/configurations/001a308ceab1' driver
'wext' ctrl_interface 'N/A' bridge 'N/A'
Configuration file
'/var/lib/wicd/configurations/001a308ceab1' ->
'/var/lib/wicd/configurations/001a308ceab1'
Reading configuration file
'/var/lib/wicd/configurations/001a308ceab1'
ap_scan=1
ctrl_interface='/var/run/wpa_supplicant'
Priority group 0
id=0 ssid='student.UCLouvain'
WEXT: cfg80211-based driver detected
SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
capabilities: key_mgmt 0xf enc 0xf flags 0x0
netlink: Operstate: linkmode=1, operstate=5
Own MAC address: 00:1(...)
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
WPS: UUID based on MAC address - hexdump(len=16): 5c 02
a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Using existing control interface directory.
ctrl_iface bind(PF_UNIX) failed: Address already in use
ctrl_iface exists and seems to be in use - cannot
override it
Delete '/var/run/wpa_supplicant/wlan0' manually if it is
not used anymore
Failed to initialize control interface
'/var/run/wpa_supplicant'.
You may have another wpa_supplicant process already
running or the file was
left by an unclean termination of wpa_supplicant in
which case you will need
to manually remove this file before starting
wpa_supplicant again.
Failed to add interface wlan0
No keys have been configured - skip key clearing
State: DISCONNECTED -> DISCONNECTED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
netlink: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
wpa_driver_wext_set_countermeasures
No keys have been configured - skip key clearing
Cancelling scan request
Cancelling authentication timeout
netlink: Operstate: linkmode=0, operstate=6
$ sudo dhclient wlan0 -v
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit
https://www.isc.org/software/dhcp/
Listening on LPF/wlan0/00:1(...)
Sending on LPF/wlan0/00:1(...)
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 3
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 6
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 10
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 10
^C
$ sudo rmmod rt2800pci
$ sudo modprobe rt2800pci nohwcrypt=1
$ sudo wpa_supplicant -Dwext -iwlan0
-c/var/lib/wicd/configurations/001a308ceab1 -B -d
Initializing interface 'wlan0' conf
'/var/lib/wicd/configurations/001a308ceab1' driver
'wext' ctrl_interface 'N/A' bridge 'N/A'
Configuration file
'/var/lib/wicd/configurations/001a308ceab1' ->
'/var/lib/wicd/configurations/001a308ceab1'
Reading configuration file
'/var/lib/wicd/configurations/001a308ceab1'
ap_scan=1
ctrl_interface='/var/run/wpa_supplicant'
Priority group 0
id=0 ssid='student.UCLouvain'
WEXT: cfg80211-based driver detected
SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
capabilities: key_mgmt 0xf enc 0xf flags 0x0
netlink: Operstate: linkmode=1, operstate=5
Own MAC address: 00:1(...)
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
WPS: UUID based on MAC address - hexdump(len=16): 5c 02
a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Using existing control interface directory.
ctrl_iface bind(PF_UNIX) failed: Address already in use
ctrl_iface exists and seems to be in use - cannot
override it
Delete '/var/run/wpa_supplicant/wlan0' manually if it is
not used anymore
Failed to initialize control interface
'/var/run/wpa_supplicant'.
You may have another wpa_supplicant process already
running or the file was
left by an unclean termination of wpa_supplicant in
which case you will need
to manually remove this file before starting
wpa_supplicant again.
Failed to add interface wlan0
No keys have been configured - skip key clearing
State: DISCONNECTED -> DISCONNECTED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
netlink: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
wpa_driver_wext_set_countermeasures
No keys have been configured - skip key clearing
Cancelling scan request
Cancelling authentication timeout
netlink: Operstate: linkmode=0, operstate=6
$ sudo dhclient wlan0 -v
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit
https://www.isc.org/software/dhcp/
Listening on LPF/wlan0/00:1(...)
Sending on LPF/wlan0/00:1(...)
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 3
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 8
DHCPOFFER of 130.104.103.XXX from 192.168.3.249
DHCPREQUEST of 130.104.103.XXX on wlan0 to
255.255.255.255 port 67
DHCPACK of 130.104.103.XXX from 192.168.3.249
bound to 130.104.103.XXX -- renewal in 448 seconds.
================
It says that the connexion is established but in fact, no...
================
$ ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr 00:1(...)
BROADCAST MULTICAST MTU:1500 Metric:1
Packets reçus:36 erreurs:0 :0 overruns:0
frame:0
TX packets:76 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 lg file transmission:1000
Octets reçus:12928 (12.9 KB) Octets
transmis:13424 (13.4 KB)
$ iwconfig wlan0
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Frequency:2.462 GHz Access
Point: Not-Associated
Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment
thr:off
Power Management:off
================
These modules was loaded:
rt2800lib rt2800pci rt2860sta rt2x00lib rt2x00pci
And I'm still not able to connect to this network:
================
$ sudo dhclient wlan0 -v
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit
https://www.isc.org/software/dhcp/
Listening on LPF/wlan0/00:1(...)
Sending on LPF/wlan0/00:1(...)
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 3
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 8
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 8
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 13
^C
================
But after having removed all rt* modules and then loaded rt2800pci
module, it works!
================
$ sudo rmmod rt2x00pci rt2800pci rt2860sta rt2800lib rt2x00lib
ERROR: Module rt2x00pci is in use by rt2800pci
ERROR: Module rt2x00lib is in use by rt2x00pci
$ sudo rmmod rt2x00pci rt2800pci rt2860sta rt2800lib rt2x00lib
ERROR: Module rt2800pci does not exist in /proc/modules
ERROR: Module rt2860sta does not exist in /proc/modules
ERROR: Module rt2800lib does not exist in /proc/modules
$ sudo modprobe rt2800pci nohwcrypt=1
$ sudo wpa_supplicant -Dwext -iwlan0
-c/var/lib/wicd/configurations/001a308ceab1 -B -d
Initializing interface 'wlan0' conf
'/var/lib/wicd/configurations/001a308ceab1' driver
'wext' ctrl_interface 'N/A' bridge 'N/A'
Configuration file
'/var/lib/wicd/configurations/001a308ceab1' ->
'/var/lib/wicd/configurations/001a308ceab1'
Reading configuration file
'/var/lib/wicd/configurations/001a308ceab1'
ap_scan=1
ctrl_interface='/var/run/wpa_supplicant'
Priority group 0
id=0 ssid='student.UCLouvain'
WEXT: cfg80211-based driver detected
SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
capabilities: key_mgmt 0xf enc 0xf flags 0x0
netlink: Operstate: linkmode=1, operstate=5
Own MAC address: 00:1(...)
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
WPS: UUID based on MAC address - hexdump(len=16): 5c 02
a9 7c cd 34 53 bf 8a c9 ee af f7 9d 09 e8
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Added interface wlan0
Daemonize..
$ sudo dhclient wlan0 -v
Internet Systems Consortium DHCP Client 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit
https://www.isc.org/software/dhcp/
Listening on LPF/wlan0/00:1(...)
Sending on LPF/wlan0/00:1(...)
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67
interval 3
DHCPOFFER of 130.104.103.XXX from 192.168.3.249
DHCPREQUEST of 130.104.103.XXX on wlan0 to
255.255.255.255 port 67
DHCPACK of 130.104.103.XXX from 192.168.3.249
bound to 130.104.103.XXX -- renewal in 390 seconds.
================
And some other things:
================
$ sudo lspci -vnvn
0a:00.0 Network controller [0280]: Ralink corp. RT2860
[1814:0781]
Subsystem: Ralink corp. Device [1814:2790]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV-
VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast
>TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 19
Region 0: Memory at c2000000 (32-bit, non-prefetchable)
[size=64K]
Capabilities: [40] Power Management version 2
Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0
+,D1-,D2-,D3hot+,D3cold-)
Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME+
Capabilities: [50] MSI: Enable- Count=1/32 Maskable-
64bit+
Address: 0000000000000000 Data: 0000
Capabilities: [70] Express (v1) Endpoint, MSI 00
DevCap: MaxPayload 128 bytes, PhantFunc 0, Latency L0s
<128ns, L1 <2us
ExtTag- AttnBtn- AttnInd- PwrInd- RBE+ FLReset-
DevCtl: Report errors: Correctable- Non-Fatal- Fatal-
Unsupported-
RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop-
MaxPayload 128 bytes, MaxReadReq 512 bytes
DevSta: CorrErr+ UncorrErr- FatalErr- UnsuppReq+
AuxPwr- TransPend-
LnkCap: Port #0, Speed 2.5GT/s, Width x1, ASPM L0s L1,
Latency L0 <512ns, L1 <64us
ClockPM- Surprise- LLActRep- BwNot-
LnkCtl: ASPM Disabled; RCB 128 bytes Disabled-
Retrain- CommClk+
ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
LnkSta: Speed 2.5GT/s, Width x1, TrErr- Train- SlotClk
+ DLActive- BWMgmt- ABWMgmt-
Capabilities: [100 v1] Advanced Error Reporting
UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt-
UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq+ ACSViol-
UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt-
UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
UESvrt: DLP+ SDES- TLP- FCP+ CmpltTO- CmpltAbrt-
UnxCmplt- RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol-
CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout-
NonFatalErr+
CEMsk: RxErr- BadTLP- BadDLLP- Rollover- Timeout-
NonFatalErr+
AERCap: First Error Pointer: 00, GenCap+ CGenEn-
ChkCap+ ChkEn-
Kernel driver in use: rt2800pci
Kernel modules: rt2860sta, rt2800pci
$ ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr 00:1(...)
inet adr:130.104.103.XXX
Bcast:130.104.103.255 Masque:255.255.248.0
adr inet6: fe80::215:afff:fe9e:8e81/64
Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
Packets reçus:15211 erreurs:0 :0 overruns:0
frame:0
TX packets:12583 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 lg file transmission:1000
Octets reçus:17557560 (17.5 MB) Octets
transmis:1486718 (1.4 MB)
$ iwconfig wlan0
wlan0 IEEE 802.11bgn ESSID:"student.UCLouvain"
Mode:Managed Frequency:2.462 GHz Access
Point: 00:1A:30:8C:EA:B1
Bit Rate=54 Mb/s Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment
thr:off
Power Management:off
Link Quality=56/70 Signal level=-54 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx
invalid frag:0
Tx excessive retries:427 Invalid misc:0
Missed beacon:0
================
I hope it will help you to find the problem!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://rt2x00.serialmonkey.com/pipermail/users_rt2x00.serialmonkey.com/attachments/20110506/dc2767a6/attachment-0001.bin>
More information about the users
mailing list