View previous topic :: View next topic |
Author |
Message |
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Sun Sep 01, 2013 5:00 am Post subject: Ath9k and WPA2-Enterprise |
|
|
Hello,
currently I am at a university and I have a card that uses the ath9k driver. The card authenticates easily with WPA2-Personal, but with WPA2-Enterprise, the system will connect and give me an I.P. address, but shortly afterwards (20-30 seconds) I cannot access any resources on the WiFi. Lucky, they have a guest network that has minimal security on it that I can use for right now, but for classes, I am going to be needing the access to the secured network. When I do try to connect my TX excessive retry count slowly climbs and so does Invalid Misc. I have tried the directions listed here https://wiki.archlinux.org/index.php/Wireless_Setup#Connection_always_times_out. But still, I am not able to connect. Eventually, after a week or so, I've contacted the I.T. department for help and they seem to believe that there is something wrong with the driver, and I agree since I've tested the card on a windows box as well and it worked flawlessly. I've double, and triple checked my settings.... But I wanted to cover all of my bases before I start contacting the developers looking for guidance on trying to support this wonderful piece of technology. If it helps at all, I am running an TP-Link TL-WDN4800.
Does anyone have any ideas? Am I missing something? _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
DONAHUE Watchman
Joined: 09 Dec 2006 Posts: 7651 Location: Goose Creek SC
|
Posted: Sun Sep 01, 2013 5:43 am Post subject: |
|
|
What form of network management are you using? wicd? networkmanager? wpa_gui? Gentoo scripts from the handook? Something else? Is the driver for wpa_supplicant wext or nl80211 or something else? Code: | emerge wgetpaste
dmesg | wgetpaste
wgetpaste ifconfig | post the url's returned. before pasting the dmesg try connecting with wpa_enterprise and with wpa_personal. _________________ Defund the FCC. |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Sun Sep 01, 2013 6:28 pm Post subject: |
|
|
I am currently using networkmanager and the kde-misc/networkmanagement applet to connect to the network.
For wpa_supplicant I am using the wext driver and my setting are:
Code: |
###### Global Configuration ######
fast_reauth=1
ap_scan=1
ctrl_interface=/var/run/wpa_supplicant GROUP=wheel
update_config=1
eapol_version=1
###### Security Configuration ######
network={
ca_cert="/home/*****/Downloads/GTECyberTrustGlobalRoot.der"
priority=7
password="Liberty-Secure"
bssid=00:1a:1e:26:29:72
phase1="peaplabel=1"
eap=PEAP
phase2="auth=MSCHAPV2"
ssid="**********"
key_mgmt=WPA-EAP
identity="***********"
scan_ssid=1
pairwise=CCMP TKIP
proto=WPA2
} |
After I enter the command: wpa_supplicant -Dwext -c /etc/wpa_supplicant/wpa_supplicant.conf.bak -i wlan0
The following is printed the the console:
Code: | Successfully initialized wpa_supplicant
wlan0: Trying to associate with 00:1a:1e:26:29:72 (SSID='Liberty-Secure' freq=5785 MHz)
ioctl[SIOCSIWFREQ]: Device or resource busy
wlan0: Association request to the driver failed
wlan0: Associated with 00:1a:1e:26:29:72
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/DC=edu/DC=liberty/CN=LUPKI01'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=Virginia/L=Lynchburg/O=Liberty University/OU=Information Services/CN=LUACP01.university.liberty.edu'
EAP-MSCHAPV2: Authentication succeeded
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
wlan0: Authentication with 00:1a:1e:26:29:72 timed out.
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:1a:1e:26:29:72 reason=3 locally_generated=1
wlan0: Trying to associate with 00:1a:1e:26:29:72 (SSID='Liberty-Secure' freq=5785 MHz)
ioctl[SIOCSIWFREQ]: Device or resource busy
wlan0: Association request to the driver failed
wlan0: Associated with 00:1a:1e:26:29:72
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully |
Also, here is the link to the dmesg http://bpaste.net/show/128299/ _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
DONAHUE Watchman
Joined: 09 Dec 2006 Posts: 7651 Location: Goose Creek SC
|
Posted: Sun Sep 01, 2013 7:16 pm Post subject: |
|
|
if ls /etc/init.d/net.* shows the symlinks /etc/init.d/net.eth0 /etc/init.d/net.wlan0 remove them
if rc-update show shows wpa_supplicant , dhcpcd, net.eth0, net.wlan0, or wicd in a run level remove them, if networkmanager is not in the default runlevel add it
unplug ethernet cable
reboot
Code: | /etc/init.d/dhcpcd stop
/etc/init.d/NetworkManager restart |
use gnome-extra/nm-applet - GNOME frontend, kde-misc/networkmanagement - KDE frontend, or nmcli to setup connection. _________________ Defund the FCC. |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Tue Sep 03, 2013 11:01 pm Post subject: |
|
|
There are no symlinks in any of those files and the only run level program I have running is NetworkManager. No ethernet cable and I am using the KDE frontend to set up the connection. Sorry it took me so long to reply, I've had a lot of Calculus work lately and it can be hard to get on when I am busy. _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Tue Sep 03, 2013 11:19 pm Post subject: |
|
|
NetworkManagement -- KDE Frontend is doing something odd though. It keeps asking for the shared secret to the radius servers. I haven't been asked this on windows so I am just a little confused... and if it's asking for what I think it is asking me for, well I highly doubt the school will just hand that to me. _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
DONAHUE Watchman
Joined: 09 Dec 2006 Posts: 7651 Location: Goose Creek SC
|
Posted: Wed Sep 04, 2013 12:02 am Post subject: |
|
|
if you are to use a radius server as required for wpa enterprise you have to provide a key to the radius server
possible the school gave you some windows applet to use for networking that hides the key?
you might want to provide a screenshot of the nmapplet dialogs to your IT types and have them tell you what to insert in each space.
do you have a link to a set of directions provided by the school for connecting to the enterprise network? Although I have forgotten more wpa enterprise than I ever knew ...
Too much info : http://en.wikipedia.org/wiki/RADIUS _________________ Defund the FCC. |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Wed Sep 04, 2013 1:39 am Post subject: |
|
|
When I asked IT about my wireless problem they told me that I should be able to log in with just my username and password. I actually got the network-management application to work properly now. It no longer asks for the secret and it connects properly. It is still dropping the connection however. It is still only working for about twenty or thirty seconds and then it stops transmitting information.
This is all the output that I am receiving from dmesg regarding the connection:
Code: | [ 7489.029385] cfg80211: Calling CRDA to update world regulatory domain
[ 7489.034965] cfg80211: World regulatory domain updated:
[ 7489.034967] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 7489.034968] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034969] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034971] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 7489.034972] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034973] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7490.895791] wlan0: authenticate with 00:1a:1e:26:29:71
[ 7490.906197] wlan0: send auth to 00:1a:1e:26:29:71 (try 1/3)
[ 7490.910641] wlan0: authenticated
[ 7490.915060] wlan0: associate with 00:1a:1e:26:29:71 (try 1/3)
[ 7490.921398] wlan0: RX AssocResp from 00:1a:1e:26:29:71 (capab=0x401 status=0 aid=1)
[ 7490.921476] wlan0: associated |
The card is still experiencing a high TX excessive retry and Invalid Misc count. I have tried setting nohwcrypt=1, messing with the bit rate, power, txpower, RTS threshold and Fragmentation Threshold. But none of these or combination of these seems to help with the connection. The people at the IT help desk did say that they have had issues with Atheros cards recently connecting to the network, but I have the computer that is running windows with an atheros card and it is working properly. I did however have it running Fedora earlier on and the card was experiencing the same issue, so my guess is that there is an issue with the ath9k driver. Any thoughts? I appreciate all of your help. _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Sun Sep 08, 2013 3:06 am Post subject: |
|
|
I have gone forward with emailing the ath9k-devel list and I wanted to include the link to the posting for you all to take a look at.
Perhaps it will give you more information on the topic as well. https://lists.ath9k.org/pipermail/ath9k-devel/2013-September/012068.html _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
DONAHUE Watchman
Joined: 09 Dec 2006 Posts: 7651 Location: Goose Creek SC
|
Posted: Sun Sep 08, 2013 3:41 am Post subject: |
|
|
I use ralink chipset wifi (mostly usb, some pci, 2860, 2870, 3572, 5370 from several manufacturers costing from 10-30 dollars. _________________ Defund the FCC. |
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Sun Sep 08, 2013 4:18 am Post subject: |
|
|
I think I am actually going to have to just purchase another card. I was probably going to go with this: http://www.amazon.com/TP-LINK-TL-WN8200ND-Wireless-detachable-antennas/dp/B00ATXJN60/ref=cm_cr_pr_product_top
I am just a bit of a perfectionist on certain things and I wanted to make sure I covered all the possible bases. Do you have any cards that you recommend? If I do it I am going to grab a USB adaptor for the sole reason of not having to spend the extra money to purchase one for each device. I really appreciate all of your help, thank you. _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
DONAHUE Watchman
Joined: 09 Dec 2006 Posts: 7651 Location: Goose Creek SC
|
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Thu Sep 19, 2013 12:18 pm Post subject: |
|
|
So apprearently the issue has to do with the wireless-n roaming and how it is trying to connect with multimple AP's at one time. Do you know if there is a way to limit the roaming distance do that it is only trying to connect to one card or even just shut roaming off for wireless-n? _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
Meister-Lampe n00b
Joined: 10 Mar 2006 Posts: 4
|
Posted: Mon Nov 11, 2013 6:41 pm Post subject: |
|
|
Are there any news on this topic? I have the same hardware and apparently the same problems at our university network. I was using windows on this machine before and didn't experience this behavior. A hint on how to disable wireless at n-speed on ath9k would be great. Is there a way to talk wpa_supplicant into not using 802.11n? |
|
Back to top |
|
|
Meister-Lampe n00b
Joined: 10 Mar 2006 Posts: 4
|
|
Back to top |
|
|
p3d4N71c n00b
Joined: 29 Aug 2013 Posts: 10
|
Posted: Tue Dec 10, 2013 2:20 am Post subject: |
|
|
I am sorry that I have not been keeping up with this particular thread, but someone did just email me about the problem and asked me what I did to solve the issue. I've talked to a lot of IT, not just here at the University but also at a series of hospitals north of me that are also having this issue. My understanding is it has to do with the CISCO configurations within the network and how the wireless-n is scanning multiple ap's at one time; but honestly, I do not have the hardware to play with and cannot tell you for sure. Since I do not own the network and cannot disable wireless-n, I decided to take care of it myself. This is what I did and I haven't had any issues since.
Code: | # diff /usr/src/linux/drivers/net/wireless/ath/ath9k/init.c.bak /usr/src/linux/drivers/net/wireless/ath/ath9k/init.c
59a60,63
> int ath9k_modparam_disable_11n;
> module_param_named(11n_disable, ath9k_modparam_disable_11n, int, 0444);
> MODULE_PARM_DESC(11n_disable, "disable 11n functionality");
>
257c261,264
< ht_info->ht_supported = true;
---
> if (ath9k_modparam_disable_11n)
> ht_info->ht_supported = false;
> else
> ht_info->ht_supported = true;
|
After this, I just
Code: | echo "options ath9k 11n_disable" >> /etc/modprobe.d/backports.conf |
and allow the module to load up on boot. The device will now only connect with b,g,a. _________________ We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|