Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Ath9k and WPA2-Enterprise
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Sun Sep 01, 2013 5:00 am    Post subject: Ath9k and WPA2-Enterprise Reply with quote

Hello,
currently I am at a university and I have a card that uses the ath9k driver. The card authenticates easily with WPA2-Personal, but with WPA2-Enterprise, the system will connect and give me an I.P. address, but shortly afterwards (20-30 seconds) I cannot access any resources on the WiFi. Lucky, they have a guest network that has minimal security on it that I can use for right now, but for classes, I am going to be needing the access to the secured network. When I do try to connect my TX excessive retry count slowly climbs and so does Invalid Misc. I have tried the directions listed here https://wiki.archlinux.org/index.php/Wireless_Setup#Connection_always_times_out. But still, I am not able to connect. Eventually, after a week or so, I've contacted the I.T. department for help and they seem to believe that there is something wrong with the driver, and I agree since I've tested the card on a windows box as well and it worked flawlessly. I've double, and triple checked my settings.... But I wanted to cover all of my bases before I start contacting the developers looking for guidance on trying to support this wonderful piece of technology. If it helps at all, I am running an TP-Link TL-WDN4800.

Does anyone have any ideas? Am I missing something?
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
DONAHUE
Watchman
Watchman


Joined: 09 Dec 2006
Posts: 7651
Location: Goose Creek SC

PostPosted: Sun Sep 01, 2013 5:43 am    Post subject: Reply with quote

What form of network management are you using? wicd? networkmanager? wpa_gui? Gentoo scripts from the handook? Something else? Is the driver for wpa_supplicant wext or nl80211 or something else?
Code:
emerge wgetpaste
dmesg | wgetpaste
wgetpaste ifconfig
post the url's returned. before pasting the dmesg try connecting with wpa_enterprise and with wpa_personal.
_________________
Defund the FCC.
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Sun Sep 01, 2013 6:28 pm    Post subject: Reply with quote

I am currently using networkmanager and the kde-misc/networkmanagement applet to connect to the network.

For wpa_supplicant I am using the wext driver and my setting are:

Code:

###### Global Configuration ######
fast_reauth=1
ap_scan=1
ctrl_interface=/var/run/wpa_supplicant GROUP=wheel
update_config=1
eapol_version=1

###### Security Configuration ######
network={
   ca_cert="/home/*****/Downloads/GTECyberTrustGlobalRoot.der"
   priority=7
   password="Liberty-Secure"
   bssid=00:1a:1e:26:29:72
   phase1="peaplabel=1"
   eap=PEAP
   phase2="auth=MSCHAPV2"
   ssid="**********"
   key_mgmt=WPA-EAP
   identity="***********"
   scan_ssid=1
   pairwise=CCMP TKIP
   proto=WPA2
}


After I enter the command: wpa_supplicant -Dwext -c /etc/wpa_supplicant/wpa_supplicant.conf.bak -i wlan0
The following is printed the the console:
Code:
Successfully initialized wpa_supplicant
wlan0: Trying to associate with 00:1a:1e:26:29:72 (SSID='Liberty-Secure' freq=5785 MHz)
ioctl[SIOCSIWFREQ]: Device or resource busy
wlan0: Association request to the driver failed
wlan0: Associated with 00:1a:1e:26:29:72
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/DC=edu/DC=liberty/CN=LUPKI01'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=Virginia/L=Lynchburg/O=Liberty University/OU=Information Services/CN=LUACP01.university.liberty.edu'
EAP-MSCHAPV2: Authentication succeeded
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
wlan0: Authentication with 00:1a:1e:26:29:72 timed out.
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:1a:1e:26:29:72 reason=3 locally_generated=1
wlan0: Trying to associate with 00:1a:1e:26:29:72 (SSID='Liberty-Secure' freq=5785 MHz)
ioctl[SIOCSIWFREQ]: Device or resource busy
wlan0: Association request to the driver failed
wlan0: Associated with 00:1a:1e:26:29:72
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully


Also, here is the link to the dmesg http://bpaste.net/show/128299/
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
DONAHUE
Watchman
Watchman


Joined: 09 Dec 2006
Posts: 7651
Location: Goose Creek SC

PostPosted: Sun Sep 01, 2013 7:16 pm    Post subject: Reply with quote

if ls /etc/init.d/net.* shows the symlinks /etc/init.d/net.eth0 /etc/init.d/net.wlan0 remove them
if rc-update show shows wpa_supplicant , dhcpcd, net.eth0, net.wlan0, or wicd in a run level remove them, if networkmanager is not in the default runlevel add it
unplug ethernet cable
reboot
Code:
/etc/init.d/dhcpcd stop
/etc/init.d/NetworkManager restart

use gnome-extra/nm-applet - GNOME frontend, kde-misc/networkmanagement - KDE frontend, or nmcli to setup connection.
_________________
Defund the FCC.
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Tue Sep 03, 2013 11:01 pm    Post subject: Reply with quote

There are no symlinks in any of those files and the only run level program I have running is NetworkManager. No ethernet cable and I am using the KDE frontend to set up the connection. Sorry it took me so long to reply, I've had a lot of Calculus work lately and it can be hard to get on when I am busy.
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Tue Sep 03, 2013 11:19 pm    Post subject: Reply with quote

NetworkManagement -- KDE Frontend is doing something odd though. It keeps asking for the shared secret to the radius servers. I haven't been asked this on windows so I am just a little confused... and if it's asking for what I think it is asking me for, well I highly doubt the school will just hand that to me.
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
DONAHUE
Watchman
Watchman


Joined: 09 Dec 2006
Posts: 7651
Location: Goose Creek SC

PostPosted: Wed Sep 04, 2013 12:02 am    Post subject: Reply with quote

if you are to use a radius server as required for wpa enterprise you have to provide a key to the radius server
possible the school gave you some windows applet to use for networking that hides the key?
you might want to provide a screenshot of the nmapplet dialogs to your IT types and have them tell you what to insert in each space.

do you have a link to a set of directions provided by the school for connecting to the enterprise network? Although I have forgotten more wpa enterprise than I ever knew ...

Too much info : http://en.wikipedia.org/wiki/RADIUS
_________________
Defund the FCC.
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Wed Sep 04, 2013 1:39 am    Post subject: Reply with quote

When I asked IT about my wireless problem they told me that I should be able to log in with just my username and password. I actually got the network-management application to work properly now. It no longer asks for the secret and it connects properly. It is still dropping the connection however. It is still only working for about twenty or thirty seconds and then it stops transmitting information.

This is all the output that I am receiving from dmesg regarding the connection:
Code:
[ 7489.029385] cfg80211: Calling CRDA to update world regulatory domain
[ 7489.034965] cfg80211: World regulatory domain updated:
[ 7489.034967] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 7489.034968] cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034969] cfg80211:   (2457000 KHz - 2482000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034971] cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 7489.034972] cfg80211:   (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7489.034973] cfg80211:   (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 7490.895791] wlan0: authenticate with 00:1a:1e:26:29:71
[ 7490.906197] wlan0: send auth to 00:1a:1e:26:29:71 (try 1/3)
[ 7490.910641] wlan0: authenticated
[ 7490.915060] wlan0: associate with 00:1a:1e:26:29:71 (try 1/3)
[ 7490.921398] wlan0: RX AssocResp from 00:1a:1e:26:29:71 (capab=0x401 status=0 aid=1)
[ 7490.921476] wlan0: associated


The card is still experiencing a high TX excessive retry and Invalid Misc count. I have tried setting nohwcrypt=1, messing with the bit rate, power, txpower, RTS threshold and Fragmentation Threshold. But none of these or combination of these seems to help with the connection. The people at the IT help desk did say that they have had issues with Atheros cards recently connecting to the network, but I have the computer that is running windows with an atheros card and it is working properly. I did however have it running Fedora earlier on and the card was experiencing the same issue, so my guess is that there is an issue with the ath9k driver. Any thoughts? I appreciate all of your help.
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Sun Sep 08, 2013 3:06 am    Post subject: Reply with quote

I have gone forward with emailing the ath9k-devel list and I wanted to include the link to the posting for you all to take a look at.
Perhaps it will give you more information on the topic as well. https://lists.ath9k.org/pipermail/ath9k-devel/2013-September/012068.html
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
DONAHUE
Watchman
Watchman


Joined: 09 Dec 2006
Posts: 7651
Location: Goose Creek SC

PostPosted: Sun Sep 08, 2013 3:41 am    Post subject: Reply with quote

I use ralink chipset wifi (mostly usb, some pci, 2860, 2870, 3572, 5370 from several manufacturers costing from 10-30 dollars.
_________________
Defund the FCC.
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Sun Sep 08, 2013 4:18 am    Post subject: Reply with quote

I think I am actually going to have to just purchase another card. I was probably going to go with this: http://www.amazon.com/TP-LINK-TL-WN8200ND-Wireless-detachable-antennas/dp/B00ATXJN60/ref=cm_cr_pr_product_top
I am just a bit of a perfectionist on certain things and I wanted to make sure I covered all the possible bases. Do you have any cards that you recommend? If I do it I am going to grab a USB adaptor for the sole reason of not having to spend the extra money to purchase one for each device. I really appreciate all of your help, thank you.
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
DONAHUE
Watchman
Watchman


Joined: 09 Dec 2006
Posts: 7651
Location: Goose Creek SC

PostPosted: Sun Sep 08, 2013 5:53 am    Post subject: Reply with quote

http://www.newegg.com/Product/Product.aspx?Item=N82E16833168077&SortField=0&SummaryType=0&PageSize=10&SelectedRating=-1&VideoOnlyMark=False&IsFeedbackTab=true#scrollFullInfo writing you from one of its cousins a eub9801 with same ralink chipset

a list of most ralink chipset containing products; (if you have another chipset in mind go to the main page and run a different search)
http://wikidevi.com/wiki/Special:Ask?title=Special%3AAsk&q=%5B%5BCategory%3AWireless+adapter%5D%5D+%5B%5BChip1+brand%3A%3ARalink%5D%5D+%5B%5BInterface%3A%3AUSB%5D%5D&po=%3FInterface%0D%0A%3FFCC+ID%0D%0A%3FSupported+802dot11+protocols%0D%0A%3FChip1+brand%0D%0A%3FChip1+model%0D%0A%3FChip2+brand%0D%0A%3FChip2+model%0D%0A%3FOUI%0D%0A&sort%5B0%5D=Chip1+model&order%5B0%5D=ASC&sort_num=&order_num=ASC&eq=yes&p%5Bformat%5D=broadtable&p%5Blimit%5D=500&p%5Boffset%5D=0&p%5Bheaders%5D=show&p%5Bmainlabel%5D=&p%5Blink%5D=all&p%5Bintro%5D=&p%5Boutro%5D=&p%5Bdefault%5D=&eq=yes

my shopping principle has been first ralink chip, second a little known manufacturer (engenius,encore,edimax) who is unlikely to "enhance" the chipset (netgear, belkin) come to mind as enhancers. ralink is now merged with mediatek -- hopefully reliability, compatibility, linux support will not decline
_________________
Defund the FCC.
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Thu Sep 19, 2013 12:18 pm    Post subject: Reply with quote

So apprearently the issue has to do with the wireless-n roaming and how it is trying to connect with multimple AP's at one time. Do you know if there is a way to limit the roaming distance do that it is only trying to connect to one card or even just shut roaming off for wireless-n?
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
Meister-Lampe
n00b
n00b


Joined: 10 Mar 2006
Posts: 4

PostPosted: Mon Nov 11, 2013 6:41 pm    Post subject: Reply with quote

Are there any news on this topic? I have the same hardware and apparently the same problems at our university network. I was using windows on this machine before and didn't experience this behavior. A hint on how to disable wireless at n-speed on ath9k would be great. Is there a way to talk wpa_supplicant into not using 802.11n?
Back to top
View user's profile Send private message
Meister-Lampe
n00b
n00b


Joined: 10 Mar 2006
Posts: 4

PostPosted: Fri Nov 15, 2013 3:45 pm    Post subject: Reply with quote

My problem seems to be fixed with a more recent kernel (3.12), it seems i ran into this bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1160188
Back to top
View user's profile Send private message
p3d4N71c
n00b
n00b


Joined: 29 Aug 2013
Posts: 10

PostPosted: Tue Dec 10, 2013 2:20 am    Post subject: Reply with quote

I am sorry that I have not been keeping up with this particular thread, but someone did just email me about the problem and asked me what I did to solve the issue. I've talked to a lot of IT, not just here at the University but also at a series of hospitals north of me that are also having this issue. My understanding is it has to do with the CISCO configurations within the network and how the wireless-n is scanning multiple ap's at one time; but honestly, I do not have the hardware to play with and cannot tell you for sure. Since I do not own the network and cannot disable wireless-n, I decided to take care of it myself. This is what I did and I haven't had any issues since.

Code:
# diff /usr/src/linux/drivers/net/wireless/ath/ath9k/init.c.bak /usr/src/linux/drivers/net/wireless/ath/ath9k/init.c
59a60,63
> int ath9k_modparam_disable_11n;
> module_param_named(11n_disable, ath9k_modparam_disable_11n, int, 0444);
> MODULE_PARM_DESC(11n_disable, "disable 11n functionality");
>
257c261,264
<    ht_info->ht_supported = true;
---
>    if (ath9k_modparam_disable_11n)
>       ht_info->ht_supported = false;
>    else
>       ht_info->ht_supported = true;

After this, I just

Code:
echo "options ath9k 11n_disable" >> /etc/modprobe.d/backports.conf


and allow the module to load up on boot. The device will now only connect with b,g,a.
_________________
We work in the dark, We do what we can, We give what we have. Our doubt is our passion, and our passion is our task. The rest is the madness of art. -- Henry James
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum