GNOME Bugzilla – Bug 488221
connecting to a wpa-peap network (at my uni)
Last modified: 2010-03-19 14:12:56 UTC
hello I'm currently attending Curtin University of Western Australia (www.curtin.edu.au) and when I attempt to log into the wireless network on campus (with ubuntu gutsy on my laptop) with the network-manager applet, it doesn't work It just keeps asking for authentication after I keep putting in my username and password (for the uni).... It wasn't until I followed the linux guide over here http://wireless.curtin.edu.au/downloads/index.html that I was able to log into the network. I was wondering how I would go about making the network-manager applet do this automatically?? thankyou :D
Can you try the manual wpa_supplicant configuration without the 'phase1="peaplabel=0"' option and see if that connects successfully?
hmm, I will do that when uni returns (feb 25). thnx :D
sorry it took so long to reply.... :) I can confirm it works if i remove phase1="peaplabel=0" from the wpa_supplicant.conf file...
the network manager seems to be able to connect to the curtin network now (in ubuntu hardy)....
Since upgrading from 0.6.6 => 0.7 (Ubuntu hardy to intrepid) connecting to my school's PEAP network is totally broken for me, while it worked seamlessly before.
Same issue on Ubuntu 8.10 and confirmed by colleagues. WPA/WPA2 Enterprise seams to be broken under Network Manager 0.7. It worked perfectly under Ubuntu 8.04 (NM 0.6.6). Stil need to investigate and see if it still works from the command line with wpa_supplicant.
Created attachment 127596 [details] wpa_supplicant failed connection attempt
Created attachment 127597 [details] wpa_supplicant successful connection attempt
Whoops I meant to add this comment before the two attachments above. Anyway I posted this on Ubuntu's bug tracker for bug #272185 which seems to be the same or a related issue. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/272185/comments/195 Hey so first thing, I also tried installing the packages from the Jaunty repo that were suggested but that didn't help at all. Mine is a WPA PEAP wireless lan. I can connect instantly with wpa_supplicant but not with network manager. my wpa_supplicant.conf looks like this (I've tried to remove everything that isn't absolutely necessary): ctrl_interface=/var/run/wpa_supplicant network={ ssid="WLAN-TWDC" proto=WPA key_mgmt=WPA-EAP eap=PEAP identity="xxx" password="xxx" phase1="peaplabel=0" # phase2="auth=MSCHAPV2" } I think the problem I'm seeing is pretty much exactly what Jan above described (https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/272185/comments/131). Including the phase2 line prevents me from connecting, but when I leave it out I connect pretty much instantly. I'm attaching the wpa_supplicant output from a failed connection. It seems the problems are happening around line 389. I'll also attach a successful one just for the heck of it.
Actually reading my successful connection attempt more closely it looks like it's using GTK TKIP for phase 2 to connect. That probably makes my problem the same as the one described in bug #565065 (http://bugzilla.gnome.org/show_bug.cgi?id=565065).
Yoann & Delfick: any idea if your wifi networks use EAP-GTC for the authentication algorithm?
Do you know how we'd be able to find out?
One way is to construct a wpa_supplicant config file with the right options (phase2="autheap=GTC") and see if that works. If it does, at least GTC is supported though it might not be the only EAP method you can use to connect. If that sounds OK to you, I can help you create that config file and run the supplicant, then you can attach the output and I can take a look at it.
Sorry I've taken so long to get back to this, time is not a friend of mine at the moment :p Anyway, I've changed the supplicant.conf file I was using so now it reads ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=1 fast_reauth=1 network={ ssid="student-curtin" scan_ssid=1 key_mgmt=WPA-EAP eap=PEAP pairwise=TKIP group=TKIP phase1="peaplabel=0" phase2="autheap=GTC" } and I'll test it out tomorrow sometime. Way I usually use it is this command sudo wpa_supplicant -ieth1 -c/etc/wpa_supplicant.conf –B followed by using wpa_cli to log in with my username and password and finally dhclient to make the connection. However there is usually a lot of output the the first two commands (and nothing I suppose is significant in dhclient output) so I'm wondering if there is paramaters or other commands that you suggest I use to get meaningful output to post back here ??
It still connects with that option. When I start wpa_supplicant it repeatedly spits out CTRL-EVENT-SCAN-RESULTS Trying to associate with 00:0b:85:5a:f6:de (SSID='student-curtin' freq=2412 MHz) Associated with 00:0b:85:5a:f6:de CTRL-EVENT-EAP-STARTED EAP authentication started EAP: buildIdentity: identity configuration was not available CTRL-REQ-IDENTITY-0:Identity needed for SSID student-curtin CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys CTRL-EVENT-SCAN-RESULTS Trying to associate with 00:0b:85:5a:f6:b1 (SSID='student-curtin' freq=5765 MHz) CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys Then when I log in with wpa_cli it repeatedly spits out CTRL-EVENT-SCAN-RESULTS Trying to associate with 00:21:d7:90:65:61 (SSID='student-curtin' freq=2412 MHz) CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys along with the this every once in a while CTRL-EVENT-SCAN-RESULTS Trying to associate with 00:0b:85:5a:f6:de (SSID='student-curtin' freq=2412 MHz) Associated with 00:0b:85:5a:f6:de CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys CTRL-EVENT-SCAN-RESULTS Trying to associate with 00:0b:85:5a:f6:d1 (SSID='student-curtin' freq=5765 MHz) Associated with 00:0b:85:5a:f6:d1 CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys Then when I use dhclient it says Trying to associate with 00:21:d7:90:61:81 (SSID='student-curtin' freq=2462 MHz) Associated with 00:21:d7:90:61:81 CTRL-EVENT-EAP-STARTED EAP authentication started CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected OpenSSL: tls_connection_handshake - Failed to read possible Application Data error:00000000:lib(0):func(0):reason(0) EAP-MSCHAPV2: Authentication succeeded EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully WPA: Key negotiation completed with 00:21:d7:90:61:81 [PTK=TKIP GTK=TKIP] CTRL-EVENT-CONNECTED - Connection to 00:21:d7:90:61:81 completed (auth) [id=0 id_str=] and then as usual, if I use dhclient enough times it finally connects.....
Comment #11 responded, open again
NM 0.8 and 0.7.x should now support PEAP/GTC; please try out latest releases and see if they work for you. If not, lets get the wpa_supplicant output as described on this page: http://live.gnome.org/NetworkManager/Debugging under the section "Debugging WiFi Connections". THanks!
Setting to FIXED as per comment 17. Feel free to either REOPEN if it still doesn't work or to set to VERIFIED if it is indeed fixed. Thanks for this bugreport! :)
I have a new laptop and after reading this post http://ubuntuforums.org/showpost.php?p=8617727&postcount=3 I'm able to connect to the wireless without hassle :D