Bug 410931 - Network Manager fails to connect to hidden SID wireless network with WPA Enterprise using PEAP
Network Manager fails to connect to hidden SID wireless network with WPA Ente...
Status: CLOSED DUPLICATE of bug 373841
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
i386 Linux
low Severity low
: ---
: ---
Assigned To: Dan Williams
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-12-04 14:35 EST by donavan nelson
Modified: 2008-01-10 18:36 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-10 18:36:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
syslog messages on working wireless config (9.18 KB, text/plain)
2007-12-04 16:40 EST, donavan nelson
no flags Details

  None (edit)
Description donavan nelson 2007-12-04 14:35:41 EST
Description of problem:

Supplying credentials to nm-applet causes some delay, then nm-applet returns
asking for access credentials and/or certs.

Version-Release number of selected component (if applicable):

[root@lapster /]# rpm -qa |egrep "NetworkM|wpa_sup"
[root@lapster /]# uname -a
Linux lapster.4wx.net #1 SMP Wed Nov 21 18:51:08 EST 2007 i686
i686 i386 GNU/Linux

How reproducible:

Try connecting to a ESSID that is hidden running wpa and PEAP authentication.

Steps to Reproduce:
1.  start nm-applet (from system tray)
2.  connect to other wireless network
3.  NetworkName:  Populated
4.  Wireless Security:  WPA & WPA2 Enterprise
5:  Authentication:  Protected EAP (PEAP)
6:  Anonymous Identiity:  <blank>
7:  CA Cert:  (None)
8:  PEAP Version:  Version 1
9:  Inner Authentication:  MSCHAPv2
10: User Name:  mine
11: Password:  mine
12: Click Connect
13: Click Ignore (for the lack of CA Cert dialog)
14: suffer :(
Actual results:

Error asking for credentials when correct credentials have been supplied.

Expected results:

A connection to the wireless network is created.

Additional info:

This same hardware works and is able to access the wireless network using
kubuntu 7.10 

0c:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG Network
Connection (rev 02)
        Subsystem: Intel Corporation Unknown device 1020
        Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR+ FastB2B-
        Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR-
        Latency: 0, Cache Line Size: 64 bytes
        Interrupt: pin A routed to IRQ 219
        Region 0: Memory at efdff000 (32-bit, non-prefetchable) [size=4K]
        Capabilities: [c8] Power Management version 2
                Flags: PMEClk- DSI+ D1- D2- AuxCurrent=0mA
                Status: D0 PME-Enable- DSel=0 DScale=0 PME-
        Capabilities: [d0] Message Signalled Interrupts: Mask- 64bit+ Queue=0/0
                Address: 00000000fee0300c  Data: 414a
        Capabilities: [e0] Express Legacy Endpoint IRQ 0
                Device: Supported: MaxPayload 128 bytes, PhantFunc 0, ExtTag-
                Device: Latency L0s <512ns, L1 unlimited
                Device: AtnBtn- AtnInd- PwrInd-
                Device: Errors: Correctable- Non-Fatal- Fatal- Unsupported-
                Device: RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop+
                Device: MaxPayload 128 bytes, MaxReadReq 128 bytes
                Link: Supported Speed 2.5Gb/s, Width x1, ASPM L0s L1, Port 0
                Link: Latency L0s <128ns, L1 <64us
                Link: ASPM L1 Enabled RCB 64 bytes CommClk+ ExtSynch-
                Link: Speed 2.5Gb/s, Width x1
Comment 1 Dan Williams 2007-12-04 14:41:58 EST
iwlwifi drivers are known to have problems with hidden SSIDs at this time,
because they do not support the ap_scan=2 option with wpa_supplicant...  we
could make sure this is the case though.  Are you familiar with wpa_supplicant's
config file format?
Comment 2 donavan nelson 2007-12-04 14:57:41 EST
Somewhat.  What do you have in mind?
Comment 3 Dan Williams 2007-12-04 15:29:42 EST
constructing a wpa_supplicant.conf file that will connect to your network, then
playing around with ap_scan=1 and ap_scan=2 to determine whether this is
actually the cause of your problem with iwl3945.  It's pretty much known not to
work with hidden SSIDs and ap_scan=2 already, but doesn't hurt to nail it down
before handing off to the kernel team to fix the driver.  Let me know if you'd
like to do this.
Comment 4 donavan nelson 2007-12-04 16:40:34 EST
Created attachment 277351 [details]
syslog messages on working wireless config

I'm attaching this to aide in configuring a matching wpa_supplicant.conf file
Comment 5 donavan nelson 2007-12-04 16:43:10 EST
Okay, I'm working on creating a wpa_sup.conf file that I'll attach here.  At
that point I'll need some guidance.
Comment 6 Dan Williams 2007-12-04 16:48:48 EST
sure, let me know, happy to help.
Comment 7 donavan nelson 2007-12-04 17:30:29 EST
Okay, here is my tentative /etc/wpa_supplicant/wpa_supplicant.conf file:




Comment 8 Dan Williams 2007-12-04 17:43:33 EST
Looks good.  Kill NetworkManager, then wpa_supplicant.  Then run wpa_supplicant

/usr/sbin/wpa_supplicant -ddd -i wlan0 -D wext -c /path/to/your/wpa_supplicant.conf

You're looking for the string COMPLETED in there.  in any case, email me the
log.  YOu probably don't want to attach it as some private network details may
leak through.
Comment 9 donavan nelson 2007-12-05 09:55:08 EST
The following wpa_supplicant.conf file gets me onto the network.  Running
dhclient gets me an IP address and everything seems to be working.


Comment 10 donavan nelson 2007-12-05 09:58:04 EST
Do you still want the wpa_supplicant output emailed to you?

I'm going to speculate this is a simply a matter of getting NetworkManager to do
the right thing when using PEAP without certs.  Please ping me on IRC if you
would like me to try a new NetworkManager build.
Comment 11 Dan Williams 2008-01-10 18:36:45 EST

*** This bug has been marked as a duplicate of 373841 ***

Note You need to log in before you can comment on or make changes to this bug.