Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#3439 - Can't connect for WPA2-Enterprise from Windows system. #8310

Open
openwrt-bot opened this issue Nov 8, 2020 · 1 comment
Open
Labels
flyspray release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release

Comments

@openwrt-bot
Copy link

przemyslawcybulski:

Supply the following if possible:

  • Device problem occurs on
  • Software versions of OpenWrt/LEDE release, packages, etc.
  • Steps to reproduce

======Device problem occurs on======
I can't connect to network wifi (WPA2-Enterprise) from Windows system. I can connect from Linux and IOS systems.
I tested packages: wpad-mesh-openssl, wpad-openssl, wpad-wolfssl and wpad.

======Software versions of OpenWrt/LEDE release, packages, etc======
cat /etc/openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='19.07-SNAPSHOT'
DISTRIB_REVISION='r11201-f5afa593e7'
DISTRIB_TARGET='ath79/generic'
DISTRIB_ARCH='mips_24kc'
DISTRIB_DESCRIPTION='OpenWrt 19.07-SNAPSHOT r11201-f5afa593e7'
DISTRIB_TAINTS=''

opkg list-installed
adblock - 4.0.6-3
base-files - 204.2-r11201-f5afa593e7
blkid - 2.34-1
block-mount - 2020-05-12-84269037-1
busybox - 1.30.1-6
ca-bundle - 20200601-1
cgi-io - 19
chat - 2.4.7.git-2019-05-25-3
comgt - 0.32-32
comgt-directip - 0.32-32
comgt-ncm - 0.32-32
coreutils - 8.30-2
coreutils-sort - 8.30-2
ddns-scripts - 2.7.8-13
dnsmasq - 2.80-16.1
dropbear - 2019.78-2
e2fsprogs - 1.44.5-2
ekooneplstat - 20150706
etherwake - 1.09-4
firewall - 2019-11-22-8174814a-2
fstools - 2020-05-12-84269037-1
fwtool - 2
getrandom - 2019-06-16-4df34a4d-3
hostapd-common - 2019-08-08-ca8c2bd2-4
ip-tiny - 5.0.0-2.1
ipset - 7.3-1
iptables - 1.8.3-1
iw - 5.0.1-1
iwinfo - 2019-10-16-07315b6f-1
jshn - 2020-05-25-66195aee-1
jsonfilter - 2018-02-04-c7e938d6-1
kernel - 4.14.195-1-38fe082385c94876bc5af35c67d5656a
kmod-ath - 4.14.195+4.19.137-1-2
kmod-ath9k - 4.14.195+4.19.137-1-2
kmod-ath9k-common - 4.14.195+4.19.137-1-2
kmod-cfg80211 - 4.14.195+4.19.137-1-2
kmod-crypto-aead - 4.14.195-1
kmod-crypto-ccm - 4.14.195-1
kmod-crypto-cmac - 4.14.195-1
kmod-crypto-crc32c - 4.14.195-1
kmod-crypto-ctr - 4.14.195-1
kmod-crypto-des - 4.14.195-1
kmod-crypto-ecb - 4.14.195-1
kmod-crypto-gcm - 4.14.195-1
kmod-crypto-gf128 - 4.14.195-1
kmod-crypto-ghash - 4.14.195-1
kmod-crypto-hash - 4.14.195-1
kmod-crypto-hmac - 4.14.195-1
kmod-crypto-iv - 4.14.195-1
kmod-crypto-manager - 4.14.195-1
kmod-crypto-md4 - 4.14.195-1
kmod-crypto-md5 - 4.14.195-1
kmod-crypto-null - 4.14.195-1
kmod-crypto-pcompress - 4.14.195-1
kmod-crypto-rng - 4.14.195-1
kmod-crypto-seqiv - 4.14.195-1
kmod-crypto-sha256 - 4.14.195-1
kmod-crypto-sha512 - 4.14.195-1
kmod-crypto-wq - 4.14.195-1
kmod-fs-ext4 - 4.14.195-1
kmod-fs-ksmbd - 4.14.195+3.1.3-1
kmod-fs-vfat - 4.14.195-1
kmod-fuse - 4.14.195-1
kmod-gpio-button-hotplug - 4.14.195-3
kmod-ipt-conntrack - 4.14.195-1
kmod-ipt-core - 4.14.195-1
kmod-ipt-ipset - 4.14.195-1
kmod-ipt-nat - 4.14.195-1
kmod-ipt-offload - 4.14.195-1
kmod-ipt-raw - 4.14.195-1
kmod-lib-crc-ccitt - 4.14.195-1
kmod-lib-crc16 - 4.14.195-1
kmod-lib-textsearch - 4.14.195-1
kmod-mac80211 - 4.14.195+4.19.137-1-2
kmod-mii - 4.14.195-1
kmod-nf-conntrack - 4.14.195-1
kmod-nf-conntrack6 - 4.14.195-1
kmod-nf-flow - 4.14.195-1
kmod-nf-ipt - 4.14.195-1
kmod-nf-ipt6 - 4.14.195-1
kmod-nf-nat - 4.14.195-1
kmod-nf-nathelper-extra - 4.14.195-1
kmod-nf-reject - 4.14.195-1
kmod-nf-reject6 - 4.14.195-1
kmod-nfnetlink - 4.14.195-1
kmod-nls-base - 4.14.195-1
kmod-nls-cp437 - 4.14.195-1
kmod-nls-iso8859-1 - 4.14.195-1
kmod-nls-utf8 - 4.14.195-1
kmod-phy-ath79-usb - 4.14.195-1
kmod-ppp - 4.14.195-1
kmod-pppoe - 4.14.195-1
kmod-pppox - 4.14.195-1
kmod-scsi-core - 4.14.195-1
kmod-slhc - 4.14.195-1
kmod-tun - 4.14.195-1
kmod-udptunnel4 - 4.14.195-1
kmod-udptunnel6 - 4.14.195-1
kmod-usb-acm - 4.14.195-1
kmod-usb-core - 4.14.195-1
kmod-usb-ehci - 4.14.195-1
kmod-usb-ledtrig-usbport - 4.14.195-1
kmod-usb-net - 4.14.195-1
kmod-usb-net-cdc-ether - 4.14.195-1
kmod-usb-net-cdc-mbim - 4.14.195-1
kmod-usb-net-cdc-ncm - 4.14.195-1
kmod-usb-net-huawei-cdc-ncm - 4.14.195-1
kmod-usb-net-qmi-wwan - 4.14.195-1
kmod-usb-net-rndis - 4.14.195-1
kmod-usb-net-sierrawireless - 4.14.195-1
kmod-usb-serial - 4.14.195-1
kmod-usb-serial-option - 4.14.195-1
kmod-usb-serial-qualcomm - 4.14.195-1
kmod-usb-serial-sierrawireless - 4.14.195-1
kmod-usb-serial-wwan - 4.14.195-1
kmod-usb-storage - 4.14.195-1
kmod-usb-storage-uas - 4.14.195-1
kmod-usb-wdm - 4.14.195-1
kmod-usb2 - 4.14.195-1
kmod-wireguard - 4.14.195+1.0.20200611-1
ksmbd-server - 3.2.1-1
ksmbd-utils - 3.2.1-1
libblkid1 - 2.34-1
libblobmsg-json - 2020-05-25-66195aee-1
libc - 1.1.24-2
libcomerr0 - 1.44.5-2
libext2fs2 - 1.44.5-2
libgcc1 - 7.5.0-2
libip4tc2 - 1.8.3-1
libip6tc2 - 1.8.3-1
libipset13 - 7.3-1
libiwinfo-lua - 2019-10-16-07315b6f-1
libiwinfo20181126 - 2019-10-16-07315b6f-1
libjson-c2 - 0.12.1-3.1
libjson-script - 2020-05-25-66195aee-1
liblua5.1.5 - 5.1.5-3
liblucihttp-lua - 2019-07-05-a34a17d5-1
liblucihttp0 - 2019-07-05-a34a17d5-1
liblzo2 - 2.10-2
libmbedtls12 - 2.16.8-1
libmnl0 - 1.0.4-2
libncurses6 - 6.1-5
libnl-core200 - 3.4.0-2
libnl-genl200 - 3.4.0-2
libnl-tiny - 0.1-5
libopenssl-conf - 1.1.1g-1
libopenssl1.1 - 1.1.1g-1
libpcap1 - 1.9.1-2.1
libpcre - 8.43-1
libpthread - 1.1.24-2
librt - 1.1.24-2
libss2 - 1.44.5-2
libubox20191228 - 2020-05-25-66195aee-1
libubus-lua - 2019-12-27-041c9d1c-1
libubus20191227 - 2019-12-27-041c9d1c-1
libuci20130104 - 2019-09-01-415f9e48-3
libuclient20160123 - 2020-06-17-51e16ebf-1
libusb-1.0-0 - 1.0.22-2
libustream-openssl20150806 - 2020-03-13-40b563b1-1
libuuid1 - 2.34-1
libwolfssl24 - 4.5.0-stable-1
libxtables12 - 1.8.3-1
logd - 2019-06-16-4df34a4d-3
lua - 5.1.5-3
luci - git-20.247.75781-0d0ab01-1
luci-app-adblock - git-20.247.75781-0d0ab01-1
luci-app-commands - git-20.247.75781-0d0ab01-1
luci-app-ddns - 2.4.9-7
luci-app-ekooneplstat - 20190629
luci-app-firewall - git-20.247.75781-0d0ab01-1
luci-app-ksmbd - git-20.247.75781-0d0ab01-1
luci-app-openvpn - git-20.247.75781-0d0ab01-1
luci-app-opkg - git-20.247.75781-0d0ab01-1
luci-app-p910nd - git-20.247.75781-0d0ab01-1
luci-app-vpnbypass - git-20.247.75781-0d0ab01-19
luci-app-wifischedule - git-20.247.75781-0d0ab01-1
luci-app-wireguard - git-20.247.75781-0d0ab01-1
luci-app-wol - git-20.247.75781-0d0ab01-1
luci-base - git-20.247.75781-0d0ab01-1
luci-compat - git-20.247.75781-0d0ab01-1
luci-i18n-adblock-en - git-20.247.75781-0d0ab01-1
luci-i18n-adblock-pl - git-20.247.75781-0d0ab01-1
luci-i18n-base-en - git-20.247.75781-0d0ab01-1
luci-i18n-base-pl - git-20.247.75781-0d0ab01-1
luci-i18n-commands-en - git-20.247.75781-0d0ab01-1
luci-i18n-commands-pl - git-20.247.75781-0d0ab01-1
luci-i18n-ddns-en - 2.4.9-7
luci-i18n-ddns-pl - 2.4.9-7
luci-i18n-firewall-en - git-20.247.75781-0d0ab01-1
luci-i18n-firewall-pl - git-20.247.75781-0d0ab01-1
luci-i18n-ksmbd-en - git-20.247.75781-0d0ab01-1
luci-i18n-ksmbd-pl - git-20.247.75781-0d0ab01-1
luci-i18n-openvpn-en - git-20.247.75781-0d0ab01-1
luci-i18n-openvpn-pl - git-20.247.75781-0d0ab01-1
luci-i18n-opkg-en - git-20.247.75781-0d0ab01-1
luci-i18n-opkg-pl - git-20.247.75781-0d0ab01-1
luci-i18n-p910nd-en - git-20.247.75781-0d0ab01-1
luci-i18n-p910nd-pl - git-20.247.75781-0d0ab01-1
luci-i18n-vpnbypass-en - git-20.247.75781-0d0ab01-19
luci-i18n-vpnbypass-pl - git-20.247.75781-0d0ab01-19
luci-i18n-wifischedule-en - git-20.247.75781-0d0ab01-1
luci-i18n-wifischedule-pl - git-20.247.75781-0d0ab01-1
luci-i18n-wireguard-en - git-20.247.75781-0d0ab01-1
luci-i18n-wireguard-pl - git-20.247.75781-0d0ab01-1
luci-i18n-wol-en - git-20.247.75781-0d0ab01-1
luci-i18n-wol-pl - git-20.247.75781-0d0ab01-1
luci-lib-ip - git-20.247.75781-0d0ab01-1
luci-lib-ipkg - git-20.247.75781-0d0ab01-1
luci-lib-jsonc - git-20.247.75781-0d0ab01-1
luci-lib-nixio - git-20.247.75781-0d0ab01-1
luci-mod-admin-full - git-20.247.75781-0d0ab01-1
luci-mod-network - git-20.247.75781-0d0ab01-1
luci-mod-status - git-20.247.75781-0d0ab01-1
luci-mod-system - git-20.247.75781-0d0ab01-1
luci-proto-3g - git-20.247.75781-0d0ab01-1
luci-proto-ipv6 - git-20.247.75781-0d0ab01-1
luci-proto-ncm - git-20.247.75781-0d0ab01-1
luci-proto-ppp - git-20.247.75781-0d0ab01-1
luci-proto-qmi - git-20.247.75781-0d0ab01-1
luci-proto-relay - git-20.247.75781-0d0ab01-1
luci-proto-wireguard - git-20.247.75781-0d0ab01-1
luci-ssl-openssl - git-20.247.75781-0d0ab01-1
luci-theme-bootstrap - git-20.247.75781-0d0ab01-1
mbedtls-util - 2.16.8-1
mtd - 24
netifd - 2019-08-05-5e02f944-1
ntfs-3g - 2017.3.23-2-fuseint
odhcpd-ipv6only - 2020-05-03-49e4949c-3
openssh-sftp-server - 8.0p1-1
openssl-util - 1.1.1g-1
openvpn-easy-rsa - 3.0.4-1
openvpn-openssl - 2.4.7-2
openwrt-keyring - 2019-07-25-8080ef34-1
opkg - 2020-05-07-f2166a89-1
p910nd - 0.97-8
port-mirroring - 1.4.4-2
ppp - 2.4.7.git-2019-05-25-3
ppp-mod-pppoe - 2.4.7.git-2019-05-25-3
procd - 2020-03-07-09b9bd82-1
relayd - 2020-04-25-f4d759be-1
rpcd - 2020-05-26-67c8a3fd-1
rpcd-mod-file - 2020-05-26-67c8a3fd-1
rpcd-mod-iwinfo - 2020-05-26-67c8a3fd-1
rpcd-mod-luci - 20191114
rpcd-mod-rrdns - 20170710
screen - 4.8.0-1
swconfig - 12
sysinfo - 20200403
terminfo - 6.1-5
uboot-envtools - 2018.03-3
ubox - 2019-06-16-4df34a4d-3
ubus - 2019-12-27-041c9d1c-1
ubusd - 2019-12-27-041c9d1c-1
uci - 2019-09-01-415f9e48-3
uclient-fetch - 2020-06-17-51e16ebf-1
uhttpd - 2020-03-13-975dce23-1
umbim - 2019-03-11-24f9dc71-1
uqmi - 2019-06-27-1965c713-7
urandom-seed - 1.0-1
urngd - 2020-01-21-c7f7b6b6-1
usb-modeswitch - 2017-12-19-f40f84c2-2
usign - 2020-05-23-f1f65026-1
vpnbypass - 1.3.1-7
wget - 1.20.3-4
wifischedule - 1-2
wireguard-tools - 1.0.20191226-1
wireless-regdb - 2019.06.03-1
wpad-mesh-openssl - 2019-08-08-ca8c2bd2-4
wsdd2 - 2020-05-06-671d040c-1
wwan - 2014-07-17-1
xinetd - 2.3.15-5
zlib - 1.2.11-3

cat /etc/config/wireless
config wifi-device 'radio1'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'pci0000:00/0000:00:00.0'
option htmode 'HT20'
option country 'PL'

config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option auth_server '192.168.1.X'
option auth_port '1812'
option auth_secret password
option ssid 'name'
option encryption 'wpa2+ccmp'
option wpa_disable_eapol_key_retries '1'
option ieee80211w '2'
option disassoc_low_ack '0'

======Steps to reproduce======
Always when I tried connect to wireless network from Windows system I can't connect to network and I saw below logs:

logread | grep wlan1
Sun Nov 8 21:54:54 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: authenticated
Sun Nov 8 21:54:54 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: associated (aid 2)
Sun Nov 8 21:54:54 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-STARTED MAC ADDRESS
Sun Nov 8 21:54:54 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sun Nov 8 21:54:55 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-STARTED MAC ADDRESS
Sun Nov 8 21:54:55 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sun Nov 8 21:54:56 2020 daemon.warn hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: could not extract EAP-Message from RADIUS message
Sun Nov 8 21:54:56 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-FAILURE2 MAC ADDRESS
Sun Nov 8 21:54:56 2020 daemon.warn hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: authentication failed - EAP type: 0 (unknown)
Sun Nov 8 21:54:56 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
Sun Nov 8 21:55:01 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: deauthenticated due to local deauth request
Sun Nov 8 21:55:03 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: authenticated
Sun Nov 8 21:55:03 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: associated (aid 2)
Sun Nov 8 21:55:03 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-STARTED MAC ADDRESS
Sun Nov 8 21:55:03 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sun Nov 8 21:55:03 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-STARTED MAC ADDRESS
Sun Nov 8 21:55:03 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sun Nov 8 21:55:04 2020 daemon.warn hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: could not extract EAP-Message from RADIUS message
Sun Nov 8 21:55:04 2020 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-FAILURE2 MAC ADDRESS
Sun Nov 8 21:55:04 2020 daemon.warn hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: authentication failed - EAP type: 0 (unknown)
Sun Nov 8 21:55:04 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
Sun Nov 8 21:55:09 2020 daemon.info hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: deauthenticated due to local deauth request

This problem occurred after upgrade openwrt system.

@aparcar aparcar added the release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release label Feb 22, 2022
@lynxis
Copy link
Member

lynxis commented Dec 2, 2022

wpa2 enterprise is a quite complex topic.
Could you attach the log output from the windows system and from the radius server?
Further the eap pcap and the radius traffic would be helpful to figure out the exact problem.

Does the problem also exists on openwrt 22.03?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
flyspray release/19.07 pull request/issue targeted (also) for OpenWrt 19.07 release
Projects
None yet
Development

No branches or pull requests

3 participants