Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#569 - Unable to conenct with wpa2-eap #6333

Closed
openwrt-bot opened this issue Feb 28, 2017 · 4 comments
Closed

FS#569 - Unable to conenct with wpa2-eap #6333

openwrt-bot opened this issue Feb 28, 2017 · 4 comments
Labels

Comments

@openwrt-bot
Copy link

kraut:

Device: TP-Link Archer C7 V2
LEDE: 17.01.0, r3205-59508e3

Sometimes it is impossible to connect to an AP. It just looks like that he pairwise key handshake fails. This is what i see in the log:

Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: STA 00:13:ef:60:0a:3a IEEE 802.11: authenticated
Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: STA 00:13:ef:60:0a:3a IEEE 802.11: associated (aid 1)
Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: CTRL-EVENT-EAP-STARTED 00:13:ef:60:0a:3a
Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1

My config for wpa2-eap is pretty simple:

config wifi-iface 'default_radio1' option device 'radio1' option mode 'ap' option ssid 'SSID' option encryption 'wpa2' option auth_server '10.0.0.1' option auth_port '1812' option auth_secret 'foobar' option nasid 'ap02g' option network 'lan' option wpa_group_rekey '2000'
@openwrt-bot
Copy link
Author

kraut:

Attached is a packet-trace on wlan1, which servces the wifi-interface for that ssid. It seems, that EAP packets got dropped.

@openwrt-bot
Copy link
Author

kraut:

If it helps, attached is a debug output of radius. From the packet capture i don't believe it's a radius issue, because there are eap packets missing.

@openwrt-bot
Copy link
Author

kraut:

Am i the only person with such problems? It's really unusable for me.

@openwrt-bot
Copy link
Author

yousong:

Just in case, what's the version of wpad, hostapd, wpa_supplicant you are using? The default wpad-mini package is very likely stripped off these remote auth features.

If the installed program version is okay, the following measures may help to further debug the issue if you are willing to compile your own firmware

  • set CONFIG_WPA_MSG_MIN_PRIORITY=0, this will enable at compile-time more debug statements to the binary
  • set uci config option log_level also to 0, this will enable at run-time outputting more debug messsages
  • Check the content of hostapd.conf file from the hostapd command line. Use it as a base to run hostapd on your own

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant