Here are the logs of both OpenWRT and Fedora:
OpenWRT 15.05.01 (failing):
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.570000] wlan0: authenticate with c6:27:95:76:c4:a8
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.600000] wlan0: send auth to c6:27:95:76:c4:a8 (try 1/3)
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.610000] wlan0: authenticated
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.630000] wlan0: associate with c6:27:95:76:c4:a8 (try 1/3)
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.630000] wlan0: RX AssocResp from c6:27:95:76:c4:a8 (capab=0x1411 status=0 aid=1)
Wed Dec 14 01:57:51 2016 kern.info kernel: [ 2257.640000] wlan0: associated
Wed Dec 14 01:57:51 2016 daemon.notice netifd: Network device 'wlan0' link is up
Wed Dec 14 01:57:51 2016 daemon.notice netifd: Interface 'zwan' has link connectivity
Wed Dec 14 01:57:51 2016 daemon.notice netifd: Interface 'zwan' is setting up now
Wed Dec 14 01:57:51 2016 daemon.notice netifd: zwan (6083): udhcpc (v1.23.2) started
Wed Dec 14 01:57:51 2016 daemon.notice netifd: zwan (6083): Sending discover...
Wed Dec 14 01:57:54 2016 daemon.notice netifd: zwan (6083): Sending discover...
Wed Dec 14 01:57:57 2016 daemon.notice netifd: zwan (6083): Sending discover...
Wed Dec 14 01:58:04 2016 kern.info kernel: [ 2270.880000] wlan0: deauthenticated from c6:27:95:76:c4:a8 (Reason: 23=IEEE8021X_FAILED)
Wed Dec 14 01:58:04 2016 daemon.notice netifd: Network device 'wlan0' link is down
Wed Dec 14 01:58:04 2016 daemon.notice netifd: Interface 'zwan' has link connectivity loss
Wed Dec 14 01:58:04 2016 daemon.notice netifd: zwan (6083): Received SIGTERM
Fedora 23 (succeeding, it also works in at least Fedora 25):
Dec 17 13:14:27 localhost NetworkManager[817]: <info> (wlp2s0): Activation: starting connection 'Ziggo' (1277a4f8-a14e-43fe-8fae-c063182eb7bc)
Dec 17 13:14:27 localhost NetworkManager[817]: <info> (wlp2s0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
Dec 17 13:14:27 localhost NetworkManager[817]: <info> (wlp2s0): device state change: prepare -> config (reason 'none') [40 50 0]
Dec 17 13:14:27 localhost NetworkManager[817]: <info> (wlp2s0): Activation: (wifi) connection 'Ziggo' has security, and secrets exist. No new secrets needed.
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'ssid' value 'Ziggo'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'scan_ssid' value '1'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'key_mgmt' value 'WPA-EAP'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'proto' value 'WPA RSN'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'password' value '<omitted>'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'eap' value 'PEAP'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'fragment_size' value '1266'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'phase2' value 'auth=MSCHAPV2'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'identity' value 'XXXXXXXX'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'bgscan' value 'simple:30:-65:300'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: added 'proactive_key_caching' value '1'
Dec 17 13:14:27 localhost NetworkManager[817]: <info> Config: set interface ap_scan to 1
Dec 17 13:14:27 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: disconnected -> scanning
Dec 17 13:14:28 localhost kernel: wlp2s0: authenticate with c6:27:95:76:c4:a8
Dec 17 13:14:28 localhost kernel: wlp2s0: send auth to c6:27:95:76:c4:a8 (try 1/3)
Dec 17 13:14:28 localhost kernel: wlp2s0: authenticated
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: scanning -> authenticating
Dec 17 13:14:28 localhost kernel: wlp2s0: associate with c6:27:95:76:c4:a8 (try 1/3)
Dec 17 13:14:28 localhost kernel: wlp2s0: RX AssocResp from c6:27:95:76:c4:a8 (capab=0x1411 status=0 aid=2)
Dec 17 13:14:28 localhost kernel: wlp2s0: associated
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: authenticating -> associating
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: associating -> associated
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: associated -> 4-way handshake
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): supplicant interface state: 4-way handshake -> completed
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network 'Ziggo'.
Dec 17 13:14:28 localhost NetworkManager[817]: <info> (wlp2s0): device state change: config -> ip-config (reason 'none') [50 70 0]
Dec 17 13:14:28 localhost NetworkManager[817]: <info> Activation (wlp2s0) Beginning DHCPv4 transaction (timeout in 45 seconds)
Dec 17 13:14:28 localhost NetworkManager[817]: <info> dhclient started with pid 3052
Dec 17 13:14:28 localhost dhclient[3052]: DHCPDISCOVER on wlp2s0 to 255.255.255.255 port 67 interval 8 (xid=0xd5687054)
Dec 17 13:14:36 localhost dhclient[3052]: DHCPDISCOVER on wlp2s0 to 255.255.255.255 port 67 interval 13 (xid=0xd5687054)
Dec 17 13:14:36 localhost dhclient[3052]: DHCPREQUEST on wlp2s0 to 255.255.255.255 port 67 (xid=0xd5687054)
Dec 17 13:14:36 localhost dhclient[3052]: DHCPOFFER from 10.32.0.1
Dec 17 13:14:36 localhost dhclient[3052]: DHCPACK from 10.32.0.1 (xid=0xd5687054)
Dec 17 13:14:36 localhost NetworkManager[817]: <info> address 10.32.56.110
Dec 17 13:14:36 localhost NetworkManager[817]: <info> plen 18 (255.255.192.0)
Dec 17 13:14:36 localhost NetworkManager[817]: <info> gateway 10.32.0.1
Dec 17 13:14:36 localhost NetworkManager[817]: <info> server identifier 10.255.255.255
Dec 17 13:14:36 localhost NetworkManager[817]: <info> lease time 3600
Dec 17 13:14:36 localhost NetworkManager[817]: <info> nameserver '213.46.228.196'
Dec 17 13:14:36 localhost NetworkManager[817]: <info> nameserver '62.179.104.196'
Dec 17 13:14:36 localhost NetworkManager[817]: <info> (wlp2s0): DHCPv4 state changed unknown -> bound
Dec 17 13:14:36 localhost NetworkManager[817]: <info> (wlp2s0): device state change: ip-config -> ip-check (reason 'none') [70 80 0]
Dec 17 13:14:36 localhost NetworkManager[817]: <info> (wlp2s0): device state change: ip-check -> secondaries (reason 'none') [80 90 0]
Dec 17 13:14:36 localhost NetworkManager[817]: <info> (wlp2s0): device state change: secondaries -> activated (reason 'none') [90 100 0]
Dec 17 13:14:36 localhost NetworkManager[817]: <info> (wlp2s0): Activation: successful, device activated.
Post by Jos VosI'm trying to configure OpenWRT 15.05.1 as a WPA/WPA2 Enterprise client
for a network of hotspots from a provider (Ziggo, a Dutch Liberty Global
subsidiary).
I can relatively easy do this with NetworkManager on a recent Fedora
system, just a few settings, no special tweaking needed (such as custom
Mode: Client
Security: WPA & WPA2 Enterprise
Authentication: Protected EAP (PEAP)
CA certificate: None
Inner authentication: MSCHAPv2
Username: ...
Password: ...
That does work fine. I have tried *many* combinations of settings as
listed in https://wiki.openwrt.org/doc/uci/wireless#wpa_enterprise_client
and in other wiki pages to do the same with OpenWRT, with no success.
I also downloaded and configured a CA certificate, as the provider
suggests this is needed on most systems (but not with Fedora/NM it
seems), with no success.
Before digging into details of logs: what could be the magic of
NetworkManager in this context? NM offers just a few choices
(given the WPA/WPA2 choice first), is there a way to "translate"
these settings to the OpenWRT config equivalent?
--
-- Jos Vos <***@xos.nl>
-- X/OS Experts in Open Systems BV | Office: +31 20 6938364
-- Amsterdam, The Netherlands | Mobile: +31 6 26216181