From owner-freebsd-mobile@FreeBSD.ORG Sat Jul 14 22:09:25 2007 Return-Path: X-Original-To: freebsd-mobile@freebsd.org Delivered-To: freebsd-mobile@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 96F8616A402; Sat, 14 Jul 2007 22:09:25 +0000 (UTC) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.freebsd.org (Postfix) with ESMTP id 5489913C4BB; Sat, 14 Jul 2007 22:09:25 +0000 (UTC) (envelope-from sam@errno.com) Received: from sam-lefflers-powerbook-g4-15.local ([10.0.0.178]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id l6EM9O2X049672 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 14 Jul 2007 15:09:24 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <46994990.1070505@errno.com> Date: Sat, 14 Jul 2007 15:09:20 -0700 From: Sam Leffler Organization: Errno Consulting User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: "Bruce A. Mah" References: <20070713202015.GA1718@phantom.kitchenlab.org> In-Reply-To: <20070713202015.GA1718@phantom.kitchenlab.org> X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-mobile@freebsd.org Subject: Re: ath(4), wpa_supplicant, WPA2, Netgear WG302 problem X-BeenThere: freebsd-mobile@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Mobile computing with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jul 2007 22:09:25 -0000 Bruce A. Mah wrote: > I'm having a problem getting a Netgear WG511T in my FreeBSD CURRENT > laptop to do WPA2-PSK with a Netgear WG302 access point. I'm hoping > someone here can give me a nudge in the right direction to help > troubleshoot this. > > The laptop is an old Sony Vaio (PCG-Z505HS). The Netgear WG511T > probes thusly: > > ath0: mem 0x88000000-0x8800ffff irq 9 at device 0.0 on cardbus0 > ath0: [ITHREAD] > ath0: using obsoleted if_watchdog interface > ath0: Ethernet address: 00:0f:b5:af:81:39 > ath0: mac 7.9 phy 4.5 radio 5.6 > > The OS is FreeBSD HEAD as of yesterday, GENERIC kernel. Note that > this has the recent HAL import, as well as wpa_supplicant v0.5.8: > > ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413) not sure what "the recent hal import" is > > The AP is a Netgear WG302 with Firmware 4.2.17. It's configured for > WPA2-PSK. Several other clients can communicate with this AP without > any problems. A slightly sanitized wpa_supplicant.conf is: > > ----- > network={ > ssid="kitchenlab.org" > scan_ssid=1 > psk="REAL_PSK_REMOVED" > } > ----- > > Some output from wpa_supplicant -dd is below: > > ----- > Starting AP scan (specific SSID) > Scan SSID - hexdump_ascii(len=14): > 6b 69 74 63 68 65 6e 6c 61 62 2e 6f 72 67 kitchenlab.org > Received 0 bytes of scan results (6 BSSes) > Scan results: 6 > Selecting BSS from priority group 0 > Try to find WPA-enabled AP > 0: 00:14:6c:6f:2e:7d ssid='kitchenlab.org' wpa_ie_len=0 rsn_ie_len=26 caps=0x31 > selected based on RSN IE > selected WPA AP 00:14:6c:6f:2e:7d ssid='kitchenlab.org' > Try to find non-WPA AP > Trying to associate with 00:14:6c:6f:2e:7d (SSID='kitchenlab.org' freq=2412 MHz) > Cancelling scan request > WPA: clearing own WPA/RSN IE > Automatic auth_alg selection: 0x1 > wpa_driver_bsd_set_auth_alg alg 0x1 authmode 1 > RSN: using IEEE 802.11i/D9.0 > WPA: Selected cipher suites: group 8 pairwise 24 key_mgmt 2 proto 2 > WPA: clearing AP WPA IE > WPA: set AP RSN IE - hexdump(len=26): 30 18 01 00 00 0f ac 02 02 00 00 0f ac 02 00 0f ac 04 01 00 00 0f ac 02 01 00 > WPA: using GTK TKIP > WPA: using PTK CCMP > WPA: using KEY_MGMT WPA-PSK > WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00 > No keys have been configured - skip key clearing > wpa_driver_bsd_set_drop_unencrypted: enabled=1 > State: SCANNING -> ASSOCIATING > wpa_driver_bsd_associate: ssid 'kitchenlab.org' wpa ie len 22 pairwise 3 group 2 key mgmt 1 > wpa_driver_bsd_associate: set PRIVACY 1 > Setting authentication timeout: 10 sec 0 usec > EAPOL: External notification - EAP success=0 > EAPOL: External notification - EAP fail=0 > EAPOL: External notification - portControl=Auto > RSN: added PMKSA cache candidate 00:14:6c:6f:2e:7d prio 1000 > RSN: processing PMKSA candidate list > RSN: not in suitable state for new pre-authentication > Authentication with 00:00:00:00:00:00 timed out. > BSSID 00:14:6c:6f:2e:7d blacklist count incremented to 2 > No keys have been configured - skip key clearing > State: ASSOCIATING -> DISCONNECTED > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > EAPOL: External notification - EAP success=0 > Setting scan request: 0 sec 0 usec > State: DISCONNECTED -> SCANNING > ----- > > It's interesting that the WG511T can associate with this AP if both > are configured for WEP, and it can do WPA2 with a Linksys WRT54G > (unknown version). Also I saw superficially similar results while > running 6.2-RELEASE and RELENG_6 on the same hardware. Debugging by > Google hasn't helped me yet either, so I'm running out of ideas. > > Any thoughts? It appears wpa_supplicant is timing out waiting for an initial EAPOL frame from the ap. I'd verify traffic is getting through; possibly with tcpdump. BTW I'd expect more verbose debug output from wpa_supplicant with -dd. Sam