wpa_supplicant setup problems

Alan Gerber agerber at ncsu.edu
Sun Nov 13 20:27:10 GMT 2005 

Hi everyone.

I migrated my laptop to 6.0-stable as of this past Wednesday, mainly for 
the added WPA support it brings.

I've been using as my main source of info for setting up WPA support 
wpa_supplicant(8), wpa_supplicant.conf(5), and 
http://www.freebsdmall.com/~loader/en_US.ISO8859-1/articles/wireless/article.html

I'll be using my laptop mainly between two different networks.  I've got 
everything set up in /boot/loader.conf to load the drivers for the 
wireless card, the various crypto modules (I have all of them loaded, 
though I'll probably remove all but wlan_tkip at some point), and in 
/etc/rc.conf I have ifconfig_ndis0="WPA DHCP" as specified on the web 
page above.

My wpa_supplicant.conf file looks like this:
% cat /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
network={
       ssid="home"
       psk="homepsk"
       key_mgmt=WPA-PSK NONE
}
network={
        ssid="work"
        key_mgmt=NONE
}
#EOF

At home, I currently have the AP set to no encryption, hence the NONE in 
key_mgmt.  The wpa_supplicant.conf man page makes it sound like 
wpa_supplicant will try to connect to the "home" ssid with the defined 
preshared key, and if that fails, try to associate using no encryption.  
In fact, this is what actually happens:

localhost# wpa_supplicant -i ndis0 -c /etc/wpa_supplicant.conf -d
Initializing interface 'ndis0' conf '/etc/wpa_supplicant.conf' driver 
'default'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0 (from group name 'wheel')
Priority group 0
   id=0 ssid='home'
   id=1 ssid='work'
Initializing interface (2) 'ndis0'
Own MAC address: 00:90:4b:b2:6a:ea
wpa_driver_bsd_set_wpa: enabled=1
wpa_driver_bsd_set_wpa_internal: wpa=3 privacy=1
wpa_driver_bsd_del_key: keyidx=0
wpa_driver_bsd_del_key: keyidx=1
wpa_driver_bsd_del_key: keyidx=2
wpa_driver_bsd_del_key: keyidx=3
wpa_driver_bsd_set_countermeasures: enabled=0
wpa_driver_bsd_set_drop_unencrypted: enabled=1
Setting scan request: 0 sec 100000 usec
Starting AP scan (broadcast SSID)
Received 0 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 0
0: 00:14:bf:00:32:78 ssid='home' wpa_ie_len=26 rsn_ie_len=0
   selected
Trying to associate with 00:14:bf:00:32:78 (SSID='home' freq=2437 MHz)
Cancelling scan request
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 
01 00 00 50 f2 02 01 00 00 50 f2 02
No keys have been configured - skip key clearing
wpa_driver_bsd_set_drop_unencrypted: enabled=1
wpa_driver_bsd_associate: ssid 'home' wpa ie len 24 pairwise 2 group 2 
key mgmt 1
wpa_driver_bsd_associate: set PRIVACY 1
Setting authentication timeout: 5 sec 0 usec
Authentication with 00:00:00:00:00:00 timed out.
Added BSSID 00:00:00:00:00:00 into blacklist
No keys have been configured - skip key clearing
Setting scan request: 0 sec 0 usec
Starting AP scan (broadcast SSID)
^CSignal 2 received - terminating
Received 0 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 0
0: 00:14:bf:00:32:78 ssid='home' wpa_ie_len=26 rsn_ie_len=0
   selected
Trying to associate with 00:14:bf:00:32:78 (SSID='home' freq=2437 MHz)
Cancelling scan request
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 
01 00 00 50 f2 02 01 00 00 50 f2 02
No keys have been configured - skip key clearing
wpa_driver_bsd_set_drop_unencrypted: enabled=1
wpa_driver_bsd_associate: ssid 'home' wpa ie len 24 pairwise 2 group 2 
key mgmt 1
wpa_driver_bsd_associate: set PRIVACY 1
Setting authentication timeout: 5 sec 0 usec
No keys have been configured - skip key clearing
wpa_driver_bsd_set_wpa: enabled=0
wpa_driver_bsd_set_wpa_internal: wpa=0 privacy=0
wpa_driver_bsd_set_drop_unencrypted: enabled=0
wpa_driver_bsd_set_countermeasures: enabled=0
No keys have been configured - skip key clearing
wpa_driver_bsd_set_wpa_internal: wpa=1 privacy=1
Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
localhost#

It does this (up to where I hit Ctrl+C) in a repeating loop, without 
ever deciding to associate.  It looks to me like wpa_supplicant is 
forgetting the BSSID of the AP to which it is trying to authenticate.  
To try to get around this problem, I manually set the BSSID of the AP in 
wpa_supplicant.conf, but it had no effect.

So, I'll ask you guys - any ideas on what I can do to make this work 
properly?  Ideally, I'd like to make wpa_supplicant look for the home 
ssid with the defined PSK, and if it fails to authenticate using that, 
then fall back to plaintext mode.

--
Alan Gerber

More information about the freebsd-questions mailing list