WPA2 - WPA-PSK - TKIP trouble

Situation:
- D-Link DIR-635 802.11n-router configured: only WPA2 (personal) with TKIP
- D-Link DWA-645 802.11n-pcmcia with atheros chipset and working ndiswrapper driver (ath5k is not yet supporting this chipset)
I cannot connect to the router and I'm not sure it's the linux-config or the router-config that is to blame (which makes troubleshooting a real pain), so here goes:
#  wpa_supplicant -dd -c/etc/wpa_supplicant.conf -iwlan0 -Dwext
Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group='0' (DEPRECATED)
eapol_version=1
ap_scan=1
fast_reauth=1
Line: 7 - start of a new network block
ssid - hexdump_ascii(len=9):
53 4c 2d 61 63 63 65 73 73 SL-access
key_mgmt: 0x2
pairwise: 0x8
group: 0x8
proto: 0x2
priority=9 (0x9)
PSK - hexdump(len=32): [REMOVED]
Priority group 9
id=0 ssid='SL-access'
Initializing interface (2) 'wlan0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
SIOCGIWRANGE: WE(compiled)=22 WE(source)=18 enc_capa=0xf
capabilities: key_mgmt 0xf enc 0xf
WEXT: Operstate: linkmode=1, operstate=5
Own MAC address: 00:17:9a:45:9b:1f
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
ctrl_interface_group=0
Added interface wlan0
RTM_NEWLINK: operstate=0 ifi_flags=0x1002 ()
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Trying to get current scan results first without requesting a new scan to speed up initial association
Received 256 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 9
Try to find WPA-enabled AP
0: 00:1c:f0:ee:f8:68 ssid='SL-access' wpa_ie_len=0 rsn_ie_len=22 caps=0x11
selected based on RSN IE
selected WPA AP 00:1c:f0:ee:f8:68 ssid='SL-access'
Try to find non-WPA AP
Trying to associate with 00:1c:f0:ee:f8:68 (SSID='SL-access' freq=2412 MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
RSN: using IEEE 802.11i/D9.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 proto 2
WPA: clearing AP WPA IE
WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 00 0f ac 02 01 00 00 0f ac 02 00 00
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 00 0f ac 02 01 00 00 0f ac 02 00 00
No keys have been configured - skip key clearing
wpa_driver_wext_set_drop_unencrypted
State: SCANNING -> ASSOCIATING
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
wpa_driver_wext_associate
Setting authentication timeout: 10 sec 0 usec
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
RSN: Ignored PMKID candidate without preauth flag
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
Wireless event: cmd=0x8b04 len=12
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
Wireless event: cmd=0x8b1a len=17
Authentication with 00:1c:f0:ee:f8:68 timed out.
Added BSSID 00:1c:f0:ee:f8:68 into blacklist
No keys have been configured - skip key clearing
State: ASSOCIATING -> DISCONNECTED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Scan requested (ret=0) - scan timeout 5 seconds
^CCTRL-EVENT-TERMINATING - signal 2 received
Removing interface wlan0
State: SCANNING -> DISCONNECTED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wext_set_wpa
wpa_driver_wext_set_drop_unencrypted
wpa_driver_wext_set_countermeasures
No keys have been configured - skip key clearing
Removed BSSID 00:1c:f0:ee:f8:68 from blacklist (clear)
Cancelling scan request
Cancelling authentication timeout
WEXT: Operstate: linkmode=0, operstate=6
net-profile wl-Synergy:
CONNECTION="wireless"
DESCRIPTION="SynergyLaw wireless access"
INTERFACE=wlan0
ESSID="SL-access"
SCAN="yes"
SECURITY="wpa-config"
IP="dhcp"
TIMEOUT=40
WPA_CONF=/etc/wpa_supplicant.conf
/etc/wpa_supplicant.conf:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="SL-access"
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
proto=WPA2
priority=9
#psk="abc"
psk=<censored>
#  iwlist wlan0 scan:
wlan0 Scan completed :
Cell 01 - Address: 00:1C:F0:EE:F8:68
ESSID:"SL-access"
Protocol:IEEE 802.11g
Mode:Managed
Frequency:2.412 GHz (Channel 1)
Quality:45/100 Signal level:-67 dBm Noise level:-96 dBm
Encryption key:on
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
48 Mb/s; 54 Mb/s
Extra:bcn_int=100
Extra:atim=0
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
I find a lot of people asking similar questions, but none of the answers have helped me so far. I hope to find someone here with a similar setup and the answer to all my problems
Zl.

B wrote:
I am running WPA2 indeed, but no N - plain G for the moment.
That wpa_supplicant.conf looks dandy .
Here's mine for reference:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
#fast_reauth=0
#ap_scan=0
#DIR=/var/run/wpa_supplicant GROUP=wheel
# My home network
network={
ssid=*snip*
key_mgmt=WPA-PSK
proto=WPA2
pairwise=CCMP
group=CCMP
#psk=*snip*
psk=*snip*
# Arne's network
network={
ssid=*snip*
key_mgmt=WPA-PSK
proto=WPA
pairwise=TKIP
group=TKIP
#psk=*snip*
psk=*snip*
As you can see the first one is WPA2, the second one WPA. Of course you can mix but that will imho only increase possible incompatibilities.
My netcfg setup:
CONNECTION="wireless"
INTERFACE="intel"
HOSTNAME="hermes"
# AP authentication
SCAN="yes"
SECURITY="wpa-config"
WPA_CONF="/etc/wpa_supplicant.conf"
WPA_OPTS="-Dwext -B"
ESSID=*snip*
# IP address
IP="dhcp"
DHCP_TIMEOUT=10
N does not add any additional security (except that it makes WPA2 mandatory as far as I understood, I might be wrong about this). My router runs OpenWRT and I only intend to switch to N when I find a router that is stable on OpenWRT, and provides N performance and range (now you often have to resort to G MIMO drivers and stuff with OpenWRT on N models).
hey!, thanks for your config there, now I have wifi using wpa2 connecting properly on a dell xps m1330.
But I also found that if I didn't use netcfg to stop the profile manually, I couldn't reboot the system and after typing 'reboot' I think the wpa_supplicant is just killed or crashes and the system is stuck on '> Rebooting'. I had to use 'netcfg2 -d abc' to stop the profile then reboot.
Last edited by ST.x (2008-06-27 11:43:17)

Similar Messages

  • Wga54g connecting to sony blu ray using WPA-PSK (TKIP) or WPA2-PSK (AES)

    My Wga54g is to be the interenet source to my sony blu ray player. I have a wireless broadband router modem setup that uses WPA-PSK (TKIP) and WPA2-PSK (AES). How do I configure everything to work? Since the WGA54G only does WEP is there a way to configure it or the Sony Blu ray to get a internet signal to it? The sony seems to have a automatic IP or manual IP configuration setting option.  I suppose I can step down to WEP on the router settings but I'd rather not. I tried that and couldn't get it to work regardless. Please help!

    To connect the Wireless-G Game adapter to a wireless network, please determine your SSID, Wireless Security and/or Network Key. Second you need to lower down the security mode to WEP, since WGA54G do not have any other security mode. Here is the link for connecting the Wireless Network using a WGA54G: http://www6.nohold.net/Cisco2/ukp.aspx?pid=93&login=1&vw=1&app=search&articleid=4558&userrole=Linksy...

  • WPA-PSK TKIP

    Does iPhone support WPA-PSK authentication?
    If so, does it support TKIP encryption?
    I'm having a heck of a time trying to set up my work network on the iPhone, though my MacBook Pro handles it just fine.
    Thanks in advance.

    i have not seen support for WPA-PSK TKIP if your
    router and other devices support WEP 128bit
    encription use that... anything other then 128bit
    will not work.. took 2 hours of fussing to figure it
    out
    MacBook Pro 15inch
    Mac OS X (10.4.10)
    That is incorrect.
    I am running WPA and WPA2 (both on Apple wireless base stations), and was able to connect to both. The WPA one uses TKIP.
    Make sure you do not have the new ExtremeN if set to "N-only". It will not connect in that case, whether you are using 2.4 GHz or 5 GHz. In fact, it will probably never even see the AP in that case.

  • I have a 3rd generation iPod Touch and just did the update to IOS 5. Now I can't connect to my Netgear wifi router. My iPhone connects fine along with all of my other laptops etc. I have the router set with WPA-PSK [TKIP] security and an access list.

    I have a 3rd generation iPod Touch and just did the update to IOS 5. Now I can't connect to my Netgear wifi router. My iPhone connects fine along with all of my other laptops etc. I have the router set with WPA-PSK [TKIP] security and an access list. I've confirmed the mac address is included on that list and that the password is correct. Under choses netwrok I select the network and it just goes into a spin. I have tried removing the password and the access list settings and it still will not complete the connection to the router thus no internet access. The routers firmware is also up to date. This thing worked fine before this update and I've already tried to restore from backup. Any ideas or is the wifi nic bad in this thing with the new apple firmware update? Any fix?

    Thanks Bob, I don't know why but it all of a sudden worked a few days later. It's a mystery but at least problem solved.

  • Smart Phone O2, Dopod, iPaq can't authen with WPA-PSK(TKIP)

    I used Cisco AP 1100 and WPA-PSK (TKIP) My notebook can authenticated but smart phone can't it. I see log at AP "authentication failed" What happen?

    Hello,
    I have similar problem. We have wireless handhelds same firmware version however different types of wireless cards. The old type has Cisco AIronet 350 and the new ones have Wistron 802.11G. The new ones can authenticate successfully using WPA + TKIP. The old ones don't authenticate and I get authentication failure on the access point log.
    I appreciate if anybody can give me some ideas.
    Remark: I connected my laptop and directly connects as well. It is only the old type of handhelds having the Cisco Aironet 350.
    All handhelds have windows CE 5.0 and latest drivers and firmware installed.
    Thanks,

  • WLAN WPA-PSK TKIP and APPLE TV2

    Hi all,
    I have a ARCOR Wlan Router 200 (Zyxcel Prestige 660HW-T7) and a Apple TV2.
    I have WLAN running on WPA-PSK TKIP.
    I can conncet Sony Laptop and IPHONE 4 and Wii to WLAN but not APPLE TV2.
    It finds the WLAN I enter password correct but than it tells me that there is a problem and cannot connect.
    ESSID is not hidden.
    DHCP is on.
    Any solutions?

    ...with wire it works...

  • E52: cna't connect to Wi-Fi (WPA-PSK/TKIP)

    I can't connect to my Wi-Fi router.
    It is ASUS wl500gP with broadcom Wi-Fi module.
    It was set to support any b/g device. Auto b/g + 54G Protection is set. 
    Sec.mode is WPA-Personal. WPA is TKIP. WEP is 128 bits.
    Passphrase is set (afaik most OSes doesn't support passphrases for WEP)
    WEP keys 1-4 are set.
    WEP Pre-Shared key is set.
    Radio chanel is #9 (all my PDA and notebooks work with it)
    SSID is set and open 
    I can see my router in Wi-Fi list of networks.
    I select my network, 
    enter my Pre-Shared key.
    The mobile starts to login... and fails like there's no WLAN network. 
    Message Edited by hale on 22-Aug-2009 09:51 PM
    Nokia 640->>Siemens S35->>Siemens C55->>
    Siemens CX65->>Siemens S75 -x- Nokia E52:
    Nothing is smart in Smartphones!
    Solved!
    Go to Solution.

    austex09: "WLAN security mode has 4 options...."
    That is only your router/AP. More advanced h/w and s/w has more options.
    "How where do one set AES or TKIP? "
    Based on wireless network properties (say automatic)
     E52 is sertified as WPA2, so it MUST support all of the options by default. And there's no proplem to determine a subtype of the WPA/WPA2 network.
    "WPA2 only is off."
    Yes.
    Old devices like Winmobile PDA's doesn't support WPA2 and AES. So the network is configured as WPA.
    And there's no meaning in enabling this option untill you want to cut any connection with network.
    "Is a 63 bit alphanumeric key the problem?"
    Now I don't know. I was whrong in first guess about the key. Sorry. The problem s in TKIP itself.
    " IPv4 settings?"
    That is higher layer. Not physical. First you need to connect to AP.
    IPv4 fo 255.255.255.255 style addresses and a bunch of gateway settings. IPv6(very new and rare technology) IPs are longer and most options are automatic.
    "Had tried enabling the MAC filter f"
    what for? Of cource if filters MACS, including your mobile in that case.
    ... MACs must unique until you want to hack into someones network
    Linksys WRT54G is based on Broadcom (AFAIK). The same broadcom as mine in Asus WL500GP
    "With the paraphase, I guess I am supposed to enter the "converted value" of the paraphase?"
    No! I was wrong, as I said. It appeared to be just a simple ASCII string.
    Message Edited by hale on 24-Aug-2009 09:14 PM
    Nokia 640->>Siemens S35->>Siemens C55->>
    Siemens CX65->>Siemens S75 -x- Nokia E52:
    Nothing is smart in Smartphones!

  • WPA,WPA2,WPA-PSK support T43,T60,T61?

    Hello
    I got more than 1000 notebook mix with T43,T60 and T61 in my company.Are all this notebook moel support the WPA2 for the network wireless?

    my father has a T23 that i've installed an a/b/g card capable of WPA2-PSK.   again, support is determined by the card, not the computer.   the T43 will certainly support all of the standards mentioned above.
    thinkpad parts information can be found in the hardware maintenance manuals.   you'll have to search google for the various wireless card FRU numbers to determine their capabilities.   but, as i said above, every card i've seen from 2005 and newer have had support for WPA2-PSK at a minimum.
    ThinkStation C20
    ThinkPad X1C · X220 · X60T · s30 · 600

  • Satellite A100-003 WLAN connection timeout(with WPA-PSK)

    I have a Satellite A100-003 notebook with preinstalled Windows Vista.
    When I try connect to my router with WPA-PSK (TKIP) I have error:
    Wireless authentication failed because of a timeout.
    My notebook and router configurated correctly!! I installed new intel drivers for 3945ABG chip.
    WPA2-PSK and WEP work fine.

    Hi
    The same happened on my old notebook.
    I was not able to establish the WLan connection for longer than 1min with WPA encryption.
    I have downloaded the newest Atheros driver and updated everything.
    Everything works fine with WEP but not WPA.
    Then I have disabled the Windows own configuration option and use the Atheros client utility. Now everything works fine!
    I would recommend using the Intel Proset utility and check all possible settings!

  • E4200v2 - Cannot connect IP Camera w/ WPA-PSK

    I recently puchased a new E4200v2 router and one of the devices that I have on my network is a Level1 WCS-2040 wireless network camera.  My old router was a Netgear WPN-824.  I was able to (and I'm still able to) connect the camera to the Netgear router with WPA-PSK but not to the new E4200v2.  The only way for me to connect it to the new router is with WEP, which I obviously do not want.
    I'm at a loss for what the problem is because the setup is easily done.  I'm thinking it's an issue with the E4200v2 but I'm not sure what... hoping that the issue could be resolved in the next revision of the firmware.  I've tried WPA2/WPA Mixed Mode, WPA Personal (which I understand is the same thing as WPA-PSK) and WEP.  The camera supports WEP and WPA-PSK.  When I have the camera configured with WPA-PSK it simply isn't connecting to the E4200v2, only the old netgear.
    See screenshots below:
    Netgear router wireless config:
    Netgear router connected devices (shows laptop and wirelss camera):
    IP Camera config while connected to old router:
    IP Camera working on old network:
    E4200v2 wireless status:
    IP Camera config while connected to E4200v2 router (via wired connection, not wireless):
    When the wired connection is removed from the camera and powercycled, the E4200v2 does not list the camera as a connected device.  I've power cycled everything, multiple times and tried everything I know of.  What could be the problem?  Note that the MAC address for the camera is the same for both wired and wireless adapters.  Not sure what to do, any help would be appreciated.  And no, Password1 is not my default password... just what I was testing with for the purpose of screenshots.  
    Regards,
    Henrik Gustavsson

    The camera does not support WPA2, only WPA-PSK (TKIP) and WEP.  That being the case, I've tried it with the router in WPA2/WPA Mixed Mode and WPA Personal.  No dice...    Still only works with WEP.  Works with WPA-PSK on the old router just fine, just not the E4200v2.

  • Does HP Laserjet P1102w support WPAWPA2-PSK(TKIP/AES) ?

    Comcast recently replaced my router, and the new router is using WPAWPA2-PSK(TKIP/AES) encryption.
    When I go to the HTML Config > Networking > Wireless on the printer, I only see "WEP" as an encyption option. This doesn't seem compatible.  Any advice?

    Hi,
    Try selecting WPA-PSK [TKIP] + WPA2-PSK [AES]" instead of "WPA2-PSK" on wireless security setting on your wifi router.
    Although I am an HP employee, I am speaking for myself and not for HP.
    *Say thanks by clicking the "Kudos! Star" which is on the left*
    Make it easier for other people to find solutions, by marking my answer with "Accept as Solution" if it solves your issue.

  • Does WiFi adapter supports WPA-PSK encryption on Equium A100-147?

    I've decided to buy an Equium A100-147, but I'd like confirmation that the WiFi adapter supports WPA-PSK encryption. I can't find any confirmation anywhere. My guess is that it does, as it's a recent machine, but I'd like to be sure.
    Thanks once again.
    Doug

    Hi
    Im not 100% sure what WLan card was installed on this unit but I think it could be a Intel Wireless 3945ABG card.
    The Intel PRO/Wireless 3945ABG card supports WPA, WPA2, WPA-PSK encryption. I have found this info on the Intel site. You should also check it.
    But as I said above, Im not 100% sure about the Wlan card. In my knowledge many notebook series are delivered with different hardware configuration. That means that different Wlan cards can be used in notebook.

  • Wpa-psk troubles

    Hello everyone, i'm having troubles connecting to a netgear wpa-psk network. I know that the network name and password are correct but which ever network type i choose wpa/wpa2 personal or enterprise it does not work. i am running 10.5.3 and the router is just the other side of the room. Suggestions would be great. Thankyou

    I've seen similar problems using Airport to connect with my Netgear WNR3500 router. Basically, the only encryption option that works is WEP, which is no good for my printer! I've tried WPA Personal & WPA2 Personal and neither works even though my printer is connecting just fine with WPA2.
    I suspect Airport has issues with WPA/WPA2 and there appear to be no new fixes released for OS 10.4.11 on the Powerbook G4. The only way to get WPA/WPA2 to work with this Powerbook is to get another wireless NIC.
    Any suggestions would be welcome.
    Thanks

  • WPA-PSK w/ TKIP & WDS

    Is it possible to have a small number of standalone (no controller) AP's run WPA-PSK with TKIP and use one AP for WDS to enable fast roaming, but without having to have any kind of local or server based authentication ? I don't want to have to define logins for each user, I just want to use a single pre-shared key and need them to be able to roam seamlessly between APs.

    I understand that you want to implement layer 2 fast secure roaming without using a dot1x authentication. If this is correct, then I think you can do the configuration you have mentioned. But, for sure, fats secure roaming, th client and the Ap shuld support CCKM.

  • WPA-PSK with TKIP but without MIC

    Does WPA-PSK with TKIP encryption not support MIC?
    any input is very welcome
    Oliver

    WPA is a standardized mechanism for accomplishing a couple of things with respect to WLAN security:
    1) Uses a mixing function to create "key integrity" (TKIP)- this prevents "passive" WEP attacks
    2) Creates a "message integrity check", which prevents packet tampering, typically used for the purpose of inducing the system to send packets that could be used to compromise a WEP key

Maybe you are looking for

  • Problem with firefox

    www.google.com.au uses an invalid security certificate. The certificate does not come from a trusted source. (Error code: sec_error_inadequate_key_usage). My kids keep getting this message when they log into their user accounts and using firefox (IE1

  • Download header and date to excel

    i have an alv report i want whwn i download my alv to excel with push button ( standard) to get in the header of the excel HEADER an DATE how??? thanks....

  • My 5c intermittently has no sound. Is there an issue with the 5c?

    My 5c iphone intermittently has no sound. Is there an ongoing issue with the 5c?

  • Make all open finder windows come to the front?

    Things that used to be so simple on the Mac are now so complicated. I have a bunch of finder windows open. Most of them are hidden behind other application windows, like my browser. I used to be able to click anywhere on the desktop to make all windo

  • How can one edit a profile name in ACR?

    Both Adobe DNG Profile Utility and the PassPort profile software very nicely create and install profiles in ACR.  A profile name is given at the time of creation. Once installed in ACR, however, how can one edit the name of the profile? thanks, gramp