networkmanager can't use PEAP or TTLS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
NetworkManager |
Fix Released
|
Unknown
|
|||
knetworkmanager (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
network-manager (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: network-manager
networkmanager doesn't seem to be able to connect to a WPA Enterprise wireless network using PEAP or TTLS. wpasupplicant, used alone, can connect. However, neither knetworkmanager nor nm-applet seem to be able to make network manager connect. This may be a local configuration PEBCAK, but if so I don't see what's wrong.
When networkmanager fails to connect, it waits about 2 minutes for the attempt to time out. Based on /var/log/
Using the madwifi driver (atheros 802.11a/b/g chipset). Config file snippets follow.
Using the latest feisty packages:
network-manager 0.6.4-6ubuntu7
knetworkmanager 0.1-0ubuntu12
network-
wpasupplicant 0.5.7-0ubuntu2
The following wpasupplicant config works against a local WPA-EAP/PEAP network (which network manager cannot use):
network={
scan_ssid=1
eap=PEAP
group=TKIP
priority=5
}
The following wpasupplicant config authenticates against a local WPA-EAP/TTLS network (which networkmanager seems to be unable to use):
network={
eap=TTLS
group=TKIP
priority=10
}
Here's my /etc/network/
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
auto eth2
iface eth2 inet dhcp
auto ath0
iface ath0 inet dhcp
auto wlan0
iface wlan0 inet dhcp
Changed in network-manager: | |
status: | Unknown → New |
Changed in network-manager: | |
status: | New → Confirmed |
Changed in network-manager: | |
status: | Confirmed → Fix Released |
I can confirm this.
I spent the better part of today trying to connect to my University's TTLS network before figuring it out via wpa_supplicant.
Here is my wpa_supplicant configuration:
ctrl_interface_ group=0 /var/run/ wpa_supplicant
ssid=" My-SSID"
key_mgmt= WPA-EAP
pairwise= TKIP
ca_cert= "/tmp/rootca. cer"
identity= "<username> "
password= "<password> "
phase2= "auth=PAP"
ctrl_interface=
eapol_version=1
ap_scan=1
fast_reauth=1
network={
proto=WPA
group=TKIP
eap=TTLS
priority=2
}
It is run with:
sudo wpa_supplicant -D wext -i ath0 -c /etc/wpa_ supplicant/ supp.conf
and works perfectly. However, when I enter the same info into NetworkManager, it tries but eventually gives up.
One thing I noticed is that without the option:
pairwise=TKIP
It would not work. I do not know how to investigate what parameters NM is passing to wpa_supplicant, but if it omits that one, things will probably not work.
This would be a wonderful fix to have, since doing this manually requires I kill NM and do it myself instead, not preferable.