After upgrade to 15.10 Wifi to a corporate network (WPA2) is not working anymore

networking wireless upgrade 15.10 wpa2

6,530

Solution 1

I got the same issue here: The problem is the wpa_supplicant 2.4 as you can read here: http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Internal-radius-server-incompatibility-with-the-new-wpa/td-p/236602

If you do a downgrade to 2.3 this problem will be resolve !

Solution 2

The problem is that some routers and/or access points uses WPA2 Enterprise with weak DH key and Network Manager 2.4 doesn't connect to those networks.

Normally this issue happening on Ubuntu >= 15.10. At the moment, a temporary workaround is to downgrade wpa_supplicant to 2.1 (from Ubuntu 15.04) with the following instructions:

echo "deb http://london.mirrors.linode.com/ubuntu/ vivid main" | sudo tee /etc/apt/sources.list.d/vivid.list
echo -e "Package: *\nPin: release o=Ubuntu,n=vivid\nPin-Priority: -1" | sudo tee cat /etc/apt/preferences.d/vivid
sudo apt-get update
sudo apt-get install wpasupplicant=2.1-0ubuntu7
sudo apt-mark hold wpasupplicant
sudo /etc/init.d/network-manager restart

References:

6,530

Cees Bos

Updated on September 18, 2022

Comments

Cees Bos over 1 year

Last Friday I updated to Ubuntu 15.10. At that moment I was connected to a corporate network with Wifi. After upgrade it is not working anymore.

Configuration for the wifi connection:
Security: WPA & WPA2 Enterprise
Authentication: Protected EAP (PEAP)
Checkbox No CA certificate required.

PEAP version. I tried all 3 options: Auto, version 0 and version 1.
Inner authentication: MSCHAPv2

Username and password are stored. I can still connect to the wifi with my phone with the same credentials.

This is what I see in the syslog:

Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: SME: Trying to authenticate with b4:14:89:d1:2f:21 (SSID='CorporateNetwork' freq=2437 MHz)
Oct 26 07:27:01 mymachine kernel: [ 3144.862773] wlan0: authenticate with b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine kernel: [ 3144.878081] wlan0: direct probe to b4:14:89:d1:2f:21 (try 1/3)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: disconnected -> authenticating
Oct 26 07:27:01 mymachine kernel: [ 3145.081778] wlan0: direct probe to b4:14:89:d1:2f:21 (try 2/3)
Oct 26 07:27:01 mymachine kernel: [ 3145.285917] wlan0: send auth to b4:14:89:d1:2f:21 (try 3/3)
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: Trying to associate with b4:14:89:d1:2f:21 (SSID='CorporateNetwork' freq=2437 MHz)
Oct 26 07:27:01 mymachine kernel: [ 3145.304765] wlan0: authenticated
Oct 26 07:27:01 mymachine kernel: [ 3145.305931] wlan0: associate with b4:14:89:d1:2f:21 (try 1/3)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: authenticating -> associating
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: Associated with b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine kernel: [ 3145.340295] wlan0: RX AssocResp from b4:14:89:d1:2f:21 (capab=0x431 status=0 aid=2)
Oct 26 07:27:01 mymachine kernel: [ 3145.340396] wlan0: associated
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=NL
Oct 26 07:27:01 mymachine kernel: [ 3145.345160] cfg80211: Regulatory domain changed to country: NL
Oct 26 07:27:01 mymachine kernel: [ 3145.345166] cfg80211:  DFS Master region: ETSI
Oct 26 07:27:01 mymachine kernel: [ 3145.345168] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
Oct 26 07:27:01 mymachine kernel: [ 3145.345173] cfg80211:   (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
Oct 26 07:27:01 mymachine kernel: [ 3145.345176] cfg80211:   (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A)
Oct 26 07:27:01 mymachine kernel: [ 3145.345180] cfg80211:   (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s)
Oct 26 07:27:01 mymachine kernel: [ 3145.345183] cfg80211:   (5490000 KHz - 5710000 KHz @ 160000 KHz), (N/A, 2700 mBm), (0 s)
Oct 26 07:27:01 mymachine kernel: [ 3145.345185] cfg80211:   (57000000 KHz - 66000000 KHz @ 2160000 KHz), (N/A, 4000 mBm), (N/A)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: associating -> associated
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
Oct 26 07:27:01 mymachine kernel: [ 3145.396028] wlan0: Limiting TX power to 2 dBm as advertised by b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3' hash=64903546a58058d1e6f1bead1134ede66a6831d231f0df8d4e28535d7a300496
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='...stripped...' hash=abf1a463f10887c64e4858fb5a06c7016426508815ce324b4f7cea269b1fc029
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:...stripped...
Oct 26 07:27:01 mymachine kernel: [ 3145.498685] wlan0: Limiting TX power to 2 dBm as advertised by b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine wpa_supplicant[974]: SSL: SSL3 alert: read (remote end reported an error):unknown:unknown
Oct 26 07:27:01 mymachine wpa_supplicant[974]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:illegal parameter
Oct 26 07:27:01 mymachine wpa_supplicant[974]: OpenSSL: openssl_handshake - SSL_connect error:140940F6:SSL routines:ssl3_read_bytes:unknown alert type
Oct 26 07:27:09 mymachine kernel: [ 3153.136903] [drm:intel_pipe_update_end [i915]] *ERROR* Atomic update failure on pipe B (start=185389 end=185390)
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  (wlan0): Activation: (wifi) association took too long
Oct 26 07:27:25 mymachine NetworkManager[828]: <info>  (wlan0): device state change: config -> need-auth (reason 'none') [50 60 0]
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  (wlan0): Activation: (wifi) asking for new secrets
Oct 26 07:27:25 mymachine kernel: [ 3169.209119] wlan0: deauthenticating from b4:14:89:d1:2f:21 by local choice (Reason: 3=DEAUTH_LEAVING)
Oct 26 07:27:25 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-DISCONNECTED bssid=b4:14:89:d1:2f:21 reason=3 locally_generated=1
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  Connection disconnected (reason -3)
Oct 26 07:27:25 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: associated -> disconnected
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  Failed to GDBus.Error:fi.w1.wpa_supplicant1.NotConnected: This interface is not connected: disconnect.
Oct 26 07:27:25 mymachine gnome-session[1578]: nm-applet-Message: New secrets for CorporateNetwork/802-1x requested; ask the user

What can I do to be able to connect again?

Eric Mendes over 8 years

Use in fedora is quite simple to do that. But using Ubuntu the only solution I know is uninstall the wpa_supplicant e installing the "old one" apt-get install wpa_supplicant=2.3
T. Verron over 8 years

@CeesBos Did you find the 2.3 version? I was only able to find the 2.1 version from the 15.04 repositories, it seems to work fine as well.
Cees Bos over 8 years

I used version 2.1 from Ubuntu 15.04, that is working fine for me. packages.ubuntu.com/vivid-updates/net/wpasupplicant
mkasberg over 8 years

I believe this is the related bug: bugs.launchpad.net/ubuntu/+source/wpa/+bug/1501588
mkasberg over 8 years

I can confirm that this worked for me as well. I used the 2.1 version suggested by Cees Bos.
Jrom over 8 years

Using the 2.1 version of wpasupplicant works (note there is no underscore in the package name)
Laurens almost 6 years

This fix no longer works in Ubuntu 18.04, see this related question : askubuntu.com/questions/1046810/…