[Networkmanager] Cannot connect to an AP managed with NM and WPA
bgalvani at redhat.com
Thu Dec 22 08:46:48 UTC 2022
On Wed, Dec 21, 2022 at 07:02:57PM +0100, Krystian Heberlein wrote:
> Recently I was struggling to establish a connection with a WiFi Access
> Point managed by NetworkManager with WPA supplicant plugin.
> Although most available devices are able to connect with the AP, my
> RasberryPi 4B won't cooperate.
> On the RPi4 I'm trying to connect as a client with WPA supplicant, but
> constantly the association gets rejected:
the message about an invalid MIC can be caused either by a wrong
password (but I suppose you checked that) or by a different
key-management protocols selected on AP and STA. This last problem was
supposedly fixed by commits , which are already included in NM
Since you said that the same client is able to connect when using NM
but not with wpa_supplicant alone, I would compare wpa_supplicant
configuration with the the one sent by NM to the supplicant. After
connecting with NM, do:
# journalctl -u NetworkManager -e | grep "Config: added "
<info> [1671697112.3658] Config: added 'ssid' value 'Hotspot'
<info> [1671697112.3658] Config: added 'mode' value '2'
<info> [1671697112.3658] Config: added 'frequency' value '2462'
<info> [1671697112.3658] Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 SAE'
<info> [1671697112.3658] Config: added 'psk' value '<hidden>'
<info> [1671697112.3658] Config: added 'proto' value 'RSN'
<info> [1671697112.3658] Config: added 'pairwise' value 'CCMP'
<info> [1671697112.3659] Config: added 'group' value 'CCMP'
and compare the values with wpa_supplicant configuration.
If you have SAE in "key_mgmt", that could be the cause of the issue.
NM adds SAE automatically when it detects it is supported by the
supplicant; however if you disable PMF that would also disable SAE:
nmcli connection modify Hotspot wifi-sec.pmf disable
nmcli connection up Hotspot
If none of the suggestions above work, increase the logging level of
wpa_supplicant on both AP and client with:
# busctl set-property fi.w1.wpa_supplicant1 /fi/w1/wpa_supplicant1 fi.w1.wpa_supplicant1 DebugLevel s excessive
then try to connect and analyze logs.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Networkmanager