Hi,
I am looking for some help troubleshooting a client connection to a WPA2 Enterprise (802.1x) network using a MR8300 router. I have the following versions:
firmware: OpenWrt version OpenWrt SNAPSHOT r15817-d02088762a / LuCI openwrt-21.02 branch git-21.044.37257-ccdca27
kernel: 5.4.98
antenna/chipset: Qualcomm Atheros IPQ4019 802.11bgn
I am using the above radio to connect to a 2.4GHz 802.1x network, but have been unsuccessful so far. Here is the logread from the router trying to connect:
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: SME: Trying to authenticate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)
18:48:34 2021 kern.info kernel: [ 2483.005412] wlan1: authenticate with f0:b2:e5:c3:a0:40
18:48:34 2021 kern.info kernel: [ 2483.233820] wlan1: send auth to f0:b2:e5:c3:a0:40 (try 1/3)
18:48:34 2021 kern.info kernel: [ 2483.240714] wlan1: authenticated
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: Trying to associate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)
18:48:34 2021 kern.info kernel: [ 2483.249830] wlan1: associate with f0:b2:e5:c3:a0:40 (try 1/3)
18:48:34 2021 kern.info kernel: [ 2483.261471] wlan1: RX AssocResp from f0:b2:e5:c3:a0:40 (capab=0x431 status=0 aid=1)
18:48:34 2021 kern.warn kernel: [ 2483.262695] ath10k_ahb a000000.wifi: pdev param 0 not supported by firmware
18:48:34 2021 kern.warn kernel: [ 2483.267996] ath10k_ahb a000000.wifi: failed to enable peer stats info: -95
18:48:34 2021 kern.info kernel: [ 2483.277589] wlan1: associated
18:48:34 2021 daemon.notice netifd: Network device 'wlan1' link is up
18:48:34 2021 daemon.notice netifd: Interface 'wan' has link connectivity
18:48:34 2021 daemon.notice netifd: Interface 'wan' is setting up now
18:48:34 2021 daemon.notice netifd: Interface 'wan6' has link connectivity
18:48:34 2021 daemon.notice netifd: Interface 'wan6' is setting up now
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: Associated with f0:b2:e5:c3:a0:40
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
18:48:34 2021 daemon.notice netifd: wan (22427): udhcpc: started, v1.33.0
18:48:34 2021 daemon.err odhcp6c[22431]: Failed to send RS (Permission denied)
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority'
18:48:34 2021 daemon.notice netifd: wan (22427): udhcpc: sending discover
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=US/ST=MI/L=Ann Arbor/O=Internet2/OU=InCommon/CN=InCommon RSA Server CA'
18:48:34 2021 daemon.err odhcp6c[22431]: Failed to send SOLICIT message to ff02::1:2 (Permission denied)
18:48:35 2021 kern.info kernel: [ 2483.583584] wlan1: deauthenticating from f0:b2:e5:c3:a0:40 by local choice (Reason: 3=DEAUTH_LEAVING)
18:48:35 2021 kern.info kernel: [ 2483.670652] ath10k_ahb a000000.wifi: mac flush vdev 0 drop 1 queues 0x1 ar->paused: 0x0 arvif->paused: 0x0
18:48:35 2021 kern.info kernel: [ 2483.671778] ath10k_ahb a000000.wifi: mac flush vdev 0 drop 0 queues 0x1 ar->paused: 0x0 arvif->paused: 0x0
18:48:35 2021 kern.warn kernel: [ 2483.710309] ath10k_ahb a000000.wifi: peer-unmap-event: unknown peer id 1
18:48:35 2021 daemon.err odhcp6c[22431]: Failed to send RS (Permission denied)
18:48:35 2021 daemon.notice netifd: Network device 'wlan1' link is down
18:48:35 2021 daemon.notice netifd: Interface 'wan' has link connectivity loss
18:48:35 2021 daemon.notice netifd: Interface 'wan6' has link connectivity loss
18:48:35 2021 kern.info kernel: [ 2483.735971] ath10k_ahb a000000.wifi: mac flush null vif, drop 0 queues 0xffff
18:48:35 2021 daemon.notice netifd: wan (22427): udhcpc: received SIGTERM
18:48:35 2021 daemon.notice netifd: wan (22427): udhcpc: entering released state
18:48:35 2021 daemon.notice netifd: wan (22427): Command failed: Permission denied
18:48:35 2021 daemon.notice netifd: Interface 'wan' is now down
18:48:35 2021 daemon.err odhcp6c[22431]: Failed to send SOLICIT message to ff02::1:2 (Permission denied)
18:48:35 2021 daemon.notice netifd: Interface 'wan6' is now down
18:48:35 2021 daemon.notice netifd: radio1 (22465): Command failed: Not found
18:48:36 2021 daemon.notice netifd: Interface 'wan6' is disabled
18:48:36 2021 daemon.notice wpa_supplicant[22480]: supp-global-ctrl-iface-init(/var/run/wpa_supplicant/global) (will try fixup): bind(PF_UNIX): Address in use
18:48:36 2021 daemon.notice wpa_supplicant[22480]: Successfully initialized wpa_supplicant
18:48:38 2021 kern.warn kernel: [ 2486.587949] ath10k_ahb a000000.wifi: 10.4 wmi init: vdevs: 16 peers: 48 tid: 96
18:48:38 2021 kern.warn kernel: [ 2486.587999] ath10k_ahb a000000.wifi: msdu-desc: 2500 skid: 32
18:48:38 2021 kern.info kernel: [ 2486.639231] ath10k_ahb a000000.wifi: wmi print 'P 48/48 V 16 K 144 PH 176 T 186 msdu-desc: 2500 sw-crypt: 0 ct-sta: 0'
18:48:38 2021 kern.info kernel: [ 2486.639792] ath10k_ahb a000000.wifi: wmi print 'free: 53252 iram: 13432 sram: 35752'
18:48:38 2021 kern.info kernel: [ 2486.998422] ath10k_ahb a000000.wifi: rts threshold -1
18:48:38 2021 kern.warn kernel: [ 2487.004841] ath10k_ahb a000000.wifi: Firmware lacks feature flag indicating a retry limit of > 2 is OK, requested limit: 4
18:48:38 2021 daemon.notice netifd: radio1 (22481): sh: out of range
18:48:38 2021 daemon.notice netifd: Interface 'wan6' is enabled
18:48:39 2021 daemon.notice wpa_supplicant[22480]: wlan1: SME: Trying to authenticate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)
Here is my /etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd2:cb24:2890::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.2.1'
config interface 'wan'
option proto 'dhcp'
option hostname '*'
config interface 'wan6'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 0'
And /etc/config/wireless: (wifinet3 is the relevant wifi-iface)
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11a'
option path 'soc/40000000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'VHT80'
option channel '136'
option cell_density '0'
option country 'US'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'XXXXX'
option key 'XXXXX'
option encryption 'sae-mixed'
option ieee80211w '1'
config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11g'
option path 'platform/soc/a000000.wifi'
option country 'US'
option cell_density '0'
option htmode 'HT40'
option channel 'auto'
option disabled '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'XXXXX'
option encryption 'psk2'
option key 'XXXXX'
option disabled '1'
config wifi-device 'radio2'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'platform/soc/a800000.wifi'
option htmode 'VHT80'
option disabled '1'
config wifi-iface 'default_radio2'
option device 'radio2'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
config wifi-iface 'wifinet3'
option device 'radio1'
option mode 'sta'
option ssid 'XXXXX'
option encryption 'wpa2'
option identity 'XXXXX'
option eap_type 'peap'
option auth 'EAP-MSCHAPV2'
option password 'XXXXX'
option anonymous_identity 'XXXXX'
list altsubject_match 'DNS:XXXXX'
list altsubject_match 'DNS:XXXXX'
list altsubject_match 'DNS:XXXXX'
list altsubject_match 'DNS:XXXXX'
list altsubject_match 'DNS:XXXXX'
option bssid 'F0:B2:E5:C3:A0:40'
option network 'wan wan6'
option wpa_group_rekey '3600'
option disassoc_low_ack '0'
Any help or suggestions would be greatly appreciated. Thanks in advance!