Linksys MR8300 client connection to WPA2 Enterprise Network

Installing and Using OpenWrt Network and Wireless Configuration
1

Hi,

I am looking for some help troubleshooting a client connection to a WPA2 Enterprise (802.1x) network using a MR8300 router. I have the following versions:

firmware: OpenWrt version OpenWrt SNAPSHOT r15817-d02088762a / LuCI openwrt-21.02 branch git-21.044.37257-ccdca27

kernel: 5.4.98

antenna/chipset: Qualcomm Atheros IPQ4019 802.11bgn

I am using the above radio to connect to a 2.4GHz 802.1x network, but have been unsuccessful so far. Here is the logread from the router trying to connect:

18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: SME: Trying to authenticate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)
18:48:34 2021 kern.info kernel: [ 2483.005412] wlan1: authenticate with f0:b2:e5:c3:a0:40
18:48:34 2021 kern.info kernel: [ 2483.233820] wlan1: send auth to f0:b2:e5:c3:a0:40 (try 1/3)
18:48:34 2021 kern.info kernel: [ 2483.240714] wlan1: authenticated
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: Trying to associate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)
18:48:34 2021 kern.info kernel: [ 2483.249830] wlan1: associate with f0:b2:e5:c3:a0:40 (try 1/3)
18:48:34 2021 kern.info kernel: [ 2483.261471] wlan1: RX AssocResp from f0:b2:e5:c3:a0:40 (capab=0x431 status=0 aid=1)
18:48:34 2021 kern.warn kernel: [ 2483.262695] ath10k_ahb a000000.wifi: pdev param 0 not supported by firmware
18:48:34 2021 kern.warn kernel: [ 2483.267996] ath10k_ahb a000000.wifi: failed to enable peer stats info: -95
18:48:34 2021 kern.info kernel: [ 2483.277589] wlan1: associated
18:48:34 2021 daemon.notice netifd: Network device 'wlan1' link is up
18:48:34 2021 daemon.notice netifd: Interface 'wan' has link connectivity
18:48:34 2021 daemon.notice netifd: Interface 'wan' is setting up now
18:48:34 2021 daemon.notice netifd: Interface 'wan6' has link connectivity
18:48:34 2021 daemon.notice netifd: Interface 'wan6' is setting up now
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: Associated with f0:b2:e5:c3:a0:40
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
18:48:34 2021 daemon.notice netifd: wan (22427): udhcpc: started, v1.33.0
18:48:34 2021 daemon.err odhcp6c[22431]: Failed to send RS (Permission denied)
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority'
18:48:34 2021 daemon.notice netifd: wan (22427): udhcpc: sending discover
18:48:34 2021 daemon.notice wpa_supplicant[19419]: wlan1: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=US/ST=MI/L=Ann Arbor/O=Internet2/OU=InCommon/CN=InCommon RSA Server CA'
18:48:34 2021 daemon.err odhcp6c[22431]: Failed to send SOLICIT message to ff02::1:2 (Permission denied)
18:48:35 2021 kern.info kernel: [ 2483.583584] wlan1: deauthenticating from f0:b2:e5:c3:a0:40 by local choice (Reason: 3=DEAUTH_LEAVING)
18:48:35 2021 kern.info kernel: [ 2483.670652] ath10k_ahb a000000.wifi: mac flush vdev 0 drop 1 queues 0x1 ar->paused: 0x0  arvif->paused: 0x0
18:48:35 2021 kern.info kernel: [ 2483.671778] ath10k_ahb a000000.wifi: mac flush vdev 0 drop 0 queues 0x1 ar->paused: 0x0  arvif->paused: 0x0
18:48:35 2021 kern.warn kernel: [ 2483.710309] ath10k_ahb a000000.wifi: peer-unmap-event: unknown peer id 1
18:48:35 2021 daemon.err odhcp6c[22431]: Failed to send RS (Permission denied)
18:48:35 2021 daemon.notice netifd: Network device 'wlan1' link is down
18:48:35 2021 daemon.notice netifd: Interface 'wan' has link connectivity loss
18:48:35 2021 daemon.notice netifd: Interface 'wan6' has link connectivity loss
18:48:35 2021 kern.info kernel: [ 2483.735971] ath10k_ahb a000000.wifi: mac flush null vif, drop 0 queues 0xffff
18:48:35 2021 daemon.notice netifd: wan (22427): udhcpc: received SIGTERM
18:48:35 2021 daemon.notice netifd: wan (22427): udhcpc: entering released state
18:48:35 2021 daemon.notice netifd: wan (22427): Command failed: Permission denied
18:48:35 2021 daemon.notice netifd: Interface 'wan' is now down
18:48:35 2021 daemon.err odhcp6c[22431]: Failed to send SOLICIT message to ff02::1:2 (Permission denied)
18:48:35 2021 daemon.notice netifd: Interface 'wan6' is now down
18:48:35 2021 daemon.notice netifd: radio1 (22465): Command failed: Not found
18:48:36 2021 daemon.notice netifd: Interface 'wan6' is disabled
18:48:36 2021 daemon.notice wpa_supplicant[22480]: supp-global-ctrl-iface-init(/var/run/wpa_supplicant/global) (will try fixup): bind(PF_UNIX): Address in use
18:48:36 2021 daemon.notice wpa_supplicant[22480]: Successfully initialized wpa_supplicant
18:48:38 2021 kern.warn kernel: [ 2486.587949] ath10k_ahb a000000.wifi: 10.4 wmi init: vdevs: 16  peers: 48  tid: 96
18:48:38 2021 kern.warn kernel: [ 2486.587999] ath10k_ahb a000000.wifi: msdu-desc: 2500  skid: 32
18:48:38 2021 kern.info kernel: [ 2486.639231] ath10k_ahb a000000.wifi: wmi print 'P 48/48 V 16 K 144 PH 176 T 186  msdu-desc: 2500  sw-crypt: 0 ct-sta: 0'
18:48:38 2021 kern.info kernel: [ 2486.639792] ath10k_ahb a000000.wifi: wmi print 'free: 53252 iram: 13432 sram: 35752'
18:48:38 2021 kern.info kernel: [ 2486.998422] ath10k_ahb a000000.wifi: rts threshold -1
18:48:38 2021 kern.warn kernel: [ 2487.004841] ath10k_ahb a000000.wifi: Firmware lacks feature flag indicating a retry limit of > 2 is OK, requested limit: 4
18:48:38 2021 daemon.notice netifd: radio1 (22481): sh: out of range
18:48:38 2021 daemon.notice netifd: Interface 'wan6' is enabled
18:48:39 2021 daemon.notice wpa_supplicant[22480]: wlan1: SME: Trying to authenticate with f0:b2:e5:c3:a0:40 (SSID='XXXXX' freq=2412 MHz)

Here is my /etc/config/network:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd2:cb24:2890::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.2.1'

config interface 'wan'
	option proto 'dhcp'
	option hostname '*'

config interface 'wan6'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 0'

And /etc/config/wireless: (wifinet3 is the relevant wifi-iface)

config wifi-device 'radio0'
	option type 'mac80211'
	option hwmode '11a'
	option path 'soc/40000000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
	option htmode 'VHT80'
	option channel '136'
	option cell_density '0'
	option country 'US'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'XXXXX'
	option key 'XXXXX'
	option encryption 'sae-mixed'
	option ieee80211w '1'

config wifi-device 'radio1'
	option type 'mac80211'
	option hwmode '11g'
	option path 'platform/soc/a000000.wifi'
	option country 'US'
	option cell_density '0'
	option htmode 'HT40'
	option channel 'auto'
	option disabled '1'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'XXXXX'
	option encryption 'psk2'
	option key 'XXXXX'
	option disabled '1'

config wifi-device 'radio2'
	option type 'mac80211'
	option channel '36'
	option hwmode '11a'
	option path 'platform/soc/a800000.wifi'
	option htmode 'VHT80'
	option disabled '1'

config wifi-iface 'default_radio2'
	option device 'radio2'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

config wifi-iface 'wifinet3'
	option device 'radio1'
	option mode 'sta'
	option ssid 'XXXXX'
	option encryption 'wpa2'
	option identity 'XXXXX'
	option eap_type 'peap'
	option auth 'EAP-MSCHAPV2'
	option password 'XXXXX'
	option anonymous_identity 'XXXXX'
	list altsubject_match 'DNS:XXXXX'
	list altsubject_match 'DNS:XXXXX'
	list altsubject_match 'DNS:XXXXX'
	list altsubject_match 'DNS:XXXXX'
	list altsubject_match 'DNS:XXXXX'
	option bssid 'F0:B2:E5:C3:A0:40'
	option network 'wan wan6'
	option wpa_group_rekey '3600'
	option disassoc_low_ack '0'

Any help or suggestions would be greatly appreciated. Thanks in advance!