[2.3.5] Not able to connect via WPA2 - Handshake 1/4 EAPOL-Key timeout
-
Hi,
I recently updated from a 2.2.X to a 2.3.5-RELEASE-p2
The same WIFI config worked before now in 2.3.5, I'm unable to connect to the AP via WIFI and WPA2.On the client side it says the password is incorrect.
On the AP side, in the wireless logs, I get "WPA: EAPOL-Key timeout"
The DHCP server is enabled on the interface and there are no logs.
I also noticed i'm able to connect when disabling security. WPA also does not work
I have 3 WLAN interfaces defined on the same physical ath0 network port. Only the one on the physical network port works. The other 2 seems to experience the same behaviorDo you have an idea how to debug this?
Seems to me the AP sends the EAPOL-Key ANounce to the client but the EAPOL-Key SNounce is not received soon enough.
So the EAPOL-Key ANounce might be lost
I don't see any packets on the client side (maybe I'm not using wireshark correctly)2.3.5-RELEASE-p2 (i386)
built on Thu May 10 15:03:18 CDT 2018
FreeBSD 10.3-RELEASE-p29
nanobsd (4g)My configuration
[2.3.5-RELEASE][root@pfSense]/var/etc: cat /var/etc/hostapd_ath0_wlan1.conf
interface=ath0_wlan1
driver=bsd
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=0
dump_file=/tmp/hostapd_ath0_wlan1.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
#accept_mac_file=/tmp/hostapd_ath0_wlan1.accept
#deny_mac_file=/tmp/hostapd_ath0_wlan1.deny
#macaddr_acl=
ssid=MySSID
debug=
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
wpa_group_rekey=60
wpa_gmk_rekey=3600
wpa_strict_rekey=
wpa_passphrase=12345678I tried to run with more debug flags:
ps -auwwx | grep hostapd
root 38155 0.0 0.9 12780 4540 - Ss 3:39PM 0:00.64 /usr/local/sbin/hostapd -B -P /var/run/hostapd_ath0_wlan1.pid /var/etc/hostapd_ath0_wlan1.conf
cat /var/run/hostapd_ath0_wlan1.pid | xargs kill -9; rm /var/run/hostapd_ath0_wlan1.pid
/usr/local/sbin/hostapd -BddKt -P /var/run/hostapd_ath0_wlan1.pid /var/etc/hostapd_ath0_wlan1.confps -auwwx | grep hostapd
root 27826 1.2 0.9 12780 4528 - Ss 7:40PM 0:00.00 /usr/local/sbin/hostapd -BddKt -P /var/run/hostapd_ath0_wlan1.pid /var/etc/hostapd_ath0_wlan1.conf
clog -f /var/log/wireless.log | grep ath0_wlan1
Aug 20 17:39:59 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 IEEE 802.11: associated
Aug 20 17:39:59 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: event 1 notification
Aug 20 17:39:59 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: start authentication
Aug 20 17:39:59 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 IEEE 802.1X: unauthorizing port
Aug 20 17:39:59 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: sending 1/4 msg of 4-Way Handshake
Aug 20 17:40:00 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: EAPOL-Key timeout
Aug 20 17:40:00 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: sending 1/4 msg of 4-Way Handshake
Aug 20 17:40:01 pfSense hostapd: ath0_wlan1: WPA rekeying GTK
Aug 20 17:40:01 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: Not in PTKINITDONE; skip Group Key update
Aug 20 17:40:01 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: EAPOL-Key timeout
Aug 20 17:40:01 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: sending 1/4 msg of 4-Way Handshake
Aug 20 17:40:02 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: EAPOL-Key timeout
Aug 20 17:40:02 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: sending 1/4 msg of 4-Way Handshake
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: EAPOL-Key timeout
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: PTKSTART: Retry limit 4 reached
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 WPA: event 3 notification
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 IEEE 802.1X: unauthorizing port
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 MLME: MLME-DEAUTHENTICATE.indication(c4:85:08:30:a0:61, 2)
Aug 20 17:40:03 pfSense hostapd: ath0_wlan1: STA c4:85:08:30:a0:61 MLME: MLME-DELETEKEYS.request(c4:85:08:30:a0:61)