it-swarm.com.de

Nach dem Upgrade auf 15.10 funktioniert WLAN in einem Firmennetzwerk (WPA2) nicht mehr

Letzten Freitag habe ich auf Ubuntu 15.10 aktualisiert. In diesem Moment war ich mit Wifi mit einem Unternehmensnetzwerk verbunden. Nach dem Upgrade funktioniert es nicht mehr.

Konfiguration für die WLAN-Verbindung:
Sicherheit: WPA & WPA2 Enterprise
Authentifizierung: Protected EAP (PEAP)
Kontrollkästchen Kein CA-Zertifikat erforderlich.

PEAP-Version. Ich habe alle 3 Optionen ausprobiert: Auto, Version 0 und Version 1.
Innere Authentifizierung: MSCHAPv2

Benutzername und Passwort werden gespeichert. Ich kann mit meinem Telefon immer noch mit denselben Anmeldeinformationen eine Verbindung zum WLAN herstellen.

Folgendes sehe ich im Syslog:

Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: SME: Trying to authenticate with b4:14:89:d1:2f:21 (SSID='CorporateNetwork' freq=2437 MHz)
Oct 26 07:27:01 mymachine kernel: [ 3144.862773] wlan0: authenticate with b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine kernel: [ 3144.878081] wlan0: direct probe to b4:14:89:d1:2f:21 (try 1/3)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: disconnected -> authenticating
Oct 26 07:27:01 mymachine kernel: [ 3145.081778] wlan0: direct probe to b4:14:89:d1:2f:21 (try 2/3)
Oct 26 07:27:01 mymachine kernel: [ 3145.285917] wlan0: send auth to b4:14:89:d1:2f:21 (try 3/3)
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: Trying to associate with b4:14:89:d1:2f:21 (SSID='CorporateNetwork' freq=2437 MHz)
Oct 26 07:27:01 mymachine kernel: [ 3145.304765] wlan0: authenticated
Oct 26 07:27:01 mymachine kernel: [ 3145.305931] wlan0: associate with b4:14:89:d1:2f:21 (try 1/3)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: authenticating -> associating
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: Associated with b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine kernel: [ 3145.340295] wlan0: RX AssocResp from b4:14:89:d1:2f:21 (capab=0x431 status=0 aid=2)
Oct 26 07:27:01 mymachine kernel: [ 3145.340396] wlan0: associated
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=NL
Oct 26 07:27:01 mymachine kernel: [ 3145.345160] cfg80211: Regulatory domain changed to country: NL
Oct 26 07:27:01 mymachine kernel: [ 3145.345166] cfg80211:  DFS Master region: ETSI
Oct 26 07:27:01 mymachine kernel: [ 3145.345168] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
Oct 26 07:27:01 mymachine kernel: [ 3145.345173] cfg80211:   (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
Oct 26 07:27:01 mymachine kernel: [ 3145.345176] cfg80211:   (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A)
Oct 26 07:27:01 mymachine kernel: [ 3145.345180] cfg80211:   (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s)
Oct 26 07:27:01 mymachine kernel: [ 3145.345183] cfg80211:   (5490000 KHz - 5710000 KHz @ 160000 KHz), (N/A, 2700 mBm), (0 s)
Oct 26 07:27:01 mymachine kernel: [ 3145.345185] cfg80211:   (57000000 KHz - 66000000 KHz @ 2160000 KHz), (N/A, 4000 mBm), (N/A)
Oct 26 07:27:01 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: associating -> associated
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
Oct 26 07:27:01 mymachine kernel: [ 3145.396028] wlan0: Limiting TX power to 2 dBm as advertised by b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3' hash=64903546a58058d1e6f1bead1134ede66a6831d231f0df8d4e28535d7a300496
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='...stripped...' hash=abf1a463f10887c64e4858fb5a06c7016426508815ce324b4f7cea269b1fc029
Oct 26 07:27:01 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:...stripped...
Oct 26 07:27:01 mymachine kernel: [ 3145.498685] wlan0: Limiting TX power to 2 dBm as advertised by b4:14:89:d1:2f:21
Oct 26 07:27:01 mymachine wpa_supplicant[974]: SSL: SSL3 alert: read (remote end reported an error):unknown:unknown
Oct 26 07:27:01 mymachine wpa_supplicant[974]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:illegal parameter
Oct 26 07:27:01 mymachine wpa_supplicant[974]: OpenSSL: openssl_handshake - SSL_connect error:140940F6:SSL routines:ssl3_read_bytes:unknown alert type
Oct 26 07:27:09 mymachine kernel: [ 3153.136903] [drm:intel_pipe_update_end [i915]] *ERROR* Atomic update failure on pipe B (start=185389 end=185390)
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  (wlan0): Activation: (wifi) association took too long
Oct 26 07:27:25 mymachine NetworkManager[828]: <info>  (wlan0): device state change: config -> need-auth (reason 'none') [50 60 0]
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  (wlan0): Activation: (wifi) asking for new secrets
Oct 26 07:27:25 mymachine kernel: [ 3169.209119] wlan0: deauthenticating from b4:14:89:d1:2f:21 by local choice (Reason: 3=DEAUTH_LEAVING)
Oct 26 07:27:25 mymachine wpa_supplicant[974]: wlan0: CTRL-EVENT-DISCONNECTED bssid=b4:14:89:d1:2f:21 reason=3 locally_generated=1
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  Connection disconnected (reason -3)
Oct 26 07:27:25 mymachine NetworkManager[828]: <info>  (wlan0): supplicant interface state: associated -> disconnected
Oct 26 07:27:25 mymachine NetworkManager[828]: <warn>  Failed to GDBus.Error:fi.w1.wpa_supplicant1.NotConnected: This interface is not connected: disconnect.
Oct 26 07:27:25 mymachine gnome-session[1578]: nm-applet-Message: New secrets for CorporateNetwork/802-1x requested; ask the user

Was kann ich tun, um wieder eine Verbindung herstellen zu können?

7
Cees Bos

Ich habe hier das gleiche Problem: Das Problem ist der wpa_supplicant 2.4, wie Sie hier lesen können: http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Internal-radius-server-incompatibility -mit-dem-neuen-wpa/td-p/236602

Wenn Sie ein Downgrade auf 2.3 durchführen, wird dieses Problem behoben!

5
Eric Mendes

Das Problem ist, dass einige Router und/oder Access Points WPA2 Enterprise mit einem schwachen DH-Schlüssel verwenden und Network Manager 2.4 keine Verbindung zu diesen Netzwerken herstellt.

Normalerweise tritt dieses Problem unter Ubuntu> = 15.10 auf. Momentan besteht eine vorübergehende Problemumgehung darin, wpa_supplicant mit den folgenden Anweisungen auf 2.1 (von Ubuntu 15.04) herunterzustufen:

echo "deb http://london.mirrors.linode.com/ubuntu/ vivid main" | Sudo tee /etc/apt/sources.list.d/vivid.list
echo -e "Package: *\nPin: release o=Ubuntu,n=vivid\nPin-Priority: -1" | Sudo tee cat /etc/apt/preferences.d/vivid
Sudo apt-get update
Sudo apt-get install wpasupplicant=2.1-0ubuntu7
Sudo apt-mark hold wpasupplicant
Sudo /etc/init.d/network-manager restart

Verweise:

4