# problems with wpa and intel pro wireless 2200bg (iwi)



## ocean (Dec 1, 2009)

Hi, i've got some problems with iwi. I try to connect to a PEAP/MSCHAPv2 network


```
network={
  ssid="ssid"
	  key_mgmt=WPA-EAP
	    eap=PEAP 
		  identity="login" 
		    password="pass" 
		    phase1="peaplabel=0" 
	  phase2="auth=MSCHAPV2" 
}
```

this kind of config worked just fine under linux with these two lines:

```
pairwise=TKIP
	group=TKIP
```
that under freebsd gives a problem with openssl (shouldn't be a problem removing them though, no certificate is used for this network)

also seems iwi can associate without problems to open networks, wpa gives problems.

when using wpa_supplicant the wireless led never becomes stable (such as it isn't able to establish a stable connection) and network is unusable wich results in these errors (dmesg -a and debug.iwi=1):


```
iwi_newstate: RUN -> SCAN flags 0x1
wlan0: link state changed to DOWN
iwi_newstate: SCAN -> AUTH flags 0x1
enter ASSOCIATING state
Configuring adapter
Setting ESSID to "wpa_network"
Setting power mode to 0
Setting RTS threshold to 2346
Setting fragmentation threshold to 2346
Setting negotiated rates (12)
Setting WME parameters
Setting WME IE (len=7)
Setting optional IE (len=24)
Setting sensitivity to 39
Join bssid 00:XX:XX:XX:XX:XX dst 00:XX:XX:XX:XX:XX channel 6 policy 0x3 auth 0 capinfo 0x431 lintval 100 bintval 100
iwi_newstate: AUTH -> ASSOC flags 0x1
exit ASSOCIATING state
iwi_newstate: ASSOC -> RUN flags 0x11
wlan0: link state changed to UP
unknown notification type 40 flags 0xa0 len 40
unknown notification type 40 flags 0xa0 len 40
[B]Beacon miss: 19269126 >= 100[/B]
enter DISASSOCIATING state
Trying to disassociate from 00:XX:XX:XX:XX:XX channel 6
exit DISASSOCIATING state
iwi_newstate: RUN -> SCAN flags 0x1
wlan0: link state changed to DOWN
iwi_newstate: SCAN -> AUTH flags 0x1
enter ASSOCIATING state
Configuring adapter
Setting ESSID to "wpa_network"
Setting power mode to 0
Setting RTS threshold to 2346
Setting fragmentation threshold to 2346
Setting negotiated rates (12)
Setting WME parameters
Setting WME IE (len=7)
Setting optional IE (len=24)
Setting sensitivity to 39
Join bssid 00:XX:XX:XX:XX:XX dst 00:XX:XX:XX:XX:XX channel 6 policy 0x3 auth 0 capinfo 0x431 lintval 100 bintval 100
iwi_newstate: AUTH -> ASSOC flags 0x1
exit ASSOCIATING state
iwi_newstate: ASSOC -> RUN flags 0x11
wlan0: link state changed to UP
unknown notification type 40 flags 0xa0 len 40
```

Beacon miss: 19269126 >= 100 :x

this "unknown notification type 40 flags 0xa0 len 40" shouldn't be a problem.
wpa_supplicant -iwlan0 -cmy_config -dd don't give useful informations:


```
EAPOL: External notification - portValid=1
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL authentication completed successfully
EAPOL: startWhen --> 0
EAPOL: authWhile --> 0
Setting scan request: 0 sec 100000 usec
Added BSSID 00:XX:XX:XX:XX:XX into blacklist
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
wpa_driver_bsd_del_key: keyidx=0
wpa_driver_bsd_del_key: keyidx=1
wpa_driver_bsd_del_key: keyidx=2
wpa_driver_bsd_del_key: keyidx=3
wpa_driver_bsd_del_key: addr=00:XX:XX:XX:XX:XX keyidx=0
State: COMPLETED -> DISCONNECTED
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
State: DISCONNECTED -> SCANNING
```

i tried also the ndis driver it doens't work, with default ap_scan it cannot associate because it sees all the networks like they aren't wpa networks.
setting ap_scan=2 it finds the right wpa network but exit with an unimplemented IOCTL message (man says ap_scan should be always 1 with wlan device, but only 2 seems to make ndis work).

P.S. i've also tried to give a look at the iwi driver's code, but it's too complex for me, and don't know where the problem is at all 

this are some informations about the card:

```
dev.iwi.0.%desc: Intel(R) PRO/Wireless 2200BG
dev.iwi.0.%driver: iwi
dev.iwi.0.%location: slot=4 function=0
dev.iwi.0.%pnpinfo: vendor=0x8086 device=0x4220 subvendor=0x8086 subdevice=0x2701 class=0x028000
dev.iwi.0.%parent: pci6
dev.iwi.0.radio: 1
dev.iwi.0.bluetooth: 0
dev.iwi.0.antenna: 0
dev.iwi.0.softled: 1
dev.iwi.0.ledpin: 32
dev.iwi.0.ledidle: 2700
dev.iwi.0.nictype: 1
```

let me know it there are workarounds/patches/fixs or someway to make it work fine, or if you need other informations, thanks

regards
ocean


----------



## richardpl (Dec 1, 2009)

ocean said:
			
		

> i tried also the ndis driver it doens't work, with default ap_scan it cannot associate because it sees all the networks like they aren't wpa networks.
> setting ap_scan=2 it finds the right wpa network but exit with an unimplemented IOCTL message (man says ap_scan should be always 1 with wlan device, but only 2 seems to make ndis work).



ndis driver for wpa_supplicant(-Dndis) or ndis(4) ?
FreeBSD version?


----------



## ocean (Dec 1, 2009)

FreeBSD 8.0-RELEASE with recompiled kernel (same problems with generic).
i didn't put -Dndis in wpa commandline now's working fine (i'm writing from the wireless right now P)

howewer i was referring to ndis(4) device driver.

thanks :beergrin

there's only one thing that seems strange i had to change MAC to ndis0 before creating wlan0, if i didn't 'dhclient wlan0' would setup dhcp referring to the ip assigned to wlan0 instead of the gateway/dhcp server host.

and another thing i don't understand is why i have to 'ifconfig rl0 down' (rl0 is my ethernet card) and then /etc/rc.d/netif restart or dig/nslookup won't work good saying that network is down and things like that.

regards
ocean


----------



## richardpl (Dec 1, 2009)

You dont need to manually run wpa_supplicant for ndis0's wlan0 every time machine boot:

Put this into /etc/rc.conf

```
wlans_ndis0="wlan7"
ifconfig_wlan7="WPA SYNCDHCP"
```

and your wpa_supplicant.conf should be in /etc dir.


----------



## ocean (Dec 1, 2009)

yes, thanks 
howewer i need to change often network (moving from home to university and such), so i prefer to do everything manually or through some little scripts.

found also how to fix routing for dns after going from wireless (dhcp) to ethernet (static) /etc/rc.d/routing restart fixes it.


----------



## ocean (Dec 2, 2009)

with ndis everything seems to work good


----------

