# DWL G122 USB WiFi Adapter won't connect to WPA2 CCMP AP



## bsdsrv (Apr 1, 2012)

Hi there,

*I* have some trouble connecting the USB WiFi device from my FreeBSD system to my WPA2 (CCMP) secured access point. ere's my output of [cmd=]wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf -d[/cmd]


```
Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
Priority group 0
   id=0 ssid='avm_ap'
Own MAC address: 1c:7e:e5:5c:94:c4
wpa_driver_bsd_del_key: keyidx=0
wpa_driver_bsd_del_key: keyidx=1
wpa_driver_bsd_del_key: keyidx=2
wpa_driver_bsd_del_key: keyidx=3
wpa_driver_bsd_set_countermeasures: enabled=0
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Added interface wlan0
State: DISCONNECTED -> SCANNING
Scan SSID - hexdump_ascii(len=6):
     61 76 6d 5f 61 70                                 avm_ap          
Starting AP scan for specific SSID(s)
EAPOL: disable timer tick
EAPOL: Supplicant port status: Unauthorized
Received 580 bytes of scan results (2 BSSes)
BSS: Start scan result update 1
BSS: Add new id 0 BSSID 84:a8:e4:f0:42:66 SSID 'WLAN-426685'
BSS: Add new id 1 BSSID c0:25:06:60:e4:d8 SSID 'avm_ap'
New scan results available
Selecting BSS from priority group 0
Try to find WPA-enabled AP
0: 84:a8:e4:f0:42:66 ssid='WLAN-426685' wpa_ie_len=0 rsn_ie_len=20 caps=0x11
   skip - SSID mismatch
1: c0:25:06:60:e4:d8 ssid='avm_ap' wpa_ie_len=0 rsn_ie_len=0 caps=0x31
   skip - no WPA/RSN IE
Try to find non-WPA AP
0: 84:a8:e4:f0:42:66 ssid='WLAN-426685' wpa_ie_len=0 rsn_ie_len=20 caps=0x11
   skip - SSID mismatch
1: c0:25:06:60:e4:d8 ssid='avm_ap' wpa_ie_len=0 rsn_ie_len=0 caps=0x31
   skip - non-WPA network not allowed
No suitable network found
Setting scan request: 5 sec 0 usec
Starting AP scan for wildcard SSID
Received 504 bytes of scan results (2 BSSes)
```

It looks like the system can discover the correct AP (avm_ap) but can't connect, nor with disabled WPA2 CCMP. Can anybody please help me out?

*vi /boot/loader.conf*:

```
"if_run_load="YES" 
runfw_load="YES" 
wlan_ccmp_load="YES" 
wlan_tkip_load="YES"
```

*vi /etc/rc.conf*:

```
"hostname="bsdsrv0" 
keymap="german.iso.kbd" 
ifconfig_bge0="inet 172.20.0.50 255.255.255.192" 
sshd_enable="YES" 
powerd_enable="YES" 
# Set dumpdev to "AUTO" to enable crash dumps,"NO" to disable 
dumpdev="NO" 
fusefs_enable="YES" 
wlans_run0="wlan0" 
ifconfig_wlan0="DHCP"
```

*vi /etc/wpa_supplicant.conf*

```
ctrl_interface=/var/run/wpa_supplicant  
network={         
ssid="avm_ap"         
proto=RSN         
scan_ssid=1         
key_mgmt=WPA-PSK         
pairwise=CCMP TKIP         
group=CCMP TKIP         
psk="MYSECRETKEY" }
```

*wpa_supplicant version*

```
wpa_supplicant v0.7.3
```

*uname -r*

```
9.0-RELEASE
```

*ifconfig wlan0*

```
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	ether 1c:7e:e5:5c:94:c4
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
	status: no carrier
	ssid "" channel 1 (2412 MHz 11g)
	country US authmode OPEN privacy OFF txpower 0 bmiss 7 scanvalid 60
	protmode CTS wme bintval 0
```


----------



## watchdog (Jun 27, 2012)

I have exactly the same problem with my Realtek RTL8187SE mini-PCI wireless interface inside my MSI Wind 90U netbook. As there is no native FreeBSD driver for this interface, I use NDIS. I have a proper wlan0 interface, *I* can [cmd=]ifconfig wlan0 scan[/cmd] I can see the networks, etc.

My FreeBSD is 9.0-RELEASE, I also have wpa_supplicant version 0.7.3, and I get the same output from wpa_supplicant as I try to connect to a WPA2-PSK network (AES encryption):


```
Own MAC address: 1c:7e:e5:5c:94:c4
wpa_driver_bsd_del_key: keyidx=0
wpa_driver_bsd_del_key: keyidx=1
wpa_driver_bsd_del_key: keyidx=2
wpa_driver_bsd_del_key: keyidx=3
wpa_driver_bsd_set_countermeasures: enabled=0
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Added interface wlan0
State: DISCONNECTED -> SCANNING
Scan SSID - hexdump_ascii(len=6):
     61 76 6d 5f 61 70                                 avm_ap          
Starting AP scan for specific SSID(s)
EAPOL: disable timer tick
EAPOL: Supplicant port status: Unauthorized
```

I have no idea why I get such a behaviour, be it with a very simple wpa_supplicant.conf file (only one network block with only the SSID and PSK info) or a more elaborate one, specifying encryption node, etc.

Any idea?


----------



## wblock@ (Jun 27, 2012)

Generally, the simpler a wpa_supplicant.conf, the better.  If you have scan_ssid=1, it implies a "hidden" SSID on the access point.  Reset it to normal on the access point, at least for debugging.  The bare minimum: Quick Wireless Setup On FreeBSD.

That said, it does see the access point.  But why is your SSID the same as OP's?


----------



## watchdog (Jun 27, 2012)

*I*t's not the same SSID and MAC address, of course. But laziness implies abusive use of copy/paste ;-)

Things improved a bit concerning my issue when I adde two lines in my wpa_supplicant config file: 

```
ap_scan=2
fast_reauth=1
```
Now I get SCANNING -> ASSOCIATING moves, but then ugly lines:


```
ioctl[SIOCS80211, op 21, len 42]: No such file or directory
Association request to the driver failed
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
```

etc...


----------



## watchdog (Jun 28, 2012)

*T*his topic can be tagged "SOLVED" as far as I'm concerned: when you use an NDIS driver, it is mandatory that you provide wpa_supplicant with the option -D ndis in order to make it use the correct driver. IMHO, this is not properly documented in the FreeBSD Handbook at the section concerning NDIS.

For those facing lasting problems even after this, it may be worth reading the ndis_events manpage. This daemon apparently acts piping handshake negociation messages from NDIS driver into wpa_supplicant.


----------



## wblock@ (Jun 28, 2012)

Please submit a PR with specifics so the handbook can be fixed.


----------

