Can't connect to eduroam via `wpa_supplicant`:

Question

I'm on my new Debian Stretch system and I'd like to connect to my university eduroam network. I'm not using GNOME or any DM, so I manage my connections via nmcli.

However, from what I gather, it seems that nmcli doesn't support this kind of connections. Too bad. Then I decided to try with just wpa_supplicant and I found this configuration file which supposedly should work out of the box in most cases. But not for me.

After editing the relevant parts, I tried with

sudo wpa_supplicant -i wlp5s0 -c eduroam.conf

And the output is something along these lines:

Successfully initialized wpa_supplicant
wlp5s0: SME: Trying to authenticate with 64:f6:9d:6a:bd:00 (SSID='eduroam' freq=2412 MHz)
wlp5s0: Trying to associate with 64:f6:9d:6a:bd:00 (SSID='eduroam' freq=2412 MHz)
wlp5s0: Associated with 64:f6:9d:6a:bd:00
wlp5s0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=ES
wlp5s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21 -> NAK
wlp5s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlp5s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlp5s0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA' hash=3e9099b5015e8f486c00bcea9d111ee721faba355a
89bcf1df69561e3dc6325c
wlp5s0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL CA 3' hash=beb8efe9b1a73c841b375a90e5fff8048848e3a2af66f6c4dd7
b938d6fe8c5d8
wlp5s0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=ES/ST=Granada/L=Granada/O=Universidad de Granada/OU=CSIRC/CN=radius.ugr.es' hash=828fbec918c62256ea67a9737ac44b578a6b
fb39ff2ef1d6f7cdb3eeea4db8b5
wlp5s0: CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:radius.ugr.es
EAP-TLV: TLV Result - Failure
wlp5s0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlp5s0: Authentication with 64:f6:9d:6a:bd:00 timed out.
wlp5s0: CTRL-EVENT-DISCONNECTED bssid=64:f6:9d:6a:bd:00 reason=3 locally_generated=1
wlp5s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="eduroam" auth_failures=1 duration=10 reason=AUTH_FAILED

and then it goes all over again. I don't really know what the EAP-TLV: TLV Result - Failure message means. I've tried to Google for some troubleshooting to no avail.

As per the common advices:

• I'm disabling NetworkManager before testing the connection
• I'm making sure there is only one wpa_supplicant instance running

Answer 1

Usually, we use wpa_supplicant -D (with the driver parameter).

I use it on NetBSD, as in the following command line.

wpa_supplicant -Dbsd -irun0 -c/wpa

-D is the specific driver to use; you should try something as -wext, or look on the man pages what driver you can use.

It seems the configuration file was done correctly since it says associated.

I will show you how it should be done:

$ cat /wpa

network={
  ssid="Orange-F57323"
  psk="787872A624A578574574E"
}
$ 

This works for me, but I have a ralink device. Maybe your problem is that you aren't using the -D parameter.

I've used that on Linux, and it worked fine. I remember something like -Dwext, but I am not sure.

Answer 2

These instructions worked for me: https://inrg.soe.ucsc.edu/howto-connect-raspberry-to-eduroam/

Here is my file (I called it eduroam.conf):

update_config=1
country=US

network={
    ssid="eduroam"
    scan_ssid=1
    eap=PEAP
    key_mgmt=WPA-EAP
    phase2="auth=MSCHAPV2"
    identity="[email protected]"
    password="xxx"
}

To log-in, run:

sudo wpa_supplicant -B -i [my external adapter MAC address] -c eduroam.conf