Error in establishing encrypted peer links using authsae

[warlock20]

Hi Guys,

i was trying to establish a mesh network with encrypted peer links using authsae. i followed the instruction as per in the wiki . While running $AUTHSAE_DIR/linux/meshd-nl80211 -c $AUTHSAE_CONF on mesh interface with mac 7c:dd:90:3f:55:6e , the debug output shows the link was established with some error code.

estab with 7c:dd:90:8c:6b:b1 set auth flag (seq num=1460723405) mesh plink with 7c:dd:90:8c:6b:b1 established Unexpected error -22 (expected -17) Mesh plink timer for 7c:dd:90:8c:6b:b1 fired on state ESTAB

(7c:dd:90:3f:55:6e <----> 7c:dd:90:8c:6b:b1 is the peer link)

I gave some static ip to each interface and when i try ping, it shows the "Destination Host Unreachable".. i also check the mpath and the link is not established.!!... What is the mistake i did in the process ??

Regards

[chunyeow]

What hardware that you are using?

---

Chun-Yeow

On Fri, Apr 15, 2016 at 8:47 PM, warlock20 notifications@github.com wrote:

Hi Guys,

i was trying to establish a mesh network with encrypted peer links using authsae. i followed the instruction as per in the wiki . While running $AUTHSAE_DIR/linux/meshd-nl80211 -c $AUTHSAE_CONF on mesh interface with mac 7c:dd:90:3f:55:6e , the debug output shows the link was established with some error code.

estab with 7c:dd:90:8c:6b:b1 set auth flag (seq num=1460723405) mesh plink with 7c:dd:90:8c:6b:b1 established Unexpected error -22 (expected -17) Mesh plink timer for 7c:dd:90:8c:6b:b1 fired on state ESTAB

(7c:dd:90:3f:55:6e <----> 7c:dd:90:8c:6b:b1 is the peer link)

I gave some static ip to each interface and when i try ping, it shows the "Destination Host Unreachable".. i also check the mpath and the link is not established.!!... What is the mistake i did in the process ??

Regards

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/o11s/open80211s/issues/47

[warlock20]

@chunyeow Running on a raspberry pi 2 nodes with Arch distro and Ralink wireless chipset

[chunyeow]

Ralink chipset which driver? If you load with nohwcrypt=1, working?

---

Chun-Yeow On Apr 16, 2016 5:33 PM, "warlock20" notifications@github.com wrote:

@chunyeow https://github.com/chunyeow Running on a raspberry pi 2 nodes with Arch distro and Ralink wireless chipset

— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/o11s/open80211s/issues/47#issuecomment-210781318

[warlock20]

lsusb says:

Ralink Technology, Corp. RT5370 Wireless Adapter

the adapter reads: WL0084B

[chunyeow]

Load the driver with nohwcrypt=1 to use software crypto and make sure that you enable the MFP support.

http://lists.open80211s.org/pipermail/devel/2013-June/002981.html

On Mon, Apr 18, 2016 at 11:59 PM, warlock20 notifications@github.com wrote:

lsusb says:

Ralink Technology, Corp. RT5370 Wireless Adapter

the adapter reads: WL0084B

— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/o11s/open80211s/issues/47#issuecomment-211445500

[warlock20]

Thanks for the help...

[sritam2]

Dear Warlock20,

Were you able to ping between the nodes after loading the driver with nohwcrypt=1. How did you solve your problem. Even I am also facing the same issue. I am NOT able to ping between the nodes(nodes are laptops with Linux OS) after establishing the secured peer links using authsae. But I am able to form the secured mesh network. I confirm by running: iw dev $MESH_IFACE station dump. It shows all the mesh peers that are connected and the mesh link is established with them.

But when I try to ping one of them, it fails and shows destination not reachable. Attached below is a screenshot of the error:

@chunyeow : how to enable the MFP support?? Does it play a role in making the ping between the nodes successful.

Looking forward to your help.

Thanks and Regards, Sritam Paltasingh.

[chunyeow]

Which chipset are you using?

On May 15, 2017 10:10 PM, "sritam2" notifications@github.com wrote:

Dear Warlock20,

Were you able to ping between the nodes after loading the driver with nohwcrypt=1. How did you solve your problem. Even I am also facing the same issue. I am NOT able to ping between the nodes(nodes are laptops with Linux OS) after establishing the secured peer links using authsae. But I am able to form the secured mesh network. I confirm by running: iw dev $MESH_IFACE station dump. It shows all the mesh peers that are connected and the mesh link is established with them.

But when I try to ping one of them, it fails and shows destination not reachable. Attached below is a screenshot of the error: [image: snapshot] https://cloud.githubusercontent.com/assets/16870405/26061598/ab4d0282-3988-11e7-92af-0c20b8203379.png

@chunyeow https://github.com/chunyeow : how to enable the MFP support?? Does it play a role in making the ping between the nodes successful.

Looking forward to your help.

Thanks and Regards, Sritam Paltasingh.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/o11s/open80211s/issues/47#issuecomment-301486703, or mute the thread https://github.com/notifications/unsubscribe-auth/ABBewqT34z3i6Kf-NX_Lvh7EBUjo3gTQks5r6Fy6gaJpZM4IISQz .

[sritam2]

@chunyeow : sorry to reply so late. actually i solved the issue using wpa_supplicant instead of authsae application. The WNIC card used by me is from ASUS and the corresponding kernel module used is rtl8192cu.

[sritam2]

Dear All,

Is it possible to have pairwise password between mesh stations in an MBSS. Presently, I am using the same shared password among all nodes of the Mesh configured in wpa_supplicant.conf

Is it possible to define pairwise password for each secured link that a Mesh station forms. So, if a station has links to 3 different stations which are at one-hop distance away from this station, then is it possible that the Mesh station authenticates the 3 different stations (one-hop away) using 3 different password pairs (one for each station).

According to IEEE 802.11-2012, it should be possible. If yes, then how to implement it using wpa_supplicant ?? should there be multiple entries for "psk" field in wpa_supplicant.conf file ??

Thanks and Regards, Sritam Paltasingh.

[warlock20]

@sritam2 Sorry for the very late reply,

Were you able to ping between the nodes after loading the driver with nohwcrypt=1.

Yes, and I think the latest version of kernel patched it.

[sritam2]

Hi, The first thing is what is the chipset your wifi adapter is using. second is if the wifi adapter supports adhoc mesh mode, then you need to configure the wifi mode from client to adhoc mesh and then try to join using wpa_supplicant. Hope this solves your problem

On Tue, Oct 8, 2019 at 9:51 PM maxi-naeher notifications@github.com wrote:

@sritam2 https://github.com/sritam2 What was your procedure to get it work with wpa_supplicant? I also get destination host unreachable. I tried it with both authsae and wpa_supplicant. With both I can build the mesh network (I do see the nodes with station dump) but cant ping..

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/o11s/open80211s/issues/47?email_source=notifications&email_token=AEAWYBJXRG256PDW3WD7QOTQNTQC5A5CNFSM4CBBEQZ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAVMMYY#issuecomment-539674211, or mute the thread https://github.com/notifications/unsubscribe-auth/AEAWYBOQBHSWP6SYONM6CHTQNTQC5ANCNFSM4CBBEQZQ .

-- Thanks and Regards, Sritam Paltasingh.

[maxi-naeher]

Hi, thanks for the quick reply!

Im using a Realtek RTL8723BE. Iw phy says it supports mesh point. I already set the interface to mesh point. Im using wpa_supplicant 2.9. Im able to join the mesh but not able to ping.