# Can't connect to PEAP with TKIP/MSCHAPV2 networks

## SerialPrecision

Hello,

I've been having trouble connecting to my university's WAN and also Eduroam (which uses the same authentication). I'm using the wl driver (broadcom-sta-5.100.82.38-r1) and here is my wireless card, from dmesg: 

```

wl 0000:07:00.0: PCI INT A -> Link[L1E4] -> GSI 19 (level, low) -> IRQ 19

wl 0000:07:00.0: setting latency timer to 64

eth1: Broadcom BCM4315 802.11 Hybrid Wireless Controller 5.100.82.38

```

I'm using wicd-1.7.0 with wpa_supplicant-0.7.3-r2. When trying to connect through wicd I get a "Bad password" message, but this is wrong. A more detailed error message said that wpa_supplicant authentication may have failed. Then I tried to connect just using wpa_supplicant using this config file:

```

ctrl_interface=/var/run/wpa_supplicant

network={

   ssid="network_name"

   scan_ssid=1

   key_mgmt=WPA-EAP

   eap=PEAP

   identity="username"

   password="password"

   phase1="peaplabel=0"

   phase2="auth=MSCHAPV2"

   priority=1

}

```

This seemed to authenticate correctly, at least that's what it said. However it doesn't actually connect to the network. Also after a while it somehow gets de-authenticated and has to keep authenticating. Has anyone experienced something like this or been able to connect to this type of network with the broadcom driver? I can connect to my home network (WPA2) without problems.

----------

## Mgiese

same here (eduroam/fu-berlin) - takes ages to "validate" then it exits with "bad password"

it was working 1 year ago, since then i updated the kernel (maybe some protocols are missing).

but i think last year i had to downgrade wpa_supplicant in order to get it working. but i am not really sure. i also remember some editing in EAP/TTLS related config files ... hope this helps to trigger the problem ....

sers

----------

## Gusar

Have you tried without the phase1 setting, or did you read somewhere that it's necessary at your university? I don't have it in my config.

Also, try the b43 driver. You need b32-fwcutter and b43-firmware from ~arch, the fwcutter in stable is too old. Then just compile b43 as module and it should work with your card.

----------

## Mgiese

 *Gusar wrote:*   

> Have you tried without the phase1 setting, or did you read somewhere that it's necessary at your university? I don't have it in my config.

 

how to try it without phase1 ?? what is that , can you be more specific ??

 *Gusar wrote:*   

> 
> 
> Also, try the b43 driver. You need b32-fwcutter and b43-firmware from ~arch, the fwcutter in stable is too old. Then just compile b43 as module and it should work with your card.

 

where to get the b43 driver ??? it is in portage i assume ??

thanks a lot

----------

## Mgiese

i saw that -phase1- that you mentioned is a config option in wpa_supp.conf, i will try this tomorrow...

----------

## Mgiese

removing the phase1 option in wpa_supp.conf did not fix the error ....

----------

## thens

I'm not sure if this will help you, but i had similar problems one month ago with wicd, but wpa_supplicant did work for me.

my current wicd template (under "/etc/wicd/encryption/templates/peap-mschapv2"):

```
name = PEAP with MSCHAPv2

author = ME

version = 1

require identity *Identity password *Password ca_cert *Path_to_CA_Cert

-----

ctrl_interface=/var/run/wpa_supplicant

network={

    ssid="$_ESSID"

    scan_ssid="$_SCAN"

    key_mgmt=WPA-EAP

    eap=PEAP

    identity="$_IDENTITY"

    password="$_PASSWORD"

    ca_cert="$_CA_CERT"

    phase2="auth=MSCHAPV2"

}
```

This won't necessarily solve your problem, but it could help you later on as a

wicd template.

And please tell us if you solved the problem, because i had weird problems

with eduroam/wicd as well back then.   :Smile: 

----------

