# No stable encrypted connection with ipw2100 & wpa_supplicant

## marco1475

Hi!

I am trying to get my WLAN working on my notebook for quite some time with very little success. My notebook features the Intel Corporation PRO/Wireless LAN 2100 3B Mini PCI Adapter (rev 04) card and it has been less than cooperative when connecting to my AP. Here"s the history so far:

I have ipw2100, IEEE80211 and the cryptography stuff (AES, ARC4 and Michael MIC) compiled as modules within my kernel (2.6.18-gentoo-r2). This is my /etc/modules.autoload.d/kernel-2.6:

```

ieee80211

ieee80211_crypt

ieee80211_crypt_wep

ieee80211_crypt_ccmp

ieee80211_crypt_tkip

aes

arc4

michael_mic

ipw2100

```

I have wpa_supplicant enabled in /etc/conf.d/net like this:

```

# Modules

modules=( "wpa_supplicant" )

# eth0 configuration

...

# eth1 configuration

config_eth1=( "dhcp" )

wpa_supplicant_eth1="-Dwext"

wpa_timeout_eth1=60

```

And lastly, this in my /etc/wpa_supplicant.conf:

```

ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=0

ap_scan=1

network={

        ssid="<mySSID>"

        #psk="<myPSK-text>"

        psk=<myPSK-hex>

}

```

Without encryption on the AP side the connection works (with and without wpa_supplicant), although with a few errors during booting, but they are insignificant for now. However, once the WPA-PreSharedKey encryption is enabled on the AP side the eth1 interface starts during boot without any error messages, but I cannot connect to my AP. wpa_cli repeats the following over and over again:

```

<2>Trying to associate with 00:12:17:0e:0c:33 (SSID='<mySSID>' freq=0 MHz)

<2>Associated with 00:12:17:0e:0c:33

<2>WPA: Key negotiation completed with 00:12:17:0e:0c:33 [PTK=TKIP GTK=TKIP]

<2>CTRL-EVENT-CONNECTED - Connection to 00:12:17:0e:0c:33 completed (reauth) [id=0 id_str=]

<2>WPA: Group rekeying completed with 00:12:17:0e:0c:33 [GTK=TKIP]

<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys

```

When I try to run

```
wpa_supplicant -i eth1 -c /etc/wpa_supplicant.conf -Dwext -d
```

the system tells me, there is an instance of wpa_supplicant already running. After I stop eth1 by using 

```
/etc/init.d/net.eth1 stop
```

and run the above command again, I get the following:

```

Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'

Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'

Reading configuration file '/etc/wpa_supplicant.conf'

ctrl_interface='/var/run/wpa_supplicant'

ctrl_interface_group=0

ap_scan=1

Priority group 0

   id=0 ssid='<mySSID>'

Initializing interface (2) 'eth1'

EAPOL: SUPP_PAE entering state DISCONNECTED

EAPOL: KEY_RX entering state NO_KEY_RECEIVE

EAPOL: SUPP_BE entering state INITIALIZE

EAP: EAP entering state DISABLED

EAPOL: External notification - portEnabled=0

EAPOL: External notification - portValid=0

SIOCGIWRANGE: WE(compiled)=20 WE(source)=18 enc_capa=0xf

  capabilities: key_mgmt 0xf enc 0xf

WEXT: Operstate: linkmode=1, operstate=5

Own MAC address: 00:0c:f1:38:3c:8a

wpa_driver_wext_set_wpa

wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0

wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0

wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0

wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0

wpa_driver_wext_set_countermeasures

wpa_driver_wext_set_drop_unencrypted

Setting scan request: 0 sec 100000 usec

Added interface eth1

Wireless event: cmd=0x8b06 len=8

RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added

RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added

State: DISCONNECTED -> SCANNING

Starting AP scan (broadcast SSID)

Trying to get current scan results first without requesting a new scan to speed up initial association

Received 0 bytes of scan results (0 BSSes)

Scan results: 0

Selecting BSS from priority group 0

No suitable AP found.

Setting scan request: 0 sec 0 usec

Starting AP scan (broadcast SSID)

Scan timeout - try to get results

Received 0 bytes of scan results (0 BSSes)

Scan results: 0

Selecting BSS from priority group 0

No suitable AP found.

Setting scan request: 5 sec 0 usec

Starting AP scan (broadcast SSID)

Scan timeout - try to get results

Received 0 bytes of scan results (0 BSSes)

Scan results: 0

Selecting BSS from priority group 0

No suitable AP found.

Setting scan request: 5 sec 0 usec

```

It would seem that while the first time around, when eth1 is started during boot and I run wpa_cli, it connects shortly to my AP and then disconnects again, since it has the correct address of the AP, but after I shut down eth1 and try to start it again using wpa_supplicant with all the parameters, it doesn't find the AP. Is it because eth1 must be up, before I can run the wpa_supplicant command? If so, the only real question in this terribly long post (for which I apologize), why does my WLAN card connect shortly to my AP using the WPA encryption but then disconnects immediately and tries again?

I can post my kernel config and any other information of intrest if you like - just ask for it. I kept it out for now for readability purposes, since this post is overly long as it is ...

Thank you for any help you can give me in advance.

----------

## feiticeir0

Hello.

You can see what wpa_supplicant is doing (after boot, restart net.eth1 just for you to be able to see) and in another console, as root, execute:

```

wpa_cli

```

when inside the prompt of wpa_cli, please execute

```

status

```

to see the current situation of the wpa_supplicant

and, if you want to see the status of the scan, execute

```

scan_results

```

more info if you do

```

help

```

since you are enabling wpa-psk, and after reading your wpa_supplicant.conf, i beliave the problem is in your configuration. You are missing some options

this is my configuration (i have wireless with wpa-psk encryption)

```

ctrl_interface=/var/run/wpa_supplicant

ap_scan=1

#home

network={

        ssid="wireless_ssid"

        scan_ssid=0 #this is only needed if you are not broadcasting your network ssid, in that case, switch to 1

        proto=WPA

        key_mgmt=WPA-PSK

        pairwise=TKIP

        group=TKIP

        psk="verystrongpassword"

}

```

you can see and read more options in /usr/share/doc/wpa_supplicant-0.5.4/wpa_supplicant.conf.example.gz

Hope it helps

Cheers,

Feiticeir0

----------

## marco1475

Thank you for your detailed reply, however, it didn't help. I used a similar config as the one you posted with no effect and in my search for the underlying problem I reverted to this most basic wpa_supplicant.conf to be sure that it isn't a configuration mistake on the wpa_supplicant side. AFAIK should my bare-bone config posted above work with almost any WPA-PSK encryption and therefore I tried to use it.

Any other ideas why I cannot get a stable connection to my AP? I would really appreciate the help ... *getting-desperate*

----------

## Scratalacha

I encountered similar problems recently to find out that the location of the wpa_supplicant.conf has changed.  Check to see if the directory tree /etc/wpa_supplicant/ exists and if it does, you'll need to move the configuration file from /etc/wpa_supplicant.conf to /etc/wpa_supplicant/wpa_supplicant.conf.  I don't know what version this changed on so you might not have that directory there, in which case this probably doesn't apply to you. Hopefully this will help you out.

----------

## marco1475

I read about the change, nevertheless, it isn't the cause of the problem. I tried starting wpa_supplicant with the -c parameter, giving it the location of the config file explicitly, with no luck. Thanks though for the tip ...

Any other ideas?

----------

## marco1475

Well, I tried the following, with still no luck:

I compiled AES, MichaelMIC, DES & Triple DES EDE, MD5, ARC4 and CRC32c encryption directly into the kernel, i.e. not as modules as they were before. That didn't change anything. I then tried the IEEE80211 stuff compiled directly into the kernel, still no change. Finally, I disabled IEEE80211 and the ipw2100 module in the kernel and emerged ipw2100 as an ebuild. That forced me to manually remove/delete the IEEE80211 files from my portage, but the result is still the same ...

Once I try to use WPA as the connection encryption for my AP, I get the following:

```

<2>Trying to associate with 00:12:17:xx:xx:xx (SSID='myESSID' freq=0 MHz)

<2>Associated with 00:12:17:xx:xx:xx

<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys

```

Why does it say "freq=0 MHz"? And why does it keep disconnecting? It got the name of my ESSID and its MAC address right ... so what could be the problem? Please, help ...

----------

## perchut2

exactly same probleme here, getting desperate too   :Mad: 

----------

## andi456

The same goes for me too, I've played around with virtually all configuration options, but without success. The symptoms are the same as in the original post. Is this a gentoo bug or a wpa_supplicant+ipw2100 bug? What do you think?

Greets Andreas

----------

## h017ah

This is a known bug with ACPI C3 power state and the ipw2100 driver.

http://ipw2100.sourceforge.net/#issues look under "PCI latency error if C3 enabled"

The patch listed is for old kernels, and now this issue is resolved by adding "processor.max_cstate=2" to the grub.conf kernel line.

You can see if this setting gets enabled by checking that "cat /proc/acpi/processor/*/power" yields max_cstate: C2 and not C8.

Hope this resolves this issue, as my Intel 2100B card became stable after enabling this setting, both with and without wpa_supplicant.

Edit: There were some more kernel options I had to use to get this card to function properly. Apparently it is very sensitive to certain ACPI-interrupts, triggering firmware reloading/card disabling when received. This may also be due to a bad ACPI implementation in my motherboard (which is VIA-based). My card went haywire when an ACPI interrupt like this got issued:

ACPI: PCI Interrupt 0000:00:0b.0[A] -> Link [LNKC] -> GSI 10 (level, low) -> IRQ 10

I disabled much of these type of interrupts by using these kernel options:

processor.max_cstate=2 acpi=noirq pci=usepirqmask,noacpi

The card still has some issues during heavy load, and my suspicion is that this has something to do with this: http://bughost.org/bugzilla/show_bug.cgi?id=1487

----------

