I wanted to compare the command line output of a working Wifi connection versus a connection at a location that was giving us trouble. To do so I used Ubuntu (12.10) on a laptop and used the following commands – in a script if necessary.
First a configuration file to use with the wpa-supplicant – we are using WPA2-Enterprise with EAP-TTLS and PAP on the inner:
ctrl_interface=/var/run/wpa_supplicant_enterprise
network={
ssid="qub_sec"
scan_ssid=0
key_mgmt=WPA-EAP
pairwise=CCMP TKIP
group=CCMP TKIP
eap=TTLS
phase2="auth=PAP"
identity="StaffUsername"
password="topsecret"
}
I saved this file as wireless-wpa-enterprise.conf
Then I ran the following commands (wlan0 interface name may differ depending on your device):
wireless-wpa-enterprise.sh
#!/bin/sh
iface=wlan0
#########################################
# First disable any existing connections
#########################################
printf "********* Release any dhcp ip addresses **********\n"
/sbin/dhclient -v -r
#stop any persistent wireless wpa2 authentication sessions
printf "********* Kill any existing wpa_supplicant processes **********\n"
killall wpa_supplicant
printf "********* Shut down interface $iface **********\n"
#shut down wireless interface
/sbin/ifconfig $iface down
printf "******** set working mode of wireless device ***********\n"
/sbin/iwconfig $iface mode Managed
printf "******** Enable interface $iface ***********\n"
/sbin/ifconfig $iface up
printf "******** Now use wpa_supplicant with our username details ***********\n"
/sbin/wpa_supplicant -Dwext -i $iface -c ./wireless-wpa-enterprise.conf -ddd
I had seen an example online running /sbin/wpa_supplicant with a -B parameter to daemonise however removing that -B option as above gave me much more output for analysis.
This file can then be run as:
./wireless-wpa-enterprise.sh | tee ./wireless-wpa-enterprise.txt
Then in another terminal you can try obtaining an IP address if the connection is successful:
/sbin/dhclient -v wlan0
/sbin/ifconfig wlan0
I grabbed output from a working connection and that from a problematic one – there are many pages of output but grepping through the content I could see the following:
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:37:ec:40 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=SBRserverCERT-BLAH-CA'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=SBRserverCERT-BLAH-CA'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=SBRserverCERT-BLAH-CA'
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
And an unsuccessful connection:
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:1d:c1:01 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:3b:ee:01 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:3b:e5:01 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:37:c6:00 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:1d:c1:00 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:3b:e5:01 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
wlan0: CTRL-EVENT-DISCONNECTED bssid=00:0b:11:3b:ee:01 reason=0
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
