But soon after everything set up and running, I noticed my the session keep deauthenticated, like every 15 minutes or so. Sometimes not even 5 minute. Then it redirects me to login page again.
Even if I managed to re login, most of time the connection will degrade to the point it barely transfer any data if at all; and it will only return to normal speed if I manually disconnect the wifi and reconnect again (and the cycle continues).
Seems like some ‘bad packet’ has triggered deauthentication.
This problem had never happen when I used windows, both on laptop(ICS server) and PC (client). My wifi session can sustain for 7-8 hour before getting disconnected for intended session timeout.
Suspecting linux side as culprit, I swap the role; With laptop running as windows, and PC running as openSUSE. And it still happen. Means the ‘bad’ packet must be coming from openSUSE.
Then I tried disabling the network manager in yast; and instead, I use the traditional method using ifup. This time it work. I never get any deauthentication nor network degradation anymore.
So I conclude that it was network manager that keep bugging the wifi auth.
Abandoning network manager leaving me with side effects and question.
1 - I cant connect to openVPN server. Seems all the client available was made to work with networkmanager. Is there any (easy to use and install) GUI openVPN client that doesnt build on top of network manager?
2 - Is there any way to connect wireless without using network manager? I really wish I can use openSUSE as my ICS server.
3 - Is there any way to diagnose the exact problem that trigger the deauthentication in network manger?
I don’t know if NM necessarily is the problem. Maybe a network config in NM that doesn’t exist in your ifup/ifdown configuration (more on this in a moment). Running wireshark might reveal what your problem packets are. Maybe something is logged in your syslog (particularly something that causes a service or function to fail). If you run something like the following immediately after a failure, it’ll display the last 100 lines of your systlog
tail -n 100 /var/log/messages
Yes, you can connect to wireless connections without NM, but it’s a bit tedious. For WPA connections (assume you’re not running other types of wireless authentication), NM builds on top of the wpa_supplicant utility. You can run wpa_supplicant directly from the command line, manually configure and save your wireless connections (with keys) in its config file. For detailed information, I’d recommend reading the MAN page, inspect the --help and do an Internet search on “wpa_supplicant” tutorials. It’s not that difficult after you learn how to do it…
If you commit yourself to managing your wireless from the command line, you’ll likely also want to install and learn “iw” – It’ll manage and invoke wireless commands for general information a lot more simply than wpa_supplicant and should be used for any non-wpa wireless networks.
As for you VPN issues, I’m not sure but I think you’re describing setting up your wireless router as a “VPN beachhead” ? That’s setup normally in multi-client networks so that only one VPN endpoint is created on the edge of your network that supports any and all the machines in your network.
In your configuration, with only one client machine IMO you should set up your client machine as the VPN endpoint and not setup a beachhead, it should be less complex and might even solve your authentication issue. If you’re doing NAT in your wireless, you’ll need to forward the appropriate Cisco VPN ports through to your client machine.
Also, I’m guessing that the 15min window is likely what the VPN admin setup in your Cisco VPN client setup file. If the client doesn’t re-authenticate to the other VPN endpoint, the session times out. Again, this functionality may not be supported in a beachhead setup.