Wifi on enterprise network PEAP not working after upgrade to LEAP 15

Hi,

I’ve been using my Lenovo X240 laptop on our work enterprise network with WPA/WPA2 Enterprise PEAP with the previous Opensuse LEAP releases without any problems. The laptop has the Intel Wifi card 7260, lspci output:

03:00.0 Network controller: Intel Corporation Wireless 7260 (rev 63)

After upgrade to LEAP 15 i tries to connect to the network but I always get a requester up asking for the password. The password is correct and I can connect to the Wifi with my Centos 7 laptop and my Android phone. I haven’t changed any of the other settings for the Wifi network.

dmesg output:



   66.738943] wlan1: associate with cc:e1:7f:12:4c:0b (try 1/3)
   66.740544] wlan1: RX AssocResp from cc:e1:7f:12:4c:0b (capab=0x511 status=0 aid=7)
   66.740743] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   66.741595] wlan1: associated
   66.749256] wlan1: deauthenticated from cc:e1:7f:12:4c:0b (Reason: 1=UNSPECIFIED)
   67.075913] wlan1: authenticate with 10:0e:7e:0e:1a:8a
   67.082505] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 1/3)
   67.190749] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 2/3)
   67.295980] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 3/3)
   67.398745] wlan1: authentication with 10:0e:7e:0e:1a:8a timed out
   67.679597] wlan1: authenticate with cc:e1:7f:12:95:0a
   67.684575] wlan1: send auth to cc:e1:7f:12:95:0a (try 1/3)
   67.794735] wlan1: send auth to cc:e1:7f:12:95:0a (try 2/3)
   67.900182] wlan1: send auth to cc:e1:7f:12:95:0a (try 3/3)
   68.018730] wlan1: authentication with cc:e1:7f:12:95:0a timed out
   68.281256] wlan1: authenticate with 10:0e:7e:0e:1a:8b
   68.293194] wlan1: send auth to 10:0e:7e:0e:1a:8b (try 1/3)
   68.303440] wlan1: authenticated
   68.306854] wlan1: associate with 10:0e:7e:0e:1a:8b (try 1/3)
   68.308305] wlan1: RX AssocResp from 10:0e:7e:0e:1a:8b (capab=0x511 status=0 aid=8)
   68.309557] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   68.310955] wlan1: associated
   68.327567] wlan1: deauthenticated from 10:0e:7e:0e:1a:8b (Reason: 1=UNSPECIFIED)
   68.614416] wlan1: authenticate with cc:e1:7f:12:95:0b
   68.618343] wlan1: send auth to cc:e1:7f:12:95:0b (try 1/3)
   68.626156] wlan1: authenticated
   68.626827] wlan1: associate with cc:e1:7f:12:95:0b (try 1/3)
   68.628279] wlan1: RX AssocResp from cc:e1:7f:12:95:0b (capab=0x511 status=0 aid=1)
   68.628507] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   68.630169] wlan1: associated
   68.640731] wlan1: deauthenticated from cc:e1:7f:12:95:0b (Reason: 1=UNSPECIFIED)
   68.901496] wlan1: authenticate with b0:a8:6e:44:8e:8a
   68.906016] wlan1: send auth to b0:a8:6e:44:8e:8a (try 1/3)
   68.991094] wlan1: send auth to b0:a8:6e:44:8e:8a (try 2/3)
   69.003194] wlan1: authenticated
   69.006728] wlan1: associate with b0:a8:6e:44:8e:8a (try 1/3)
   69.016148] wlan1: RX AssocResp from b0:a8:6e:44:8e:8a (capab=0x411 status=0 aid=1)
   69.016390] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   69.017962] wlan1: associated
   69.100045] wlan1: deauthenticated from b0:a8:6e:44:8e:8a (Reason: 1=UNSPECIFIED)
   69.343510] wlan1: authenticate with 10:0e:7e:1d:cb:cb
   69.347498] wlan1: send auth to 10:0e:7e:1d:cb:cb (try 1/3)
   69.405502] wlan1: send auth to 10:0e:7e:1d:cb:cb (try 2/3)
   69.451725] wlan1: send auth to 10:0e:7e:1d:cb:cb (try 3/3)
   69.459440] wlan1: authenticated
   69.462696] wlan1: associate with 10:0e:7e:1d:cb:cb (try 1/3)
   69.464433] wlan1: RX AssocResp from 10:0e:7e:1d:cb:cb (capab=0x511 status=0 aid=3)
   69.464604] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   69.465457] wlan1: associated
   69.474390] wlan1: deauthenticated from 10:0e:7e:1d:cb:cb (Reason: 1=UNSPECIFIED)
   69.687006] wlan1: authenticate with cc:e1:7f:12:4c:0a
   69.692653] wlan1: send auth to cc:e1:7f:12:4c:0a (try 1/3)
   69.802692] wlan1: send auth to cc:e1:7f:12:4c:0a (try 2/3)
   69.916090] wlan1: send auth to cc:e1:7f:12:4c:0a (try 3/3)
   70.022682] wlan1: authentication with cc:e1:7f:12:4c:0a timed out
   70.199140] wlan1: authenticate with cc:e1:7f:11:ed:8b
   70.203899] wlan1: send auth to cc:e1:7f:11:ed:8b (try 1/3)
   70.212971] wlan1: authenticated
   70.214745] wlan1: associate with cc:e1:7f:11:ed:8b (try 1/3)
   70.216191] wlan1: RX AssocResp from cc:e1:7f:11:ed:8b (capab=0x511 status=0 aid=4)
   70.216384] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   70.218493] wlan1: associated
   70.230485] wlan1: deauthenticated from cc:e1:7f:11:ed:8b (Reason: 1=UNSPECIFIED)
   70.413404] wlan1: authenticate with 10:0e:7e:1b:87:4a
   70.417841] wlan1: send auth to 10:0e:7e:1b:87:4a (try 1/3)
   70.534687] wlan1: send auth to 10:0e:7e:1b:87:4a (try 2/3)
   70.615629] wlan1: send auth to 10:0e:7e:1b:87:4a (try 3/3)
   70.719786] wlan1: authentication with 10:0e:7e:1b:87:4a timed out
   70.879184] wlan1: authenticate with cc:e1:7f:13:52:0a
   70.883279] wlan1: send auth to cc:e1:7f:13:52:0a (try 1/3)
   71.010693] wlan1: send auth to cc:e1:7f:13:52:0a (try 2/3)
   71.117110] wlan1: send auth to cc:e1:7f:13:52:0a (try 3/3)
   71.226661] wlan1: authentication with cc:e1:7f:13:52:0a timed out
   73.591360] wlan1: authenticate with 40:b4:f0:2c:ca:4a
   73.596944] wlan1: send auth to 40:b4:f0:2c:ca:4a (try 1/3)
   73.766611] wlan1: send auth to 40:b4:f0:2c:ca:4a (try 2/3)
   73.879017] wlan1: send auth to 40:b4:f0:2c:ca:4a (try 3/3)
   73.982590] wlan1: authentication with 40:b4:f0:2c:ca:4a timed out
   74.126050] wlan1: authenticate with b0:a8:6e:44:8e:8b
   74.130277] wlan1: send auth to b0:a8:6e:44:8e:8b (try 1/3)
   74.138704] wlan1: authenticated
   74.142597] wlan1: associate with b0:a8:6e:44:8e:8b (try 1/3)
   74.144389] wlan1: RX AssocResp from b0:a8:6e:44:8e:8b (capab=0x511 status=0 aid=1)
   74.144584] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   74.146342] wlan1: associated
   74.157968] wlan1: deauthenticated from b0:a8:6e:44:8e:8b (Reason: 1=UNSPECIFIED)
   76.557048] wlan1: authenticate with cc:e1:7f:12:d2:4b
   76.566113] wlan1: send auth to cc:e1:7f:12:d2:4b (try 1/3)
   76.574738] wlan1: authenticated
   76.578548] wlan1: associate with cc:e1:7f:12:d2:4b (try 1/3)
   76.579972] wlan1: RX AssocResp from cc:e1:7f:12:d2:4b (capab=0x511 status=0 aid=5)
   76.580210] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   76.581931] wlan1: associated
   76.594244] wlan1: deauthenticated from cc:e1:7f:12:d2:4b (Reason: 1=UNSPECIFIED)
   76.987094] wlan1: authenticate with cc:e1:7f:12:d2:4a
   76.992386] wlan1: send auth to cc:e1:7f:12:d2:4a (try 1/3)
   77.130525] wlan1: send auth to cc:e1:7f:12:d2:4a (try 2/3)
   77.235748] wlan1: send auth to cc:e1:7f:12:d2:4a (try 3/3)
   77.338518] wlan1: authentication with cc:e1:7f:12:d2:4a timed out
   78.582360] wlan1: authenticate with cc:e1:7f:12:4c:0a
   78.587145] wlan1: send auth to cc:e1:7f:12:4c:0a (try 1/3)
   78.706486] wlan1: send auth to cc:e1:7f:12:4c:0a (try 2/3)
   78.811738] wlan1: send auth to cc:e1:7f:12:4c:0a (try 3/3)
   78.922485] wlan1: authentication with cc:e1:7f:12:4c:0a timed out
   80.156560] wlan1: authenticate with cc:e1:7f:12:4c:0b
   80.161335] wlan1: send auth to cc:e1:7f:12:4c:0b (try 1/3)
   80.176620] wlan1: authenticated
   80.178587] wlan1: associate with cc:e1:7f:12:4c:0b (try 1/3)
   80.180186] wlan1: RX AssocResp from cc:e1:7f:12:4c:0b (capab=0x511 status=0 aid=6)
   80.180382] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   80.182321] wlan1: associated
   80.193593] wlan1: deauthenticated from cc:e1:7f:12:4c:0b (Reason: 1=UNSPECIFIED)
   80.547626] wlan1: authenticate with 10:0e:7e:0e:1a:8a
   80.552689] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 1/3)
   80.662444] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 2/3)
   80.771697] wlan1: send auth to 10:0e:7e:0e:1a:8a (try 3/3)
   80.874445] wlan1: authentication with 10:0e:7e:0e:1a:8a timed out
   82.105630] wlan1: authenticate with cc:e1:7f:12:cf:0b
   82.110030] wlan1: send auth to cc:e1:7f:12:cf:0b (try 1/3)
   82.120671] wlan1: authenticated
   82.122401] wlan1: associate with cc:e1:7f:12:cf:0b (try 1/3)
   82.123824] wlan1: RX AssocResp from cc:e1:7f:12:cf:0b (capab=0x511 status=0 aid=2)
   82.124012] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   82.125847] wlan1: associated
   82.159919] wlan1: Limiting TX power to 21 (21 - 0) dBm as advertised by cc:e1:7f:12:cf:0b
   82.186428] wlan1: deauthenticated from cc:e1:7f:12:cf:0b (Reason: 1=UNSPECIFIED)
   82.521490] wlan1: authenticate with cc:e1:7f:12:95:0b
   82.528479] wlan1: send auth to cc:e1:7f:12:95:0b (try 1/3)
   82.537646] wlan1: authenticated
   82.542398] wlan1: associate with cc:e1:7f:12:95:0b (try 1/3)
   82.543842] wlan1: RX AssocResp from cc:e1:7f:12:95:0b (capab=0x511 status=0 aid=1)
   82.545383] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   82.546907] wlan1: associated
   82.558005] wlan1: deauthenticated from cc:e1:7f:12:95:0b (Reason: 1=UNSPECIFIED)
   82.870440] wlan1: authenticate with b0:a8:6e:44:8e:8a
   82.875279] wlan1: send auth to b0:a8:6e:44:8e:8a (try 1/3)
   82.990379] wlan1: send auth to b0:a8:6e:44:8e:8a (try 2/3)
   83.095830] wlan1: send auth to b0:a8:6e:44:8e:8a (try 3/3)
   83.198380] wlan1: authentication with b0:a8:6e:44:8e:8a timed out
   84.352392] wlan1: authenticate with 40:b4:f0:2c:ca:4b
   84.356312] wlan1: send auth to 40:b4:f0:2c:ca:4b (try 1/3)
   84.364984] wlan1: authenticated
   84.370351] wlan1: associate with 40:b4:f0:2c:ca:4b (try 1/3)
   84.372183] wlan1: RX AssocResp from 40:b4:f0:2c:ca:4b (capab=0x511 status=0 aid=1)
   84.372380] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   84.373586] wlan1: associated
   84.386955] wlan1: deauthenticated from 40:b4:f0:2c:ca:4b (Reason: 1=UNSPECIFIED)
   84.667806] wlan1: authenticate with cc:e1:7f:e1:f9:0b
   84.671883] wlan1: send auth to cc:e1:7f:e1:f9:0b (try 1/3)
   84.679994] wlan1: authenticated
   84.682362] wlan1: associate with cc:e1:7f:e1:f9:0b (try 1/3)
   84.684130] wlan1: RX AssocResp from cc:e1:7f:e1:f9:0b (capab=0x511 status=0 aid=2)
   84.684326] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   84.685793] wlan1: associated
   84.705513] wlan1: deauthenticated from cc:e1:7f:e1:f9:0b (Reason: 1=UNSPECIFIED)
   84.975511] wlan1: authenticate with 10:0e:7e:0e:1a:8b
   84.980933] wlan1: send auth to 10:0e:7e:0e:1a:8b (try 1/3)
   84.988987] wlan1: authenticated
   84.994332] wlan1: associate with 10:0e:7e:0e:1a:8b (try 1/3)
   84.995861] wlan1: RX AssocResp from 10:0e:7e:0e:1a:8b (capab=0x511 status=0 aid=8)
   84.996132] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   84.997613] wlan1: associated
   85.009445] wlan1: deauthenticated from 10:0e:7e:0e:1a:8b (Reason: 1=UNSPECIFIED)
   85.277104] wlan1: authenticate with cc:e1:7f:12:95:0a
   85.281638] wlan1: send auth to cc:e1:7f:12:95:0a (try 1/3)
   85.394338] wlan1: send auth to cc:e1:7f:12:95:0a (try 2/3)
   85.503888] wlan1: send auth to cc:e1:7f:12:95:0a (try 3/3)
   85.606338] wlan1: authentication with cc:e1:7f:12:95:0a timed out
   86.725752] wlan1: authenticate with b0:a8:6e:44:8e:8b
   86.729859] wlan1: send auth to b0:a8:6e:44:8e:8b (try 1/3)
   86.741843] wlan1: authenticated
   86.750286] wlan1: associate with b0:a8:6e:44:8e:8b (try 1/3)
   86.752093] wlan1: RX AssocResp from b0:a8:6e:44:8e:8b (capab=0x511 status=0 aid=1)
   86.752289] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   86.753491] wlan1: associated
   86.773474] wlan1: deauthenticated from b0:a8:6e:44:8e:8b (Reason: 1=UNSPECIFIED)
   87.004207] wlan1: authenticate with cc:e1:7f:11:ed:8b
   87.008255] wlan1: send auth to cc:e1:7f:11:ed:8b (try 1/3)
   87.016974] wlan1: authenticated
   87.022342] wlan1: associate with cc:e1:7f:11:ed:8b (try 1/3)
   87.023939] wlan1: RX AssocResp from cc:e1:7f:11:ed:8b (capab=0x511 status=0 aid=4)
   87.024128] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   87.027582] wlan1: associated
   87.049629] wlan1: deauthenticated from cc:e1:7f:11:ed:8b (Reason: 1=UNSPECIFIED)
   87.253583] wlan1: authenticate with 10:0e:7e:1d:cb:cb
   87.257380] wlan1: send auth to 10:0e:7e:1d:cb:cb (try 1/3)
   87.275580] wlan1: authenticated
   87.279254] wlan1: associate with 10:0e:7e:1d:cb:cb (try 1/3)
   87.306272] wlan1: RX AssocResp from 10:0e:7e:1d:cb:cb (capab=0x511 status=0 aid=3)
   87.306470] wlan1: AP has invalid WMM params (CWmin/max=15/1023 for ACI 0), using defaults
   87.308212] wlan1: associated
   87.321403] wlan1: deauthenticated from 10:0e:7e:1d:cb:cb (Reason: 1=UNSPECIFIED)
   87.506843] wlan1: authenticate with 10:0e:7e:1b:87:4b
   87.510748] wlan1: send auth to 10:0e:7e:1b:87:4b (try 1/3)
   87.521914] wlan1: authenticated
   87.526261] wlan1: associate with 10:0e:7e:1b:87:4b (try 1/3)
   87.593808] wlan1: associate with 10:0e:7e:1b:87:4b (try 2/3)
   87.650811] wlan1: associate with 10:0e:7e:1b:87:4b (try 3/3)
   87.715234] wlan1: association with 10:0e:7e:1b:87:4b timed out
   88.788830] wlan1: authenticate with cc:e1:7f:13:52:0a
   88.793295] wlan1: send auth to cc:e1:7f:13:52:0a (try 1/3)
   88.906237] wlan1: send auth to cc:e1:7f:13:52:0a (try 2/3)
   88.998947] wlan1: aborting authentication with cc:e1:7f:13:52:0a by local choice (Reason: 3=DEAUTH_LEAVING)
   90.555364] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
   90.587330] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
  430.329771] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready


deauthenticated with (Reason: 1=UNSPECIFIED) all the time.

The wifi has several accesspoints with both 2.4GHz and 5GHz accesspoints

Kernel is 4.12.14-lp150.12.4-default

Thanks for any suggestions howto get this to work again.

With the reptitive authentication, association, and deauthentication reported, and your mentioning of multiple APs, I suspect that unwanted roaming is at play here. I assume that you’re using NetworkManager? If so, you can specify the BSSID explicitly so that NM locks to a particular AP for a given connection profile.

You can also create additional AP-specific (using BSSID) connections, so that you can pick the one most appropriate (eg strongest signal) to the area you’re working in.

Well, I tried that, connecting to a specific AP (both on 2.4GHz and 5Ghz). Still the same issue. Just now I even tried with an external USB wifi dongle with a RealTek chip, still no success. Weird it worked fine with OpenSuse LEAP 42.3

Can you share your connection profile in /etc/NetworkManager/system-connections/ ?

Yeah, sure

[connection]                                                                                                                                                                                 
id=maxiv_staff                                                                                                                                                                               
uuid=016e3e32-f03a-449e-baf9-a77f51cdd7ec
type=wifi
permissions=user:robert:;

[wifi]
mac-address-blacklist=
mode=infrastructure
ssid=maxiv_staff

[wifi-security]
key-mgmt=wpa-eap

[802-1x]
eap=peap;
identity=myusername
password-flags=1
phase2-auth=mschapv2

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto


Thanks for your help

Your connection isn’t using BSSID, so that explains why it’s still roaming. It should look like the following…


[wifi]
mac-address-blacklist=
mode=infrastructure
ssid=maxiv_staff
bssid=xx.xx.xx.xx.xx.xx


…where the desired AP mac address is defined. The easiest way to do this is to create new network connection with the NetworkManager connection editor.

Thank you for your help, I have tried that, both on 2.4GHz and on 5GHz access points and then the [wifi] section looks like this

[wifi]
bssid=CC:E1:7F:12:D2:4B
mac-address-blacklist=
mode=infrastructure
ssid=maxiv_staff

But sadly the behavior is exactly the same event though it’s not trying to connect to several access points, it still deauthenticate with Reason 1=Unspecified. And then Network Manager asks for the password again.

I just tried with my CentOS 7 laptop which is a Lenovo T470p with an Intel 8265 wifi card, and no issues at all connecting to the Enterprise network.

I think it is really strange everything worked fine before upgrading to Leap 15.0. And as I said the other cheap wifi dongle I tried didn’t work either. It feels like something is fishy with the WPA supplicant or something like that.

Ok, thanks for the update. At least roaming is now removed from the equation. The next step that I’d like you to do is to change the connection to a system-wide connection via the connection editor. With KDE, this is a matter of selecting ‘All users may connect to this network’ under ‘General Configuration’. Gnome uses ‘Make available to other users’ under ‘Details’ in the connection editor. This will help with not requiring to input a password manager password or similar every time a connection is required.

I just tried with my CentOS 7 laptop which is a Lenovo T470p with an Intel 8265 wifi card, and no issues at all connecting to the Enterprise network.

I think it is really strange everything worked fine before upgrading to Leap 15.0. And as I said the other cheap wifi dongle I tried didn’t work either. It feels like something is fishy with the WPA supplicant or something like that.

I was wondering about the wifi driver, but that wouldn’t explain why two different devices are similarly impacted.

Another thing we can do is to examine the wap_supplicant log while connecting/connected. To do so, first disconnect from the wifi network, open a terminal window and run

tail -f /var/log/wpa_supplicant

then connect to the wifi network again. Examine the log tail and see if anything strange is being reported.

If you like we can watch the received signal level, and noise in real time in another terminal window…

watch cat /proc/net/wireless

Let’s see what that turns up (if anything).

Ok I tested that, didn’t help though.

[802-1x]
eap=peap;
identity=xxxxx
password=xxxxxxxxx
phase2-auth=mschapv2


Then I got this entries in the Network Manager settings

Yes, that’s as expected, because the secrets are stored in the (root-owned) connection profile when configured as a system-connection.

Read/perform the diagnostic steps I outlined in post #9.

wlan1: Associated with cc:e1:7f:12:4c:0b
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan1: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=SE
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan1: CTRL-EVENT-DISCONNECTED bssid=cc:e1:7f:12:4c:0b reason=1
wlan1: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="maxiv_staff" auth_failures=2 duration=35 reason=CONN_FAILED
wlan1: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
wlan1: Reject scan trigger since one is already pending
wlan1: SME: Trying to authenticate with cc:e1:7f:12:cf:0a (SSID='maxiv_staff' freq=2457 MHz)
wlan1: Trying to associate with cc:e1:7f:12:cf:0a (SSID='maxiv_staff' freq=2457 MHz)
wlan1: Associated with cc:e1:7f:12:cf:0a
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan1: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=SE
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan1: CTRL-EVENT-DISCONNECTED bssid=cc:e1:7f:12:cf:0a reason=1
wlan1: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="maxiv_staff" auth_failures=1 duration=10 reason=CONN_FAILED
wlan1: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
wlan1: CTRL-EVENT-SSID-REENABLED id=0 ssid="maxiv_staff"
wlan1: SME: Trying to authenticate with 10:0e:7e:0e:1a:8b (SSID='maxiv_staff' freq=5200 MHz)
wlan1: Trying to associate with 10:0e:7e:0e:1a:8b (SSID='maxiv_staff' freq=5200 MHz)
wlan1: Associated with 10:0e:7e:0e:1a:8b
wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan1: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=SE
wlan1: CTRL-EVENT-DISCONNECTED bssid=10:0e:7e:0e:1a:8b reason=1
wlan1: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="maxiv_staff" auth_failures=2 duration=33 reason=CONN_FAILED
wlan1: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD


This is what wpa_supplicant.log shows.

Every 2.0s: cat /proc/net/wireless                                                                                                            localhost.localdomain: Wed Jul  4 11:47:54 2018

Inter-| sta-|   Quality        |   Discarded packets               | Missed | WE
 face | tus | link level noise |  nwid  crypt   frag  retry   misc | beacon | 22

Nothing else turned up.

Hang on, it is continuously hunting though…look at your output…


wlan1: SME: Trying to authenticate with cc:e1:7f:12:cf:0a (SSID='maxiv_staff' freq=2457 MHz)
wlan1: Trying to associate with cc:e1:7f:12:cf:0a (SSID='maxiv_staff' freq=2457 MHz)
wlan1: Associated with cc:e1:7f:12:cf:0a
.
.
.
wlan1: SME: Trying to authenticate with 10:0e:7e:0e:1a:8b (SSID='maxiv_staff' freq=5200 MHz)
wlan1: Trying to associate with 10:0e:7e:0e:1a:8b (SSID='maxiv_staff' freq=5200 MHz)
wlan1: Associated with 10:0e:7e:0e:1a:8b

That doesn’t make sense to me if you’ve locked down the connectivity to one particular BSSID.

This is what wpa_supplicant.log shows.

Every 2.0s: cat /proc/net/wireless                                                                                                            localhost.localdomain: Wed Jul  4 11:47:54 2018

Inter-| sta-| Quality | Discarded packets | Missed | WE
face | tus | link level noise | nwid crypt frag retry misc | beacon | 22

Nothing else turned up.

Not sure why you don’t get values reported though. Maybe it was during a period when not connected.

Well, since it didn’t make any difference I removed the lock down to a specifc BSSID, so this is without it being locked to a specific AP.

With it locked to a specific AP it looks like this

wlan1: SME: Trying to authenticate with cc:e1:7f:12:d2:4b (SSID='maxiv_staff' freq=5180 MHz)
wlan1: Trying to associate with cc:e1:7f:12:d2:4b (SSID='maxiv_staff' freq=5180 MHz)
wlan1: Associated with cc:e1:7f:12:d2:4b
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan1: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=SE
wlan1: CTRL-EVENT-DISCONNECTED bssid=cc:e1:7f:12:d2:4b reason=1
wlan1: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="maxiv_staff" auth_failures=1 duration=10 reason=CONN_FAILED
wlan1: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
wlan1: CTRL-EVENT-SSID-REENABLED id=0 ssid="maxiv_staff"
wlan1: SME: Trying to authenticate with cc:e1:7f:12:d2:4b (SSID='maxiv_staff' freq=5180 MHz)
wlan1: Trying to associate with cc:e1:7f:12:d2:4b (SSID='maxiv_staff' freq=5180 MHz)
wlan1: Associated with cc:e1:7f:12:d2:4b
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
wlan1: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan1: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=SE
wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
wlan1: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan1: CTRL-EVENT-DISCONNECTED bssid=cc:e1:7f:12:d2:4b reason=1
wlan1: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="maxiv_staff" auth_failures=2 duration=26 reason=CONN_FAILED
wlan1: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD


I think this is going to require a bug report to help resolve. There are authentication issues evident. You might want to compare the wpa_supplicant version in use with Leap 15 and CentOS 7 perhaps.

Ok, as a last test I’ll try to reinstall Leap 15.0 and see if that helps. Thanks a lot for your effort and your help

That’s not likely to help unfortunately. I would proceed with a big report.

I downgraded the wpa_supplicant package LEAP 15.0 installed (v2.6) to wpa-supplicant-2.5-75-3 and now it connects nicely to the Enterprise Network. Although not a perfect solution it does work. It might be related to this bug:

https://bugs.archlinux.org/task/54233

It seems to be a problem when wpa_supplicant is compiled and linked against libopenssl v1.1 instead of libopenssl v 1.0.0 ( wpa-supplicant-2.5-75-3 is linked to libopenssl v1.0.0).

That might be the cause, yes. Means that the network you’re connecting to would use an old SSL implementation AFAIK . If this is the case for their entire infra newer versions of FF and Chrome may refuse to connect to that infra.
Good you at least found a workaround. Enjoy.