ESP32 Forum

ESP32 Official Forum
https://esp32.com/

WPA2 Debugging

https://esp32.com/viewtopic.php?f=2&t=18202

Page 1 of 1

WPA2 Debugging

Posted: Sat Nov 21, 2020 8:51 am
by samca208
Apart from increasing the debug level is there any other way ti have more debugging information for a WiFi (station) connection?
Like if the passphrase is incorrect in a PSK WiFi or invalid certificates in a TLS connection. I've used the official espressif WPA2 enterprise example.. with the example certificates (that obviously don't work with my radius server) and my proper certificates (that do work with other systems) I always have the same debuging info. Nothing on the certificates. Logging as follows:
Is there a way to debug a WiFi connection from the esp32. I have the below debug log but apart that is failing there is no indication of what is failing
Logging:

I (665) wifi:wifi driver task: 3ffc1b94, prio:23, stack:6656, core=0
I (665) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (665) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (695) wifi:wifi firmware version: 3ea4c76
I (695) wifi:config NVS flash: enabled
I (695) wifi:config nano formating: disabled
I (695) wifi:Init dynamic tx buffer num: 32
I (695) wifi:Init data frame dynamic rx buffer num: 32
I (705) wifi:Init management frame dynamic rx buffer num: 32
I (705) wifi:Init management short buffer num: 32
I (715) wifi:Init static rx buffer size: 1600
I (715) wifi:Init static rx buffer num: 10
I (725) wifi:Init dynamic rx buffer num: 32
I (725) example: Setting WiFi configuration SSID STMFG...
I (735) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable

I (835) phy: phy_version: 4180, cb3948e, Sep 12 2019, 16:39:13, 0, 0
I (835) wifi:mode : sta (a4:cf:12:6b:2f:28)
I (1085) wifi:new:<1,0>, old:<1,0>, ap:<255,255>, sta:<1,0>, prof:1
I (1835) wifi:state: init -> auth (b0)
I (1845) wifi:state: auth -> assoc (0)
I (1855) wifi:state: assoc -> run (10)
I (1855) wpa: wpa2_task prio:2, stack:6656

I (1905) wpa: >>>>>wpa2 FAILED

Re: WPA2 Debugging

Posted: Mon Jan 11, 2021 10:07 am
by Leander
I'm also having troubles connecting to a Certificate based WPA2-enterprise network.
Did you find a solution?

There is an option in menuconfig to set the Wifi logging to debug mode.(I'm using esp-idf 4.2)
I'm having disconnect reason 23 = 802.1x authentication failed but unclear why.

Code: Select all

D (4605) wifi:filter: set rx policy=4
D (4615) wifi:first chan=1
D (4615) wifi:handoff_cb: status=0
D (4615) wifi:ap found, mac=02:00:00:00:00:00
D (4615) wifi:new_bss=0x3ffcbdd8, cur_bss=0x0, new_chan=<3,0>, cur_chan=1
D (4625) wifi:filter: set rx policy=5
I (4625) wifi:new:<3,0>, old:<1,0>, ap:<255,255>, sta:<3,0>, prof:1
D (4635) wifi:connect_op: status=0, auth=4, cipher=3
D (4635) wifi:auth mode is not none
D (4645) wifi:connect_bss: auth=1, reconnect=0
I (4645) wifi:state: init -> auth (b0)
D (4645) wifi:start 1s AUTH timer
D (4655) wifi:clear scan ap list
D (4655) wifi:recv auth: seq=2, status=0
I (4655) wifi:state: auth -> assoc (0)
D (4665) wifi:restart connect 1s timer for assoc
D (4665) wifi:recv assoc: type=0x10
D (4675) wifi:filter: set rx policy=6
I (4675) wifi:state: assoc -> run (10)
D (4675) wifi:start 30s connect timer for 4 way handshake
D (4695) wifi:rsn valid: gcipher=3 ucipher=3 akm=4

D (4705) wifi:recv deauth, reason=0x17
I (4705) wifi:state: run -> init (17c0)
D (4705) wifi:recv deauth/disassoc, stop beacon/connect timer
D (4705) wifi:connect status 1 -> 2
D (4715) wifi:add bssid 02:00:00:00:00:00 to blacklist, cnt=0
D (4715) wifi:stop CSA timer
D (4715) wifi:remove 02:00:00:00:00:00 from rc list
I (4725) wifi:new:<3,0>, old:<3,0>, ap:<255,255>, sta:<3,0>, prof:1
D (4725) wifi:filter: set rx policy=8
D (4735) wifi:sta leave
D (4735) wifi:stop CSA timer
D (4735) wifi:remove 00:00:00:00:00:00 from rc list
I (4745) wifi:new:<3,0>, old:<3,0>, ap:<255,255>, sta:<3,0>, prof:1
D (4745) wifi:filter: set rx policy=8
D (4755) wifi:Send disconnect event, reason=23, AP number=0

Re: WPA2 Debugging

Posted: Tue Jan 12, 2021 5:36 am
by samca208
Yes did on EAP-TLS network. For further debugging information also turn on in menuconfig mbedtls debug. As the disconnection reason probably is due to certificate verification. Also for trial switch off server verification.

Ensure that your network doesn't have MAC filtering.

Last thing my Network blacklists for 40minutes the MAC address that failed to be verified. So or change board each time you try to connect or change the MAC address manually before each connection

Re: WPA2 Debugging

Posted: Sun Apr 25, 2021 8:16 am
by yehuda
I have connected to enterprise network using sdk4.0.2 but when I upgrade to sdk4.4 the same code connot connect.
any idea why? Is there is something else I need to add?
My enterprise network required PEAP-MSCHAPv2 authentication.

Re: WPA2 Debugging

Posted: Sun Apr 25, 2021 10:04 am
by samca208
What's the log??

Re: WPA2 Debugging

Posted: Sun Jun 06, 2021 12:22 pm
by yehuda
I was able to connect after I disabled the WPA_MBEDS_CRYPTO at the supplicant.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/