I am trying to connect to a Netgear arlo basestation which communicates to it's network cameras via WiFi. The connection is done via WiFi Protected Setup (WPS). I can successfully connect a camera to another WPS bushbutton enabled AccessPoint and see the camera/portscan it.
Now I'd like to connect my notebook computer running debian to the arlo base station.
I have successfully connected to my usual Router via WPS, so "the thing itself" works (ie. a WPS bushbutton connection to my WPA2/CCMP WiFi can be established via wpa_cli and used thereafter).
This is wpa_cli's output when trying to connect to the arlo base whose fixed, unchangeable and unmanageable SSID is NETGEAR73, bssid a0:63:91:xx:xx:xx (see the security concerns I have with this, leaving an unmanageable Accesspoint in my cosy home network?!):
> scan_results
bssid / frequency / signal level / flags / ssid
a0:63:91:xx:xx:xx 2437 -66 [WPA2-PSK-CCMP][WPS][ESS] NETGEAR73
xx:xx:xx:xx:xx:x1 2462 -57 [WPA2-PSK-CCMP][ESS] my_wifi
xx:xx:xx:xx:xx:x2 2462 -59 [WPA2-PSK-CCMP][ESS] my_wifi
xx:xx:xx:xx:xx:x3 2412 -44 [WPA2-PSK-CCMP][ESS] my_wifi
xx:xx:xx:xx:xx:x4 2462 -66 [WPA2-PSK-CCMP][ESS] my_wifi
> wps_pbc a0:63:91:xx:xx:xx
OK
<3>CTRL-EVENT-SCAN-RESULTS
<3>WPS-AP-AVAILABLE
<3>CTRL-EVENT-SCAN-RESULTS
<3>WPS-AP-AVAILABLE
(...)
(me hurrying downstairs to the arlo basestation, manually pushing the SYNCbutton three times to start the WPS bushbutton sequence)
(...)
<3>Trying to associate with a0:63:91:xx:xx:xx (SSID='NETGEAR73' freq=2437 MHz)
<3>Association request to the driver failed
<3>Associated with a0:63:91:xx:xx:xx
<3>CTRL-EVENT-EAP-STARTED EAP authentication started
<3>CTRL-EVENT-EAP-STATUS status='started' parameter=''
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=14122 method=1
<3>CTRL-EVENT-EAP-STATUS status='accept proposed method' parameter='WSC'
<3>CTRL-EVENT-EAP-METHOD EAP vendor 14122 method 1 (WSC) selected
<3>CTRL-EVENT-EAP-STATUS status='completion' parameter='failure'
<3>CTRL-EVENT-EAP-FAILURE EAP authentication failed
<3>WPS-FAIL
<3>CTRL-EVENT-DISCONNECTED bssid=a0:63:91:xx:xx:xx reason=3 locally_generated=1
>
For some reason my connection is rejected (the <3>Association request to the driver failed-part also happens to appear when I successfully connect to my own WiFi network) with the <3>CTRL-EVENT-EAP-FAILURE EAP authentication failed-error.
I did indeed notice that my own router (see below) is listed as [WPS-PBC] whereas the arlo basestation is listed as [WPS], which should indicate PIN mode. Sometimes (and I can not reproduce it) it is listed as [WPS-PBC], yet the above sequence still fails exactly the same.
Any ideas what could be going on here and why I cannot WPS-connect (and, thus find it's WPA2-PSK) to the arlo AP?
Just for the fun of showing that it actually does work for other connections, this is me connecting to my own WiFi via WPS. xx:xx:xx:xx:xx:7a is the router which can do WPS bushbutton, xx:xx:xx:xx:xx:x1/x2/x3 are the other accesspoints which cannot, yet share the same SSID and WPA2-PSK with the router(funny sidenote: WPS goes through between notebook and router, yet the notebook usually connects to one of the accesspoints which is a little closer to it after WPS succeeded):
me@notebook:~# /sbin/wpa_cli
wpa_cli v2.1
(...)
Selected interface 'wlan0'
Interactive mode
> scan_results
bssid / frequency / signal level / flags / ssid
xx:xx:xx:xx:xx:7a 2412 -38 [WPA2-PSK-CCMP][WPS-PBC][ESS] my_wifi
xx:xx:xx:xx:xx:x1 2462 -58 [WPA2-PSK-CCMP][ESS] my_wifi
xx:xx:xx:xx:xx:x2 2462 -63 [WPA2-PSK-CCMP][ESS] my_wifi
a0:63:91:xx:xx:xx 2437 -69 [WPA2-PSK-CCMP][WPS][ESS] NETGEAR73
xx:xx:xx:xx:xx:x3 2462 -70 [WPA2-PSK-CCMP][ESS] my_wifi
> wps_pbc xx:xx:xx:xx:xx:7a
OK
<3>CTRL-EVENT-SCAN-RESULTS
<3>WPS-AP-AVAILABLE-PBC
<3>Trying to associate with xx:xx:xx:xx:xx:7a (SSID='my_wifi' freq=2412 MHz)
<3>Association request to the driver failed
<3>Associated with xx:xx:xx:xx:xx:7a
<3>CTRL-EVENT-EAP-STARTED EAP authentication started
<3>CTRL-EVENT-EAP-STATUS status='started' parameter=''
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=14122 method=1
<3>CTRL-EVENT-EAP-STATUS status='accept proposed method' parameter='WSC'
<3>CTRL-EVENT-EAP-METHOD EAP vendor 14122 method 1 (WSC) selected
<3>WPS-CRED-RECEIVED
<3>WPS-SUCCESS
<3>CTRL-EVENT-EAP-STATUS status='completion' parameter='failure'
<3>CTRL-EVENT-EAP-FAILURE EAP authentication failed
<3>CTRL-EVENT-DISCONNECTED bssid=xx:xx:xx:xx:xx:7a reason=3 locally_generated=1
<3>CTRL-EVENT-SCAN-RESULTS
<3>WPS-AP-AVAILABLE
<3>Trying to associate with xx:xx:xx:xx:xx:x2 (SSID='my_wifi' freq=2462 MHz)
<3>Association request to the driver failed
<3>Associated with xx:xx:xx:xx:xx:x2
<3>WPA: Key negotiation completed with xx:xx:xx:xx:xx:x2 [PTK=CCMP GTK=CCMP]
<3>CTRL-EVENT-CONNECTED - Connection to xx:xx:xx:xx:xx:x2 completed [id=0 id_str=]
> quit
me@notebook:~# /sbin/iwconfig wlan0
wlan0 IEEE 802.11bg ESSID:"my_wifi"
Mode:Managed Frequency:2.462 GHz Access Point: xx:xx:xx:xx:xx:x2
Bit Rate=5.5 Mb/s Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=56/70 Signal level=-54 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
me@notebook:~# /sbin/dhclient -v wlan0
Internet Systems Consortium DHCP Client 4.2.4
(...)
Listening on LPF/wlan0/xx:xx:xx:xx:xx:8b
Sending on LPF/wlan0/xx:xx:xx:xx:xx:8b
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 3 (xid=0x6fb7b800)
DHCPREQUEST of some.ip on wlan0 to 255.255.255.255 port 67 (xid=0x6fb7b800)
DHCPOFFER of some.ip from router.ip
DHCPACK of some.ip from router.ip
bound to some.ip -- renewal in 408095 seconds.
me@notebook:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=55 time=13.4 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=55 time=11.6 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=55 time=12.2 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 11.680/12.469/13.442/0.736 ms
me@notebook:~#
So - yes, it does work under other circumstances.
