Hello Thomas, Thanks a lot for your reply. This is really helpful.
In the meantime I found that this issue got fixed last month in Network Manager: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/756 But because we do not have a way to use the latest version it would be wonderful to find a workaround. I tried to disable wps in the wpa_supplicant config [1] file but this did not work. Is this the right way to adjust it? Is this even the wpa_supplicant config used by network manager? Thanks a lot and best regards, Florian [1] Added to /etc/wpa_supplicant/wpa_supplicant.conf ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev wps_disabled=1 update_config=1 country=DE > On 9. Apr 2021, at 08:42, Thomas Haller <thal...@redhat.com> wrote: > > On Wed, 2021-04-07 at 17:18 +0200, Florian Klein wrote: >> Dear Network Manager Experts, >> >> we are opening an Access Point with network manager (on a RPI4 with >> Raspbian) and everything is working fine except that when connecting >> from Windows 10 we are asked for a pin first (probably wps pin) instead >> of getting shown directly the passphrase field to enter. This is not >> observed on Mac and Linux. >> >> Our wifi-ap configuration: >> sudo nmcli c add con-name wifi-ap type wifi ssid test ifname >> wlan0 save yes autoconnect yes 802-11-wireless.mode ap 802-11- >> wireless.band bg ipv4.method shared wifi-sec.key-mgmt wpa-psk wifi- >> sec.psk "test1234" >> >> >> We already tried multiple configurations from the provided page: >> https://developer.gnome.org/NetworkManager/stable/settings-802-11-wireless-security.html >> like: >> - wps-method 1 >> - proto rsn >> - pairwise ccmp >> >> But nothing really helped. Would be fantastic to get your support here. >> Thanks > > > Hi Florian, > > > in another email you said that you are using Version 1.14.6, from > Raspian10. That's is quite an old version and it might be interesting > to try a recent version. But in practice, I don't think your question > will be solved by that, so OK. > > NetworkManager's "wifi.mode ap" is something simple that is mainly > aimed for simple setups. The reason is that if you run a "serious" > access point, you might want to configure countless parameters related > to Wi-Fi, but then also want more control over the DHCP and DNS server. > NetworkManager does that all, but the configuration options are not > that extended. So, consider whether NetworkManager is the right choice > here. But we really want NetworkManager to be stellar also in such > cases, so it's not that we say: "such usecase is not supported". But: > "maybe it doesn't work that well yet, but we'd hope to improve on that > (e.g. by adding new configuration options and fix issues in certain > use-cases)". > > > OK, more to your actual question... > > > NetworkManager uses wpa_supplicant's AP mode. wpa_supplicant is the > sibling of hostapd, and both are highly configurable. Your problem > indeed seems to be related to WPS. I am not familiar with this, so I > don't know the solution. I would think you first should understand how > to configure this in wpa_supplicant (or hostapd). And then, in a second > step, how to bring NetworkManager to get that right. > > What NetworkManager does, is relatively simple. Enable `level=TRACE` > logging (see [1]), then NetworkManager will log the options that it > sets in supplicant, like > > Config: added 'mode' value '2' > > ('2' means AP mode). NetworkManager configures wpa_supplicant via the > D-Bus API. > > > I think there is a "wps_disabled" option in wpa_supplicant.conf. It's > not clear whether "wps_disabled" is really the right solution to your > problem. But if it is, you might be able to set that in > wpa_supplicant.conf so that it gets honored. > > If it's really about wps_disabled, I guess you could also re-compile > supplicant package without WPS support. Would be at least interesting > as a try. > > If that is the right solution, then maybe this should be set by > NetworkManager (but I think the flag is currenlty not configurable via > D-Bus(?)). Anyway, it would be interesting later to improve > NetworkManager to get this right. > > > [1] > https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/contrib/fedora/rpm/NetworkManager.conf#L49 > > <https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/contrib/fedora/rpm/NetworkManager.conf#L49> > > > > > hope this gave you some ideas, > > best, > Thomas
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list