On Sun, Oct 03, 2021 at 10:04:24PM +0000, Piotr Lobacz wrote:
> Hi again Beniamino,
> this problem also exsists on Hotspot... and I'm afraid that it hasn't been 
> solved in there yet... If hotspot is being created like this:
> nmcli dev wifi hotspot ifname wlan0_ap ssid test password "test1234"
> the default security is set to WPA2 and if i switch it to WPA3 then my client 
> device is being rejected because of:
> ieee80211 phy0: brcmf_cfg80211_external_auth: External authentication failed: 
> status=1
> I'm pretty sure that this is the same error as previous one.

Hi Piotr,

since [1], NetworkManager also enables WPA3 (SAE) when the connection
is configured with key_mgmt=wpa-psk (both in STA and AP mode).

When adding SAE to the key_mgmt list, NM needs first to know if
wpa_supplicant supports it, otherwise wpa_supplicant would fail to

NM looks at the "Capabilities" D-Bus property of the Interface object
to detect SAE support [2]. wpa_supplicant started to export the value in
[3], which is not in the 2.9 release.

I think what's happening is that NM passes a configuration to
wpa_supplicant without SAE because the supplicant doesn't export the

Can you please try with that wpa_supplicant commit? With the commit
applied you should see in NM logs something similar to:

 Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK SAE FT-SAE'



Attachment: signature.asc
Description: PGP signature

networkmanager-list mailing list

Reply via email to