I did some tracing at the 802.11 level and have come to the conclusion
that this failure to connect is caused by the client not being able to
support the key exchange and authentication protocols and algorithms
published by the access point in the probe response.
The RSN (Robust Security Network) information published by the Intel
AX201 (Comet Lake) adapter in my test machine is as follows.
Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 32
RSN Version: 1
Group Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
Group Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
Group Cipher Suite type: TKIP (2)
Pairwise Cipher Suite Count: 2
Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM) 00:0f:ac (Ieee
802.11) TKIP
Pairwise Cipher Suite: 00:0f:ac (Ieee 802.11) AES (CCM)
Pairwise Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
Pairwise Cipher Suite type: AES (CCM) (4)
Pairwise Cipher Suite: 00:0f:ac (Ieee 802.11) TKIP
Pairwise Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
Pairwise Cipher Suite type: TKIP (2)
Auth Key Management (AKM) Suite Count: 3
Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) PSK 00:0f:ac (Ieee
802.11) PSK (SHA256) 00:0f:ac (Ieee 802.11) SAE (SHA256)
Auth Key Management (AKM) Suite: 00:0f:ac (Ieee 802.11) PSK
Auth Key Management (AKM) OUI: 00:0f:ac (Ieee 802.11)
Auth Key Management (AKM) type: PSK (2)
Auth Key Management (AKM) Suite: 00:0f:ac (Ieee 802.11) PSK (SHA256)
Auth Key Management (AKM) OUI: 00:0f:ac (Ieee 802.11)
Auth Key Management (AKM) type: PSK (SHA256) (6)
Auth Key Management (AKM) Suite: 00:0f:ac (Ieee 802.11) SAE (SHA256)
Auth Key Management (AKM) OUI: 00:0f:ac (Ieee 802.11)
Auth Key Management (AKM) type: SAE (SHA256) (8)
RSN Capabilities: 0x008c
.... .... .... ...0 = RSN Pre-Auth capabilities: Transmitter does not
support pre-authentication
.... .... .... ..0. = RSN No Pairwise capabilities: Transmitter can
support WEP default key 0 simultaneously with Pairwise key
.... .... .... 11.. = RSN PTKSA Replay Counter capabilities: 16 replay
counters per PTKSA/GTKSA/STAKeySA (0x3)
.... .... ..00 .... = RSN GTKSA Replay Counter capabilities: 1 replay
counter per PTKSA/GTKSA/STAKeySA (0x0)
.... .... .0.. .... = Management Frame Protection Required: False
.... .... 1... .... = Management Frame Protection Capable: True
.... ...0 .... .... = Joint Multi-band RSNA: False
.... ..0. .... .... = PeerKey Enabled: False
..0. .... .... .... = Extended Key ID for Individually Addressed
Frames: Not supported
.0.. .... .... .... = OCVC: False
Tag: RSN eXtension (1 octet)
Tag Number: RSN eXtension (244)
Tag length: 1
RSNX: 0x20 (octet 1)
.... 0000 = RSNX Length: 0
...0 .... = Protected TWT Operations Support: 0
..1. .... = SAE Hash to element: 1
00.. .... = Reserved: 0x0
This is non negotiable. So the only option for the client if cannot
support what is proposed is to ignore it.
I think this bug should probably be closed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1886169
Title:
"nl80211 driver interface is not designed to be used with ap_scan=2"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/1886169/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
