1

I need to connect to a WiFi network that has WPA3-Enterprise as its security method for Wifi with username/password authentication. In windows, I can connect to this network just fine, by only having to enter the username and password given to me for the network, with no pre-shared key or certificate so I assume EAP is being used.

However, when I try to connect to the network in Ubuntu 23.10 using the GNOME GUI, I see that no WPA3-Enteprise option is available from the drop-down of security methods, only WPA3-personal: enter image description here

I also tried the solution specified in in this answer with NetworkManager but to no success.

I also tried the following netplan configuration:

network:
  version: 2
  renderer: NetworkManager
  wifis:
    wlpXXX:
      dhcp4: true
      access-points:
        "WWS":
          networkmanager:
            passthrough:
              wifi-security.key-mgmt: "wpa-eap"
              wifi-sec.eap: "peap"
              wifi-sec.identity: "my-username-here"
              wifi-sec.password: "my-password-here"
              wifi-sec.phase2-auth: "mschapv2"

But I still can't get it to connect.

So how can I connect to WPA3-enteprise in Ubuntu 23.10 , and is it even currently supported?

Edit: When I try to connect in GNOME through WPA/WPA2 PEAP, a lightbox dialogue opens asking for my username and password. After I enter it, the network still remains unconnected and I am asked for my username password a second time after about 30 seconds. Nothing happens after entering it a second time. Output of NetworkManager while trying to connect is as follows:

Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6339] device (wlp170s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6343] manager: NetworkManager state is now CONNECTING
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6348] device (wlp170s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6356] device (wlp170s0): Activation: (wifi) access point 'WWS' has security, but secrets are required.
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6356] device (wlp170s0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6397] device (wlp170s0): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6411] device (wlp170s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6422] device (wlp170s0): Activation: (wifi) connection 'WWS' has security, and secrets exist.  No new secrets needed.
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6424] Config: added 'ssid' value 'WWS'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6425] Config: added 'scan_ssid' value '1'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6425] Config: added 'bgscan' value 'simple:30:-65:300'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6426] Config: added 'key_mgmt' value 'WPA-EAP FT-EAP FT-EAP-SHA384 WPA-EAP-SHA256'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6426] Config: added 'password' value '<hidden>'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6426] Config: added 'eap' value 'PEAP'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6426] Config: added 'fragment_size' value '1266'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6427] Config: added 'phase2' value 'auth=MSCHAPV2'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6427] Config: added 'domain_suffix_match' value 'WORKGROUP'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6428] Config: added 'identity' value 'nikolaipatrick'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6428] Config: added 'anonymous_identity' value 'nikolaipatrick'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6428] Config: added 'proactive_key_caching' value '1'
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6861] device (wlp170s0): supplicant interface state: disconnected -> authenticating
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.6863] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> authenticating
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.7228] device (wlp170s0): supplicant interface state: authenticating -> associating
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.7230] device (p2p-dev-wlp170s0): supplicant management interface state: authenticating -> associating
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.7669] device (wlp170s0): supplicant interface state: associating -> associated
Feb 21 09:49:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471160.7671] device (p2p-dev-wlp170s0): supplicant management interface state: associating -> associated
Feb 21 09:49:22 dingusbook-pro NetworkManager[1051]: <info>  [1708471162.9053] device (wlp170s0): supplicant interface state: associated -> disconnected
Feb 21 09:49:22 dingusbook-pro NetworkManager[1051]: <info>  [1708471162.9054] device (p2p-dev-wlp170s0): supplicant management interface state: associated -> disconnected
Feb 21 09:49:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471163.0065] device (wlp170s0): supplicant interface state: disconnected -> scanning
Feb 21 09:49:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471163.0066] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> scanning
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.5460] device (wlp170s0): supplicant interface state: scanning -> authenticating
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.5461] device (p2p-dev-wlp170s0): supplicant management interface state: scanning -> authenticating
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.5883] device (wlp170s0): supplicant interface state: authenticating -> associating
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.5884] device (p2p-dev-wlp170s0): supplicant management interface state: authenticating -> associating
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.6303] device (wlp170s0): supplicant interface state: associating -> associated
Feb 21 09:49:34 dingusbook-pro NetworkManager[1051]: <info>  [1708471174.6304] device (p2p-dev-wlp170s0): supplicant management interface state: associating -> associated
Feb 21 09:49:36 dingusbook-pro NetworkManager[1051]: <info>  [1708471176.7486] device (wlp170s0): supplicant interface state: associated -> disconnected
Feb 21 09:49:36 dingusbook-pro NetworkManager[1051]: <info>  [1708471176.7487] device (p2p-dev-wlp170s0): supplicant management interface state: associated -> disconnected
Feb 21 09:49:36 dingusbook-pro NetworkManager[1051]: <info>  [1708471176.8485] device (wlp170s0): supplicant interface state: disconnected -> scanning
Feb 21 09:49:36 dingusbook-pro NetworkManager[1051]: <info>  [1708471176.8486] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> scanning
Feb 21 09:49:46 dingusbook-pro NetworkManager[1051]: <warn>  [1708471186.3545] device (wlp170s0): Activation: (wifi) association took too long
Feb 21 09:49:46 dingusbook-pro NetworkManager[1051]: <info>  [1708471186.3548] device (wlp170s0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:46 dingusbook-pro NetworkManager[1051]: <warn>  [1708471186.3559] device (wlp170s0): Activation: (wifi) asking for new secrets
Feb 21 09:49:50 dingusbook-pro generate[20755]: Permissions for /etc/netplan/01-network-manager-all.yaml are too open. Netplan configuration should NOT be accessible by others.
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0461] device (wlp170s0): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0465] device (wlp170s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0468] device (wlp170s0): Activation: (wifi) connection 'WWS' has security, and secrets exist.  No new secrets needed.
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0469] Config: added 'ssid' value 'WWS'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0469] Config: added 'scan_ssid' value '1'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0469] Config: added 'bgscan' value 'simple:30:-65:300'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0469] Config: added 'key_mgmt' value 'WPA-EAP FT-EAP FT-EAP-SHA384 WPA-EAP-SHA256'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'password' value '<hidden>'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'eap' value 'PEAP'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'fragment_size' value '1266'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'phase2' value 'auth=MSCHAPV2'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'domain_suffix_match' value 'WORKGROUP'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'identity' value 'nikolaipatrick'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'anonymous_identity' value 'nikolaipatrick'
Feb 21 09:49:51 dingusbook-pro NetworkManager[1051]: <info>  [1708471191.0470] Config: added 'proactive_key_caching' value '1'
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.4885] device (wlp170s0): supplicant interface state: scanning -> authenticating
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.4886] device (p2p-dev-wlp170s0): supplicant management interface state: scanning -> authenticating
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.5306] device (wlp170s0): supplicant interface state: authenticating -> associating
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.5307] device (p2p-dev-wlp170s0): supplicant management interface state: authenticating -> associating
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.5742] device (wlp170s0): supplicant interface state: associating -> associated
Feb 21 09:49:53 dingusbook-pro NetworkManager[1051]: <info>  [1708471193.5742] device (p2p-dev-wlp170s0): supplicant management interface state: associating -> associated
Feb 21 09:49:55 dingusbook-pro NetworkManager[1051]: <info>  [1708471195.6842] device (wlp170s0): supplicant interface state: associated -> disconnected
Feb 21 09:49:55 dingusbook-pro NetworkManager[1051]: <info>  [1708471195.6843] device (p2p-dev-wlp170s0): supplicant management interface state: associated -> disconnected
Feb 21 09:49:55 dingusbook-pro NetworkManager[1051]: <info>  [1708471195.7848] device (wlp170s0): supplicant interface state: disconnected -> scanning
Feb 21 09:49:55 dingusbook-pro NetworkManager[1051]: <info>  [1708471195.7849] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> scanning
Feb 21 09:50:07 dingusbook-pro NetworkManager[1051]: <info>  [1708471207.9631] device (wlp170s0): supplicant interface state: scanning -> authenticating
Feb 21 09:50:07 dingusbook-pro NetworkManager[1051]: <info>  [1708471207.9632] device (p2p-dev-wlp170s0): supplicant management interface state: scanning -> authenticating
Feb 21 09:50:07 dingusbook-pro NetworkManager[1051]: <info>  [1708471207.9995] device (wlp170s0): supplicant interface state: authenticating -> associating
Feb 21 09:50:07 dingusbook-pro NetworkManager[1051]: <info>  [1708471207.9996] device (p2p-dev-wlp170s0): supplicant management interface state: authenticating -> associating
Feb 21 09:50:08 dingusbook-pro NetworkManager[1051]: <info>  [1708471208.0477] device (wlp170s0): supplicant interface state: associating -> associated
Feb 21 09:50:08 dingusbook-pro NetworkManager[1051]: <info>  [1708471208.0477] device (p2p-dev-wlp170s0): supplicant management interface state: associating -> associated
Feb 21 09:50:10 dingusbook-pro NetworkManager[1051]: <info>  [1708471210.2008] device (wlp170s0): supplicant interface state: associated -> disconnected
Feb 21 09:50:10 dingusbook-pro NetworkManager[1051]: <info>  [1708471210.2009] device (p2p-dev-wlp170s0): supplicant management interface state: associated -> disconnected
Feb 21 09:50:10 dingusbook-pro NetworkManager[1051]: <info>  [1708471210.3009] device (wlp170s0): supplicant interface state: disconnected -> scanning
Feb 21 09:50:10 dingusbook-pro NetworkManager[1051]: <info>  [1708471210.3010] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> scanning
Feb 21 09:50:16 dingusbook-pro NetworkManager[1051]: <warn>  [1708471216.3542] device (wlp170s0): Activation: (wifi) association took too long
Feb 21 09:50:16 dingusbook-pro NetworkManager[1051]: <info>  [1708471216.3542] device (wlp170s0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
Feb 21 09:50:16 dingusbook-pro NetworkManager[1051]: <warn>  [1708471216.3547] device (wlp170s0): Activation: (wifi) asking for new secrets
Feb 21 09:50:20 dingusbook-pro generate[21589]: Permissions for /etc/netplan/01-network-manager-all.yaml are too open. Netplan configuration should NOT be accessible by others.
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7659] device (wlp170s0): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7662] device (wlp170s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7666] device (wlp170s0): Activation: (wifi) connection 'WWS' has security, and secrets exist.  No new secrets needed.
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7667] Config: added 'ssid' value 'WWS'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7667] Config: added 'scan_ssid' value '1'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7667] Config: added 'bgscan' value 'simple:30:-65:300'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'key_mgmt' value 'WPA-EAP FT-EAP FT-EAP-SHA384 WPA-EAP-SHA256'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'password' value '<hidden>'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'eap' value 'PEAP'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'fragment_size' value '1266'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'phase2' value 'auth=MSCHAPV2'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'domain_suffix_match' value 'WORKGROUP'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'identity' value 'nikolaipatrick'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'anonymous_identity' value 'nikolaipatrick'
Feb 21 09:50:20 dingusbook-pro NetworkManager[1051]: <info>  [1708471220.7668] Config: added 'proactive_key_caching' value '1'
Feb 21 09:50:22 dingusbook-pro NetworkManager[1051]: <info>  [1708471222.9714] device (wlp170s0): supplicant interface state: scanning -> authenticating
Feb 21 09:50:22 dingusbook-pro NetworkManager[1051]: <info>  [1708471222.9714] device (p2p-dev-wlp170s0): supplicant management interface state: scanning -> authenticating
Feb 21 09:50:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471223.0088] device (wlp170s0): supplicant interface state: authenticating -> associating
Feb 21 09:50:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471223.0088] device (p2p-dev-wlp170s0): supplicant management interface state: authenticating -> associating
Feb 21 09:50:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471223.0448] device (wlp170s0): supplicant interface state: associating -> associated
Feb 21 09:50:23 dingusbook-pro NetworkManager[1051]: <info>  [1708471223.0448] device (p2p-dev-wlp170s0): supplicant management interface state: associating -> associated
Feb 21 09:50:25 dingusbook-pro NetworkManager[1051]: <info>  [1708471225.1421] device (wlp170s0): supplicant interface state: associated -> disconnected
Feb 21 09:50:25 dingusbook-pro NetworkManager[1051]: <info>  [1708471225.1422] device (p2p-dev-wlp170s0): supplicant management interface state: associated -> disconnected
Feb 21 09:50:25 dingusbook-pro NetworkManager[1051]: <info>  [1708471225.2429] device (wlp170s0): supplicant interface state: disconnected -> scanning
Feb 21 09:50:25 dingusbook-pro NetworkManager[1051]: <info>  [1708471225.2430] device (p2p-dev-wlp170s0): supplicant management interface state: disconnected -> scanning
Feb 21 09:50:46 dingusbook-pro NetworkManager[1051]: <warn>  [1708471246.3544] device (wlp170s0): Activation: (wifi) association took too long
Feb 21 09:50:46 dingusbook-pro NetworkManager[1051]: <info>  [1708471246.3545] device (wlp170s0): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Feb 21 09:50:46 dingusbook-pro NetworkManager[1051]: <info>  [1708471246.3550] manager: NetworkManager state is now CONNECTED_LOCAL
Feb 21 09:50:46 dingusbook-pro NetworkManager[1051]: <warn>  [1708471246.3555] device (wlp170s0): Activation: failed for connection 'WWS'
Feb 21 09:50:46 dingusbook-pro NetworkManager[1051]: <info>  [1708471246.3558] device (wlp170s0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Feb 21 09:50:48 dingusbook-pro NetworkManager[1051]: <info>  [1708471248.7308] device (wlp170s0): supplicant interface state: scanning -> disconnected
Feb 21 09:50:48 dingusbook-pro NetworkManager[1051]: <info>  [1708471248.7309] device (p2p-dev-wlp170s0): supplicant management interface state: scanning -> disconnected

Edit 2: Output of wpa_supplicant is as follows:

Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Trying to associate with cc:1b:5a:92:5b:60 (SSID='WWS' freq=5745 MHz)
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Associated with cc:1b:5a:92:5b:60
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-STARTED EAP authentication started
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13 -> NAK
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/DC=local/DC=WWS/CN=WWS-DC01-CA' hash=c9dd80542d5fded2320bd026aa64e36126d65c16439095fee4f90c997bc1a70d
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: TLS: Domain suffix match 'WORKGROUP' not found
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=9 depth=0 subject='/DC=local/DC=WWS/CN=WWS-DC01-CA' err='Domain suffix mismatch'
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: OpenSSL: openssl_handshake - SSL_connect error:0A000086:SSL routines::certificate verify failed
Feb 21 10:16:49 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
Feb 21 10:16:51 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Authentication with cc:1b:5a:92:5b:60 timed out.
Feb 21 10:16:51 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-DISCONNECTED bssid=cc:1b:5a:92:5b:60 reason=3 locally_generated=1
Feb 21 10:16:51 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="WWS" auth_failures=1 duration=10 reason=AUTH_FAILED
Feb 21 10:16:51 dingusbook-pro wpa_supplicant[1052]: BSSID cc:1b:5a:92:5b:60 ignore list count incremented to 2, ignoring for 10 seconds
Feb 21 10:16:51 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-DSCP-POLICY clear_all
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-SSID-REENABLED id=0 ssid="WWS"
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: SME: Trying to authenticate with cc:1b:5a:92:5b:60 (SSID='WWS' freq=5745 MHz)
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Trying to associate with cc:1b:5a:92:5b:60 (SSID='WWS' freq=5745 MHz)
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Associated with cc:1b:5a:92:5b:60
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-STARTED EAP authentication started
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13 -> NAK
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/DC=local/DC=WWS/CN=WWS-DC01-CA' hash=c9dd80542d5fded2320bd026aa64e36126d65c16439095fee4f90c997bc1a70d
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: TLS: Domain suffix match 'WORKGROUP' not found
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-TLS-CERT-ERROR reason=9 depth=0 subject='/DC=local/DC=WWS/CN=WWS-DC01-CA' err='Domain suffix mismatch'
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: OpenSSL: openssl_handshake - SSL_connect error:0A000086:SSL routines::certificate verify failed
Feb 21 10:17:04 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: wlp170s0: Authentication with cc:1b:5a:92:5b:60 timed out.
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: BSSID cc:1b:5a:92:5b:60 ignore list count incremented to 3, ignoring for 60 seconds
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-DISCONNECTED bssid=cc:1b:5a:92:5b:60 reason=3 locally_generated=1
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="WWS" auth_failures=2 duration=21 reason=AUTH_FAILED
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: BSSID cc:1b:5a:92:5b:60 ignore list count incremented to 4, ignoring for 120 seconds
Feb 21 10:17:06 dingusbook-pro wpa_supplicant[1052]: wlp170s0: CTRL-EVENT-DSCP-POLICY clear_all
Feb 21 10:17:21 dingusbook-pro wpa_supplicant[1052]: wlp170s0: SME: Trying to authenticate with cc:1b:5a:92:5b:60 (SSID='WWS' freq=5745 MHz)

Artichoke
  • 173
  • 2
    WPA3 Enterprise is missing from the GNOME GUI but I see it present in the KDE GUI, though I can't test it. I think it's supported. The KDE one doesn't show PEAP allowed, only TLS, and private keys not passwords like in your netplan. If it's not 196-bits, try using the normal "WPA/WPA2 Enterprise" in your GNOME dropdown – Daniel T Feb 12 '24 at 00:04
  • I tried using WPA/WPA2 enterprise in GNOME but I couldn't get it to work. I also tried in KDE but it's not really want because I'm pretty sure the network uses PEAP and I also prefer to work in GNOME. – Artichoke Feb 14 '24 at 08:58
  • There is no PEAP in WPA3 Enterprise 196-bit in KDE. There is only one option, "TLS" in the dropdown. You don't need to log into KDE, only run the systemsettings app from inside GNOME, and you only need to use it once and save. But if you're "pretty sure the network uses PEAP", then the "WPA/WPA2" one is the one that is most likely to work. Please post journalctls from NetworkManager and wpa-supplicant if you think there are errors – Daniel T Feb 14 '24 at 19:47
  • What is journalctl -u wpa_supplicant? – Daniel T Feb 20 '24 at 23:45
  • I have edited the post. I'm definitely sure the network uses PEAP now, and looking at the wpa-supplicant logs it looks like I need to find the correct domain for the network for it to work? – Artichoke Feb 20 '24 at 23:53

1 Answers1

0

Let's fix the problems in the configuration. Your final setup might look like this:

example WPA2

Domain

This is weird. I have my username as "flastname123@uottawa.ca", and the part after the "@" is the domain. Since you don't have a "@", we will have to guess. Try the following in succession:

  • local
  • WWS
  • WWS-DC01-CA
  • WWS.DC01.CA
  • DC01-CA
  • DC01.CA
  • WORKGROUP
  • If none of these work dump the certificate. Look for the CN = subdomain.domain.tld and use that or shorten that to domain.tld .
  • Then repeat for any that exist under "X509v3 Subject Alternative Name"

Anonymous identity

I've never used this. Online sources say that some networks need a different email-address-like username for this. You can try both leaving it blank or using what you originally put.

CA certificate

We will just use "No CA certificate is required" for now because we are debugging. Once you get it working, you can add the dumped certificate. If it doesn't work, you might need to use the CA that issued it (i.e. its parent).

Daniel T
  • 4,594
  • 1
    Thank you! It was indeed just a matter of guessing what the domain would be. WWS-DC01-CA was the one that worked. – Artichoke Feb 22 '24 at 03:00