Archive for the ‘Tips’ Category.

WICD does not reconnect after suspend: obtaining IP address

My Debian 8 Jessie installed Acer Aspire One netbook had problems reconnecting after suspend resume.

WICD showed obtaining IP address for a long time and finally gave up or so. Tried dhclient and dhcpcd, no change. Tried debug mode, which results in the netbook sometimes did not resume to the OS and I had to do a hard reset :-(. Disabled debug logging option in wicd.conf again. Could not live with hard resets.

Changed dhcp server from integrated one in router (tested with different models) to my Linux Debian SID server, no change.

I added the option nolink (for buggy interfaces, found in man dhcpcd and dhcp.conf and inspried by LinuxQuestions.Org) to /etc/dhcpcd.conf and now WICD reconnects fine and fast after setting dhcpcd as external DHCP Client. WICD is version 1.7.24.

Issue solved 🙂

UPDATE 31.8.2016:

Bad news: WICD still does not resolve DHCP address. I mostly have to Cancel the ‘Obtaining IP address…’ process and manually connect. Some times it connects on first time but some times on second or thrird attempt.

Now tested connman. But it behaves alsoe strange. After first install everything looked fine. But after reboot it stated no services available or other strange errors about no wifi and sh.. After some more tests I relaized that connman is not really integrated into Debian. Maybe it is good for ArchLinux? Fortunately I always got a connection using ifdown/ifup for wlan0.

Finally I switched to network-manager and network-manager-gnome. And that impressed me. It connects very, very fast. Hopefully that will be reliable. Suspend and resume also works fine without fiddeling in any conf files so far.

BTW: I am running two Cisco APs with same SSID/WPA2 passphrase, so the devices can roam (no AP controller, just the Cisco APs). Possibly that makes WICD nervous?

How to enable WPA2-PSK AES on Cisco AP1231G

I own two (I know these are older ones) Cisco 1231 with a G-radio, software version 12.3(8)JEE, RELEASE SOFTWARE (fc1), cisco AIR-AP1231G-E-K9.

The APs are setup using WPA-PSK TKIP and I would like to switch to WPA2. There are many pages describing how to enable WPA2-PSK AES, but my tries to enable wpa2 always stopped with an error message.

The normal documented way to enable WPA2-PSK is:

configure terminal
dot11 ssid <SSID_NAME>
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii <SSID_PASSWORD>
!
interface Dot11Radio0
encryption mode ciphers aes-ccm
ssid <SSID_NAME>
no shutdown
!

Every time I got an error entering this line:

AP1(config-ssid)#authentication key-management wpa version 2
                                                    ^ 
% Invalid input detected at '^' marker.

The trick is to ignore the “version 2”. The software will automatically use WPA2 when you enter “aes-ccm” as the encryption mode cipher. So instead of the above use the following config commands:

configure terminal
dot11 ssid <SSID_NAME>
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii <SSID_PASSWORD>
!
interface Dot11Radio0
encryption mode ciphers aes-ccm
ssid <SSID_NAME>
no shutdown
!

Thanks to Cisco not mentioning that in there standard documenation and thanks for one or two guys pointing that out in internet.

*replace the text inside the <> brackets with your SSID and password.

Cisco Aironet 1200 AP1231G WPA-PSK clients do not connect

For the esp-link project I tried to set my standard WLAN for the esp-link ESP-8266 ESP-01 modul. Unfortunately the ESP-8266 was unable to connect. My WLAN uses simple WPA PSK and TKIP and I did not have that connection issues before. The Cisco AP1231 access points work reliable.

After some digging and asking around with no solution I added one more access point (a TP-Link WA500G) and configured a wireless network with WPA2 PSK and AES. The ESP-8266 immediately was able to connect. This was OK for some time but why add an additional AP only for one client?

A friend then lead me to take a look at the Cisco event log and I saw many “Packet to client 18fe.34a6.ed4e reached max retries, removing the client” entries

 

Packet to client 10d3.8af5.16ff reached max retries, removing the client 

when the ESP-8266 tried to connect to the Cisco wireless network. After some research the tip found was to increase the packet retries parameter on the Cisco AP:

AP1#enable
 AP1#conf t
 Enter configuration commands, one per line.  End with CNTL/Z.
 AP1(config)#interface dot11radio 0
 AP1(config-if)#packet retries 128 drop-packet
 ...
AP1#copy running-config startup-config

The Cisco radio did a reset and then I tried to connect the ESP-8266 again. This time the ESP connected successfully.

Another issue solved.

 

TP-Link TD-W8961ND DSL router can not access admin web page after 24 hours or so

This is a security feature. If the Admin web page has not been accessed for some time the router disables the access completely. Router does still work, ping is OK, WLAN and WWAN connections are working, you just can not access the admin web page.

As I am running a Linux server I decided to make a hourly cron job that simply accesses the router admion web page every hour. So I can access the admin web all time without the need to cycle it’s power 🙁

I added a cron.hourly bash script to access the admin page every hour:

#!/bin/sh
wget -O - -q -t 1 --user=<adminusername> --password=<yourpassword> http://<yourrouterip>

Replace the user name, password entry and ip with the ones of your router and copy that bash shell script to /etc/cron.hourly. Don’t forget to make it executable (chmod a+x ).

Update: although the above is running the web admin page could not be reached after some days. Odd security mechanism 🙁