P2 Connection to console issues

I'm trying to connect a P2 to a password enabled WiFi network in an environment where I don't have easy access to the IT team so would like to make sure I have as much troubleshooting and direction as possible when I make that connection. Here are the particulars:

  • confirmed that with proper SSID PW, I can browse right to the web with no further authentication on my phone
  • I see the "6" above the WiFi symbol on my phone WiFi list for this SSID
  • the P2 connects to the WiFi but can't connect to the particle cloud
  • If I setup my phone as a hotspot and have the P2 connect to it, while my phone is on the target WiFi network, the P2 cannot connect to the cloud. As soon as I turn off WiFi on my phone and the phone connects to the 5G data, the P2 does connect to the cloud.

Below is the log I get when it is connecting directly to the target WiFi and fails to connect to the cloud:

0000001452 [hal] INFO: WiFi on
0000001689 [net.lwip_rltk] INFO: promisc_deinit TODO
0000001694 [hal] INFO: WiFi off
0000001956 [hal.ota] ERROR: Unable to fetch module
0000001961 [system.nm] INFO: State changed: NONE -> DISABLED
0000001966 [system.nm] TRACE: Interface 4 power state: 1
0000001993 [comm] INFO: channel inited
0000002001 [system.nm] TRACE: Request to power on the interface
0000002132 [net.rltkncp] TRACE: NCP event 3
0000002134 [net.rltkncp] TRACE: NCP power state changed: IF_POWER_STATE_POWERING_UP
0000002146 [hal] INFO: rltk_wlan_set_netif_info: 0, 94:94:4a:05:40:18
0000002270 [system.nm] INFO: State changed: DISABLED -> IFACE_DOWN
0000002351 [hal] INFO: WiFi on
0000002355 [net.rltkncp] TRACE: NCP event 3
0000002357 [net.rltkncp] TRACE: NCP power state changed: IF_POWER_STATE_UP
0000002360 [system.nm] TRACE: Interface 4 power state changed: 2
0000002362 [ncp.rltk.client] INFO: rltkOff
0000002567 [net.lwip_rltk] INFO: promisc_deinit TODO
0000002569 [hal] INFO: WiFi off
0000002570 [ncp.rltk.client] INFO: rltkOff done
0000002572 [net.rltkncp] TRACE: NCP event 3
0000002573 [net.rltkncp] TRACE: NCP power state changed: IF_POWER_STATE_DOWN
0000002576 [system.nm] TRACE: Interface 4 power state changed: 1
0000002587 [hal] INFO: rltk_wlan_set_netif_info: 0, 94:94:4a:05:40:18
0000002792 [hal] INFO: WiFi on
0000002794 [net.rltkncp] TRACE: NCP event 3
0000002796 [net.rltkncp] TRACE: NCP power state changed: IF_POWER_STATE_UP
0000002799 [system.nm] TRACE: Interface 4 power state changed: 2
0000002801 [ncp.rltk.client] TRACE: NCP state changed: 1
0000002803 [net.rltkncp] TRACE: NCP event 1
0000007718 [app] INFO: Auto-connect disabled
0000009016 [app] INFO: doing wifiScan
0000009024 [app] INFO: Doing Wi-fi scan
0000009270 [net.lwip_rltk] INFO: netif_post_sleep_processing TODO
0000013181 [app] INFO: wiFiScan resultCount=15
0000027181 [system.nm] INFO: State changed: IFACE_DOWN -> IFACE_REQUEST_UP
0000027202 [net.ifapi] INFO: Netif wl3 state UP
0000027211 [system.nm] INFO: State changed: IFACE_REQUEST_UP -> IFACE_UP
0000027224 [ncp.rltk.client] INFO: Try to connect to ssid: WWL
0000027227 [net.lwip_rltk] INFO: is_promisc_enabled
0000027229 [net.lwip_rltk] INFO: get_eap_phase
0000027431 [net.lwip_rltk] INFO: netif_post_sleep_processing TODO
0000031923 [net.lwip_rltk] INFO: get_eap_phase
0000032042 [net.lwip_rltk] INFO: get_eap_phase
0000032055 [ncp.rltk.client] TRACE: NCP connection state changed: 2
0000032059 [net.rltkncp] TRACE: NCP event 2
0000032060 [net.rltkncp] TRACE: State changed event: 2
0000032062 [net.ifapi] INFO: Netif wl3 link UP, profile=WWL
0000032071 [system.nm] INFO: State changed: IFACE_UP -> IFACE_LINK_UP
0000033096 [hal] INFO: DNS server list changed
0000033101 [hal] INFO: DNS server list changed
0000033106 [net.ifapi] TRACE: Netif wl3 ipv4 configuration changed
0000033112 [system.nm] INFO: State changed: IFACE_LINK_UP -> IP_CONFIGURED
0000033120 [system] INFO: Cloud: connecting
0000033128 [system] INFO: Read Server Address = type:1,domain:$id.udp.particle.io *
0000033142 [system] WARN: Failed to load session data from persistent storage
0000033154 [system] INFO: Discarding session data
0000033194 [system] TRACE: Resolving 0a10aced202194944a054018.v5.udp.particle.io#5684 **
0000033280 [system] TRACE: Address type: 3
0000033288 [system] TRACE: Cloud socket=0, family=2, type=2, protocol=17
0000033302 [system] INFO: Cloud socket=0, connecting to 34.231.252.59#5684
0000033316 [system] TRACE: Cloud socket=0, connected to 34.231.252.59#5684
0000033329 [system] TRACE: Updating cloud keepalive for AF_INET: 25000 -> 25000
0000033342 [system] TRACE: Applying new keepalive interval now
0000033353 [system] INFO: Cloud socket connected
0000033359 [system] INFO: Starting handshake: presense_announce=0
0000033368 [comm.protocol.handshake] INFO: Establish secure connection
0000033380 [comm.dtls] INFO: (CMPL,RENEG,NO_SESS,ERR) restoreStatus=2
0000077617 [comm.dtls] ERROR: handshake failed -6800
0000077626 [comm.dtls] ERROR: Invalid handshake state
0000077635 [comm.protocol.handshake] ERROR: Handshake failed: 17
0000079677 [service.ntp] TRACE: NTP time: 2024-03-22T19:23:21.669619Z
0000079689 [system] WARN: Internet available, cloud not reachable
0000079701 [system] WARN: Cloud handshake failed, code=-220
0000079963 [system] INFO: Cloud: disconnecting
0000079970 [system] INFO: Cloud: disconnected
0000080096 [system] INFO: Cloud: connecting
0000080106 [system] INFO: Read Server Address = type:1,domain:$<< * - see above - removed due to post hyperlink limit >>
0000080121 [system] WARN: Failed to load session data from persistent storage
0000080133 [system] INFO: Discarding session data
0000080171 [system] TRACE: Resolving << ** see above - removed due to post hyperlink limit >>
0000080250 [system] TRACE: Address type: 3
0000080260 [system] TRACE: Cloud socket=0, family=2, type=2, protocol=17
0000080271 [system] INFO: Cloud socket=0, connecting to 34.231.252.59#5684
0000080285 [system] TRACE: Cloud socket=0, connected to 34.231.252.59#5684
0000080297 [system] TRACE: Updating cloud keepalive for AF_INET: 25000 -> 25000
0000080315 [system] TRACE: Applying new keepalive interval now
0000080326 [system] INFO: Cloud socket connected
0000080336 [system] INFO: Starting handshake: presense_announce=0
0000080347 [comm.protocol.handshake] INFO: Establish secure connection
0000080360 [comm.dtls] INFO: (CMPL,RENEG,NO_SESS,ERR) restoreStatus=2
0000124617 [comm.dtls] ERROR: handshake failed -6800
0000124627 [comm.dtls] ERROR: Invalid handshake state
0000124638 [comm.protocol.handshake] ERROR: Handshake failed: 17
0000124686 [service.ntp] TRACE: NTP time: 2024-03-22T19:24:08.664001Z
0000124696 [system] WARN: Internet available, cloud not reachable
0000124707 [system] WARN: Cloud handshake failed, code=-220
0000124968 [system] INFO: Cloud: disconnecting
0000124977 [system] INFO: Cloud: disconnected
0000125724 [system] INFO: Cloud: connecting
0000125735 [system] INFO: Read Server Address = type:1,domain:$<< * - see above - removed due to post hyperlink limit >>
0000125749 [system] WARN: Failed to load session data from persistent storage
0000125760 [system] INFO: Discarding session data
0000125799 [system] TRACE: Resolving << ** see above - removed due to post hyperlink limit >>
0000125895 [system] TRACE: Address type: 3
0000125903 [system] TRACE: Cloud socket=0, family=2, type=2, protocol=17
0000125915 [system] INFO: Cloud socket=0, connecting to 3.230.254.13#5684
0000125930 [system] TRACE: Cloud socket=0, connected to 3.230.254.13#5684
0000125940 [system] TRACE: Updating cloud keepalive for AF_INET: 25000 -> 25000
0000125954 [system] TRACE: Applying new keepalive interval now
0000125968 [system] INFO: Cloud socket connected
0000125977 [system] INFO: Starting handshake: presense_announce=0
0000125986 [comm.protocol.handshake] INFO: Establish secure connection
0000126002 [comm.dtls] INFO: (CMPL,RENEG,NO_SESS,ERR) restoreStatus=2
0000170617 [comm.dtls] ERROR: handshake failed -6800
0000170625 [comm.dtls] ERROR:

So I'm looking for general support but a couple of specific questions come to mind:

What port does the P2 need open to connect to the cloud?
Does the P2 function in an IPv6 environment?
What is the list of parameters/settings that need to be present on a WiFi configuration for success with a P2?

Thanks!
Matt

It looks like the network firewall is either preventing outgoing UDP, or blocking incoming UDP from being forwarded to the P2.

0000077617 [comm.dtls] ERROR: handshake failed -6800
0000077626 [comm.dtls] ERROR: Invalid handshake state
0000077635 [comm.protocol.handshake] ERROR: Handshake failed: 17

This line lists a valid Particle cloud server IP address, so DNS is not getting blocked or redirected (captive portal) so that's good.

0000125915 [system] INFO: Cloud socket=0, connecting to 3.230.254.13#5684

There's more information here, but UDP port 5684 outbound. The firewall will typically create a dynamic port for the response packets and forward the response back to the P2, but this could be blocked.

1 Like

So it looks like the system administrator can allow the Particle device special permissions by IP address (which they will set as static to this device) but I need to get the pubic IP address the device is assigned. I will be local to the device but need to know this before it connects to the cloud so the Get Device List API won't work. I can connect via serial or the app. Searching the docs and community posts came up with options that don't seem workable if I don't have cloud connectivity. I'd love to send a CLI command but didn't see that on the list. Any suggestions?

I don't entirely understand the question. The Particle device can either have a dynamic IP address, set by DHCP on your LAN, or it can have a static IP address, assigned by your system administrator. In some cases, your WLAN can use DHCP to configure the IP address to set it to a specific IP address instead of pool by the Particle device's MAC address. This is the best way to configure the static IP, because the network administrator can control it entirely on their side, and they need to assign it, anyway.

The device public IP is assigned by your network. For a network connected by NAT, it's the shared public IP address for your LAN.

If they want the public IP the device is connecting to, it's a pool and the information is in cloud services and firewalls.

From the particle device, I want to query the device to know the public IP address it was assigned.

Hi @msommerfield

I think you will need a public service like whatismyip.com or similar and make a request from the device.

Hi Matthew,
I do not think the Sys admin wants the public IP for assigning any special permissions to the device.
They would care about the local IP, which presuming they will provide to you, and you can set this IP on the Particle device with something like this:

Cheers

1 Like

@gusgonnet - you are correct. It is the local IP address that I'm looking for.

For the benefit of the community (and for Particle to see the value of the system reporting the IP address when assigned in the logging as shown in the beginning of the thread), here is what I had to do:

  1. Write code that would display the IP address on the screen on the device once assigned.
  2. Go to device and have it connect to a hot spot on a phone. This was so the device would connect to the cloud in order for the software to be updated.
  3. Update the software and configure the WiFi for the target network. Turn off hotspot.
  4. Watch for the IP assignment to show on the device display and report that the the IT resource setting up the firewall.
  5. Once the ports were opened, it connected to the Particle cloud as expected.

I ended up doing this with an Argon since the P2 WiFi configuration isn't supported as well on the app. If I had to do all the various configuration with the P2, it would have been a real pain.

1 Like