That worked, sort of. My photon has firmware 0.6.2, and tinker is working, but I can’t upload any programs. Even the basic “Blink” program. When I use the online IDE, I get a message saying things were successful, but the program is not uploaded. When I use the CLI, I get a message saying “Flash device failed. Request timed out”
Hey guys. Trying to get my photon connected to my university PEAP/MSCHAPv2 network. I’m using the latest v0.8.0 (Update: I tried v0.7.0-rc6 too) firmware. I’m on Windows and an using Tera Term via USB to view the log. I’ve tried the things above for both my university network and eduroam network:
With username/password, no certificate
With username/password, with certificate
With username/password, with outer identity matching username, no certificate
With username/password, with outer identity matching username, certificate
After finally figuring out how to show logs, here’s what I have:
I wanted to make sure the Dev was compiling the firmware properly, so I had to register my Photon from my home network. Once it was registered, I could select it as the correct device. Not 100% sure if this was necessary.
Create a new project and put just the following in it (I’m assuming you can have other stuff, but this is all I have in it):
Well, looks like we’re both in the same boat now. I’ve tried my identity using every combination I can think of (username, email@example.com, etc) with no luck. I was able to get my Raspberry Pi connected and tried to use lessons learned there on this, but no luck.
Raspberry Pi (Linux, in general) is a dream to connect to enterprise Wi-Fi by comparison.
I’m certain that it’s some default in WiCED that differs from the associated default in Linux. I just need to work out what it is. Today or tomorrow I will be speaking with The WiFi Guy in my enterprise. Perhaps he can offer some clue.
@avtolstoy can you explain this? I don’t understand the difference between the two things you mention, there.
In my case, we don’t use NPS, but a Cisco solution with 3 letters that I can’t remember right now. I don’t know how that’s configured and I can’t easily get that information. I do know that the phase 2 auth is MSCHAPV2 but I don’t know about phase 1.
The first one is just EAP type 26 (EAP-MSCHAPv2) defined in draft-kamath-pppext-eap-mschapv2-00, the second one is the same authentication method tunneled through EAP type 25 defined in draft-josefsson-pppext-eap-tls-eap-06 (PEAPv0/EAP-MSCHAPv2).
That would be either Cisco ACS or ISE. If that’s the case, I think the only outer tunneling authentication methods that may have inner EAP-MSCHAPv2 supported in ACS/ISE are PEAP (most commonly used) and EAP-FAST.
@naikrovek, since you can easily connect with your raspberry pi, would you mind sharing wpa_supplicant debug/verbose logs along with server and CA certificates, or at the very least their features: algorithm and signature algorithm. This information would be really helpful, as WICED is not very verbose during authentication failures.
I’m thinking this might possibly be incompatibility in TLS cipher suites supported on Photon and what the authentication server is offering.