I'm having issues connecting to a basic PEAP-MSCHAPv2 configuration. My Android phone can connect just fine using PEAP and MSCHAPv2 as the inner type.
However, with both the command console demo and writing raw code in WICED, I am unable to get anything except for return code 1007. I think I have tried every single combination of parameters in the wiced command console demo.
I am not seeing any connection attempts at all on my FreeRadius server. I feel like I must just be passing in some incorrect parameters:
Note: I use find_ap to scan for my desired access point, with the results being stored in ap_info.
memset(&conn_info, 0x0, sizeof(conn_info));
conn_info.interface = WWD_STA_INTERFACE;
conn_info.tls_identity = &identity;
conn_info.tls_session = &tls_session;
conn_info.context = &context;
conn_info.trusted_ca_certificates = NULL;
conn_info.root_ca_cert_length = 0;
conn_info.eap_type = EAP_TYPE_PEAP;
conn_info.inner_eap_type = EAP_TYPE_MSCHAPV2;
conn_info.auth_type = ap_info.security;
conn_info.eap_identity = eap_identity;
conn_info.user_name = "MY_USERNAME";
conn_info.password = "MY_PASSWORD";
wiced_log_printf("# Root CA Certs: %d\r\n", conn_info.root_ca_cert_length);
wiced_log_printf("EAP Type: %d\r\n", conn_info.eap_type);
wiced_log_printf("Inner EAP Type: %d\r\n", conn_info.inner_eap_type);
wiced_log_printf("Auth Type: %d\r\n", conn_info.auth_type);
wiced_log_printf("Username: %s\r\n", conn_info.user_name);
wiced_log_printf("Password: %s\r\n", conn_info.password);
if (fs_res == WICED_SUCCESS)
wiced_log_printf("Initializing BESL supplicant\r\n");
res = besl_supplicant_init(&supplicant_workspace, &conn_info);
if (res == BESL_SUCCESS)
wiced_log_printf("Starting BESL supplicant\r\n");
if (besl_supplicant_start(&supplicant_workspace) == BESL_SUCCESS)
wiced_log_printf("Initiating WiFi Join\r\n");
wiced_result_t wifi_join_res = wwd_wifi_join_specific(&ap_info, NULL, 0, NULL, WWD_STA_INTERFACE);
wiced_log_printf("WiFi Join Result: %d\r\n", wifi_join_res);
if (wifi_join_res == WICED_SUCCESS)
wiced_log_printf("Retrieving TLS session information\r\n");
if ((ret = mbedtls_ssl_get_session(
&tls_session)) != 0)
" Failed to retrieve the session information %d \r\n",
" Successfully retrieved the session information %d \r\n",
res = besl_supplicant_stop(&supplicant_workspace);
if (res != BESL_SUCCESS)
"supplicant Stop failed with error = [%d]\r\n",
res = wifi_join_res;
wiced_log_printf("Unable to initialize supplicant. Error = [%d]\r\n",
res = WICED_ERROR;
Can you provide us with the logs or the terminal snapshots/prints to get more info on what happens when you run this piece of code?
Also, if possible can you provide us with the code example for your application to better understand the issue?
The code example I provided is fairly complete, and I am having the same issues with the built in command console project.
When I get home tonight, I will grab a console dump and attach a complete example demonstrating my issue.
What would the expected invocation be for the join_ent command in the command console demo project for this security type?
I've attached a fully functional standalone demo, and here is the console output:
Starting WICED Wiced_006.004.000.0061
Platform LAIRD_EWB initialised
Started ThreadX v5.8
Initialising NetX v5.10_sp3
Creating Packet pools
WLAN MAC Address : C0:EE:40:70:0D:B7
WLAN Firmware : wl0: May 2 2019 02:39:20 version 220.127.116.11 (r714225 CY) FWID 01-476cc09d
WLAN CLM : API: 12.2 Data: 9.10.158 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2019-05-07 05:05:14
# Root CA Certs: 0
EAP Type: 25
Inner EAP Type: 0
Auth Type: 33554436
Initializing BESL supplicant
Starting BESL supplicant
Initiating WiFi Join
WiFi Join Result: 1007
I want to reiterate that my FreeRadius server is not being contacted at all. I'm getting no log statements or anything like that on my FreeRadius server. I get the 1007 error no matter what username and password I use. The command_console demo app behaves the same way, which is what this code was adapted from.
Any help would be greatly appreciated.
I did get it to work in my case. You could try TTLS as an option. You should see some response on your RADIUS server. If it is working with your Android device, then perhaps there is something in your router that is not configured correctly.
In my case, the sequence is: besl_supplicant_init(), then besl_supplicant_start(), then wiced_network_up().
Could you send your working code?
My router is configured properly -- there's not much to it. I'm able to
connect fine with both Android and Windows.
I've tried all of the different relevant flags including TTLS, none of
which result in any sort of communication with my radius server.
On Mon, Nov 16, 2020, 11:09 PM ChMa_3922746 <firstname.lastname@example.org>
Unfortunately, I've customized the code so much that it would be more confusing if I sent it verbatim. You should replace the network connection code with wiced_network_up() as the last step. Note that my radius server is free radius which prints out lots of logs.
Update: I've given up on the product since the Murata 1GC module, or related modules from other vendors, have no (or close to zero) inventory globally. It seems like the product is dead, though Cypress says no.
I've tried wiced_network_up, and I get the same result. I'm not using the
DCT or anything, and if you dig down into wiced_network_up, it's really
just calling wwd_wifi_join_specific under the hood.
I'm seeing the same behavior with the built in test.console app, which uses
wiced_network_up as well.
On Tue, Nov 17, 2020 at 9:39 AM ChMa_3922746 <email@example.com>
Have you referred to the document "WICED-Enterprise-Security-User-Guide" in the WICED Studio? It provides you the procedure to connect WICED to enterprise security network. To associate with an enterprise network "join_ent" is used. The commands are provided in the console so wiced_network_up won't work here.
You can find the document in the SDK here: /43xxx_Wi-Fi/doc/.
Also, make sure that you have provided the root certificate at the certificate location mentioned in this document and this root certificate should be the one that verifies the server certificate. In short, the root certificate used at the server side should be provided here as well. Make sure the certificate be provided in the proper format and terminated with the null characters properly.
Which version of FreeRadius are you using?