wi fi – Android 11 WPA Enterprise

I know, there are a lot of threads about android 11 and wpa enterprise but none of it seems to have a solution for my specific problem. Maybe someone can give me a hint:

Im using a unify wlan infrastructure with a connected freeradius. Since i updated my phone to Android11 i cant connect to the network. I read, that the issue comes from the disabled “dont validate” optin for wifi in Andorid. But even if i import the right certificate (i tried to import the ca and the freeradius server certificate on my phone) i cant connect to the wifi. Im prompted to enter a domain on wifi setup, but i dont really know what to enter there. I tried to enter the cn of my certificate/ca there but this wont work neither.

Here’s what my radius is telling me:

Tue Aug 31 14:15:09 2021 : ERROR: (165589) eap_ttls: ERROR: TLS Alert read:fatal:unknown CA
Tue Aug 31 14:15:09 2021 : Auth: (165589) Login incorrect (eap_ttls: TLS Alert read:fatal:unknown CA): (anonymous@local.domain/<via Auth-Type = eap>) (from client UAPs port 0 cli MAC

Does anybody know how to debug or solve that issue?

wi fi – Wifi WPA Enterprise – In android 11 under ‘Online Certificate Status’, what is the difference between the various options?

Recently I noticed that my Note 10 would no longer associate with my wifi but all other phones would. I have since resolved the issue by rerolling my certificates but cannot get the options ‘Require status for all certificates’ or ‘Require status for untrusted certificates’ to work. ‘Request Status’ does work as well as ‘Don’t validate’

‘Require status for all certificates’ fails with on the freeradius end with –

(36) eap: Expiring EAP session with state 0xb8be52eabb005f50
(36) eap: Finished EAP session with state 0xb8be52eabb005f50
(36) eap: Previous EAP request found for state 0xb8be52eabb005f50, released from the list
(36) eap: Peer sent packet with method EAP TLS (13)
(36) eap: Calling submodule eap_tls to process data
(36) eap_tls: Continuing EAP-TLS
(36) eap_tls: (eaptls verify) = ok
(36) eap_tls: Done initial handshake
(36) eap_tls: <<< recv TLS 1.1 (length 0002)
(36) eap_tls: ERROR: TLS Alert read:fatal:internal error
(36) eap_tls: TLS_accept: Need to read more data: error
(36) eap_tls: ERROR: Failed in FUNCTION (SSL_read): error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
(36) eap_tls: TLS – In Handshake Phase
(36) eap_tls: TLS – Application data.
(36) eap_tls: ERROR: TLS failed during operation
(36) eap_tls: ERROR: (eaptls process) = fail
(36) eap: ERROR: Failed continuing EAP TLS (13) session. EAP sub-module failed
(36) eap: Sending EAP Failure (code 4) ID 190 length 4

‘Require status for untrusted’ hangs with android eventually giving up with this on the freeradius end –

(5) eap_tls: (eaptls start) = request
(5) eap: Sending EAP Request (code 1) ID 243 length 6
(5) eap: EAP session adding &reply:State = 0xcff1ecc3cf02e118
(5) (eap) = handled
(5) } # authenticate = handled
(5) Using Post-Auth-Type Challenge
(5) Post-Auth-Type sub-section not found. Ignoring.
(5) # Executing group from file /etc/raddb/sites-enabled/default
(5) Sent Access-Challenge Id 247 from to length 0
(5) EAP-Message = 0x01f300060d20
(5) Message-Authenticator = 0x00000000000000000000000000000000
(5) State = 0xcff1ecc3cf02e118ed54fc1c4b664912
(5) Finished request
Waking up in 4.9 seconds.
(5) Cleaning up request packet ID 247 with timestamp +19
Ready to process requests

What do I need to implement or correct so these two options will work as well?

wifi – How can a router automatically change the WPA password every day?

And welcome.
I am a café owner and I have a little problem that I have to reset the password of the WLAN manually every day because the customers took care of it and found some interesting details "for me".

The first thing I found is that I have to Write a script with py, now I'm a cafe owner, NOT a programmer, I don't understand machine language like you.

And then I found a situation similar to mine on the stack overflow, and he struggled with the same thing, but he got to the point where he needs to program a Bash script or something similar.

nevertheless i also learned that i have to do four functions:

  • Get access to the router
  • Generate a random password
  • apply it to the configuration
  • After successful configuration, send it to an email address

So the bottom line. I need help and idk how to write a script, any ideas?


Is it possible to change the WiFi password with a script?

Theses are all i have Thank youand i hope i get an answer soon: ((

edit: I found that to make it easy to write an automation task, I think

wpa enterprise – I came across this network where public ip = local ip

By that I mean that when I type in ifconfig I get the same thing when I use an online website to get my public IP address. (like ipchicken.com)

It is a WPA2 Enterprise MGT network. (it needs both a username and password to log in)

All that appears on Wireshark are ARP Brodcasts, which I assume to be the DNS server. I tried running responder in analysis mode, which warned me that I was out of the subnet and could use ICMP redirection on the network (this message was displayed three times and different IP addresses were displayed each time.) After that it was all over nothing is displayed. I can still do a NetB scan to see other devices on my subnet (/ 24 does not supply anything while / 16 displays a bunch of computers).

Can you help me to identify this network? I would be very happy about your help!

Penetration Test – Brute Force WPA / WPA2 Access Point?

Suppose you have a password list. Is there an open source tool that can use this list and brute authentication for a PSK-WPA / WPA2 wireless network?

I'm not trying to crack a handshake or a PMKID, but try several times to authenticate myself using the word list.

There is one vendor that offers this, but I'm looking for open source.

Example of a skill I'm looking for: