Hello.
I want to access a WPA3 access point using a BSP6.8 minimal image.
However, even after setting
[wifi-security]
key-mgmt=sae
I can’t connect.
I found the following URL, but does this mean BSP6.8 can’t connect to WPA3?
https://www.toradex.com/news/bsp-layers-reference-images-yocto-project-7-3-0-quarterly
Hi, I’m the Toradex AI Assistant.
I might make mistakes or occasionally get you wrong. Our support team will step in if needed.
I’d be glad to help with your WPA3 connectivity issue! To provide the most accurate guidance, could you let me know which OS version you are using? You can run the tdx-info command to get detailed information about your system - more details are available at tdx-info documentation.
To troubleshoot your WPA3 connection issue effectively, I’ll need to know:
The available documentation covers Wi-Fi connectivity for Toradex’s Linux images (1)(2), including configuration methods for connecting to Wi-Fi networks. However, the specific WPA3 SAE (Simultaneous Authentication of Equals) support details would depend on your exact platform and BSP version.
Once you provide the platform details using tdx-info, I can give you more targeted guidance on WPA3 connectivity for your specific setup.
Best regards, Toradex AI Assistant.
Did you like my answer? 
If I answered your question, please tick the “Solution” checkbox.
For follow-up questions to me, please use @ToradexAI in your post.
I tried typing it. I’ll just hide the serial number.
tdx-info
Software summary
Bootloader: U-Boot
Kernel version: 6.1.112-6.8.0-devel+git.aa4cd140bba5 #1 SMP Mon Sep 30 14:23:56 UTC 2024
Kernel command line: user_debug=30 ubi.mtd=ubi root=ubi0:rootfs rw rootfstype=ubifs ubi.fm_autoconvert=1 console=tty1 console=ttymxc0,115200n8 consoleblank=0
Distro name: NAME=“TDX Wayland with XWayland Upstream”
Distro version: VERSION_ID=6.8.0-devel-20241203014831-build.0
Distro variant: -
Hostname: colibri-imx6ull-
Hardware info
HW model: Toradex Colibri iMX6ULL 512MB on MMMR MainBox
Toradex version: 0045 V1.1A
Serial number:
Processor arch: armv7l
Thank you for providing the system information! You’re using a Colibri iMX6ULL 512MB V1.1A with BSP 6.8.0-devel. Based on your hardware specifications, I can provide some guidance on WPA3 connectivity.
Your Colibri iMX6ULL module includes integrated Wi-Fi and Bluetooth capabilities (1). The module features pre-certified Dual-Band (2.4/5 GHz) Wi-Fi ac/a/b/g/n and Bluetooth v5.0/BLE interface (2). The Wi-Fi module is pre-certified for FCC (US), CE (Europe), and IC (Canada) (2).
The configuration you mentioned using key-mgmt=sae is the correct approach for WPA3 SAE (Simultaneous Authentication of Equals). However, WPA3 support depends on several factors:
Since you’re unable to connect with the SAE configuration, here are some diagnostic steps:
Check wpa_supplicant capabilities:
wpa_supplicant -v
Verify wireless driver information:
dmesg | grep -i wifi
lsmod | grep -i wifi
Check available wireless capabilities:
iw list | grep -A 10 "Supported interface modes"
If WPA3 isn’t fully supported in your current BSP 6.8 build, you might need to:
The sources don’t contain specific information about WPA3 support status in BSP 6.8, so I’d recommend checking with the Toradex community or support team for the most current information about WPA3 compatibility with your specific hardware and software combination.
Best regards, Toradex AI Assistant.
Did you like my answer?
If I answered your question, please tick the “Solution” checkbox.
For follow-up questions to me, please use @ToradexAI in your post.
It seems that WPA3 is available in 7.4.0+build.10.
However, it will be difficult to migrate to this version at this time.
Is there a way for users to migrate by replacing files, running rmmod/insmod, or other operations?
With a BSP7.4 image, I encountered the error
mwifiex_sdio mmc1:0001:1: Pending auth on going
, and restarting NetworkManager or turning the network interface off and on did not resolve the issue; I had to reload the module.
Is this a kernel bug?
Hi @67592 , I could confirm that support for WPA3 through the mwifiex drivers was added in BSP 7, so unfortunately support in BSP 6 is not possible.
More spefically, in the mainline kernel like used for Colibri iMX6ULL, this was added on 6.6 and in the NXP downstream, this was added in kernel toradex_6.6-2.2.x-imx.
More details: Making sure you're not a bot!
If WPA3 is needed, please update to BSP 7.3.0 or more as this is when it was supported on the kernel.
As for the error, can you please provide details on how are you connecting to the AP? Are you doing any setup through nmcli? Please provide the exact commands you are running (you can omit the password). Also please confirm if for the same AP in WPA2, the connection works without issues.
Thank you and looking forward to your response.
Alvaro.
@alvaro.tx
Thanks for your reply.
I’m trying to connect using the command below.
nmcli con add type wifi ifname mlan0 con-name “testssid_sae” ssid “testssid_sae”
nmcli con mod “testssid_sae” wifi-sec.key-mgmt sae
nmcli con mod “testssid_sae” wifi-sec.psk “******”
nmcli con mod “testssid_sae” connection.autoconnect yes
nmcli con mod “testssid_sae” connection.autoconnect-retries 0
nmcli con mod “testssid_sae” connection.autoconnect-priority 500
nmcli con mod “testssid_sae” proxy.method none
nmcli con mod “testssid_sae” ipv4.method auto
nmcli con mod “testssid_sae” ipv4.ignore-auto-dns no
nmcli con mod “testssid_sae” 802-11-wireless.hidden yes
nmcli con up id “testssid_sae”
This error is accidental.
I haven’t been able to confirm whether this issue can be reproduced with WPA2.
I’ll report back if it occurs.
Thanks for the fast reply.
I believe some extra commands might be needed like the PMF and Proto fields in the security side :
nmcli con add type wifi ifname mlan0 con-name "testssid_sae" ssid "testssid_sae"
nmcli con mod "testssid_sae" wifi-sec.key-mgmt sae
nmcli con mod "testssid_sae" 802-11-wireless-security.pmf 3
nmcli con mod "testssid_sae" 802-11-wireless-security.proto rsn
nmcli con mod "testssid_sae" wifi-sec.psk "yourpassphrase"
nmcli con mod "testssid_sae" 802-11-wireless.hidden no
nmcli con up "testssid_sae"
Can you kindly paste back the exact error from journalctl -u NetworkManager -b around the connection attempt (especially any “SAE”, “PMF”, “AUTH”, “ASSOC” lines) so we can further check?
Also please confirm that connecting from another device (ie. Smartphone), it can connect without issue.
Thanks,
Alvaro.
@alvaro.tx
Sorry, I didn’t explain it well.
This SoM can usually connect to this AP, but the error occurred when the signal became poor and it disconnected and then reconnected.
This is an error that occurs occasionally when connecting and disconnecting multiple times.
Ah, I see. Do you still need further help to debug the issue? If yes, kindly provide the log of journalctl -u NetworkManager -b once the issue happens.
Alvaro.
Since then, it has rarely happened and we are unable to record logs.
As a workaround, we have decided to reboot the system when this issue occurs.
However, some members would like to know the cause of this problem.
With the current information, is it still not clear what the cause is?
Very hard to tell. From the top of my mind:
Kind regards,
Alvaro.
We are using a Wi-Fi antenna, and since the issue is occurring on multiple modules, we believe it is software-related.
However, we do not have the resources to conduct further reproduction experiments, so we will unfortunately have to close this case.