Saturday, March 06, 2010

MacBook Pro & WPA2

Boo MacBook Pro WPA2 support! I've recently discovered a problem with the WPA2 implementation on my MacBook Pro.

The Backstory

I switched my home wireless access point (Netgear WG302) from an open network to WPA+WPA2 network (which essentially works with either WPA or WPA2 encryption). The following devices reliably connected to the network:

iMac 20" Core Duo (1st gen)
Apple iPod Touch 16GB.
Nintendo Wii

The MacBook Pro (Core 2 Duo, 17") had issues connecting. Basically, you had a 25% chance it would successfully connect to the network. If it did not connect to the network, I would have to turn the AirPort card off, then back on to get it to go (either directly or by sleeping/waking the computer). Also, it would always connect fine the first time the computer was booted up. Booting to the operating system DVD also demonstrated the same problem. We took it in to the Apple store to see if they could "fix" it. Unfortunately, they didn't have equipment to set up a WPA2 network, and of course it connected fine to their open access network–after all, it connected fine when mine was open access too. They replaced the AirPort card in it anyway. That seemed to work at first, but then it started having the connection problems again within a few days. In hindsight, it's odd that it seemed to work for a while.

The best part about the problem is that the access point station log showed the laptop authenticating and associating correctly! There must be a problem in Apple's driver. The following log was repeated throughout the station log on the access point, for each time the laptop tried getting on the network, whether it was successful or failed.

Wed Feb 17 20:06:03 2010 WLAN0: Station 00:1B:63:XX:XX:XX authenticated.
Wed Feb 17 20:06:03 2010 WLAN0: Station 00:1B:63:XX:XX:XX associated.
Wed Feb 17 20:06:06 2010 WLAN0: Station 00:1B:63:XX:XX:XX disassociated.
Wed Feb 17 20:06:06 2010 WLAN0: Station 00:1B:63:XX:XX:XX deauthenticated.

As far as the access point is concerned, absolutely nothing is wrong! But the laptop logs tell another story. Each failed attempt to connect to the network would generate an entry like the following:

Feb 17 20:07:09 MacBookPro airportd[284]: Apple80211Associate() failed -3905 (Timeout)


Feb 17 20:07:14 MacBookPro airportd[284]: Apple80211Associate() failed -3924 (Invalid PMK)

The Solution

There is obviously something with the laptop and WPA+WPA2 networks. Maybe I should test it with one or the other. I thought to myself, "Self, my access point can host more than one wireless network, can it not? Oh, yes it can. Why don't I switch my WPA+WPA2 network to WPA2 only and add another that is WPA only? Oh, that sounds like a good idea." So that's what I did. I discovered that the laptop has no problem at all connecting to the WPA network, and will NOT connect to the WPA2 only network-I've tried about 10 times turning the AirPort off then back on and connecting to the WPA2 network. So I guess the reason it was sporadically connecting was that it would sometimes fall back on WPA and sometimes not (which doesn't sound like good code to start with in my book).

Hopefully this helps somebody else having the same trouble. I've tried to put in pertinent information to make it come up in searches.

Since the AP's log indicated the station was doing everything fine, I've filed a bug with Apple (bug 7725286 go vote!). We'll see if it gets anywhere.


