funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
 ·Verizon Online DSL
 ·Skype
 ·Comcast
edit:
June 12th, @04:24PM
|  WPA-PSK Communications Lockout or DHCP Failure Tip
WPA-PSK Communications Lockout or DHCP Failure Workaround
... by funchords with the help of thousands ...
The purpose of these steps is to give a hardware and software independent method of resolving the issue of repeated communication lockouts between a wireless Access Point and a wireless client computer.
SOME EXAMPLES OF WHEN TO USE THIS:
- You repeatedly get a message from a wireless computer about Limited Connectivity because you did not get an IP address, or you are assigned an APIPA 169.254 address.
- If you have set a manual IP address, the wireless client says it is connected, but it repeatedly is not communicating or it stops communicating within 5 minutes of connecting every time
- Even though you have saved profiles for your wireless Access Point (AP), some clients repeatedly refuse to attempt to connect
- In Event Viewer, DHCP and TCPIP appear in the system event logs over and over, and rebooting has not solved the problem
THINGS TO TRY FIRST:
- Reboot your wireless computers and power-cycle your AP.
- Turn off any options to hide your SSID from broadcasts.
- Turn off any proprietary speed-enhancing technologies.
- On your wireless client, delete and re-create your saved profile.
STEPS TO PERFORM:
1. On your wireless AP, change your SSID to something that you have never used before.
2. Unplug power to your AP, take note of the time
3. Remove all saved profiles for that AP from your wireless computers
4. Reboot your wireless computers
5. After 65+ minutes from step 2, plug in your router
6. Using your wireless computers, associate with the new SSID
7. Leave the client connected for 65+ minutes. There may or may not be indications of up to two brief reconnections during this time. Do not reboot the AP during this time.
8. Shut down or reboot your wireless client computer normally (do not sleep, hibernate, or abruptly power-cycle).
TIP: The 65+ minute wait in step 5 may not be necessary for your hardware or software. If you only have one or two clients, you may wish to first try these steps without that wait. If they are not successful, then try all of the steps again with the wait.
WHY THIS WOULD WORK (IF IT WORKS): Setting up a new SSID causes the clients to create a new, clean, and correct profile for the access point. Rebooting the hardware is one attempt at clearing authentication failure lockouts. Waiting 65 minutes with the router off is another. Leaving the client online for 65 minutes is to ensure at least one successful key exchange after the initial successful authentication. Shutting down normally allows the software or OS to save configuration or registry information so that you can successfully connect in the future.
NOTES:
- WPA-PSK is a key-exchanging encryption and authentication method. The correct keys must be exchanged within a certain time and order.
- If this is not completed, the process ends by interrupting communications. Both the client and AP perform this checking and either one (or both) may be the side with the problem.
- This communications interruption is a possible cause for the DHCP failure.
- This problem can affect wireless products that are not configured to use WPA-PSK or 802.1X. Use these same steps if you are having the described problems and are using WEP or no encryption.
- Some 802.11 software and hardware products are more robust than others. Some products may not tolerate unexpected issues like an AP changing security methods, a frequently rebooting AP or client, or multiple security profiles for a single access point.
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
edit:
June 12th, @04:05PM
| ...
[deleted -- added edits to the above] |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS |  reply to funchords
Re: WPA-PSK Communications Lockout or DHCP Failure Tip
Great work Funchords!!! |
|
No_Strings
Premium,MVM
join:2001-11-22
The OC | reply to funchords
Re: WPA-PSK Communications Lockout or DHCP Failure
I nominate this one for stickification. (It's a word; look it up.) |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | Did you mean 'stringification'?
String it up as a faq!  |
|
Bartimaeus
join:2005-07-28
Minneapolis, MN
| reply to funchords
Re: WPA-PSK Communications Lockout or DHCP Failure Tip
said by funchords  :3. Remove all saved profiles for that AP from your wireless computers
How do you go about doing this? |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| said by Bartimaeus :said by funchords :3. Remove all saved profiles for that AP from your wireless computers How do you go about doing this? It depends on which software or OS you are using to manage your wireless connections.
At some point or another, you are able to see a list of all the networks your wireless computer can hear. From that list, you can configure and save a connection's profile -- or more than one -- for use in the future.
If you are using Windows XP to manage your wireless network card, you'll find this in the Properties of the Network Connection icon, on the "Wireless Networks" tab.
--
Robb Topolski http://www.funchords.com/  Hillsboro, Oregon USA
They who would give up an essential liberty for temporary security, deserve neither liberty or security |
|
wright_two
join:2005-04-11
Austin, TX | reply to funchords
SO basically every day we need to shutdown everything and wait then plug everything back in... |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| said by wright_two :SO basically every day we need to shutdown everything and wait then plug everything back in... No.
If your problem is the corrupted profile, the above steps will fix it and it will stay fixed.
I really think most of these are caused by a rebooting router that really pulls the exchanges out of time and sequence. This won't fix that. You've got to fix the rebooting router.
But someone changing the basic parameters of their AP between authenticated modes (WPA or 802.1x) and non-authenticated modes (WEP or No-encryption) ... without changing SSID or rebooting the AP/Clients -- issues that are caused by that problem these steps will fix.
If you can avoid those
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
They who would give up an essential liberty for temporary security, deserve neither liberty or security |
|
interflexo
join:2005-10-24
PORTUGAL
| I was having random WPA-PSK communications lockouts with D-Link G520+ wireless adapter and Asus WL500G router. None of the steps described above worked for me.
Although changing router "Network key rotation interval" from 0 (no periodic key change) to something like 120 seconds really took care of the problem for good. |
|
blackcurtain
join:2005-10-25
england
| reply to funchords
This did not work for me either, and i followed it to the letter, 3 times.
I think I'll have to go back to the oxymoron called WEP security.
Also, there is no key rotation interval option in my belkin router  |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| said by blackcurtain :This did not work for me either, and i followed it to the letter, 3 times. I think I'll have to go back to the oxymoron called WEP security. Also, there is no key rotation interval option in my belkin router What equipment do you have? What symptoms do you have?
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... |
|
blackcurtain
join:2005-10-25
england
| Belkin ADSL modem with wireless G router - F5D7632-UK4
Belkin High speed mode wireless G notebook network card - F5D7011uk.
It will always allow a wep encryption (not satisfactory) but will never, even after a firmware upgrade, allow a WPA authentication.
I say never after trying about 5 or 6 times. When I try WPA i cant access the router or the internet, and belkin say its a windows issue.
i run xp home sp2, have downloaded the applicable wireless patch (in the beginning and since to confirm).
the belkin app shows green (connected) but it lies. in the status tab everything looks ok except for the line
"key absent".
thanks for the quick response - if you can help further i would be very grateful. |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| After setting up your WPA-PSK TKIP security on the AP, try this:
1. Close/Exit the Belkin application on the toolbar
2. Go to Network Connections, right click on the icon for the card, then click properties
3. On the middle tab, click the button that says to Allow Windows to manage this Wireless Connection*
4. Click OK
5. Wait a minute or so, then Windows should begin bugging you about detecting nearby wireless connections. At that point, follow the prompts.
(*you might be prompted to start the WZC service if it is not running. Run services.msc, find the Wireless Zero Config service, double-click it, set it from disabled to Start automatically, and then click Start)
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... |
|
blackcurtain
join:2005-10-25
england
| Thank you. I tried that before i went to bed, and instead of the "up to two brief disconnections" you mentioned earlier, it will connect for up to 20 seconds if i refresh the view, then lose it, over and over. i switched it off and went upstairs to lay in a darkened room at that point lol.
I'm not sure I'll ever have wpa-psk, its been a pain since the beginning. Its true, it never authenticated properly, I would get errors in the router logs, and i noticed some EAPOL logs in event viewer but unsure if it is a related symptom.
Its true to say that Belkin, hearing of my complaint, told me that the adapter wasn't managing to authenticate but that it was definitely a windows issue, and i was the only person having the issue. there's no way I'm phoning microsoft and paying for the call - this is a brand new laptop and I've reinstalled windows since i got it due to this issue.
fed up but grateful. |
|
blackcurtain
join:2005-10-25
england
|  ok, today i have uninstalled the wireless adapter, and gone through the registry and taken out a couple of keys in
HKLM\Software\Microsoft\Windows NT\CurrentVersion\NetworkCards\
because they both said belkin 802.11g and had different values. (this is probably due to installing from the disk which came with the card, and then downloading the latest drivers from the website and updating them).
that done - i have logged into the router and assigned a new ssid, and set to broadcast, turned off g-nitro and set to 11b only. Should i assign the WPA security before the reinstallation?
i am not reinstalling the adapter until i have the patience to go theough all the steps but when i do i will let you know how it goes. |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| The every 20 seconds issue does sound like two Supplicants may have been fighting over control of the card.
said by blackcurtain :that done - i have logged into the router and assigned a new ssid, and set to broadcast, turned off g-nitro and set to 11b only. Should i assign the WPA security before the reinstallation? Yes.
The goal is to have the drivers installed, but not the utility. Or, if the utility is installed, not to have it running.
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... |
|
Juke Box
Free From Marketing
Premium
join:2001-01-29
Bar & Grill
·Comcast
| reply to funchords
You could add to THINGS TO TRY FIRST:
View network connections/right click on the wireless connection/select disconnect then reconnect.
Like wise, Repair connection.
Neither will hurt and only takes a minute to try.
Good idea for a post BTW..
--
Do you listen to Tangerine Dream? |
|
blackcurtain
join:2005-10-25
england
| reply to funchords
Ok - I have the patience to do it now.
said by funchords :
The goal is to have the drivers installed, but not the utility. Or, if the utility is installed, not to have it running.
I am not sure I can skip the install of the utility, so I'll try not using it if you recommend doing so, although I will have to mark the Wireless Zero service as automatic?
Will post in a few hours. |
|
funchords
Robb
Premium,MVM
join:2001-03-11
Hillsboro, OR
·Verizon Online DSL
·Skype
·Comcast
| said by blackcurtain :I am not sure I can skip the install of the utility, so I'll try not using it if you recommend doing so, although I will have to mark the Wireless Zero service as automatic? Yes
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... |
|
