WPA2 Enterprise ERROR - "RTL8721D[Driver]: assoc reject, status code: 43"

running out of the box eap example: ambd_sdk/component/common/example/eap at dev · ambiot/ambd_sdk · GitHub
against Cisco Meraki MR52 access point and also against MIST AP41, both rejecting association.

I have been looking into this and compared Wireshark logs from Realtek chip and other WIFI clients that are authenticating successfully in the same WPA2-ENT environment. I can see, inside the RSA information, AKM suite count is 0, and I believe this is the issue why APs are rejecting it.

Has anyone experienced this? What is the fix? Based on my research, not ALL APs will reject this, but in my case two models that our clients are using are rejecting it.
I have not found how to explicitly set AKM with code.

here is an image of left capture working from another WIFI client (ESP8266), and right is the realtek chip running the amebad eap example:

here is same information in case image is not clear.
first this is where it connects with another wifi client (ESP8266) to prove that my infrastructure is connect: (i can see this hitting my radius server and authenticating)
Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 20
RSN Version: 1
Group Cipher Suite: 00:0f:ac (Ieee 802.11) AES (CCM)
Group Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
Group Cipher Suite type: AES (CCM) (4)
Pairwise Cipher Suite Count: 1
Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM)
Auth Key Management (AKM) Suite Count: 1
Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) WPA
Auth Key Management (AKM) Suite: 00:0f:ac (Ieee 802.11) WPA
Auth Key Management (AKM) OUI: 00:0f:ac (Ieee 802.11)
Auth Key Management (AKM) type: WPA (1)
RSN Capabilities: 0x0000

Here is the ameba SDK is not setting AKM section inside the RSN request, and I believe this is what causes AP to reject with status code 43:
Tag: RSN Information
Tag Number: RSN Information (48)
Tag length: 16
RSN Version: 1
Group Cipher Suite: 00:0f:ac (Ieee 802.11) AES (CCM)
Pairwise Cipher Suite Count: 1
Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM)
Auth Key Management (AKM) Suite Count: 0
Auth Key Management (AKM) List
RSN Capabilities: 0x0000

Hi @airista_islavov, you may raise a request on this github link for further support. Thank you.

posted: WPA2 Enterprise ERROR - “RTL8721D[Driver]: assoc reject, status code: 43” · Issue #19 · Ameba-AIoT/ameba-rtos-d · GitHub

Thank you,
Ivan S.

1 Like