on
Advanced Wifi Configuration With ConnMan on Falcon Player
For reasons that will be clearer in future posts I’ve been poking around with some software called Falcon Player. The only thing I have really struggled with here was the wireless configuration here’s a quick summary of what I have done to configure WiFi on the Falcon Player.
TL;DR
Edit the file /home/fpp/media/settings with the following additions/changes
to disable reconfiguration of the networking stack on reboot and disable the
tethering.
SkipNetworkReset = "1"
EnableTethering = "2"
Edit the file /var/lib/connman/fpp.config with details for my phone, home
wifi and work wifi (the ordering here should prioritise my phone hotspot if it
is enabled)
[service_mobile]
Type=wifi
Name=Jonathan's iPhone
Passphrase= # my passphrase
IPv4=dhcp
[service_home]
Type=wifi
Name=Pakedge5-1
IPv4=dhcp
[service_office]
MAC=00:e0:4c:1c:a2:f6
Type=wifi
IPv4=dhcp
Name=OfficeMobile
EAP=peap
Identity= # my AD username
Passphrase= # my AD password
Phase2=MSCHAPV2
Then reboot.
Background
I’ve used Falcon Player on a project that I wanted to run at the office, preferably on a wireless network reserved for untrusted devices. Falcon Player is designed to work as an easy to configure appliance. To this end, if Falcon Player doesn’t have a working internet connection and the device it is installed on has a wifi interface it will activate a tethering network that you can connect to and configure the device with the appropriate details to establish a more permanent internet connection. This works perfectly fine on my home network but when I got to the office I hit a couple of problems.
Problem 1 : WPA 2 Enterprise
In order to connect to the “devices” network at the office I need to provide my Active Directory username and password in order to authenticate to the wireless network. The web application that the Falcon Player exposes an interface for specifying ssid and passphrase, no place for my username.
Problem 2 : PHP, shell scripts and escaping
As a fallback solution to get my project connected I wanted to try and connect
to the internet by tethering to my phone. After entering the ssid of
Jonathan's iPhone, providing the password and restarting, instead of
connecting to my phone as expected the fallback tethering network on the Falcon
Player came up again. Loading the configuration screen something didn’t look
quite right, and gave me a hint as to what was wrong.
This is the point where I first felt the need to take a peek at how the sausage is made and took a look into the git repository. The core functionality of the Falcon Player itself is a daemon written in C++ (fair enough), but the configuration interface is a set of PHP scripts that update text configuration files that are read by shell scripts both on demand and during system start.
I’ve not dug completely into the details here but somewhere in the
reading/writing of these configuration files the ' in my ssid isn’t escaped
properly, making correct configuration of the network impossible. I’ve reported
this as an issue on the GitHub repository.
ConnMan
A quick side-note on ConnMan. While digging through the code for Falcon Player I discovered that Falcon Player uses a tool called ConnMan to manage the network configuration. This is a tool I wasn’t familiar with but appears to be an all-in-one network configuration tool designed for embedded devices with a simple configuration format. This is one of the simplest network configuration tool for linux that I’ve seen and I’m quite tempted to give it a spin on my main laptop instead of NetworkManager.
Solution
I’m regretting not documenting my process a little better right now but from what I remember the process went roughly like the following;
After reading various blog posts on how to configure ConnMan for WPA 2 Enterprise and cross referencing with the official documentation I constructed a configuration that I thought would work with the office wifi. I also changed the configuration of Falcon Player to ensure that it didn’t overwrite my config on reboot. This appeared to work when reloading intially but after a while the connection dropped out and after a reboot the hotspot came up instead of connecting to the wifi.
My theory at this point is that the WPA 2 Enterprise handshake was taking longer than the connectivity test would allow, before enabling the tethering network which then cancelled any attempt to connect to the office network. I have no concrete evidence to prove this but disabling the tethering completely has provided a much more reliable behaviour on restart.
Using the same strategy I was also able to connect to the hotspot on my iPhone, by placing this config first in the file it should be prioritised by ConnMan meaning that if the hotspot is enabled then the Pi should pick that first over any other networks. This was my fallback solution instead of the tethering provided by Falcon Player.
The configuration changes I made for all of the above are documented at the top of this post.
Unfortunately I never got a completely stable wireless connection but I’m starting to think this is because I’m using a Raspberry Pi Model B with a USB WiFi Dongle without adding a powered hub, I’m hoping to refactor the project early next year with a Raspberry Pi Zero W instead, on the assumption that this will fix the stability issues.