Stuck on 22.05

[jasonsansone]

I have never been able to update past 22.05, but previously didn't have the time to extensively debug the issue. I am also starting to care more as I don't want to be running an unpatched, insecure system indefinitely. I am using the supplicant method which works great on 22.05. Certs are extracted from my BGW210, not purchased. Here is what happens if I execute the script manually in 23.01.

pfatt 59368 - - starting pfatt... pfatt 59524 - - resetting netgraph... pfatt 60893 - - creating vlan node and ngeth0 interface... pfatt 61867 - - enabling promisc for igb0... pfatt 63602 - - starting wpa_supplicant... pfatt 63884 - - terminating existing wpa_supplicant on PID 42344... pfatt 76978 - - wpa_supplicant running on PID 76616... pfatt 77163 - - setting wpa_supplicant network configuration... pfatt 87692 - - waiting for EAP authorization... pfatt 17137 - - EAP authorization completed... pfatt 17614 - - no IP address assigned, force restarting DHCP... dhclient not running? (check /var/run/dhclient/dhclient.ngeth0.pid). DHCPREQUEST on ngeth0 to 255.255.255.255 port 67 DHCPREQUEST on ngeth0 to 255.255.255.255 port 67 DHCPDISCOVER on ngeth0 to 255.255.255.255 port 67 interval 6 DHCPDISCOVER on ngeth0 to 255.255.255.255 port 67 interval 13 My address (104.62.redacted) was re-added DHCPDISCOVER on ngeth0 to 255.255.255.255 port 67 interval 12 My address (104.62.redacted) was deleted, dhclient exiting pfatt 67484 - - IP address is ... pfatt 67576 - - ngeth0 should now be available to configure as your WAN... pfatt 74890 - - set mac address on ngeth0...

I never get an IP and the WAN remains down. Does anyone have any thoughts? My pfatt script is attached.
pfatt.txt

[jasonsansone]

Update:

I upgraded to 23.09.1 and changed to using the method detailed here. However, wpa_cli status reports "connecting" and "unauthorized". The exact same hardware and certs authenticate fine on 22.05 using the old pfatt wpa_supplicant script. Any recommendations?

[jasonsansone]

Here is the syslog output:

Dec 23 08:38:29 pfsense pfatt[63277]: starting wpa_supplicant... Dec 23 08:38:29 pfsense wpa_supplicant[63663]: Successfully initialized wpa_supplicant Dec 23 08:38:33 pfsense pfatt[71584]: wpa_supplicant running on PID 70876... Dec 23 08:38:33 pfsense pfatt[72244]: setting wpa_supplicant network configuration... Dec 23 08:38:33 pfsense wpa_supplicant[70876]: igb0: Associated with 01:80:c2:00:00:03 Dec 23 08:38:33 pfsense wpa_supplicant[70876]: igb0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0 Dec 23 08:39:34 pfsense wpa_supplicant[70876]: igb0: CTRL-EVENT-EAP-FAILURE EAP authentication failed Dec 23 08:39:48 pfsense wpa_supplicant[70876]: igb0: CTRL-EVENT-EAP-STARTED EAP authentication started

And here is the output from wpa_cli status:

`wpa_cli status
Selected interface 'igb0'
bssid=01:80:c2:00:00:03
freq=0
ssid=
id=0
mode=station
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=IEEE 802.1X (no WPA)
wpa_state=ASSOCIATED
address=74:8a:0d:5f:be:21
Supplicant PAE state=CONNECTING
suppPortStatus=Unauthorized
EAP state=IDLE
uuid=666db3f9-54bb-5d96-8859-3fd4bbaa9546

wpa_cli status
Selected interface 'igb0'
bssid=01:80:c2:00:00:03
freq=0
ssid=
id=0
mode=station
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=IEEE 802.1X (no WPA)
wpa_state=ASSOCIATED
address=74:8a:0d:5f:be:21
Supplicant PAE state=HELD
suppPortStatus=Unauthorized
EAP state=FAILURE
uuid=666db3f9-54bb-5d96-8859-3fd4bbaa9546`