Hi, I want to report this very annoying problem. I always get deauthentication with reason: 16=GROUP_KEY_HANDSHAKE_TIMEOUT in my system. My system connected to Cisco AP with WPA2-EAP PEAP encryption. This disconnection happens everytime if one of this THREE cases meets: 1) invoke "reauthentication" through wpa_cli OR 2) if dot11RSNAConfigPMKReauthThreshold is reached OR 3) if the reauthentication is forced by the radius server (when I configured dot11RSNAConfigPMKLifetime too big and the radius server of my organization is also configured to do this forced reauth). Everytime, one of the three above happens, the internet connection will not work but my system is still connected to AP (just like zoombie, connected without internet). The MOST ANNOYING thing is, It lasts up to 25-30 mins with this zoombie connection until my system is disconnected from AP and deauthentication reason 16 is thrown. After I ran wpa_supplicant in debug mode -dd, I got this piece of strange logs: 1518093706.797931: wlan0: WPA: Installing PTK to the driver 1518093706.798030: wpa_driver_nl80211_set_key: ifindex=7 (wlan0) alg=3 addr=0x77afc2d8 key_idx=0 set_tx=1 seq_len=6 key_len=16 1518093706.798085: nl80211: KEY_DATA - hexdump(len=16): [REMOVED] 1518093706.798107: nl80211: KEY_SEQ - hexdump(len=6): 00 00 00 00 00 00 1518093706.798140: addr=aa:aa:aa:aa:aa:aa 1518093706.798864: EAPOL: External notification - portValid=1 1518093706.798942: wlan0: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE 1518093706.798985: RSN: received GTK in pairwise handshake - hexdump(len=18): [REMOVED] 1518093706.799035: wlan0: WPA: Not reinstalling already in-use GTK to the driver (keyidx=1 tx=0 len=16) 1518093706.799098: wlan0: WPA: Key negotiation completed with aa:aa:aa:aa:aa:aa [PTK=CCMP GTK=CCMP] 1518093706.799128: CTRL-DEBUG: ctrl_sock-sendmsg: sock=16 sndbuf=163840 outq=0 send_len=73 1518093706.799686: CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_1411-2\x00 1518093706.799750: wlan0: Cancelling authentication timeout 1518093706.799804: wlan0: State: GROUP_HANDSHAKE -> COMPLETED 1518093706.799835: EAPOL: External notification - portValid=1 1518093708.836567: EAPOL: startWhen --> 0 1518093735.863477: EAPOL: authWhile --> 0 If I interpret it correctly, before the reauthentication or before one of the THREE cases above happened, the system already connected with its working GTK, but when one of the THREE cases above happens, and GTK is renegotiated, wpa_supplicant detects it as key reinstallation attack and ignores the new negotiated GTK. It makes the wpa_supplicant is still using the old GTK, while the router already updated its GTK to all stations and causes my system cannot communicate with the AP anymore. During the zoombie connection, my system tried to do group key handhake many times. But it still doenst work as wpa_supplicant dont want to reinstall the new GTK to driver. Is that maybe caused by this wpa_supplicant patch for KRACK?: [PATCH] Prevent reinstallation of an already in-use group key If I suggest it correctly, maybe there should be an exception of the key reinstallation if three cases above happens so that wpa_supplicant allows GTK to be replaced by the new key. I really need help because it makes my connection unstable and restarting router everytime it happens regulary, rather than having up to 30 minutes zoombie connection is not convenience workaround. Any help will be appreciated! Thank you! Bima Hutama _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap