Unable to connect to WPA2-E PEAP

I am having an issue connecting to WPA2-Enterprise with PEAP and MSCHEAPv2 authentication. We are using no certificate and using domain credentials.

I manually added the entry system-ca-cert=false to /etc/NetworkManager/system-connections/SSID.nmconnection under [802-1x]

I even tried the suggested and installed wpasupplicant 2.4 per Unable to connect to PEAP MSCHAPv2 WIFI

I am really at lost. Maybe I did something wrong. I will appreciate any suggestions.


What version of Parrot are you running? (include version, edition, and architecture)
Linux parrot 4.18.0-parrot20-amd64 #1 SMP Debian 4.18.20-2parrot20 (2018-12-10) x86_64 GNU/Linux
What method did you use to install Parrot? (Debian Standard / Debian GTK / parrot-experimental)
Standard
Configured to multiboot with other systems? (yes / no)
no
If there are any similar issues or solutions, link to them below:
n/a
If there are any error messages or relevant logs, post them below:
https://pastebin.com/pbsXtk2S
https://pastebin.com/ZVTLtTMs

from the provided output:

Dec 14 15:58:20 parrot wpa_supplicant[1109]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol version

Dec 14 15:58:20 parrot wpa_supplicant[1109]: OpenSSL: openssl_handshake - SSL_connect error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol

you have definitly another issue
what kind of radius or 802.1x system do you use?

certifcate expired? do you use old ssl version?

We have Ubiquiti APs that authenticate with our AD server. I checked on the authenticating server logs and noticed it says credentials coming from my computer are invalid. I know the user and password are correct in the nmconnection folder.

I asked put in the setting asking it to ignore certicate but is that still a problem? I am not sure about the SSL version at this time.

https://duckduckgo.com/?q=wpa_supplicant[1109]%3A+OpenSSL%3A+openssl_handshake+-+SSL_connect+error%3A1425F102%3ASSL+routines%3Assl_choose_client_version%3Aunsupported+protocol&t=ffab&ia=web

have you tried looking for that message in your log??
it is within same second as your association starts - guess what?

I see the same errors. I followed their example and added the following 2 lines to /etc/ssl/openssl.cnf, still without success:
MinProtocol = TLSv1.0
CipherString = DEFAULT@SECLEVEL=1

The one thing I haven’t done is downgrading OpenSSL. Unless I missed something else.

syslog:Dec 17 10:15:41 parrot wpa_supplicant[1109]: SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol version
syslog:Dec 17 10:15:41 parrot wpa_supplicant[1109]: OpenSSL: openssl_handshake - SSL_connect error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol