Skip to main content
Welcome guest. | Register | Login | Post

Router refusing to authenticate with GNU/Linux

23 replies [Last post]
libervisco's picture
Offline
Joined: 2006-05-04

I don't remember when was the last time I faced something as ridiculous and simply illogical as this is. I finally got a phone line and ADSL here, but indeed I am not surfing at speeds of 1Mbps right now. It is ironic that it was easier for me to get exotic EDGE and satellite connections working than ADSL, a much more common type. To be honest I expected it to just work, immediately, out of the box. What a darn disappointment.

As soon as the technician hooked everything up Ubuntu recognized a new network connection and let us know that it is there through the network manager applet. Then we proceeded with Firefox to connect to the router at 192.168.1.1, which prompts for username and password which I have been given. I type it in carefully, press enter and whoops, it asks for it again, and again and again and again... Authentication fails every single time, no matter how correct or incorrect the password was.

But at first I tried only a few times and as the technician was in a kind of hurry he just hooked his Windows XP powered laptop up to it, logged in with my login details on the first try and did the configuration using the web based interface provided on the router. Not long later he tested it and that was it. Then we plugged the cable back to my computer, opened google and thought that since google is opening, the connection works. Later I realized that it was still going over the old connection, not the new one.

Bottom line is that, apparently, one can connect to this router using Windows XP, but if I try it with GNU/Linux I will only be getting failed authentications, even when I try it over ssh or telnet and even after I, in the course of the day, reset the router (hence bringing the modem login details to the simple admin/admin defaults). Nothing works. It just wont let me log in. There is no password in the world it would accept apparently.

My ADSL connection didn't work with his configuration and sure enough it doesn't work now that it is reset. For me to have any hope of connecting I need to get into that router to configure it, but how do I do that when it wont let me? I tried logging in from Ubuntu livecd, from clean Ubuntu Feisty installation, from Debian Etch, from Sidux 2007, using Opera and even IE4Linux. It's the same story everywhere. Apparently the only thing it will accept is Microsoft Windows. WHY!?

Some mentioned that it may be missing some SSL/TLS stuff for authentication. I installed even an excess of related packages though I already had the basic ones (libssl). It's not that.

Is it hardware related? Well, I've used this onboard ethernet before to connect to another computer and it works here as well - I CAN ping and even scan open ports on my router. It is there, the connection is alive, BUT I can't log in to it. I can't change anything on it. I'm stuck.

I'm really out of ideas. I have a phone line, an ADSL router and I can't use ADSL connection. I don't have a Windows XP CD anywhere around either, for that last goddamn option of actually installing Windows just to configure this stupid router.

And you can imagine, I'm pissed. It's just that I don't really know who to be pissed at. D-Link? T-Com? GNU/Linux itself????

Anyway, this turned into quite an entry... If you have ANY clues as to what may be wrong here please let me know. I'm quite desperate. The connection I'm on right now is incredibly unstable and slow and at that even expensive. I don't want to spend another day on it, with ADSL stuff laying around unused.

Thank you!

AttachmentSize
capture.txt58.44 KB
Offline
Joined: 2006-03-28
Have you tried changing the

Have you tried changing the UA of Firefox to IE? Maybe this could help already.

tbuitenh's picture
Offline
Joined: 2005-12-21
here's some "is it plugged

here's some "is it plugged in?" style advice:

1) completely disconnect your mobile internet connection thingy, then try to connect to your router from a liveCD. It's very possible the one connection is somehow getting in the way of the other.

2) if that fails, search the web for the router brand, model name, type number and linux. In various combinations. Give that information to us, too.

libervisco's picture
Offline
Joined: 2006-05-04
@reptiler: How do I do that

@reptiler: How do I do that in Firefox?

@tbuitenh: I already tried all that. The problem seems quite exotic as I haven't yet found anyone describing the same thing.

It's D-Link DSL-584T.

Offline
Joined: 2006-03-28
You'll need a plugin for

You'll need a plugin for that. It's called "User Agent Switcher" or something like that. You can get it on the offizial plugin-page for Firefox.
Otherwise you might try with Konqueror, if installed, that one has the possibility to fake the User-Agent built-in.

libervisco's picture
Offline
Joined: 2006-05-04
I just tried that with

I just tried that with konqueror and no deal. I'll install that plugin on firefox and try with that.

But.. I already tried IE4Linux (Internet Explorer through wine on GNU/Linux) and I get the same thing - and that was real IE.

libervisco's picture
Offline
Joined: 2006-05-04
Switching user agents

Switching user agents didn't work on neither Firefox nor Konqueror. On Firefox I could only switch to Windows Vista (IE7, Netscape and Opera), but with it not working even from real IE from wine I don't think this is the issue.

It really doesn't seem as if the router was intentionally framed to reject other browsers or OSs than Windows and IE. It even says in manuals that it will work on any modern browsers (and it mentions Internet Explorer and Netscape). The issue must be somewhere else. I really don't know anymore, but my barely educated guess would be that Windows XP has something that router needs to authenticate and which GNU/Linux doesn't have. What could that possibly be I've no idea right now.. something related to authentication I suppose.

libervisco's picture
Offline
Joined: 2006-05-04
Actually, trying with user

Actually, trying with user agents is pretty much doomed to failure before even starting considering that ssh and telnet is being refused as well. I ssh

and it normally asks for password which should then be "admin" and that doesn't work. It says that authentication is failed with pubkey and password. But of course, it could very well be that admin/admin login information only applies to that web based interface and that there is no really an user on router named "admin" while I didn't get any root password to it.

And that is also something I really detest when I think about it. I'm given a device for basically no money, alright, but that's only because I signed a contract for 12 months. I think I have a right to the root password of the damn device for these 12 months!

tbuitenh's picture
Offline
Joined: 2005-12-21
probably not it, but... are

probably not it, but... are you running a firewall?

libervisco's picture
Offline
Joined: 2006-05-04
I'm not, but the thought of

I'm not, but the thought of firewalls did cross my mind. On the box it says that the router has an a "SPI Firewall for Advanced Security". I'm wondering if that may be a culprit, if it is running on the box and somehow blocking authentication from certain OSes... I still don't know why would they allow windows then... which brings me back to the old reasoning of, if it wouldnt't work even when I set the user agent to Windows and IE... it doesn't seem like the router is deliberately blocking anything. There must be something on my box... but I can't be sure.

If it's a hardware issue I don't think it is related directly to the onboard ethernet. It could be something else that can affect that. I guess I'll have a look at my BIOS *again*..

libervisco's picture
Offline
Joined: 2006-05-04
Does Firefox have any log

Does Firefox have any log somewhere which might have some details about why is it not authenticating? It can't be that authentication fails only when the password or username aren't correct. In this case it is apparently something else..

Offline
Joined: 2006-03-28
Maybe monitoring traffic

Maybe monitoring traffic with Wireshark could help, that should be better than any Firefox-logs.
Otherwise installing Windows in QEmu might be a (temporary) solution.

libervisco's picture
Offline
Joined: 2006-05-04
I'll install wireshark and

I'll install wireshark and try.

About windows in qemu, I don't have a windows CD around and I'm not sure connection would work from within qemu, but I'd try that if I had windows...

I searched for "router keeps asking for password" and found some people having a similar problem, only on windows, where the router just kept asking for password. The usual solution to this was a full reset and a power cycle of the router. The power cycle is apparently supposed to be done by waiting one minute before reconnecting power, which I didn't do before so I decided to try again.

I held the reset button for 1 whole minute (30 seconds is required) which apparently ended up resetting it twice judging from the blinkage of the status LED. I then disconnected and waited for more than a minute and reconnected the power supply.

And guess what? It's like NOTHING happened. It doesn't work and keeps asking again. At this point I just think that this whole thing is just an incredibly sick joke! I'm tempted to just go out and buy another cheap router, if anyone could only guarantee to me that I wont get into the same kind of trouble with that too.

libervisco's picture
Offline
Joined: 2006-05-04
I captured some TCP packets

I captured some TCP packets with wireshark (no others have been detected apparently) when I was trying to log in again and while I don't really understand all the data from the output I did notice that all entries with "GET / HTTP/1.1" in the "info" column are marked as red on black background. When I click on them "Transmission Control Protocol, Src Port: (36212), Dst Port: www (80), Seq: 1, Ack: 1, Len: 479" is marked as red and under it "Checksum: 0x8559 [Incorrect, should be 0xc930 (maybe caused by checksum offloading)]" is marked as red.

It looks like the cycle is repeating every time I enter password and get asked for it again, so this is what the cycle is looking like:

Time Source Destination Protocol Info
14 9.702156 192.168.1.2 192.168.1.1 HTTP GET / HTTP/1.1
15 9.703317 192.168.1.1 192.168.1.2 TCP www > 36210 [ACK] Seq=1 Ack=480 Win=6432 Len=0 TSV=239324 TSER=4013239
16 9.707164 192.168.1.1 192.168.1.2 TCP [TCP segment of a reassembled PDU]
17 9.707182 192.168.1.2 192.168.1.1 TCP 36210 > www [ACK] Seq=480 Ack=520 Win=6912 Len=0 TSV=4013284 TSER=239324
18 9.707361 192.168.1.1 192.168.1.2 HTTP HTTP/1.1 401 Unauthorized (text/html)
19 9.747227 192.168.1.2 192.168.1.1 TCP 36210 > www [ACK] Seq=480 Ack=520 Win=6912 Len=0 TSV=4013284 TSER=239324


This was manually copied since I could copy/paste it. I hope it contains some useful hints.

Thanks

Btw, here is an exported text file from the capture: http://www.nuxified.org/system/files/capture.txt

tbuitenh's picture
Offline
Joined: 2005-12-21
I've been googling around a

I've been googling around a bit. I found these interesting things:

- it is not sold in the UK or USA, but it is some other countries such as Russia. This doesn't help for finding info I can read.

- you can download the gpl'ed sources of the firmware, I bet the thing runs linux.

- it may be possible to run OpenWRT on it Smiling (but this precise model number is not in the list of supported hardware)

I think the best bet is to ask for help on a german free software forum, since the thing is actually sold in that country and plenty of linux+adsl users live there.

libervisco's picture
Offline
Joined: 2006-05-04
Thanks for trying to help

Thanks for trying to help guys.

I've noticed that searching for it results in a lot of foreign results as well (foreign to me being non-english and non-croatian). I'm not sure about asking on german forums if they only speak german. I'd have to have a look.

However I've got an update on this. A friend of my sisters boyfriend (who I am to help choose (or build) a computer) brought a Windows XP CD over and I installed that today because if it worked on Windows of the technician's laptop it could have worked on Windows on this computer as well.

Well, that's where I was wrong. The same exact thing is happening on Windows XP with Internet Explorer (6 I believe) on my computer.

Which is a green light for me to start nagging T-Com about this. I did call them today, but mentioning that I'm logging in from GNU/Linux they blew me off with "we don't support Linux, only Mac and Windows". Now I'll tell them that it doesn't work on windows either.. I guess that'll have to get them talking to me!

I'm still baffled, however. If it really worked on his laptop yet it wont work on my computer, is it my computer hardware's fault? I'd very much hate to think that. If I have a physical connection to the router meaning that my network chip is working. If I am getting prompted for a password and shown a web 401 error then I have access to the routers web server. This doesn't seem to indicate that there is anything wrong with my network "card" (it's onboard). And what else could it be anyway?

What bothers me now is this. The first ever attempt at logging in to the routers web interface was from my computer and it failed. After that a technician tried with his laptop and he succeeded. So what if, say, a technician comes again with a laptop and finds it working on his laptop while it still doesn't work on my computer?

I think I'd then really find myself understanding computers a whole lot less than I may have thought. This is just baffling.

libervisco's picture
Offline
Joined: 2006-05-04
Good news guys! I called

Good news guys! Smiling

I called t-com support again today and a guy told me an alternative password for the router (four zeros) and that worked immediately. He then walked me through the configuration of the modem in bridged mode and making a new connection in windows. I was online at once after that, downloading firefox at a speed of at least 100 kb/s, something I've never seen before on any of my computers. Laughing out loud

Next.. I booted back to Ubuntu and ran pppoeconf and it worked like a charm. I'm online with ADSL now from Ubuntu. Awesome! Laughing out loud

Thanks a lot guys for helping out!

I'm finally back to the real world, or something. Smiling

tbuitenh's picture
Offline
Joined: 2005-12-21
That was weird. I think you

That was weird. I think you now understand why I never uninstalled windows from my laptop even though it's just wasting space.

And the cloud has a silver lining too: we learned your router runs free software Smiling .

libervisco's picture
Offline
Joined: 2006-05-04
Indeed. I might keep it

Indeed. I might keep it around just in case as well. I've put it on a 3.5 gig partition which can easily be nuked anytime without affecting the rest of the installations (of GNU/Linux) so its presence doesn't harm much.

And yeah it certainly does run Free Software. There is a printed out GNU GPL coming in the box with the router. That was a cool thing to see. Smiling

Whistler's picture
Offline
Joined: 2006-01-03
well... here's my

well... that's also my experience when trying to get help from China Telecom:

When calling their support department, ALWAYS censor the words "Linux" and "Firefox" as I will immediately lose my chance to get help from them if I say those words (even if the problem is obviously not associated with OS and browsers) Sticking out tongue -> Sad

Whistler's picture
Offline
Joined: 2006-01-03
And for those who has a

And for those who has a situation like this, here may be a temporary workaround:

Microsoft has a Windows Server 2003 Trial version, which will allow you to use it in 180 days.
http://technet.microsoft.com/en-us/windowsserver/bb430831.aspx

If you don't even have a copy of Windows before, I don't think you'll need this for more than 10 days so 180 days will be enough Smiling

libervisco's picture
Offline
Joined: 2006-05-04
Sounds good, but in this

Sounds good, but in this case it seems I didn't even need windows. It's just those four zeros that I needed, but since support was more eager to blow me off when I mention GNU/Linux than to tell me that they actually tamper with factory defaults of their routers.. I had to go the long way.

So yeah, you're right. Apparently we have to censor the word "Linux" when talking to our telecoms. But on the other hand.. if we do that they will hear less demand and think they still don't even need to support it, which is still bad for us.

tbuitenh's picture
Offline
Joined: 2005-12-21
So tell them you use Linux

So tell them you use Linux AFTER they have finished helping you. Laughing out loud

libervisco's picture
Offline
Joined: 2006-05-04
That's kind of what I did

That's kind of what I did the last time, though I really was on Windows then. Sticking out tongue

Comment viewing options