Cannot connect to my company network. Very strange issue

I brought an Imp-001 into work today to show a colleague. I have been unable to connect it to the WiFi network and the situation is pretty strange.

The unit blinks up fine at home and will connect to the WiFi hotspot on my phone, and my work laptop, but it cannot connect at all to a network we have specifically for devices that don’t have a screen. I can connect to this network using my phone with the supplied password, but the imp just sits there flashing the red light. 1-long 2-short, which is code for I cannot see the network you told me to connect to. I have double and triple checked the SSID and password and made sure that the device and blinkup are working. I have even connected to an unknown secure network nearby and get the 1-long 3-short sequence so it found that network.

I had the IT folks check to see if they could see the device trying to connect, which they could not, or if there was an allowed or disallowed list of MAC addresses which might prevent it connecting. Since we connect the products we make to this network, and they are always new, there would be no point setting up authorization by MAC address since they change daily. According to IT there is nothing special about the WiFi configuration.

The only thing I have left that might explain the issue is if the IMP cannot connect to the 2.4GHz network if the AP is also broadcasting on 5GHz too? Pretty sure this is an AP problem, but I don’t know what else to ask the IT guys to check. My phone and other devices (which are only 2.4G) connect fine to this SSID.

Suggestions from any WiFi gurus?

I suppose that company WiFi has some restrictions due to security.
I have the same issue, and there is no solution because security is first and then imp - that I receive in response from ICT guys. I can understand.
Mobile phones connect but imp not.
The same was with impC001 and cellular tower years ago. Some channel was closed, and there was no way to open it - the mobile operator was too lazy to do something at all. Long discussion - no result.
If possible - use your mobile hotspot (you must have another phone to blink up) or mobile to WiFi router (as we do).
There can be points you do not even know about security. ICT guys close everything “extra” to be secure simply because they may not know. For example - I must close everything related to Windows on my Mac as a server to stop annoying messages from security companies - a lot of search on Mac support to do that.
For demonstration, the easiest way is to use a mobile hotspot - my experience.

imps can connect on 2.GHz even if the AP is also broadcasting on 5GHz — imps that are 2.4GHz only just don’t know the 5GHz network is there.

Some enterprise WLANs require extra login, which might be an issue here — see the link below for more information. Another is that the company WLAN is using bands 12 and/or 13, which some US-sold imps don’t support for regulatory reasons. Is your company network in the US?

More info here: Network Requirements For imp-enabled Devices, and note this guidance on WPA3.

Network is in US and not using channels 12/13. No extra passwords required. I can connect other devices using the same credentials as I supplied via Blinkup.

The error codes indicate that the network name I supplied cannot be found, but if I connect the IMP to another network and run a scan of the networks that it can see I can see the SSID I am trying to connect to and the channel numbers RSSI etc. The mystery is why it doesn’t even try to connect. The IT folks could see no WiFi traffic from the IMPs MAC address during the time it was trying to connect and get an IP.

I have pretty much resigned myself to it not working, because our IT is outsourced and we no longer have the experts who seem to know how things work. The support people follow a “script” and if that pre-canned solution does not work you are out of luck. Just don’t like giving up on this, because there will be something to learn from it if we ever figure it out :slight_smile:

That’s pretty strange; definitely no hidden characters/uppercase/lowercase/“smart quotes” in the SSID or password?

(quotes are often problematic as phones tend to try and do open/close quotes which are unicode)

There is are no special characters in the network name. SSID is all capital letters and the format is AAAA-BBBBBBBBBB2-CC.

The password has letters/numbers and ! in it. Again nothing out of the ordinary.

I even made a mobile hotspot on my laptop with a very similar name and password to check that there was not a problem with the format of the name or the characters in the password. Imp connected just fine. So it has to be something with the networks itself.

A colleague mentioned MFP (management frame protection) as a possibility. When set to required on his home network his Imps would not connect. If he disabled MFP or made it optional they connected fine. We don’t think MFP is enabled in the office, since we have other devices connecting out of the box without issues.

I’m stumped!

Do you have a mac? Taking a wifi capture with a mac is pretty easy (there’s even a built in tool). Macs, fairly uniquely, have wifi drivers that can do promiscuous captures and getting one of these that has the join attempts may help uncover the issue.

See https://support.metageek.com/hc/en-us/articles/200907740-Wireless-Packet-Capture-with-macOS - you should put the mac vaguely equidistant between the imp and the access point, and have it capture on the right 2.4GHz channel for a minute or so after imp power up.

If you can do this and DM me a link to the capture file we can see if anything looks unusual.

This topic was automatically closed after 60 days. New replies are no longer allowed.