iwlwifi @ AX210 ; unable to connect to hidden network ; no carrier

[_martin]

There's absolute NOGO on previous versions of FreeBSD. On a brand new 14.0-RELEASE (releng/14.0-n265380-f9716eee8ab4) I'm attempting to connect to my WiFi network with my Archer TX3000:

iwlwifi0@pci0:2:0:0:    class=0x028000 rev=0x1a hdr=0x00 vendor=0x8086 device=0x2725 subvendor=0x8086 subdevice=0x0020
    vendor     = 'Intel Corporation'
    device     = 'Wi-Fi 6 AX210/AX211/AX411 160MHz'
    class      = network

Network is using WPA2-PSK, SSID is hidden (I know it's a pseudo security measure but it does serve a purpose at a location where I am).
My /etc/wpa_supplicant.conf:

ctrl_interface=/var/run/wpa_supplicant
eapol_version=1
ap_scan=1
fast_reauth=1
network={
    scan_ssid=1
    ssid="my hidden ssid"
    key_mgmt=WPA-PSK
    proto=RSN
    #psk="some shared secret stuff"
    psk=<generated by wpa_passphrase>
    group=CCMP
    pairwise=CCMP
    auth_alg=OPEN
}

Whatever I do I can't connect. When I use wpa_cli(8) scan_results command sometimes does show the network, sometimes it doesn't.

NOTE: I can connect if I broadcast ssid.

I tried the very same machine on Linux, there it works just fine.

I toggled the verbose mode logging in rc.conf:

wlans_iwlwifi0="wlan0"
ifconfig_wlan0="WPA SYNCDHCP"
wlandebug_wlan0="+state +node +auth +assoc +dot1xsm +wpa +scan"

I have not used WiFi on PC/server pretty much over the decades. Any ideas are welcome.

 

[YYY__]

Help for the Current version is not allowed. Since the official release announcement is just around the corner:

Add ssid information to ifconfig_wlan0:

ifconfig_wlan0="ssid "my hidden ssid" mode 11g channel 1 WPA SYNDHCP"

Chapter 34. Advanced Networking

Advanced networking in FreeBSD: basics of gateways and routes, CARP, how to configure multiple VLANs on FreeBSD, etc

docs.freebsd.org

 

[_martin]

Help for the Current version is not allowed. Since the official release announcement is just around the corner:

Technically you are correct. Hard to argue with that.

If only setting up WiFI on FreeBSD was as straight forward as reading up handbook. . I tried pretty much everything I could think of, setting up things manually too. Also tried to activate the create/activate the profile within wpa_cli itself.

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=0
    ether c4:xx:xx:xx:xx:xx
    groups: wlan
    ssid "my hidden ssid" channel 1 (2412 MHz 11g)
    regdomain FCC country US authmode WPA1+WPA2/802.11i privacy MIXED
    deftxkey UNDEF txpower 30 bmiss 7 scanvalid 60 protmode CTS wme
    roaming MANUAL
    parent interface: iwlwifi0
    media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
    status: no carrier
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

The ifconfig wlan0 scan always detects the BSSID of my AP. It just doesn't connect. Again, if I don't hide SSID I can connect.

Example of configuring this manually:

# wpa_cli -iwlan0 add_network
1
# wpa_cli -iwlan0 set_network 1 ssid '"my hidden ssid"'
OK
# wpa_cli -iwlan0 set_network 1 key_mgmt WPA-PSK
OK
#
# wpa_cli -iwlan0 set_network 1 psk '"some shared secret stuff"'
OK
# wpa_cli -iwlan0 set_network 1 pairwise CCMP
OK
# wpa_cli -iwlan0 set_network 1 group CCMP
OK
# wpa_cli -iwlan0 set_network 1 proto WPA
OK
# wpa_cli -iwlan0 enable_network 1
OK
#

And of course I'm still left with no connection.

I'm not showing examples of doing this also in rc.conf as you mentioned nor as I did manually within ifconfig command itself (in combination with wpa_cli).

After many hours spent googling around I noticed other Linux folks around 2020 had the same issue. I really don't want to dive into contrib/wpa/, hopefully there's just something I can do beside broadcasting my SSID.

 

[SirDice]

Help for the Current version is not allowed.

It's the releng/14.0 branch, not main. We've started providing support here on the forums since the first beta releases.

 

[YYY__]

There are recent threads related to issues connecting with a hidden ssid, as far as I can remember.
Does "wpa_cli -i<interface> enable_network" request a DHCP renewal or static IP?

 

[_martin]

I was so focused on this issue that it didn't cross my mind to test the speed/performance with the SSID broadcast enabled. It was barely usable, many times transfers stalled or got to a sorry speeds.


I felt disturbance in force when I activated my FreeBSD (14.0) zfs pool on Linux (ubuntu server 23.10).
For now I'll choose path of least resistance.

 

[cmoerz]

Not sure, if this qualifies as necro bumping... I too had some issues with that chip on my frame.work. What usually did make it work for me (before I switched it out for an iwm based series chip) is to use devctl reset iwl0 to reset the device.

Maybe this of use to someone still attempting to make it work.

 

[Perceval]

Hi,
Necrobumping too, to confirm the problem still exists as if today (14.3-RELEASE p5).
I switched from a 8265 to AX210 on my Thinkpad X280 because of wifi problems (performance loss after an hour or so, had no problem before), if my network is hidden, no way to connect, while not hidden it will connect instantly.
Did anyone found a way to make it work ? I'll test several things on my side... But I just can't unhide my wifi.

 

[_martin]

Did anyone found a way to make it work ? I'll test several things on my side... But I just can't unhide my wifi.

I didn't. For me it was in unusable state. For while I used Ubuntu server but wanted to have FreeBSD there. I had to do some cabling around few floors but managed to push cat6a cable up there.
So I switched back to FreeBSD but use wire again. Time flies though, I wouldn't believe I did that two years ago already.

 

[T-Daemon]

to confirm the problem still exists as if today (14.3-RELEASE p5).

Try 15.0-BETA4 (current upcoming 15 RELEASE).

The 14 branch doesn't receive the newest iwlwifi driver changes. The receiving branches are "main" (CURRENT), 15.0-STABLE, from where they are merged into 15.0-BETA4.

See "Please test new drivers in main (iwlwifi, rtw88, rtw89)" from the driver developer on freebsd-wireless@ mailing list (23 Oct 2025).

 

[Perceval]

Thank you everybody ! I've cross-tested using a Realtek Wifi dongle I own, it does connect fine. The iwlwifi(4)() driver does not support hidden networks... And I didn't find any clue about this.
Here are what I have (sanitized ; wlan0=Realtek USB ; wlan1=Intel AX210) :

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=200001<RXCSUM,RXCSUM_IPV6>
    ether AA:BB:CC:DD:EE:FF
    inet 192.168.X.XYZ netmask 0xffffff00 broadcast 192.168.X.XYZ
    groups: XXX
    ssid YESCOOLMYSSID channel 4 (2427 MHz 11g ht/20) bssid AA:BB:CC:DD:EE:FF
    regdomain ETSI country FR authmode WPA2/802.11i privacy ON
    deftxkey UNDEF AES-CCM 2:128-bit txpower 30 bmiss 7 scanvalid 60
    protmode CTS ht20 ampdulimit 64k shortgi -stbc ldpctx -ldpcrx -uapsd
    wme roaming MANUAL
    parent interface: rtwn0
    media: IEEE 802.11 Wireless Ethernet MCS mode 11ng
    status: associated
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
wlan1: flags=8c43<UP,BROADCAST,RUNNING,DRV_OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=0
    ether AA:BB:CC:DD:EE:FF
    inet 192.168.X.XYZ netmask 0xffffff00 broadcast 192.168.X.XYZ
    groups: XXX
    ssid "" channel 1 (2412 MHz 11g)
    regdomain ETSI country FR authmode WPA1+WPA2/802.11i privacy MIXED
    deftxkey UNDEF txpower 30 bmiss 7 scanvalid 60 protmode CTS wme
    roaming MANUAL
    parent interface: iwlwifi0
    media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
    status: no carrier
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

You will notice several differences, including the missing ssid ("").

It is said in 15.0-RELEASE notes that there will be "Numerous stability improvements" but I couldn't find any detail, including this specific problem.
T-Daemon thanks for your link ! It looks not updated (but I never understood how mailing list work, my bad !), I'd try 15.0-BETA4 setup to an USB stick but since we're a about a month from 15.0-RELEASE, that's not very relevant.

 

[SirDice]

But I just can't unhide my wifi.

Why not?

 

[_martin]

Why not?

NOTE: I can connect if I broadcast ssid.

Back then I had the same issue - it was just not able to connect.
edit: I understood your question "Why not" differently. Why not as in "why is the connection not working if you hide it", not "why you can't have ssid broadcast".
Similar to Perceval, while it's not "security" I didn't want ssid popping up to everybody's device.

 

[Perceval]

Why not?

I'm in a high tourism area (sigh) with lots of random people running around. Just like living inside an airport
I do know cloacking networks are NOT relevant for security, but I feel better not to appear on anyone's device...

 

[covacat]

this looks interesting
not sure the same problem but still

Intel(R) Wi-Fi 6E AX210 160MHz not connect to wifi 6E 6 GHz

I am using MS window version 11 with Intel(R) Wi-Fi 6E AX210 160MHz (driver version: 22.80.1.1). I tried to connect to my wifi 6E (Asus Zenwifi ET8) with no success. Windows unable to see my 6E SSID. I can connect to my 2.4 and 5 GHz channel with no problem. My Samsung phone able to see my 6E...

community.intel.com

 

[Perceval]

this looks interesting
not sure the same problem but still

Intel(R) Wi-Fi 6E AX210 160MHz not connect to wifi 6E 6 GHz

I am using MS window version 11 with Intel(R) Wi-Fi 6E AX210 160MHz (driver version: 22.80.1.1). I tried to connect to my wifi 6E (Asus Zenwifi ET8) with no success. Windows unable to see my 6E SSID. I can connect to my 2.4 and 5 GHz channel with no problem. My Samsung phone able to see my 6E...

community.intel.com

You mean this message ?

This is fully expected behaviour. You are enjoying a regulatory feature here called "no IR" or "no inititial radiation". It basically blocks the fimrware sending on a band / channel which it never received a frame on before in the current session.


This is intended, such that your station (Client) does not accidently transmit on a band which it is not supposed to in the current regulary domain.. If your APs SSID is "hidden", it will not send beacon frames, so your AP (client) will not receive anything on the 6 GHz band / Channel.. So it would have to actively send out a frame to associate with the AP, this is blocked by the "no IR" feature..

So hidden SSIDs won´t work on channels with "no IR" enabled.. Intel enabled that feature for all channnels in the 6 GHz band.



"The NO-IR flag then means you cannot use modes of operation that require you to initiate radiation first"

 

[MrBSD]

What is the current state on WPA3 support ?

 

[Perceval]

It seems unsupported (?).

Thread 'WPA3 client usage'

Jul 20, 2025

I was wondering if anyone can confirm that WPA3 works on FreeBSD for wireless client? I am looking at WPA3-SAE.
WPA-Supplicant on FreeBSD is at >2.11 so that should be sufficient.

Anyone using WPA3 ?

• Phishfry
• Replies: 2
• Forum: Networking

• 

My main AP uses mixed 2/3 so it does connect, I'll test with my phone in WPA3 mode.