Solved wlan0 doesn't set deftxkey (says deftxkey UNDEF in ifconfig)

loveydovey · Dec 21, 2025

This is so weird. It connects to the AP (AP is another machine running FreeBSD13 with other clients (Android) connecting totally fine). But on the PC with rtwn0 does not set the transmission key for some reason. And there is some weird thing in the wpa_supplicant log when it's trying to set the key. Zero internet, zero packets (obviously because it can't encrypt the traffic).

Code:

wlan0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=0
        ether 00:ad:
        inet 192.168.5.55 netmask 0xffffff00 broadcast 192.168.5.255
        groups: wlan
        ssid 45a3f channel 1 (2412 MHz 11g) bssid 0e:0b:
        regdomain FCC country US authmode WPA2/802.11i privacy ON
        deftxkey UNDEF AES-CCM 2:128-bit txpower 30 bmiss 7 scanvalid 60
        protmode CTS wme roaming MANUAL
        parent interface: rtwn0
        media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
        status: associated
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

Code:

wpa_supplicant v2.11
Successfully initialized wpa_supplicant
Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='YES'
ctrl_interface_group='wheel'
update_config=1
Priority group 0
   id=0 ssid='45a3f'
wpa_driver_bsd_capa: drivercaps=0x0591c541,cryptocaps=0x0000000b
bsd_ctrl_iface: if wlan0 (changed) enable 0 IFF_UP 0
Add interface wlan0 to a new radio N/A
PTKSA: Initializing
wlan0: Failed to attach pkt_type filter
wlan0: Own MAC address: 00:
bsd_set_key: alg=0 addr=0x0 key_idx=0 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=0
bsd_set_key: alg=0 addr=0x0 key_idx=1 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=1
bsd_set_key: alg=0 addr=0x0 key_idx=2 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=2
bsd_set_key: alg=0 addr=0x0 key_idx=3 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=3
bsd_set_key: alg=0 addr=0x0 key_idx=4 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=4
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
bsd_set_key: alg=0 addr=0x0 key_idx=5 set_tx=0 seq_len=0 key_len=0
bsd_del_key: key_idx=5
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
wpa_driver_bsd_set_countermeasures: enabled=0
wlan0: RSN: flushing PMKID list in the driver
wlan0: Setting scan request: 0.100000 sec
TDLS: TDLS operation not supported by driver
TDLS: Driver uses internal link setup
TDLS: Driver does not support TDLS channel switching
wlan0: WPS: UUID based on MAC address: 7630cf05-
ENGINE: Loading builtin engines
ENGINE: Loading builtin engines
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
ctrl_interface_group=0 (from group name 'wheel')
MBO: Update non-preferred channels, non_pref_chan=N/A
wlan0: Added interface wlan0
wlan0: State: DISCONNECTED -> DISCONNECTED
wlan0: Event SCAN_RESULTS (3) received
Received 0 bytes of scan results (0 BSSes)
wlan0: BSS: Start scan result update 1
BSS: last_scan_res_used=0/0
wlan0: New scan results available (own=0 ext=0)
wlan0: No suitable network found
wlan0: Ignore new scan request for 5.000000 sec since an earlier request is scheduled to trigger sooner
wlan0: State: DISCONNECTED -> SCANNING
wlan0: Starting AP scan for wildcard SSID
wlan0: Add radio work 'scan'@0x3336048105c0
wlan0: First radio work item in the queue - schedule start immediately
wlan0: Starting radio work 'scan'@0x3336048105c0 after 0.000021 second wait
wpa_driver_bsd_set_wpa: enabled=1
wpa_driver_bsd_set_wpa_internal: wpa=3 privacy=1
bsd_ctrl_iface: if wlan0 (changed) enable 1 IFF_UP 1
RTM_IFINFO: Interface 'wlan0' UP
wlan0: Event INTERFACE_ENABLED (25) received
wlan0: Interface was enabled
EAPOL: disable timer tick
wlan0: Event SCAN_RESULTS (3) received
Received 3952 bytes of scan results (14 BSSes)
wlan0: BSS: Start scan result update 2
wlan0: BSS: Add new id 3 BSSID 0e:0b:cd:59:cf:cd SSID '45a3f' freq 2412
BSS: last_scan_res_used=14/32
wlan0: New scan results available (own=0 ext=0)
WPS: AP[5] 20:3a:eb:c9:29:8e type=0 tries=0 last_attempt=-1 sec ago bssid_ignore=0
wlan0: Radio work 'scan'@0x3336048105c0 done in 1.920777 seconds
wlan0: radio_work_free('scan'@0x3336048105c0): num_active_works --> 0
wlan0: Selecting BSS from priority group 0
wlan0: 0: cc:be:59:f5:fd:fe ssid='28C7' wpa_ie_len=0 rsn_ie_len=20 caps=0x11 level=-74 freq=2412
wlan0:    skip - SSID mismatch
wlan0: 3: 0e:0b ssid='45a3f' wpa_ie_len=0 rsn_ie_len=24 caps=0x31 level=-80 freq=2412
wlan0:    selected based on RSN IE
wlan0: MLD: No Multi-Link element
wlan0:    selected BSS 0e:0b: ssid='45a3f'
wlan0: Considering connect request: reassociate: 0  selected: 0e:0b:  bssid: 00:00:00:00:00:00  pending: 00:00:00:00:00:00  wpa_state: SCANNING  ssid=0x33360483b000  current_ssid=0x0
wlan0: Request association with 0e:0b
wlan0: No ongoing scan/p2p-scan found to abort
wlan0: Add radio work 'connect'@0x3336048105c0
wlan0: First radio work item in the queue - schedule start immediately
wlan0: Starting radio work 'connect'@0x3336048105c0 after 0.000026 second wait
wlan0: WPA: clearing own WPA/RSN IE
wlan0: RSN: clearing own RSNXE
RSN: PMKSA cache search - network_ctx=0x33360483b000 try_opportunistic=0 akmp=0x0
RSN: Search for BSSID 0e:0b:
RSN: No PMKSA cache entry found
wlan0: RSN: using IEEE 802.11i/D9.0
wlan0: WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 258 proto 2
wlan0: WPA: Selected mgmt group cipher 32
wlan0: WPA: clearing AP WPA IE
WPA: set AP RSN IE - hexdump(len=26): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04 02 00 00 0f ac 02 00 0f ac 06 0c 00
wlan0: WPA: clearing AP RSNXE
wlan0: WPA: AP group 0x10 network profile group 0x18; available group 0x10
wlan0: WPA: using GTK CCMP
wlan0: WPA: AP pairwise 0x10 network profile pairwise 0x18; available pairwise 0x10
wlan0: WPA: using PTK CCMP
wlan0: WPA: AP key_mgmt 0x102 network profile key_mgmt 0x3; available key_mgmt 0x2
wlan0: WPA: using KEY_MGMT WPA-PSK
wlan0: WPA: AP mgmt_group_cipher 0x20 network profile mgmt_group_cipher 0x0; available mgmt_group_cipher 0x0
wlan0: WPA: not using MGMT group cipher
WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00
RSN: Set own RSNXE default - hexdump(len=0):
WPA: Set PMK based on external data - hexdump(len=32): [REMOVED]
wlan0: Automatic auth_alg selection: 0x1
No supported operating classes IE to add
wlan0: Trying to associate with 0e:0b: (SSID='45a3f' freq=2412 MHz)
wlan0: Cancelling scan request
wlan0: State: SCANNING -> ASSOCIATING
Limit connection to BSSID 0e:0b: freq=2412 MHz based on scan results (bssid_set=0 wps=0)
wpa_driver_bsd_associate: ssid '45a3f' wpa ie len 22 pairwise 16 group 16 key mgmt 2
wpa_driver_bsd_set_drop_unencrypted: enabled=1
bsd_set_opt_ie: set WPA+RSN ie (len 22)
wpa_driver_bsd_set_rsn_wpa_ie: set PRIVACY 1
bsd_ctrl_iface: if wlan0 (no change) enable 1 IFF_UP 1
wlan0: Setting authentication timeout: 10 sec 0 usec
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
wlan0: Event ASSOC (0) received
wlan0: State: ASSOCIATING -> ASSOCIATED
wlan0: Associated to a new BSS: BSSID=0e:0b:
wlan0: Associated with 0e:0b:
wlan0: WPA: Association event - clear replay counter
wlan0: WPA: Clear old PTK
TDLS: Remove peers on association
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: enable timer tick
EAPOL: SUPP_BE entering state IDLE
wlan0: Setting authentication timeout: 10 sec 0 usec
wlan0: Cancelling scan request
wlan0: RX EAPOL from 0e:0b: (encrypted=-1)
wlan0: Setting authentication timeout: 10 sec 0 usec
wlan0: IEEE 802.1X RX: version=2 type=3 length=95
wlan0:   EAPOL-Key type=2
wlan0:   key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)
wlan0:   key_length=16 key_data_length=0
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 01
  key_nonce - hexdump(len=32): f3 ec fc 9d 35 b9 9d d7 92 84 d6 b0 96 4d 72 2c 08 c2 80 df eb e7 34 d4 f6 42 14 e6 fa 5b cb fb
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
wlan0: WPA: RX message 1 of 4-Way Handshake from 0e:0b: (ver=2)
RSN: msg 1/4 key data - hexdump(len=0):
wlan0: State: ASSOCIATED -> 4WAY_HANDSHAKE
WPA: Renewed SNonce - hexdump(len=32): 9b a5 d6 25 2c ed f9 b1 2f a6 7a a3 50 03 51 37 dc 57 2b fc 3c f9 d2 19 27 ab 4e 49 7c d4 0f 4b
WPA: PTK derivation using PRF(SHA1)
WPA: PTK derivation - A1=00:ad:24:15:5c:78 A2=0e:0b:
WPA: Nonce1 - hexdump(len=32): 9b a5 d6 25 2c ed f9 b1 2f a6 7a a3 50 03 51 37 dc 57 2b fc 3c f9 d2 19 27 ab 4e 49 7c d4 0f 4b
WPA: Nonce2 - hexdump(len=32): f3 ec fc 9d 35 b9 9d d7 92 84 d6 b0 96 4d 72 2c 08 c2 80 df eb e7 34 d4 f6 42 14 e6 fa 5b cb fb
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=48): [REMOVED]
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: KEK - hexdump(len=16): [REMOVED]
WPA: TK - hexdump(len=16): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00
WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 01
wlan0: WPA: Sending EAPOL-Key 2/4
WPA: Send EAPOL-Key frame to 0e:0b: ver=2 mic_len=16 key_mgmt=0x2
WPA: EAPOL-Key MIC using HMAC-SHA1
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 6a a8 ec ef 84 93 72 36 d1 1a 99 e1 51 67 e3 d8
wlan0: RX EAPOL from 0e:0b: (encrypted=-1)
wlan0: IEEE 802.1X RX: version=2 type=3 length=159
wlan0:   EAPOL-Key type=2
wlan0:   key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC Secure Encr)
wlan0:   key_length=16 key_data_length=64
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 02
  key_nonce - hexdump(len=32): f3 ec fc 9d 35 b9 9d d7 92 84 d6 b0 96 4d 72 2c 08 c2 80 df eb e7 34 d4 f6 42 14 e6 fa 5b cb fb
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): af e0 7f b9 8f a0 95 47 e1 78 d1 5f 3e 1e 1a c0
WPA: EAPOL-Key MIC using HMAC-SHA1
RSN: encrypted key data - hexdump(len=64): e8 c7 3e 48 50 d9 a1 75 5b 6f 65 cb 98 ea 41 ec fe b6 b4 d3 8d 9b 2a bf 51 bf 4b 9e 0c 5c b9 f5 0e 70 5b cc 44 09 3a bc 39 42 fe 2f 00 3c c9 f2 ff fd 02 70 e7 da 29 09 cb 82 5e 8e db 45 ec e7
WPA: Decrypt Key Data using AES-UNWRAP (KEK length 16)
WPA: decrypted EAPOL-Key key data - hexdump(len=56): [REMOVED]
wlan0: State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
wlan0: RSN: RX message 3 of 4-Way Handshake from 0e:0b: (ver=2)
WPA: IE KeyData - hexdump(len=56): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04 02 00 00 0f ac 02 00 0f ac 06 0c 00 dd 16 00 0f ac 01 01 00 b5 92 86 c5 4c 37 08 2b ec 31 d3 e5 19 05 53 2b dd 00 00 00 00 00
WPA: RSN IE in EAPOL-Key - hexdump(len=26): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04 02 00 00 0f ac 02 00 0f ac 06 0c 00
WPA: GTK in EAPOL-Key - hexdump(len=24): [REMOVED]
wlan0: WPA: Sending EAPOL-Key 4/4
WPA: Send EAPOL-Key frame to 0e:0b: ver=2 mic_len=16 key_mgmt=0x2
WPA: EAPOL-Key MIC using HMAC-SHA1
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 61 c8 15 97 8b 31 58 d7 fa bf 72 2b cc 1f 1b 18
wlan0: WPA: Installing PTK to the driver
bsd_set_key: alg=3 addr=0x33360487e570 key_idx=0 set_tx=1 seq_len=6 key_len=16
Added PTKSA cache entry addr=0e:0b: cipher=16
EAPOL: External notification - portValid=1
wlan0: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
RSN: received GTK in pairwise handshake - hexdump(len=18): [REMOVED]
WPA: Group Key - hexdump(len=16): [REMOVED]
wlan0: WPA: Installing GTK to the driver (keyidx=1 tx=0 len=16)
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
bsd_set_key: alg=3 addr=0x1ead274acbc5 key_idx=1 set_tx=0 seq_len=6 key_len=16
wlan0: WPA: Key negotiation completed with 0e:0b: [PTK=CCMP GTK=CCMP]
wlan0: Cancelling authentication timeout
wlan0: State: GROUP_HANDSHAKE -> COMPLETED
wlan0: Radio work 'connect'@0x3336048105c0 done in 0.023662 seconds
wlan0: radio_work_free('connect'@0x3336048105c0): num_active_works --> 0
wlan0: CTRL-EVENT-CONNECTED - Connection to 0e:0b: completed [id=0 id_str=]
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state SUCCESS
EAP: EAP entering state DISABLED
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
EAPOL authentication completed - result=SUCCESS
EAPOL: startWhen --> 0
EAPOL: disable timer tick

loveydovey · Dec 21, 2025

Phishfry · Dec 21, 2025

That message is a red herring. My atheros shows it too. Works fine. OpenWRT AccessPoint

Code:

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=0
    ether 4c:bb:5x:96:xx:xx
    inet 192.168.1.119 netmask 0xffffff00 broadcast 192.168.1.255
    groups: wlan
    ssid APU2AP channel 161 (5805 MHz 11a ht/20) bssid 04:f0:21:xx::xx
    regdomain 106 indoor ecm authmode WPA2/802.11i privacy ON
    deftxkey UNDEF AES-CCM 3:128-bit txpower 30 bmiss 7 mcastrate 6
    mgmtrate 6 scanvalid 60 ampdulimit 64k ampdudensity 8 shortgi -uapsd
    wme burst roaming MANUAL
    parent interface: ath0
    media: IEEE 802.11 Wireless Ethernet MCS mode 11na
    status: associated
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

loveydovey · Dec 21, 2025

Phishfry said:
That message is a red herring. My atheros shows it too. Works fine. OpenWRT AccessPoint

Thanks. Well, darn. Does your ifconfig also show UNDEF?

The tcpdump shows ARP announcement from my ip, but nothing from the router. That's the only one packet I see on wlan0 after it shows associated.

Phishfry · Dec 21, 2025

Phishfry said:
deftxkey UNDEF

Look at wpa_cli. Those messages looked weird. Double check your wpa_supplicant.

Code:

network={
        ssid="APU2AP"
        bssid=XX:XX:XX:XX:XX:XX
        key_mgmt=WPA-PSK
        proto=RSN
        psk="freebsdforumrocks"
}

loveydovey · Dec 22, 2025

Ok, I deftxkey UNDEF is irrelevant for functionality in this case.

Phishfry said:
That message is a red herring. My atheros shows it too. Works fine. OpenWRT AccessPoint

Thank you for this.

The connectivity appeared when I switched my pf.conf from the wired interface to wifi and ran service routing restart AFTER having completed the association with the access point (not before,

doh). Little things like this get you messed up. But I knew I was almost there when I got it to associate and have the 4-way handshake be successful.

loveydovey · Dec 22, 2025

And also, this is an official confirmation that DWA-121 USB wifi nanoadapter works with FreeBSD14.3 (after you manually add its product ID to kernel source code).

Solved wlan0 doesn't set deftxkey (says deftxkey UNDEF in ifconfig)

loveydovey

loveydovey

Phishfry

loveydovey

Phishfry

loveydovey

loveydovey