Connecting to a network and Pelion Device Management
Before you begin this tutorial, please build an MBL image and install it on your device.
This tutorial covers:
- Setting up an Ethernet connection.
- Setting up a Wi-Fi connection.
- Verifying that your device can connect to your Pelion Device Management account.
Setting up an Ethernet connection
If your device is physically connected to an Ethernet network (that must have a DHCP server), then it automatically uses that network.
Setting up a Wi-Fi connection
Mbed Linux OS (MBL) uses Connection Manager (ConnMan) to manage Wi-Fi interfaces and connections. This page briefly reviews ConnMan and then explains how to use it to set up and manage Wi-Fi on MBL devices.
As an MBL developer, use ConnMan for all basic Wi-Fi operations, rather than interacting directly with the
wpa_supplicant daemon or modifying the
Note: This page reviews only some of the commonly used ConnMan options, within the context of MBL. You may be interested in the full ConnMan documentation.
connmanctl is ConnMan's command-line interface (CLI) tool. It can operate in two modes:
A noninteractive mode, where it runs a single command passed as arguments to
connmanctl. For example, you can trigger an immediate run of the command
# connmanctl state State = ready OfflineMode = False SessionMode = False
An interactive shell for more extensive use. To enter the interactive shell, enter
connmanctlwithout entering a specific command. For example, to start
connmanctlin interactive mode and run the
# connmanctl connmanctl> agent on Agent registered
Some operations, such as connecting to a protected wireless access point for the first time, may only be possible through the interactive mode. For example, any operation that requires entering passwords.
To see the available
connmanctl commands, run
connmanctl help (or just
help in interactive mode).
Tip: See the
connmanctl man page for more information.
Configuration and state
ConnMan automates many network operations and configurations by interacting with other daemons (DNS, DHCP and others) and by keeping a settings file, service files and other autogenerated data in the
The folder contains:
/config/user/connman/settings: Current global and per-technology settings.
/config/user/connman/main.conf: The main ConnMan configuration file. Currently, most parameters are set to their default values (commented out); the only set parameter is
PreferredTechnologies, which prioritizes Ethernet interface default routes over the Wi-Fi interface when both are connected.
Automatically generated service profiles. For each Wi-Fi network that ConnMan connects to, it creates a directory in
/config/user/connmanto hold connection-specific configuration, such as passphrases, to support auto-connect on boot. Initially (before ConnMan has connected to any networks), there are no service profiles defined.
To see all service profiles:
# cat /config/user/connman/*/settings
For advanced connection configurations, you may manually generate service files and place them under
/config/user/connman(see section Connecting to a network using service configuration (provisioning) files). These are also known as provisioning files, and their file extensions must be
ConnMan classifies network interfaces by their technology, and configurations are generally applied to one or more technologies. Examples of ConnMan's technology classifications are
By default, in MBL, all technologies managed by ConnMan are disabled to prevent unwanted wireless or wired communication. To enable Wi-Fi, run:
# connmanctl enable wifi Enabled wifi
This command does not actually cause the device to connect to any Wi-Fi networks; you must still configure the network connection, as explained below.
Scanning for available Wi-Fi networks and inspecting results
To scan for nearby Wi-Fi networks:
# connmanctl scan wifi Scan completed for wifi
To list the available networks found (among other services):
# connmanctl services AndyAP5 wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none Edimax wifi_a2b2a2b2a2b2_19999999_managed_wep mbed wifi_a1a1a1a1a1a1_91111111_managed_psk ourLocalNetwork wifi_a0a0a0a0a0a0_41699999999e47_managed_ieee8021x Wired gadget_000000000000_usb
The last command lists all available services. As you can see in the example output, there is also a
Wired service (listed on the last line). The available Wi-Fi services are prefixed with
wifi_ and suffixed with the security protocol. For example:
- Open network (AndyAP5):
- WEP protected network (Edimax):
- WPA/WPA2 Enterprise 802.1X: (ourLocalNetwork)
- WPA/WPA2 Personal (also known as WPA-PSK):
To more closely inspect a service after scanning, use
connmanctl services <service_id>. For example, when you look at a local Wi-Fi network:
root@imx7s-warp-mbl:~# connmanctl services wifi_a0a0a0a0a0a0_41699999999e47_managed_ieee8021x /net/connman/service/wifi_a0a0a0a0a0a0_41699999999e47_managed_ieee8021x Type = wifi Security = [ ieee8021x ] State = idle Strength = 59 Favorite = False Immutable = False AutoConnect = False Name = ourLocalWiFi Ethernet = [ Method=auto, Interface=wlan0, Address=A0:A0:A0:A0:A0:A0, MTU=1500 ] IPv4 = [ ] IPv4.Configuration = [ Method=dhcp ] IPv6 = [ ] IPv6.Configuration = [ Method=auto, Privacy=disabled ] Nameservers = [ ] Nameservers.Configuration = [ ] Timeservers = [ ] Timeservers.Configuration = [ ] Domains = [ ] Domains.Configuration = [ ] Proxy = [ ] Proxy.Configuration = [ ] Provider = [ ] root@imx7s-warp-mbl:~#
Connecting to an open (public) Wi-Fi network
To connect to a public open network (AndyAP5 in the example), run
connmanctl connect <service_id> where
<service_id> is a service ID obtained from the output of
connmanctl services. For example:
# connmanctl connect wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none [ 1321.787201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready Connected wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none # ifconfig ... ... ... wlan0 Link encap:Ethernet HWaddr A0:B1:A0:B1:A0:B1 inet addr:192.168.168.168 Bcast:192.168.168.168 Mask:255.255.255.0 inet6 addr: fe80::fe80:fe80:fe80:fe80/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:18 errors:0 dropped:0 overruns:0 frame:0 TX packets:40 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1922 (1.8 KiB) TX bytes:7189 (7.0 KiB)
After connecting to AndyAP5, the DHCP server assigns
wlan0 an IP address.
If you check the ConnMan configuration folder, you can see the service profile for this connection:
# ls -l /config/user/connman/ total 10 -rw-r--r-- 1 root root 5731 Oct 22 16:03 main.conf -rw------- 1 root root 138 Nov 6 14:12 settings drwx------ 2 root root 1024 Nov 6 14:12 wifi_a0cc2b2ccb9b_416e64726f6964415035_managed_none
ConnMan automatically created the folder
wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none. Inside are a data (binary) file and a settings text file. The text file is used when inspecting a service using the
services <service_id> option introduced above and includes all current settings.
# ls -l /config/user/connman/wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none/ total 7 -rw------- 1 root root 4096 Nov 6 14:12 data -rw------- 1 root root 272 Nov 6 14:12 settings # cat /config/user/connman/wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none/settings [wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none] Name=AndyAP5 SSID=432432432432432 Frequency=2412 Favorite=true AutoConnect=true Modified=2018-11-06T14:12:25.981677Z IPv4.method=dhcp IPv4.DHCP.LastAddress=192.168.168.168 IPv6.method=auto IPv6.privacy=disabled
Pay attention to the
AutoConnect=true parameter. It means that ConnMan will automatically connects to this network on boot if it is the only existing service profile, as well as in a few other cases (when the access point is nearby, and a few other configurations are applied).
You can change this file by using
connmanctl config <config_data>, or by editing it manually.
Connecting to a protected network interactively
Disconnect from any currently connected Wi-Fi networks. For example, if you were connected to the AndyAP5 network from the example above:
# connmanctl disconnect wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none
connmanctlin interactive mode, and:
- Enable ConnMan's wireless agent, used for entering passphrases, by using the
- Connect to the protected Wi-Fi network using the
connectcommand, entering the passphrase when prompted.
In this example, you connect to the Edimax WEP network from the
connmanctl serviceslisting above:
# connmanctl connmanctl> agent on Agent registered connmanctl> connect wifi_a2b2a2b2a2b2_19999999_managed_wep Agent RequestInput wifi_a2b2a2b2a2b2_19999999_managed_wep Passphrase = [ Type=wep, Requirement=mandatory ] Passphrase? XXXXXXXXXX connmanctl> [ 146.007791] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready Connected wifi_a2b2a2b2a2b2_19999999_managed_wep
- Enable ConnMan's wireless agent, used for entering passphrases, by using the
Note: ConnMan does not support password encryption.
Connecting to a network using service configuration (provisioning) files
For advanced configuration, use a provisioning file (with the extension
.config). Configurations include secured wireless access points that need complex authentication (such as WPA2 Enterprise), static IPs and so on. Each provisioning file can be used for multiple services at once.
For more information, refer to the connman-service.config man page.
Connecting to a Wi-Fi WPA/WPA2 enterprise network
- Disable Wi-Fi:
# connmanctl disable wifi
Create a configuration provisioning file at
Tip: You can add the
-servicesuffix to file names as a convention. For example,
Add service information to the configuration file:
[global] Name = my-ssid Description = Provide a short description [service_wifi_local_network] Type = wifi Name = <my-ssid> EAP = peap Phase2 = MSCHAPV2 Identity = <my-username> Passphrase = <my-password>
<my-password> with the appropriate information, and amend the description.
- Re-enable Wi-Fi:
# connmanctl enable wifi
ConnMan now connects to the specified network.
If you experience any issues, restart both ConnMan and
Troubleshooting WiFi connections
When connecting, the network name you use in the command must match the real network name exactly, including capitalisation and without trailing characters. Otherwise, you may get the following error:
Error /net/connman/service/WIFI_NAME: Method "Connect" with signature "" on interface "net.connman.Service" doesn't exist