Mistake on this page? Email us

Connecting to a network and Pelion Device Management

Before you begin this tutorial, please build an MBL image and install it on your device.

This tutorial covers:

  1. Setting up an Ethernet connection.
  2. Setting up a Wi-Fi connection.
  3. Verifying that your device can connect to your Pelion Device Management account.

Setting up an Ethernet connection

If your device is physically connected to an Ethernet network (that must have a DHCP server), then it automatically uses that network.

Setting up a Wi-Fi connection

Mbed Linux OS (MBL) uses Connection Manager (ConnMan) to manage Wi-Fi interfaces and connections. This page briefly reviews ConnMan and then explains how to use it to set up and manage Wi-Fi on MBL devices.

As an MBL developer, use ConnMan for all basic Wi-Fi operations, rather than interacting directly with the wpa_supplicant daemon or modifying the wpa_supplicant.conf file.

Note: This page reviews only some of the commonly used ConnMan options, within the context of MBL. You may be interested in the full ConnMan documentation.


connmanctl is ConnMan's command-line interface (CLI) tool. It can operate in two modes:

  • A noninteractive mode, where it runs a single command passed as arguments to connmanctl. For example, you can trigger an immediate run of the command state:

    # connmanctl state
      State = ready
      OfflineMode = False
      SessionMode = False
  • An interactive shell for more extensive use. To enter the interactive shell, enter connmanctl without entering a specific command. For example, to start connmanctl in interactive mode and run the agent on command:

    # connmanctl
    connmanctl> agent on
    Agent registered

    Some operations, such as connecting to a protected wireless access point for the first time, may only be possible through the interactive mode. For example, any operation that requires entering passwords.

To see the available connmanctl commands, run connmanctl help (or just help in interactive mode).

Tip: See the connmanctl man page for more information.

Configuration and state

ConnMan automates many network operations and configurations by interacting with other daemons (DNS, DHCP and others) and by keeping a settings file, service files and other autogenerated data in the /config/user/connman/ folder.

The folder contains:

  • /config/user/connman/settings: Current global and per-technology settings.

  • /config/user/connman/main.conf: The main ConnMan configuration file. Currently, most parameters are set to their default values (commented out); the only set parameter is PreferredTechnologies, which prioritizes Ethernet interface default routes over the Wi-Fi interface when both are connected.

  • Automatically generated service profiles. For each Wi-Fi network that ConnMan connects to, it creates a directory in /config/user/connman to hold connection-specific configuration, such as passphrases, to support auto-connect on boot. Initially (before ConnMan has connected to any networks), there are no service profiles defined.

    To see all service profiles:

    # cat /config/user/connman/*/settings
  • For advanced connection configurations, you may manually generate service files and place them under /config/user/connman (see section Connecting to a network using service configuration (provisioning) files). These are also known as provisioning files, and their file extensions must be .config.

Enabling Wi-Fi

ConnMan classifies network interfaces by their technology, and configurations are generally applied to one or more technologies. Examples of ConnMan's technology classifications are wifi and ethernet.

By default, in MBL, all technologies managed by ConnMan are disabled to prevent unwanted wireless or wired communication. To enable Wi-Fi, run:

# connmanctl enable wifi
Enabled wifi

This command does not actually cause the device to connect to any Wi-Fi networks; you must still configure the network connection, as explained below.

Scanning for available Wi-Fi networks and inspecting results

To scan for nearby Wi-Fi networks:

# connmanctl scan wifi
Scan completed for wifi

To list the available networks found (among other services):

# connmanctl services
    AndyAP5           wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none
    Edimax               wifi_a2b2a2b2a2b2_19999999_managed_wep
    mbed                 wifi_a1a1a1a1a1a1_91111111_managed_psk
    ourLocalNetwork      wifi_a0a0a0a0a0a0_41699999999e47_managed_ieee8021x
    Wired                gadget_000000000000_usb

The last command lists all available services. As you can see in the example output, there is also a Wired service (listed on the last line). The available Wi-Fi services are prefixed with wifi_ and suffixed with the security protocol. For example:

  • Open network (AndyAP5): _managed_none suffix.
  • WEP protected network (Edimax): _managed_wep suffix.
  • WPA/WPA2 Enterprise 802.1X: (ourLocalNetwork) managed_ieee8021x suffix.
  • WPA/WPA2 Personal (also known as WPA-PSK): _managed_psk suffix.

To more closely inspect a service after scanning, use connmanctl services <service_id>. For example, when you look at a local Wi-Fi network:

root@imx7s-warp-mbl:~# connmanctl services wifi_a0a0a0a0a0a0_41699999999e47_managed_ieee8021x
  Type = wifi
  Security = [ ieee8021x ]
  State = idle
  Strength = 59
  Favorite = False
  Immutable = False
  AutoConnect = False
  Name = ourLocalWiFi
  Ethernet = [ Method=auto, Interface=wlan0, Address=A0:A0:A0:A0:A0:A0, MTU=1500 ]
  IPv4 = [  ]
  IPv4.Configuration = [ Method=dhcp ]
  IPv6 = [  ]
  IPv6.Configuration = [ Method=auto, Privacy=disabled ]
  Nameservers = [  ]
  Nameservers.Configuration = [  ]
  Timeservers = [  ]
  Timeservers.Configuration = [  ]
  Domains = [  ]
  Domains.Configuration = [  ]
  Proxy = [  ]
  Proxy.Configuration = [  ]
  Provider = [  ]

Connecting to an open (public) Wi-Fi network

To connect to a public open network (AndyAP5 in the example), run connmanctl connect <service_id> where <service_id> is a service ID obtained from the output of connmanctl services. For example:

# connmanctl connect wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none
[ 1321.787201] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
Connected wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none
# ifconfig
wlan0     Link encap:Ethernet  HWaddr A0:B1:A0:B1:A0:B1  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::fe80:fe80:fe80:fe80/64 Scope:Link
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1922 (1.8 KiB)  TX bytes:7189 (7.0 KiB)

After connecting to AndyAP5, the DHCP server assigns wlan0 an IP address.

If you check the ConnMan configuration folder, you can see the service profile for this connection:

# ls -l /config/user/connman/
total 10
-rw-r--r--    1 root     root          5731 Oct 22 16:03 main.conf
-rw-------    1 root     root           138 Nov  6 14:12 settings
drwx------    2 root     root          1024 Nov  6 14:12 wifi_a0cc2b2ccb9b_416e64726f6964415035_managed_none

ConnMan automatically created the folder wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none. Inside are a data (binary) file and a settings text file. The text file is used when inspecting a service using the services <service_id> option introduced above and includes all current settings.

# ls -l /config/user/connman/wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none/
total 7
-rw-------    1 root     root          4096 Nov  6 14:12 data
-rw-------    1 root     root           272 Nov  6 14:12 settings
# cat /config/user/connman/wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none/settings

Pay attention to the AutoConnect=true parameter. It means that ConnMan will automatically connects to this network on boot if it is the only existing service profile, as well as in a few other cases (when the access point is nearby, and a few other configurations are applied).

You can change this file by using connmanctl config <config_data>, or by editing it manually.

Connecting to a protected network interactively

  1. Disconnect from any currently connected Wi-Fi networks. For example, if you were connected to the AndyAP5 network from the example above:

    # connmanctl disconnect wifi_a0b1a0b1a0b1a0b1_416416416416416_managed_none
  2. Start connmanctl in interactive mode, and:

    1. Enable ConnMan's wireless agent, used for entering passphrases, by using the agent on command.
    2. Connect to the protected Wi-Fi network using the connect command, entering the passphrase when prompted.

    In this example, you connect to the Edimax WEP network from the connmanctl services listing above:

    # connmanctl
    connmanctl> agent on
    Agent registered
    connmanctl> connect wifi_a2b2a2b2a2b2_19999999_managed_wep
    Agent RequestInput wifi_a2b2a2b2a2b2_19999999_managed_wep
      Passphrase = [ Type=wep, Requirement=mandatory ]
    Passphrase? XXXXXXXXXX
    connmanctl> [  146.007791] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
    Connected wifi_a2b2a2b2a2b2_19999999_managed_wep

Note: ConnMan does not support password encryption.

Connecting to a network using service configuration (provisioning) files

For advanced configuration, use a provisioning file (with the extension .config). Configurations include secured wireless access points that need complex authentication (such as WPA2 Enterprise), static IPs and so on. Each provisioning file can be used for multiple services at once.

For more information, refer to the connman-service.config man page.

Connecting to a Wi-Fi WPA/WPA2 enterprise network

  1. Disable Wi-Fi:
# connmanctl disable wifi
  1. Create a configuration provisioning file at /config/user/connman/<name>.config.

    Tip: You can add the -service suffix to file names as a convention. For example, name-service.

  2. Add service information to the configuration file:

Name = my-ssid
Description = Provide a short description

Type = wifi
Name = <my-ssid>
EAP = peap
Phase2 = MSCHAPV2
Identity = <my-username>
Passphrase = <my-password>

Replace <my-ssid>, <my-username>, and <my-password> with the appropriate information, and amend the description.

  1. Re-enable Wi-Fi:
# connmanctl enable wifi

ConnMan now connects to the specified network.

If you experience any issues, restart both ConnMan and wpa_supplicant daemons.

Troubleshooting WiFi connections

When connecting, the network name you use in the command must match the real network name exactly, including capitalisation and without trailing characters. Otherwise, you may get the following error:

Error /net/connman/service/WIFI_NAME: Method "Connect" with signature "" on interface "net.connman.Service" doesn't exist

Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.