Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WLAN: AP with two SSID's not fully working #1145

Closed
rmx-it opened this issue Aug 18, 2016 · 3 comments
Closed

WLAN: AP with two SSID's not fully working #1145

rmx-it opened this issue Aug 18, 2016 · 3 comments

Comments

@rmx-it
Copy link

rmx-it commented Aug 18, 2016
edited
Loading

Hi,
I'm currently using opnsense 16.7 on a APU.2C4 and a Ubiquiti SR71-E (atheros CS) WLAN Card.
Implementing one (ath0_wlan1) interface is working fine.
Now I want to achieve two or three different SSID's (Normal, Kids and guest net) with different
network segments for different ip-filter-rules...
So I started implementing two WLAN interfaces (ath0_wlan1 and ath0_wlan2) and still only the first is
fully working. The second SSID is visible to the clients but any authentication fails.

Both interfaces are configured exactly the same (except the IP-config and the SSID)

root@fw:/var/etc # ifconfig ath0                                                                                                              
ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
        ether 00:15:6d:85:e3:00
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
        status: running

root@fw:/var/etc # ifconfig ath0_wlan1
ath0_wlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 00:15:6d:85:e3:00
    inet6 fe80::215:6dff:fe85:e300%ath0_wlan1 prefixlen 64 scopeid 0x9 
    inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255 
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
    status: running
    ssid WL1 channel 2 (2417 MHz 11g ht/40+) bssid 00:15:6d:85:e3:00
    country US ecm authmode WPA2/802.11i privacy MIXED deftxkey 2
    AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 27 scanvalid 60
    protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme burst
    -apbridge dtimperiod 1 -dfs

root@fw:/var/etc # ifconfig ath0_wlan2                                                                                                        
ath0_wlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 06:15:6d:85:e3:00
    inet6 fe80::415:6dff:fe85:e300%ath0_wlan2 prefixlen 64 scopeid 0xa 
    inet 10.0.5.1 netmask 0xffffff00 broadcast 10.0.5.255 
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
    status: running
    ssid WL2 channel 2 (2417 MHz 11g ht/40+) bssid 06:15:6d:85:e3:00
    country US ecm authmode WPA2/802.11i privacy MIXED deftxkey 2
    AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 27 scanvalid 60
    protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme burst
    -apbridge dtimperiod 1 -dfs

root@fw:/var/etc # diff -u2 hostapd_ath0_wlan1.conf hostapd_ath0_wlan2.conf
--- hostapd_ath0_wlan1.conf     2016-03-07 02:00:58.528705000 +0100
+++ hostapd_ath0_wlan2.conf     2016-03-07 02:01:00.348875000 +0100
@@ -1,3 +1,3 @@
-interface=ath0_wlan1
+interface=ath0_wlan2
 driver=bsd
 logger_syslog=-1
@@ -5,11 +5,11 @@
 logger_stdout=-1
 logger_stdout_level=0
-dump_file=/tmp/hostapd_ath0_wlan1.dump
+dump_file=/tmp/hostapd_ath0_wlan2.dump
 ctrl_interface=/var/run/hostapd
 ctrl_interface_group=wheel
-#accept_mac_file=/tmp/hostapd_ath0_wlan1.accept
-#deny_mac_file=/tmp/hostapd_ath0_wlan1.deny
+#accept_mac_file=/tmp/hostapd_ath0_wlan2.accept
+#deny_mac_file=/tmp/hostapd_ath0_wlan2.deny
 #macaddr_acl=
-ssid=WL1
+ssid=WL2
 debug=
 auth_algs=1

Any clues why ath0_wlan1 is fully working and ath0_wlan2 not?

Greetings
...
mike
@fichtner
Copy link
Member

Hey Mike,

On first glance it looks ok according to:

https://lists.freebsd.org/pipermail/freebsd-wireless/2015-January/005345.html

Does the second WiFi work when the first one is deactivated?

Cheers,
Franco

@rmx-it
Copy link
Author

rmx-it commented Aug 18, 2016

Hi,
ok after disabling the first interface (WLAN1) I have still two interfaces in the OS:

ath0_wlan1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 00:15:6d:85:e3:00
    inet6 fe80::215:6dff:fe85:e300%ath0_wlan1 prefixlen 64 tentative scopeid 0x9 
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
    status: no carrier
    ssid WL1 channel 2 (2417 MHz 11g ht/40+)
    country US ecm authmode AUTO privacy OFF deftxkey 2 txpower 27
    scanvalid 60 protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme
    burst -apbridge dtimperiod 1 -dfs
ath0_wlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 06:15:6d:85:e3:00
    inet6 fe80::415:6dff:fe85:e300%ath0_wlan2 prefixlen 64 scopeid 0xa 
    inet 10.0.5.1 netmask 0xffffff00 broadcast 10.0.5.255 
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
    status: running
    ssid WL2 channel 2 (2417 MHz 11g ht/40+) bssid 06:15:6d:85:e3:00
    country US ecm authmode WPA2/802.11i privacy MIXED deftxkey 2
    AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 27 scanvalid 60
    protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme burst
    -apbridge dtimperiod 1 -dfs

but only one hostapd:

root@fw:/var/etc # ps -xa | grep hostap
41384  -  Ss      0:02.04 /usr/sbin/hostapd -B -P /var/run/hostapd_ath0_wlan2.pid /var/etc/hostapd_ath0_wlan2.conf

Still no go.
BUT after reboot.
Still two interfaces on OS-level:

ath0_wlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 00:15:6d:85:e3:00
    inet6 fe80::215:6dff:fe85:e300%ath0_wlan2 prefixlen 64 scopeid 0x9 
    inet 10.0.5.1 netmask 0xffffff00 broadcast 10.0.5.255 
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
    status: running
    ssid WL2 channel 2 (2417 MHz 11g ht/40+) bssid 00:15:6d:85:e3:00
    country US ecm authmode WPA2/802.11i privacy MIXED deftxkey 3
    AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 27 scanvalid 60
    protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme burst
    -apbridge dtimperiod 1 -dfs
  ath0_wlan1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 06:15:6d:85:e3:00
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect <hostap> (autoselect <hostap>)
    status: no carrier
    ssid "" channel 2 (2417 MHz 11g ht/40+)
    country US ecm authmode OPEN privacy OFF txpower 27 scanvalid 60
    protmode RTSCTS ampdulimit 64k ampdudensity 8 shortgi wme burst
    dtimperiod 1 -dfs bintval 0

And one hostapd.

root@fw:~ # ps -xa|grep hostap
31916  -  Ss    0:00.04 /usr/sbin/hostapd -B -P /var/run/hostapd_ath0_wlan2.pid /var/etc/hostapd_ath0_wlan2.conf

But this time I can connect, authenticate on the second SSID (WL2).

Hmm.

BTW: one difference to the referenced email: opnsense uses two hostapd instances instead of one:

34085  -  Ss      0:02.78 /usr/sbin/hostapd -B -P /var/run/hostapd_ath0_wlan1.pid /var/etc/hostapd_ath0_wlan1.conf
41384  -  Ss      0:02.03 /usr/sbin/hostapd -B -P /var/run/hostapd_ath0_wlan2.pid /var/etc/hostapd_ath0_wlan2.conf

Greetings
...
mike

@fichtner
Copy link
Member

Starting with 16.7.7, it'll be possible to try FreeBSD 11.0, but it's not supported until we release 17.1.

One issue is that wireless was reworked and isn't going to work anymore (parent interface does no longer register in ifconfig output).

When this is resolved, you will have more luck there I think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fichtner @rmx-it