Seriously!!! How to make pfsense act as a client to connect to wifi router?

torontob

So, I have checked for MAC number of pfsense or it's hostname on the Dlink but it doesn't show anywhere as active or expired. I do see list of other offline clients but this is not in list meaning it was never able to pick up DHCP. But like you mentioned it shows the signal strength and exchanges some packets back and forth. The SSID for Dlink also shows up at under Status > Wireless and there is good signal.

Just to test the theory I did go close to it and result was the same. So, now I tested this with a Motorola Android phone which can do 3G tethering. It's the latest Android so it has the "hotspot" feature built in. I have my laptop connected to the same Android already and all works fine. So, I connected pfSense and guess what? It's exactly the same behaviour as the Dlink router so it's not the router issue.

Here is something interesting this log: "Nov 18 21:35:30 php: : Could not find gateway for interface(opt2)."

Nov 18 21:35:07	dhclient[39664]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 7
Nov 18 21:35:14	dhclient[39664]: No DHCPOFFERS received.
Nov 18 21:35:14	dhclient[39664]: No working leases in persistent database - sleeping.
Nov 18 21:35:14	dhclient: FAIL
Nov 18 21:35:15	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
Nov 18 21:35:17	dnsmasq[60706]: exiting on receipt of SIGTERM
Nov 18 21:35:17	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 4
Nov 18 21:35:18	dnsmasq[7725]: started, version 2.55 cachesize 10000
Nov 18 21:35:18	dnsmasq[7725]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
Nov 18 21:35:18	dnsmasq[7725]: reading /etc/resolv.conf
Nov 18 21:35:18	dnsmasq[7725]: using nameserver 8.8.4.4#53
Nov 18 21:35:18	dnsmasq[7725]: using nameserver 8.8.8.8#53
Nov 18 21:35:18	dnsmasq[7725]: ignoring nameserver 127.0.0.1 - local interface
Nov 18 21:35:18	dnsmasq[7725]: ignoring nameserver 127.0.0.1 - local interface
Nov 18 21:35:18	dnsmasq[7725]: read /etc/hosts - 2 addresses
Nov 18 21:35:19	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
Nov 18 21:35:19	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
Nov 18 21:35:19	dhcpd: All rights reserved.
Nov 18 21:35:19	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Nov 18 21:35:19	check_reload_status: updating dyndns opt2
Nov 18 21:35:21	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 6
Nov 18 21:35:22	check_reload_status: Reloading filter
Nov 18 21:35:22	apinger: Starting Alarm Pinger, apinger(14779)
Nov 18 21:35:22	apinger: No usable targets found, exiting
Nov 18 21:35:22	php: /interfaces.php: Creating rrd update script
Nov 18 21:35:27	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 14
Nov 18 21:35:30	php: : Could not find gateway for interface(opt2).
Nov 18 21:35:41	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 13
Nov 18 21:35:54	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 15

How about those blocks in WAN firewall? I shouldn't see them if I have "* * * * * * none" opened it all up. Isn't that right?

Thanks

wallabybob

I would run a packet capture on the pfSense. You should see DHCPDISCOVER frames. Anything else?

Can you run a packet capture on the Android? You should see the DHCPDISCOVER and a response. Does the Android log the DHCP request? (But I don't yet understand exactly what a phone does when it is tethering so the question might be inappropriate.)

@torontob:

Here is something interesting this log: "Nov 18 21:35:30 php: : Could not find gateway for interface(opt2)."

Assuming pfSense interface OPT2 is run0_wlan0 this is not surprising - the gateway should be specified in the DHCP assignment, but the gateway is not known because the DHCP assignment hasn't completed.

torontob

Here is a log of packet capture from pfSense Diagnostic. I pressed Renew on the wireless WAN interface and captured this:

23:51:02.820255 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:03.821543 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:18.587335 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:18.717813 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 70: LLC, dsap Unknown (0x2a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 56
23:51:19.589089 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:20.562230 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 70: LLC, dsap Unknown (0x2c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 56
23:51:20.590850 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:21.278068 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x2c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:21.592677 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:22.380514 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 274: LLC, dsap Unknown (0x2e) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 260
23:51:23.418606 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2e) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
23:51:23.524400 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x30) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
23:51:23.554837 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x30) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
23:51:23.667833 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x32) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
23:51:23.910075 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x32) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
23:51:23.937443 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x34) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
23:51:24.059939 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x34) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
23:51:24.305853 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:25.037519 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:26.039094 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:26.401451 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x36) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 708
23:51:26.503942 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x38) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 708
23:51:27.040918 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:27.318651 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x38) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:28.042747 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:30.390134 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x3a) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:32.454162 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:33.456001 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:33.461859 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x3a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:34.457826 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:35.716694 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 366: LLC, dsap Unknown (0x3c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 352
23:51:35.720229 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 357: LLC, dsap Unknown (0x3c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 343
23:51:35.723690 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 409: LLC, dsap Unknown (0x3e) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 395
23:51:35.727826 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 421: LLC, dsap Unknown (0x3e) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 407
23:51:35.732356 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 423: LLC, dsap Unknown (0x40) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 409
23:51:36.430845 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x40) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:37.938027 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:38.939227 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:39.400198 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap STP (0x42) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:51:39.941054 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:40.942879 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:45.460291 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:47.463946 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:50.838535 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:51.840360 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:52.302710 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x44) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
23:51:52.842187 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:53.844015 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:51:54.347739 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x44) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
23:51:54.349108 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x46) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
23:51:56.293195 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x46) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
23:51:56.295642 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 249: LLC, dsap Unknown (0x48) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 235
23:51:57.288793 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:00.294082 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:03.740043 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:04.741366 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:06.745147 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:07.350249 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x48) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
23:52:07.647610 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4a) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:52:10.730206 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:52:11.293431 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:12.295257 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:13.297205 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:13.699062 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:52:16.770667 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
23:52:16.844161 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:17.845491 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
23:52:18.847332 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95

Does it tell anything important? Checking google myself now.

Ouch…..seems like a BUG from this page: http://lists.freebsd.org/pipermail/freebsd-bugs/2009-March/034514.html

Thanks

wallabybob

c872:d5:42:b3 is ?
00:25:9c:a5:c7:67 is ?
00:1f:e1:01:1e:59 is?
01:00:5e:7f:ff:fa is ?
c872:d5:42:b1 is ?

I'd guess 00:1f:e1:01:1e:59 is the USB dongle since it is sending to the broadcast MAC address, the destination of the DHCPDISCOVER frames. But c872:d5:42:b1 is also sending to the broadcast MAC address.

Your trace doesn't show anything going to 00:1f:e1:01:1e:59. It doesn't appear to be receiving frames. Does your Android phone report (in a packet capture) anything being sent to the WiFi dongle.

According to http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00800b0871.shtml#multi 01:00:5e:7f:ff:fa is a GDA (Group Destination Address) corresponding to IP address 239.127.255.250 http://tools.ietf.org/html/rfc2365 says 239.127.255.250 is an "administratively scoped IPv4 multicast address". There I seem to have run into a dead end. Its not clear that this multicast address is relevant to your particular problem.

torontob

No, 00:1f:e1:01:1e:59 is my laptop. This was the log from another router which shows logs on it. And I checked system logs on that and I don't see any DHCPREQUESTS from the pfSense box.

The MAC for pfSense USB Dongle is: 00:1f:3b:be:11:bb

Here is the System Logs from pfSense again. You can ignore previous logs as I was switching between routers….........so this new router has logs and shows any incoming packets. Problem is it shows "associated" but no IP picked up.

10.10.9.0/24 is the IP subnet that should be picked up by pfSense USB dongle.

pfSense System Logs:

Nov 19 17:15:21	syslogd: kernel boot file is /boot/kernel/kernel
Nov 19 17:16:23	kernel: run0_wlan0: promiscuous mode enabled
Nov 19 17:16:30	check_reload_status: Syncing firewall
Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''
Nov 19 17:16:48	kernel: run0_wlan0: link state changed to UP
Nov 19 17:16:49	dnsmasq[11468]: reading /etc/resolv.conf
Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.4.4#53
Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.8.8#53
Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:49	dnsmasq[11468]: exiting on receipt of SIGTERM
Nov 19 17:16:51	dnsmasq[43665]: started, version 2.55 cachesize 10000
Nov 19 17:16:51	dnsmasq[43665]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
Nov 19 17:16:51	dnsmasq[43665]: reading /etc/resolv.conf
Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.4.4#53
Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.8.8#53
Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:51	dnsmasq[43665]: read /etc/hosts - 2 addresses
Nov 19 17:16:52	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
Nov 19 17:16:52	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
Nov 19 17:16:52	dhcpd: All rights reserved.
Nov 19 17:16:52	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Nov 19 17:16:52	check_reload_status: updating dyndns wan
Nov 19 17:16:54	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:16:54	kernel: run0_wlan0: link state changed to UP
Nov 19 17:16:55	check_reload_status: Reloading filter
Nov 19 17:16:55	apinger: Starting Alarm Pinger, apinger(51089)
Nov 19 17:16:55	apinger: No usable targets found, exiting
Nov 19 17:16:55	php: /interfaces.php: Creating rrd update script
Nov 19 17:17:01	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:01	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
Nov 19 17:17:07	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:07	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:13	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:14	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:20	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:20	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:25	kernel: run0_wlan0: promiscuous mode disabled
Nov 19 17:17:26	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:26	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:33	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:33	kernel: run0_wlan0: link state changed to UP

Packet Capture:

17:16:48.582609 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:49.469190 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x28) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:16:49.584430 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:50.586262 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:51.588091 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:51.798322 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:52.486549 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:53.486371 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2c) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:54.465362 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2c) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:16:54.930564 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:55.934858 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:56.934395 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:57.936233 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:59.518673 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2e) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:17:01.422922 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:02.424611 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:03.426400 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:04.428547 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:07.830937 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:08.832640 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:09.834464 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:10.836292 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:14.341448 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:15.342703 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:16.344527 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:17.346353 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:17.537593 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2e) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:17:17.639963 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x30) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:17:17.750085 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x30) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
17:17:17.759082 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x32) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
17:17:17.948328 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x32) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:17.954573 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
17:17:18.157062 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
17:17:20.731446 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:20.917429 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:21.732769 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:22.734598 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:23.736425 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:23.886412 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:24.398888 00:1b:a9:55:b6:23 > ff:ff:ff:ff:ff:ff, 802.3, length 267: LLC, dsap Unknown (0x38) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 253

Log From My Router (Don't show any request from pfSense USB Dongle):

<31>Nov 19 17:12:00 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:13:14 DHCP [581]: DHCPREQUEST for 10.10.9.20 from 00:1f:e1:01:1e:59 via br0
<31>Nov 19 17:13:14 DHCP [581]: DHCPACK on 10.10.9.20 to 00:1f:e1:01:1e:59 via br0 (ath0)
<31>Nov 19 17:13:19 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:13:22 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:14:18 DHCP [581]: DHCPREQUEST for 10.10.9.15 from 00:1f:32:70:bd:53 via br0
<31>Nov 19 17:14:18 DHCP [581]: DHCPACK on 10.10.9.15 to 00:1f:32:70:bd:53 via br0 (ath0)
<31>Nov 19 17:16:17 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:16:20 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:21:01 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:21:04 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:23:42 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:23:45 DHCP [581]: DHCPINFORM from 10.10.9.20

So, this line pfSense System Logs is troubling and the fact that run0 keeps going UP and DOWN is probably due to this:

Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''

Regards,

bman212121

Just a quick helpful step, if you're troubleshooting wireless it's a good idea to not use any encryption. It sounds to me like you're having issues with passing data. I'd guess if you set your Dlink to open you'll probably see better results.

wallabybob

@torontob:

Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''

The command should probably be:```
/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

Well spotted. If dhclient is failing to start then that would explain why you are not getting an IP address.

Suggest you ssh into pfSense select 8 for shell and give the shell command (all one line):```

/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

I think dhclient will detach from the terminal and you will another shell prompt. Wait a couple of minutes and see if the WAN interface has an IP address. If not, check the router log to see if the router reported a DHCPDISCOVER from pfSense.

torontob

So, that line as you mentioned gives me this error:

[2.0-RELEASE][root@home.xxxyyy.net]/root(3): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

Ambiguous output redirect.

When I changed it to this command then I got this:

[2.0-RELEASE][root@home.xxxyyy.net]/root(8): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output
run0_wlan0: no link …........... giving up

The file exists and it's content is also "giving up" from 5 PM today per these commands:

[2.0-RELEASE][root@home.xxxyyy.net]/root(7): ls -la /tmp/run0_wlan0_error_output 
-rw-r--r--  1 root  wheel  45 Nov 19 17:51 /tmp/run0_wlan0_error_output

[2.0-RELEASE][root@home.xxxyyy.net]/root(6): cat /tmp/run0_wlan0_error_output 
run0_wlan0: no link .............. giving up

And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
        ether 00:25:9c:a5:c7:67
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:1e:ec:6b:d6:d5
        inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
        nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
        status: no carrier
        ssid MyRouter channel 11 (2462 MHz 11g)
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
        bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>

Don't you think it's a setting that I am missing? The ifconfig output tells a lot about what I should have in my config like the CTS which I didn't setup. What do you think?

Regards,

wallabybob

@torontob:

And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
        ether 00:25:9c:a5:c7:67
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:1e:ec:6b:d6:d5
        inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
        nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
        status: no carrier
        ssid MyRouter channel 11 (2462 MHz 11g)
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
        bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>

My run0 device doesn't behave that way (different MAC addresses):

# ifconfig run0
run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
	ether c8:3a:35:c4:ee:f3
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
# ifconfig run0_wlan0
run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
	ether c8:3a:35:c4:ee:f3
	inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9 
	inet 192.168.xxx.yyy netmask 0xffffff00 broadcast 192.168.xxx.255
	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
	ssid zzz channel 6 (2437 MHz 11g) bssid c8:3a:35:c4:ee:f3
	regdomain ROW country AU indoor authmode WPA2/802.11i privacy MIXED
	deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60
	protmode OFF dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></hostap></up,broadcast,running,allmulti,simplex,multicast> 

I am surprised at the different MAC addresses reported. It leads me to suspect the run driver is erroneously claiming ownership of this device. I have previously had good results with the TP-Link TL-WN321G and Tenda W311U which are both available from local retail computer shops for under the local equivalent of US$15. I have used both these dongles in AP mode, not infrastructure mode. Considering the time you and I have both spent on this I would consider it a good trade off to put the Cisco USB WiFi dongle aside and get one of those two devices or even an external WiFi router that can work in wireless Infrastructure mode.

torontob

wallabybob :-) absolutely right. The plan is to get another dongle and try it again.
P.S. this works in AP mode by the way.

Thanks again for tall the help. I will post back resutls.

harry66

Hi,

I just jump on that thread with more or less the same run0 problems. My router is simply unable to connect to a completely open AP using pfsense 2.0-RELEASE and two different wifi NIC namely

• Cisco/Linksys WUSB100
• TP-Link EW7711UAn

all I get is NO CARRIER –> run0_wlan0

[2.0-RELEASE][root@erika.localdomain]/root(5): ifconfig 
vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	options=82808 <vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0 prefixlen 64 scopeid 0x1 
	inet 192.168.7.1 netmask 0xffffff00 broadcast 192.168.7.255
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
pfsync0: flags=0<> metric 0 mtu 1460
	syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
pflog0: flags=100 <promisc>metric 0 mtu 33200
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
	options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 
	nd6 options=3 <performnud,accept_rtadv>run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
	ether 00:1f:1f:cf:97:73
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
	status: associated
vr0_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan1 prefixlen 64 scopeid 0x7 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 1 parent interface: vr0
vr0_vlan2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan2 prefixlen 64 scopeid 0x8 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 2 parent interface: vr0
vr0_vlan77: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan77 prefixlen 64 scopeid 0x9 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 77 parent interface: vr0
run0_wlan0: flags=8c43 <up,broadcast,running,oactive,simplex,multicast>metric 0 mtu 1500
	ether 00:1f:1f:cf:97:73
	inet6 fe80::21f:1fff:fecf:9773%run0_wlan0 prefixlen 64 scopeid 0xa 
	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
	status: no carrier
	ssid EWA@GUEST channel 1 (2412 MHz 11b)
	regdomain ETSI country DE authmode OPEN privacy OFF txpower 30
	bmiss 7 scanvalid 60
ovpnc1: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
	options=80000 <linkstate></linkstate></pointopoint,multicast></performnud,accept_rtadv></up,broadcast,running,oactive,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></full-duplex></performnud,accept_rtadv></vlan_mtu,wol_ucast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 

any ideas on how to continue troubleshooting this issue?

/Uwe

wallabybob

I have a Tenda W311U (FreeBSD run device) on my backup pfSense. I normally run the Tenda as an AP but I have just configured it to connect to the AP on my main pfSense box. It successfully associated and received a DHCP lease.

Here is the relevant ifconfig output:

ifconfig run0

run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
ether c8:3a:35:c4:ee:f3
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
status: associated

ifconfig run0_wlan0

run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
ether c8:3a:35:c4:ee:f3
inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9
inet 192.168.211.214 netmask 0xffffff80 broadcast 192.168.211.255
nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
status: associated
ssid xxxxxxxxx channel 1 (2412 MHz 11g) bssid 00:19:e0:68:31:4b
regdomain ROW country AU indoor authmode WPA2/802.11i privacy ON
deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7
scanvalid 60 protmode OFF roaming MANUAL

ifconfig run0_wlan0 scan

SSID/MESH ID    BSSID              CHAN RATE  S:N    INT CAPS
xxxxxxxxx      00:19:e0:68:31:4b    1  54M -53:-75  100 EPS  RSN
#</performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></up,broadcast,running,allmulti,simplex,multicast>

I didn't have to do anything special to the pfSense wireless configuration. I just disabled the WiFi interface, changed the channel to auto, Mode from Access Point to Infrastructure and SSID to match the other Access Point and the WiFi interface associated straight away after enabling.

@harry66:

any ideas on how to continue troubleshooting this issue?

Checking the wireless signal quality at the client would be a good start. The ifconfig scan command I gave above might provide some useful information. Keeping the dongle in the same location (as far as possible) can you get the dongle to associate when it is connected to (say) a laptop? Can you get a WiFi capable phone to associate when the phone is in the same location as the dongle? If you connect the dongle to a USB extension cord do you get better results if the change the position or orientation of the dongle?

harry66

Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

What I tried so far with both of the above mentioned devices was

• switching the regulatory domain on and off (ETSI, Germany)
• switching channel between dedicated channel number and auto setting
• experimenting with no, WEP and WPA(2) encryption
  but none of the above led to a successful association.
  As both devices (access point and client) are under my direct control it is an easy thing to make sure they are in direct reach and have reasonable good signal quality and strength.

In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.
What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

The only conclusion I can draw from what I know for the moment is: For the run-based devices we can not reliably predict it's designed function as we see the Tenda stick running but others not, independently of its brands reputation.

I have no idea how we could further investigate.

/Uwe

wallabybob

@harry66:

Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

Lucky choice on my part! It seems sometimes its possible to get more than what you pay for.

@harry66:

In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.

What other OSes did you try? Linux?

@harry66:

What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

You mean on pfSense? Or do you get the varying scan results on other OSes as well?

@harry66:

I have no idea how we could further investigate.

Perhaps contact support for the other suppliers and ask them to account for the results. Maybe they have their own firmware that needs their own driver tweaks to get best results.

Thanks for the informative followup.