Seriously!!! How to make pfsense act as a client to connect to wifi router?

torontob

No, 00:1f:e1:01:1e:59 is my laptop. This was the log from another router which shows logs on it. And I checked system logs on that and I don't see any DHCPREQUESTS from the pfSense box.

The MAC for pfSense USB Dongle is: 00:1f:3b:be:11:bb

Here is the System Logs from pfSense again. You can ignore previous logs as I was switching between routers….........so this new router has logs and shows any incoming packets. Problem is it shows "associated" but no IP picked up.

10.10.9.0/24 is the IP subnet that should be picked up by pfSense USB dongle.

pfSense System Logs:

Nov 19 17:15:21	syslogd: kernel boot file is /boot/kernel/kernel
Nov 19 17:16:23	kernel: run0_wlan0: promiscuous mode enabled
Nov 19 17:16:30	check_reload_status: Syncing firewall
Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''
Nov 19 17:16:48	kernel: run0_wlan0: link state changed to UP
Nov 19 17:16:49	dnsmasq[11468]: reading /etc/resolv.conf
Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.4.4#53
Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.8.8#53
Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:49	dnsmasq[11468]: exiting on receipt of SIGTERM
Nov 19 17:16:51	dnsmasq[43665]: started, version 2.55 cachesize 10000
Nov 19 17:16:51	dnsmasq[43665]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
Nov 19 17:16:51	dnsmasq[43665]: reading /etc/resolv.conf
Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.4.4#53
Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.8.8#53
Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
Nov 19 17:16:51	dnsmasq[43665]: read /etc/hosts - 2 addresses
Nov 19 17:16:52	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
Nov 19 17:16:52	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
Nov 19 17:16:52	dhcpd: All rights reserved.
Nov 19 17:16:52	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Nov 19 17:16:52	check_reload_status: updating dyndns wan
Nov 19 17:16:54	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:16:54	kernel: run0_wlan0: link state changed to UP
Nov 19 17:16:55	check_reload_status: Reloading filter
Nov 19 17:16:55	apinger: Starting Alarm Pinger, apinger(51089)
Nov 19 17:16:55	apinger: No usable targets found, exiting
Nov 19 17:16:55	php: /interfaces.php: Creating rrd update script
Nov 19 17:17:01	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:01	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
Nov 19 17:17:07	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:07	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:13	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:14	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:20	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:20	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:25	kernel: run0_wlan0: promiscuous mode disabled
Nov 19 17:17:26	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:26	kernel: run0_wlan0: link state changed to UP
Nov 19 17:17:33	kernel: run0_wlan0: link state changed to DOWN
Nov 19 17:17:33	kernel: run0_wlan0: link state changed to UP

Packet Capture:

17:16:48.582609 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:49.469190 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x28) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:16:49.584430 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:50.586262 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:51.588091 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:51.798322 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:52.486549 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:53.486371 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2c) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:16:54.465362 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2c) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:16:54.930564 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:55.934858 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:56.934395 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:57.936233 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:16:59.518673 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2e) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
17:17:01.422922 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:02.424611 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:03.426400 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:04.428547 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:07.830937 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:08.832640 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:09.834464 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:10.836292 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:14.341448 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:15.342703 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:16.344527 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:17.346353 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:17.537593 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2e) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:17:17.639963 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x30) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
17:17:17.750085 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x30) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
17:17:17.759082 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x32) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
17:17:17.948328 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x32) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:17.954573 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
17:17:18.157062 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
17:17:20.731446 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:20.917429 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:21.732769 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:22.734598 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:23.736425 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
17:17:23.886412 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
17:17:24.398888 00:1b:a9:55:b6:23 > ff:ff:ff:ff:ff:ff, 802.3, length 267: LLC, dsap Unknown (0x38) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 253

Log From My Router (Don't show any request from pfSense USB Dongle):

<31>Nov 19 17:12:00 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:13:14 DHCP [581]: DHCPREQUEST for 10.10.9.20 from 00:1f:e1:01:1e:59 via br0
<31>Nov 19 17:13:14 DHCP [581]: DHCPACK on 10.10.9.20 to 00:1f:e1:01:1e:59 via br0 (ath0)
<31>Nov 19 17:13:19 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:13:22 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:14:18 DHCP [581]: DHCPREQUEST for 10.10.9.15 from 00:1f:32:70:bd:53 via br0
<31>Nov 19 17:14:18 DHCP [581]: DHCPACK on 10.10.9.15 to 00:1f:32:70:bd:53 via br0 (ath0)
<31>Nov 19 17:16:17 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:16:20 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:21:01 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:21:04 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:23:42 DHCP [581]: DHCPINFORM from 10.10.9.20
<31>Nov 19 17:23:45 DHCP [581]: DHCPINFORM from 10.10.9.20

So, this line pfSense System Logs is troubling and the fact that run0 keeps going UP and DOWN is probably due to this:

Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''

Regards,

bman212121

Just a quick helpful step, if you're troubleshooting wireless it's a good idea to not use any encryption. It sounds to me like you're having issues with passing data. I'd guess if you set your Dlink to open you'll probably see better results.

wallabybob

@torontob:

Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''

The command should probably be:```
/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

Well spotted. If dhclient is failing to start then that would explain why you are not getting an IP address.

Suggest you ssh into pfSense select 8 for shell and give the shell command (all one line):```

/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

I think dhclient will detach from the terminal and you will another shell prompt. Wait a couple of minutes and see if the WAN interface has an IP address. If not, check the router log to see if the router reported a DHCPDISCOVER from pfSense.

torontob

So, that line as you mentioned gives me this error:

[2.0-RELEASE][root@home.xxxyyy.net]/root(3): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

Ambiguous output redirect.

When I changed it to this command then I got this:

[2.0-RELEASE][root@home.xxxyyy.net]/root(8): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output
run0_wlan0: no link …........... giving up

The file exists and it's content is also "giving up" from 5 PM today per these commands:

[2.0-RELEASE][root@home.xxxyyy.net]/root(7): ls -la /tmp/run0_wlan0_error_output 
-rw-r--r--  1 root  wheel  45 Nov 19 17:51 /tmp/run0_wlan0_error_output

[2.0-RELEASE][root@home.xxxyyy.net]/root(6): cat /tmp/run0_wlan0_error_output 
run0_wlan0: no link .............. giving up

And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
        ether 00:25:9c:a5:c7:67
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:1e:ec:6b:d6:d5
        inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
        nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
        status: no carrier
        ssid MyRouter channel 11 (2462 MHz 11g)
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
        bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>

Don't you think it's a setting that I am missing? The ifconfig output tells a lot about what I should have in my config like the CTS which I didn't setup. What do you think?

Regards,

wallabybob

@torontob:

And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
        ether 00:25:9c:a5:c7:67
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
        status: associated
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:1e:ec:6b:d6:d5
        inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
        nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
        status: no carrier
        ssid MyRouter channel 11 (2462 MHz 11g)
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
        bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>

My run0 device doesn't behave that way (different MAC addresses):

# ifconfig run0
run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
	ether c8:3a:35:c4:ee:f3
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
# ifconfig run0_wlan0
run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
	ether c8:3a:35:c4:ee:f3
	inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9 
	inet 192.168.xxx.yyy netmask 0xffffff00 broadcast 192.168.xxx.255
	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
	ssid zzz channel 6 (2437 MHz 11g) bssid c8:3a:35:c4:ee:f3
	regdomain ROW country AU indoor authmode WPA2/802.11i privacy MIXED
	deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60
	protmode OFF dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></hostap></up,broadcast,running,allmulti,simplex,multicast> 

I am surprised at the different MAC addresses reported. It leads me to suspect the run driver is erroneously claiming ownership of this device. I have previously had good results with the TP-Link TL-WN321G and Tenda W311U which are both available from local retail computer shops for under the local equivalent of US$15. I have used both these dongles in AP mode, not infrastructure mode. Considering the time you and I have both spent on this I would consider it a good trade off to put the Cisco USB WiFi dongle aside and get one of those two devices or even an external WiFi router that can work in wireless Infrastructure mode.

torontob

wallabybob :-) absolutely right. The plan is to get another dongle and try it again.
P.S. this works in AP mode by the way.

Thanks again for tall the help. I will post back resutls.

harry66

Hi,

I just jump on that thread with more or less the same run0 problems. My router is simply unable to connect to a completely open AP using pfsense 2.0-RELEASE and two different wifi NIC namely

• Cisco/Linksys WUSB100
• TP-Link EW7711UAn

all I get is NO CARRIER –> run0_wlan0

[2.0-RELEASE][root@erika.localdomain]/root(5): ifconfig 
vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	options=82808 <vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0 prefixlen 64 scopeid 0x1 
	inet 192.168.7.1 netmask 0xffffff00 broadcast 192.168.7.255
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
pfsync0: flags=0<> metric 0 mtu 1460
	syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
pflog0: flags=100 <promisc>metric 0 mtu 33200
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
	options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 
	nd6 options=3 <performnud,accept_rtadv>run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
	ether 00:1f:1f:cf:97:73
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
	status: associated
vr0_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan1 prefixlen 64 scopeid 0x7 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 1 parent interface: vr0
vr0_vlan2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan2 prefixlen 64 scopeid 0x8 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 2 parent interface: vr0
vr0_vlan77: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether 00:1e:0b:3a:4b:02
	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan77 prefixlen 64 scopeid 0x9 
	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
	vlan: 77 parent interface: vr0
run0_wlan0: flags=8c43 <up,broadcast,running,oactive,simplex,multicast>metric 0 mtu 1500
	ether 00:1f:1f:cf:97:73
	inet6 fe80::21f:1fff:fecf:9773%run0_wlan0 prefixlen 64 scopeid 0xa 
	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
	status: no carrier
	ssid EWA@GUEST channel 1 (2412 MHz 11b)
	regdomain ETSI country DE authmode OPEN privacy OFF txpower 30
	bmiss 7 scanvalid 60
ovpnc1: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
	options=80000 <linkstate></linkstate></pointopoint,multicast></performnud,accept_rtadv></up,broadcast,running,oactive,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></full-duplex></performnud,accept_rtadv></vlan_mtu,wol_ucast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 

any ideas on how to continue troubleshooting this issue?

/Uwe

wallabybob

I have a Tenda W311U (FreeBSD run device) on my backup pfSense. I normally run the Tenda as an AP but I have just configured it to connect to the AP on my main pfSense box. It successfully associated and received a DHCP lease.

Here is the relevant ifconfig output:

ifconfig run0

run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
ether c8:3a:35:c4:ee:f3
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
status: associated

ifconfig run0_wlan0

run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
ether c8:3a:35:c4:ee:f3
inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9
inet 192.168.211.214 netmask 0xffffff80 broadcast 192.168.211.255
nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
status: associated
ssid xxxxxxxxx channel 1 (2412 MHz 11g) bssid 00:19:e0:68:31:4b
regdomain ROW country AU indoor authmode WPA2/802.11i privacy ON
deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7
scanvalid 60 protmode OFF roaming MANUAL

ifconfig run0_wlan0 scan

SSID/MESH ID    BSSID              CHAN RATE  S:N    INT CAPS
xxxxxxxxx      00:19:e0:68:31:4b    1  54M -53:-75  100 EPS  RSN
#</performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></up,broadcast,running,allmulti,simplex,multicast>

I didn't have to do anything special to the pfSense wireless configuration. I just disabled the WiFi interface, changed the channel to auto, Mode from Access Point to Infrastructure and SSID to match the other Access Point and the WiFi interface associated straight away after enabling.

@harry66:

any ideas on how to continue troubleshooting this issue?

Checking the wireless signal quality at the client would be a good start. The ifconfig scan command I gave above might provide some useful information. Keeping the dongle in the same location (as far as possible) can you get the dongle to associate when it is connected to (say) a laptop? Can you get a WiFi capable phone to associate when the phone is in the same location as the dongle? If you connect the dongle to a USB extension cord do you get better results if the change the position or orientation of the dongle?

harry66

Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

What I tried so far with both of the above mentioned devices was

• switching the regulatory domain on and off (ETSI, Germany)
• switching channel between dedicated channel number and auto setting
• experimenting with no, WEP and WPA(2) encryption
  but none of the above led to a successful association.
  As both devices (access point and client) are under my direct control it is an easy thing to make sure they are in direct reach and have reasonable good signal quality and strength.

In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.
What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

The only conclusion I can draw from what I know for the moment is: For the run-based devices we can not reliably predict it's designed function as we see the Tenda stick running but others not, independently of its brands reputation.

I have no idea how we could further investigate.

/Uwe

wallabybob

@harry66:

Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

Lucky choice on my part! It seems sometimes its possible to get more than what you pay for.

@harry66:

In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.

What other OSes did you try? Linux?

@harry66:

What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

You mean on pfSense? Or do you get the varying scan results on other OSes as well?

@harry66:

I have no idea how we could further investigate.

Perhaps contact support for the other suppliers and ask them to account for the results. Maybe they have their own firmware that needs their own driver tweaks to get best results.

Thanks for the informative followup.