Channels beyond 11 not visible
-
Based on a fairly limited experience I have formed the suspicion that WiFi interfaces in Infrastructure mode re rather less well tested than the devices in AP mode.
Can you switch the pfSense to AP mode and the Netgear to Infrastructure mode, even for a short period to see what happens?
-
Well, I am not sure the NETGEAR is able to go into BSS mode, the device is from the ISP, so I don't want to mess with that too much, to be honest.
Setting the RT2870 in AP mode appears to be working just fine. It is broadcasting and all; I tried having it with and without encryption and was able to connect in both situations. I did not manage to access the webconfiguration page from the wireless connection, however. Maybe I forgot to do some settings…
Then I finally tried to have NETGEAR unencrypted, and to my big surprise I was able to connect to it and have an IP address assignet to RT2870! However, I was not able to go on the internet, save for pinging google and pfsense.org and some other choice websites, I was not able to do anything. Not even traceroute. Something was curious, though. In the list of DNS servers 127.0.0.1 was present. I knew I had not put it there, so this must have been pfSense's doing. This lead me to notice that the DNS Forwarding service was enabled and was preventing communication to the internet. I disabled that, and was able to browse the internet! Amazing! I managed to download the latest BETA1 snapshot through the auto-update utility and update pfSense to have the current snapshot.
This is all great, but it does not really help me as I cannot have NETGEAR unsecured. That would be a trade-off I am not willing to do. :( And now that I have enabled security on NETGEAR, it is same old again. Why?
-
I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?
A quick search hasn't provided any evidence that device is supported.
I suspect the chipsets you have tried are the only "newish" USB chipsets supported.
The only other likely expansion slot on a laptop of that vintage is PCMCIA/Cardbus, but, in my limited experience, Cardbus support in FreeBSD is highly dependent on the BIOS corrctly initialising the Cardbus bridge and Windows doesn't seem to require that.
Fruitful field for you for research!
If you don't run want to run the risk of spending lots of hours and still not getting that configuration working I suggest you try to pick up a cheap second hand desktop or small server PC where your connectivity options will be considerably greater: an ability to add extra NICs to support a external wireless router/bridge and a greater range of supported PCI/PCI-e devices if you prefer to have the wireless NIC in pfSense.
It is experiences such as you have recounted that form the basis of my suspicion that WiFi interfaces in Infrastructure mode are rather less well tested on FreeBSD than the devices in AP mode.
If you want to persevere with the laptop AND it has PCMCIA slots you could go looking on eBay for Cardbus/PCMCIA wireless NICs with Atheros chipset or Ralink RT2560 or RT2561 but … If you want to explore that option further I'll make some further suggestions.
I
-
Well, I wouldn't call the RT2870 new. I bought it 3 or 4 years ago, iirc.
I haven't looked, but I think the laptop has a pcmcia slot. Though, like you said, it is most likely a hassle to deal with. A fruitful field I rather leave unexplored.
I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.
Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support. This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release? From what I gather, there's still the issue of 802.11n support in FreeBSD… :(
-
I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.
My Linux netbook came with a VIA mini-PCI-E (USB) WiFi adapter. It worked fine with my then pfSense. After a Linux upgrade the WiFi stopped working and wouldn't work again until I changed the WPA Pairwise setting on my pfSense from Both to AES. (TKIP wouldn't work.) On upgrade to Ubuntu 12.04 the WiFi adapter was "unsupported" and was unrecognised. I bought an Intel mini-PCI-E WiFi adapter on eBay for a few dollars and it has worked fine for about the last 6 months.
I am recounting this to show that bizarre WiFi encryption behaviour is not exclusive to FreeBSD.
Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support.
One of the reasons I ditched Smoothwall for pfSense some years ago was that I would have had to build WiFi drivers for it myself. I don't know about xxWRT.
This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release?
My guess is "zip if no-one files a FreeBSD Problem Report". You can file a FreeBSD Problem Report at http://www.freebsd.org/send-pr.html
From what I gather, there's still the issue of 802.11n support in FreeBSD… :(
Coming, but Christmas will be here sooner!
-
Well this is a big step forward. :)
You have shown that the connection can work if both sides are talking the same encryption type.
Can you try WEP instead? Clearly it's not secure any more but since it's much older it's far more tested and likely to work.
If you deliberately put in a completely incorrect pass phrase does the Netgear log still show the same thing? I suspect that it never gets as far as actually checking the key if the encryption type doesn't match.
Maybe try configuring your laptop 'wrong' in various ways to see what errors are produced in the log. When you see the same error that pfSense is generating you will know what you have configured wrong that is producing it.
I would expect some errors in the pfSense logs that may give a clue. :-\Reading back through the thread it seems to me one of three things could be happening here:
1: The run(4) driver is fundamentally broken in some way that prevents it doing the correct encryption.
This seems unlikely since, even by FreeBSD standards, 3-4 years is quite old and I would expect to see many threads in the FreeBSD forums if it were the case.2: The pfSense webGUI is not correctly setting up the driver. This is more likely since, as Wallabybob said, almost everyone who uses wifi in pfSense uses hostap mode. It could be a new bug. This is relatively easy to test however by simply setting up the NIC from the CLI.
3: The encryption types are simply setup mismatched and it's not obvious from the two web interfaces that this is happening. This still seems the most likely to me. ;)
I notice fro your screenshot of the Netgear that it cannot do WPA-AES or WPA2-TKIP. It's possible pfSense is defaulting to one of those unless you have specifically told it not to.Steve
-
In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:
ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:11:f5:ee:41:8b inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11 inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:******** regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
Also what does your card show for it's capabilities:
[2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>
Steve
-
In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:
ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:11:f5:ee:41:8b inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11 inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:******** regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
Also what does your card show for it's capabilities:
[2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>
Steve
Here's cap list:
ifconfig run0_wlan0 list caps drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b<wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>
And here are the logs: http://speedy.sh/7ugBP/logs.zip
Not sure which ones are relevant, system.log and dhcpd.log, I guess… anyway, I cp'd the whole /var/logs/ :/
EDIT:
Oh, here's the ifconfig output:
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:22:b0:6d:6a:df inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9 inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet DS/5.5Mbps mode 11g status: associated ssid LGM2 channel 2 (2417 MHz 11g) bssid 30:46:9a:1b:42:14 regdomain ETSI country SE outdoor authmode WPA2/802.11i privacy ON deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
It's kind of interesting, in fact. Now that I powered pfSense off, and turned it on a bit later, the NIC seems to be associated and authenticated with the AP. It has it's own IP, but I cannot access the internet; ping and traceroute do not work.
-
Well I immediately see that your device is not capable of AES only AES_CCM. If the Netgear router is expecting AES it won't work. Try setting both ends to TKIP.
Looking at the logs now…Steve
Edit: You edited while I typed! Can you not even ping the router when it has acquired an IP?
-
FYI- When updating the wireless chapter of the book over the last few weeks I did configure and test acting as a wireless client, and it worked fine. (My only issue was a signal/antenna issue, namely that my test box didn't have one. Once I plugged one in, it worked ;-)
Some cards/drivers can be picky about AES vs TKIP and also Open System vs Shared Key, and also PSK vs EAP.
-
Was that with the run(4) driver Jim?
@B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.
-
No, all I have are ath(4) cards on hand at the moment, various 52xx and 59xx models. (And mwl(4) but I didn't test those recently)
-
Was that with the run(4) driver Jim?
@B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.
Try this, I packed it in .rar for you: http://speedy.sh/7ujcP/logs.rar
I have not tested pinging the router. The battery in my laptop is dead. I have to wait for charge. I will try asap.
-
I have a device that uses the run(4) driver here so plugged it in to see what was what. I'm seeing pretty much exactly the same as you.
[2.0.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA2/802.11i privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(2): ifconfig run0_wlan0 list caps drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b <wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
You can see it's trying to use TKIP although it's set to 'both' in the config. In the router I'm trying to connect to, which is also set to both encrytion types and wpa/wpa2, I am seeing:
Process=hostapd msg=ath1: STA f8:d1:11:******* WPA: EAPOL-Key timeout
Hmm, I'll try some more combinations. If it does work I'll probablyget some hideous network loop! ::)
Steve
-
Hmm well that was interesting.
So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else. ::)Steve
-
Ok there's some bug here. With the wifi interface set to dhcp in the web gui I don't get an address. Yet:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(8): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0 dhclient: PREINIT DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5 DHCPOFFER from 192.168.111.1 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds. [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe inet 192.168.111.11 netmask 0xffffff00 broadcast 192.168.111.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
Steve
-
Hmm well that was interesting.
So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else. ::)Steve
Yeah, I was thinking that too previously. However, I am unsure if I am setting the subnet correctly.. /24 should be 255.255.255.0, I think.. but im unsure if that is what it should be even. Also, in the Static IPv4 Configuration should I set the NETGEAR gateway address(192.168.1.1) in the Gateway drop-down menu or the gateway for the pfSense (10.10.1.1) box?
Now, I tried switching to static IP and it dropped connection and is not regaining it. BTW, which are the proper Authentication and Key Management mode in my case? I noticed, by running ifconfig over and over again, that having them in Both the interface is switching mode all the time.
-
If the wifi is effectively your WAN connection then the gateway should be address of the Netgear router.
You should be able to leave Authentication set as 'both' although like it says it will only use 'Shared Key Authentication' if you are using WEP.
My access point doesn't supports EAP at all so I have it set to PSK for management mode.From the many combinations I have tested I have found that as long as your intrface is reporting 'status: associated' and is showing some encryption in use, TKIP or AES, then it should be working. At that point if you manually start the dhcp client it will work:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0 dhclient: PREINIT DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5 DHCPOFFER from 192.168.111.1 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds.
However it won't come up at boot (or at least mine didn't) so it's probably easier to use static addressing as a work around.
Steve
-
Just to confirm this I have reset all the values in the pfSense wireless setup to 'both' and set the values in my router/access point back to their defaults. The behaviour is the same:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(6): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xd nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA2/802.11i privacy ON deftxkey UNDEF TKIP 2:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(7): dhclient run0_wlan0 dhclient: PREINIT DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds.</performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
-
I think I've heard of this DHCP issue before when using the wireless in client mode. I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it). No one else has attempted working on it (that I'm aware of).
As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area. This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them. As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.
-
Ok. I finally managed to get an IP doing it Steve's way, by setting a static IP of 192.168.1.9/24 (I think I was using the incorrect CIDR notation previously) and Netgear gateway on 192.168.1.1 then running dhclient manually in the ssh session.
There is still the issue of internet connectivity – I can ping the gateway fine in both in the web gui and ssh terminal, but I can ping outside the WLAN only through the web gui, and that is only after I enabled the DNS forwarder again...
When I attempt to ping google in ssh, I get "No route to host" message. I need to fix this.
This is certainly progress, but it is quite impractical. Today, I plan on acquiring a USB hub, so that I can connect a 2nd wifi adapter, my RT3070 card (Alfa awus036nh). I plan on using that card to connect to the Netgear and the RT2870 in host AP mode to extend the WLAN.
EDIT:
@Efonne:I think I've heard of this DHCP issue before when using the wireless in client mode. I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it). No one else has attempted working on it (that I'm aware of).
As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area. This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them. As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.
I gathered as much, the regional settings are only there to filter but in this case, when I set the correct regional settings (Europe ESTI) why does it still only show 1-11? My adapter's firmware should support at least up to 14, and I think it also supports the 5GHz channels too, actually.
-
Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.
You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
Edit: Unless you were referring to 802.11A of course! ;)My own card, a TP-Link TL_WN7200N, is seen as:
run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:******** run0: firmware RT2870 loaded
What does your card list as it's channel capabilites from the CLI?
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g
My NIC can't see 12 or 13 either under pfSense.
@Efonne If you are looking into this (should the urge come over you ;)) and need testers or logs etc, please ask.
Steve
-
Back to the original topic the reason we only have 11 channels is probably this:
http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052236.htmlI wonder how tough it would be to make run(4) setup the channel list correctly? Hmm…
Steve
-
Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.The Wifi is set as WAN. Yet, I cannot ping from the ssh session, only in the web gui and not all websites either.
I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.
You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
Edit: Unless you were referring to 802.11A of course! ;)My own card, a TP-Link TL_WN7200N, is seen as:
run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:******** run0: firmware RT2870 loaded
What does your card list as it's channel capabilites from the CLI?
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g
My NIC can't see 12 or 13 either under pfSense.
@Efonne If you are looking into this (should the urge come over you ;)) and need testers or logs etc, please ask.
Steve
My list is same as yours, it seems:
[2.1-BETA1][root@1212.bigcountry]/root(4): ifconfig run0_wlan0 list chans Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.1-BETA1][root@1212.bigcountry]/root(5): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g
Also, I can no longer associate. I have not changed anything in the Netgear device. I have tried setting the management mode to PSK, and doing all the different settings, what have you.. nothing. I am going to try using the RT3070. Hopefully, I will have same success as you.
EDIT:
The RT3070 does not work for me at all. Even after reboot, I am not even able to do
ifconfig run0_wlan0 scan
Instead, I plugged RT2870 back and managed to associate by setting the proper subnet mask: 192.168.1.1/16
That's strange, because last time it was something different, iirc. So, I can ping and traceroute the Netgear gateway just fine but I still cannot ping/tracert outside the WLAN. Getting the cannot resolve host/no route to host messages. I am now trying to set up a static route in the Gateways > routes section, but pfSense seems to have crashed as a result.
-
Have tried this again a few times the interface never comes up as associated at boot. I have to either manually down/up the interface or save the settings in the webGUI. I doesn't seem to matter what settings I've used.
Steve