Infrastructure BSS works with no encryption and WEP, not WPA…
-
Have you tried a pfSense 2.1 snapshot build?
-
No I haven't because:
A. This is in a production environment so I'm concerned about running a beta version.
B. I thought that wm408 tried that and it didn't resolve it. However I reread his post and see that once he set it to static the issue was resolved.I might build a test box and try it. I have several in stock so it shouldn't take long. What has changed in the beta that resolves the issue?
-
fthomasr: So you're pinging from the pfSense gui, 8.8.8.8?
Oh… Make sure your system's default gateway is the gateway you use for the BSS (Infrastructure) adapter.
If you have WAN also... (the default),.. your searches for 8.8.8.8 will go through the WAN.
Go to: System > Routing > Gateways and make sure the gateway that you added when you configured the WLAN adapter is set as the system's "default gateway".
I suggest in production environment to have two separate storage media, if you use Compact Flash, get another one to test with so that you can jump back to your production with little work,
I jumped between some of the nightly's and there was some errors during boot up that were not so good.I am running:
2.1-BETA1 (i386)
built on Wed Feb 13 16:46:23 EST 2013And it has been stable, I think there's a newer version but I will wait a while before I upgrade. :)
With these beta builds, I've found a bad problem where if I try to do BSS (infrastructure) to link to a remote wireless network, and then also run a second interface on the same physical wireless adapter (atheros) as an Access Point (AP), during boot up, the process gets stuck trying to load the second, virtual interface adapter, and essentially bricks the install. So keep an eye out for that if you had any plans to do that, as I am NOT doing that right now.
No I haven't because:
A. This is in a production environment so I'm concerned about running a beta version.
B. I thought that wm408 tried that and it didn't resolve it. However I reread his post and see that once he set it to static the issue was resolved.I might build a test box and try it. I have several in stock so it shouldn't take long. What has changed in the beta that resolves the issue?
-
Yes ping from pfSense GUI.
I don't want the default gateway to be the WWAN. The WWAN is to be used for failover only.
The pings to 8.8.8.8 should not go through the WAN as I am choosing interface WWAN and it has it's own defined Gateway.
-
Yes ping from pfSense GUI.
I don't want the default gateway to be the WWAN. The WWAN is to be used for failover only.
The pings to 8.8.8.8 should not go through the WAN as I am choosing interface WWAN and it has it's own defined Gateway.
Yes but, pfSense GUI (or BSD for that matter) doesn't know to choose that. It assumes the system gateway to be the default if you have not changed it.
I suggest looking at the output of just typing "ping" or "traceroute", (or google), there are options to define: Through what INTERFACE should my ping/traceroute travel through.
Or, if you want to test your failover, and it is configured properly… try physically disconnecting the WAN and see if the traffic properly goes down the WWAN.
-
What has changed in the beta that resolves the issue?
The more up to date device drivers MIGHT resolve the issue.
-
There's a twist. Because the router is in a production evironment I decided to backup its configuration and restore it to an exact same model unit that I have in stock with the same firmware 2.0.1. I restored the config and it connected with DHCP with no issues to an access point I have at my office. Same Atheros wifi card, same Alix board, etc.
Differences between them since it doesn't seem to be pfSense:
At the customer site the access point is a Linksys WRT54GL with Tomato firmware with DHCP server on the access point.
At my office (where it works) is an old Buffalo WLAG54 also with Tomato firmware but DHCP is provided by my Windows server.Same WiFi security on both, Personal WPA2 with AES, with different shared keys of course.
So it's either the difference in access point radio's, version of Tomato, or DHCP(which is the least plausible since it wouldn't work with a static IP either.)
My next step is to take my test build to the site just to make sure it behave the same and fails to connect to the Linksys… Also wm408 what access point model are you connecting to?
-
Hey fthomasr:
Two cases: One of the access points was a Linksys E3000, the other was a Ruckus Wireless, (I don't know the model).
Both cases dumped me upon DHCP renewal between client (the pfsense box) and server (the remote AP(s)).
Only Static worked for me.
Also wm408 what access point model are you connecting to?
-
Ok so I took my lab router over to the site and it also could not connect to the WRT54GL no matter what WiFi security settings I tried(also DHCP or Static), despite being associated each time. I upgraded to 2.1 beta and tried DHCP. Just as wm408 no connection either. Also just as wm408 found the connection worked only with a static. This was fine for me as that's what I wanted in the end.
Thanks wm408 for starting this thread and posting your findings. It was helpful for me.
-
fthomasr:
Cool! Yeah I have one set up at my office now this way. Works good for me, I just wire to the router/nearby switch, (no wifi from my laptop).
Watch out for virtual interfaces on the same WiFi adapter. When I tried to make an AP it (with the BSS bridge), The Atheros I am using gets stuck on loading the interface during the boot sequence, bricking the router essentially. Heads up anyways.
Hopefully that gets worked on someday too.
Ok so I took my lab router over to the site and it also could not connect to the WRT54GL no matter what WiFi security settings I tried(also DHCP or Static), despite being associated each time. I upgraded to 2.1 beta and tried DHCP. Just as wm408 no connection either. Also just as wm408 found the connection worked only with a static. This was fine for me as that's what I wanted in the end.
Thanks wm408 for starting this thread and posting your findings. It was helpful for me.