2.3.2 release can't connect to wireless AP



  • Hi PFsense team,
    I am hoping you can help me out on this. I have been searching online for a similar issue, but have not found any posts that provide a solution.
    I recently added a wireless card to my box for use as a wireless AP. I picked up a Atheros QCNFA335. Card installed and was picked up by the OS fine.
    I have been able to bridge the interfaces and the wired portion is working great. When trying to connect to the wireless I am seeing the following logs:

    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 IEEE 802.1X: unauthorizing port
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: event 2 notification
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 IEEE 802.11: disassociated
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 MLME: MLME-DELETEKEYS.request(ac:22:0b:48:14:a4)
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 MLME: MLME-DEAUTHENTICATE.indication(ac:22:0b:48:14:a4, 2)
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 IEEE 802.1X: unauthorizing port
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: event 3 notification
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: PTKSTART: Retry limit 4 reached
    Aug 6 14:31:03 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: EAPOL-Key timeout
    Aug 6 14:31:02 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: sending 1/4 msg of 4-Way Handshake
    Aug 6 14:31:02 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: EAPOL-Key timeout
    Aug 6 14:31:01 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: sending 1/4 msg of 4-Way Handshake
    Aug 6 14:31:01 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: EAPOL-Key timeout
    Aug 6 14:31:00 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: sending 1/4 msg of 4-Way Handshake
    Aug 6 14:31:00 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: EAPOL-Key timeout
    Aug 6 14:30:59 hostapd ath0_wlan1: STA ac:22:0b:48:14:a4 WPA: sending 1/4 msg of 4-Way Handshake

    Any help on this would be greatly appreciated.

    Thanks,

    Jon



  • Update: After ready a post from johnpoz about not bridging the WLAN and LAN, I figured it was worth a try. I don't care much if they are on separate networks as long as they can route between them.
    So I killed the bridge and added the needed firewall rules to allow traffic. At this point the SSID is not showing up anymore. Do I need to find a different card to use? Not sure what the problem is. I am seeing this ar9300_Stub_GetCTSTimeout: called in my logs a lot. Searching on this, it seams there is a bug in FreeBSD 10 from this post https://www.reddit.com/r/PFSENSE/comments/4kdfbk/spam_in_system_logs_after_upgrading_to_231/



  • I have the same issue with my Atheros m.2 card, pfsense can detect it perfectly fine, I can fully configure it as a separate network, firewall rules with DHCP etc and although everything seems perfect no SSID will display at all..

    I'm using a:

    ath0    Wireless Atheros AR946x/AR948x

    See if this can help you, if you can work it out and it does let me know…

    https://forums.freebsd.org/threads/48294/



  • I just installed a wireless card based on the AR9462. I had some of the same experiences.

    After some digging, including source code spelunking, here's what I found:

    • I could not get my iDevices to connect on any 2.4GHz configuration.

    • Things seem to work on the 5GHz channels - which means no 802.11b/g for older devices.

    • The fact that many of the functions in the AR9300 family driver are stubbed out - as you discovered with the 'ar9300_Stub_…' entries in the syslog - means most of the interface configuration options in the GUI won't work.

    • The root cause is that the AR9300 family driver is half-baked in FreeBSD 10.x. There are improvements in the source in 11.0. Maybe some brave soul could backport it to pfSense 2.3.x.

    I wish I had the spare time to do the backport myself, but it ain't gonna happen any time soon. I believe things should be better in pfSense 2.4.x.



  • I'm going to give 2.4 alpha a test.. see how it pans out…. fingers crossed..

    I wish i knew how to backport etc i would have give it ago...