Wireless AP with Repeaters and More Wireless APs



  • Hello All,
    I have my setup as following:

    1. 4G Router inputs pfSense (Dell PC) as WAN in Ethernet1
    2. Second ethernet is being used as output.
    3. 2nd Ethernet is plugged into a switch which connects to multiple PCs.
    4. 1 Ethernet port out of switch connects with TPLink CPE210 which I am using as AP to throw signals towards more Access Points.
    5. TP Link CPE210 configuration is setup as AP, DHCP disabled for clients, DHCP enabled for itself - with bounce back IP same as to be assigned by pfSense.
    6. TP Link CPE210 is AP for 3 more APs in range - which actually are open hotspots to be used to access Internet through Captive Portal.
    7. The APs which are connected to CPE210 were being assigned by pfSense at first, but later I added their Macs and assigned them static IP.

    Now here is the problem I am facing.

    Any device which connects to 2nd layer APs gets authenticated by pfSense. But the newly added device's IP does not show their MAC address in the DHCP Leases. Rather it shows the MAC of AP and same MAC gets multiple IPs (all connected to that specific AP)

    Although it has not been problem in authentication bypass for me so far. But the problem I am facing is the IP of AP goes in-accessable since its MAC has multiple IPs assigned in pfSense. To reach the web interface of IP I need to disconnect all the devices with that specific IP and then refresh it so that only one IP against that MAC is assigned.

    Can anybody advise how can I fix the issue so that the APs at 2nd layer should get the MACs of their connected devices and pfSense should show them against the IP it has assigned?



  • @naeemirza

    Is the 2nd AP configured as an AP or router? It sound like it's a router. That's the only way it's MAC will appear in the leases. Also, you would never see the MAC of any device connected to it, as the MAC gets discarded on the WiFi side and a new one, with the AP MAC created.


  • LAYER 8

    i have a dlink access point that do the same (dap1620 rewrite the mac of connected devices) and there is no way to remove that behavior. i have to live with that until i change it for something better. total BS


  • LAYER 8 Global Moderator

    @naeemirza said in Wireless AP with Repeaters and More Wireless APs:

    TP Link CPE210 is AP for 3 more APs in range

    You mean you have 3 others repeating to this 1? Or its routing and then you have 3 others as wireless clients to it in a wireless client bridge setup?

    If your in a setup where you have to use wireless uplink to have these AP get connected... Then do that - setup a fullmesh network or get AP that actually support wireless uplink and not some client/bridge/repeater nonsense..

    Best option is run a wire to where you have need of AP for coverage.



  • @JKnott
    Second AP is currently configured as Repeater. I tried both AP and Repeater modes and faced same problem in both.



  • @johnpoz
    I chose pfSense to use my current hardware. Since for Mesh I need to upgrade firmware which is not possible with available hardware.
    Can't run wire for almost 2 km to cross the motorway unless digged deep with right of way to cross that.
    But your answer is logical that repeating and APs in client/bridge/repeater nonsense are nonsense - lol.
    Anyway - Thanks for suggestion


  • LAYER 8 Global Moderator

    So your "repeating/client/bridge" for 2 KM?

    Get the correct hardware for what your doing - if you can not run a wire.. You could use something like
    https://www.ui.com/airmax/nanobeamm/

    As the link to your remote location, then connect your AP to that..



  • @kiokoman

    i have a dlink access point that do the same (dap1620 rewrite the mac of connected devices) and there is no way to remove that behavior. i have to live with that until i change it for something better. total BS

    That doesn't sound right. If the d-link MAC address is used instead of the device MAC, then it becomes impossible to have more than one device connected. DHCP relies on the MAC address to assign an IP address. Does a device connected to it get an address from the LAN? Or a separate network?

    I have just browsed through the manual for that device and didn't see anything to indicate it operates in anything but bridge mode. I have a couple of devices, one Asus and one D-Link that can be configured in a variety of modes and they both work properly.



  • @naeemirza said in Wireless AP with Repeaters and More Wireless APs:

    Can't run wire for almost 2 km to cross the motorway

    Consumer grade WiFi gear isn't the best way to do that. There's a variety of short haul microwave gear that's designed for that sort of situation. I have worked with equipment from DragonWave and Ceregon.


  • LAYER 8 Global Moderator

    @naeemirza said in Wireless AP with Repeaters and More Wireless APs:

    TP Link CPE210

    Looking into these - they do support a ptp mode, as just a wireless bridge.. That is how you should set it up, and then connect a different AP to that.. So now you just use that link as backhaul..

    ptplink.jpg

    You would then see the mac of the end point devices.. Your ptp devices become a wire so to speak..


  • LAYER 8

    @JKnott this is the mac of one of my AP repeater 10:62:eb:f2:1f:44
    every device connected to it become 10:62:eb:* or 10:62:* i don't remember exactly now as i'm not at home right now



  • @kiokoman said in Wireless AP with Repeaters and More Wireless APs:

    @JKnott this is the mac of one of my AP repeater 10:62:eb:f2:1f:44
    every device connected to it become 10:62:eb:* or 10:62:* i don't remember exactly now as i'm not at home right now

    Well, better check when you get home. The situation you describe doesn't make sense.


  • LAYER 8


  • Netgate Administrator

    Yup, wifi repeaters re-write the MAC address. First time I saw that it freaked me out too. ๐Ÿ˜‰



  • @stephenw10 said in Wireless AP with Repeaters and More Wireless APs:

    Yup, wifi repeaters re-write the MAC address. First time I saw that it freaked me out too. ๐Ÿ˜‰

    So, how many devices can you connect via the repeater? If only one MAC is sent to the DHCP server, it will provide only 1 IP address.


  • Netgate Administrator

    I've never dug into it because it seems like black magic and best avoided but....

    I assume it re-writes the first 3 bytes of the MAC with it's own OUI as shown by @kiokoman above.

    Ugh... ๐Ÿ˜จ

    Steve



  • @stephenw10 said in Wireless AP with Repeaters and More Wireless APs:

    I've never dug into it because it seems like black magic and best avoided but....

    I assume it re-writes the first 3 bytes of the MAC with it's own OUI as shown by @kiokoman above.

    Ugh... ๐Ÿ˜จ

    Steve

    Then you'd still have different MACs and IPs. However, according to the OP, several IPs have been assigned to the same MAC, which might not be true. However, he's only had 1 post since then and he doesn't clarify anything.



  • @JKnott Actually I removed the simple wifi repeater and using AP now. It solved the problem. I have been experimenting with Repeater to record multiple IPs against same MAC. I will post some screenshots here later.


  • Netgate Administrator

    @JKnott said in Wireless AP with Repeaters and More Wireless APs:

    However, according to the OP, several IPs have been assigned to the same MAC, which might not be true

    Yeah my mistake. In fact that is what I've seen before, the same MAC used for all IPs coming via the repeater.
    Which is what the wikipedia page shows as expected: https://en.wikipedia.org/wiki/Wireless_repeater

    As I said it's all voodoo! Avoid if possible. ๐Ÿ˜‰


Log in to reply