Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ALIX 3D1 with Wireless WAN bridged with Wireless Opt1 AP

    Scheduled Pinned Locked Moved Wireless
    3 Posts 2 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bonnecomm
      last edited by

      I'm building a repeater station using an ALIX3D1.
      LAN is the ethernet port.
      WAN is an XR5 wireless card.
      OPT1 is an Engenius Em-9 wireless card.

      Plugged into the LAN, I can surf the internet with no problem although it is slow.
      My computer connects wirelessly to OPT1 and I can log into the ALIX. I can ping the WAN port on the ALIX. But, I cannot surf the internet nor can I ping my default gateway.

      What am I missing?

      My configuration is as follows:

      <pfsense><version>3.0</version>
      <lastchange><theme>pfsense</theme>
      <system><optimization>normal</optimization>
      <schedulertype>priq</schedulertype>
      <hostname>holstnet</hostname>
      <domain>bonnecomm.net</domain>
      <username>admin</username>
      <password></password>
      <timezone>America/Toronto</timezone>
      <time-update-interval><timeservers>time.nrc.ca</timeservers>
      <webgui><protocol>http</protocol></webgui>
      <disablenatreflection>yes</disablenatreflection>
      <dnsserver>192.168.102.1</dnsserver>
      <dnsserver>192.168.100.1</dnsserver>
      <dnsallowoverride></dnsallowoverride></time-update-interval></system>
      <interfaces><lan><if>vr0</if>
      <ipaddr>192.168.2.1</ipaddr>
      <subnet>24</subnet>
      <media><mediaopt><bandwidth>100</bandwidth>
      <bandwidthtype>Mb</bandwidthtype>
      <disableftpproxy></disableftpproxy></mediaopt></media></lan>
      <wan><if>ath1</if>
      <mtu><media><mediaopt><bandwidth>100</bandwidth>
      <bandwidthtype>Mb</bandwidthtype>
      <wireless><standard>11a</standard>
      <mode>bss</mode>
      <protmode>off</protmode>
      <ssid>RoundLink</ssid>
      <channel>0</channel>
      <authmode><txpower>99</txpower>
      <distance>35000</distance>
      <wpa><macaddr_acl><auth_algs>1</auth_algs>
      <wpa_mode>3</wpa_mode>
      <wpa_key_mgmt>WPA-PSK</wpa_key_mgmt>
      <wpa_pairwise>CCMP TKIP</wpa_pairwise>
      <wpa_group_rekey>60</wpa_group_rekey>
      <wpa_gmk_rekey>3600</wpa_gmk_rekey>
      <passphrase></passphrase>
      <ext_wpa_sw></ext_wpa_sw></macaddr_acl></wpa>
      <wep><key><value></value></key></wep></authmode></wireless>
      <spoofmac><disableftpproxy><ipaddr>192.168.100.210</ipaddr>
      <subnet>22</subnet>
      <gateway>192.168.102.1</gateway></disableftpproxy></spoofmac></mediaopt></media></mtu></wan>
      <opt1><if>ath0</if>
      <wireless><standard>11g</standard>
      <mode>hostap</mode>
      <protmode>off</protmode>
      <ssid>HolstNet.BonneComm.Net</ssid>
      <channel>11</channel>
      <authmode></authmode>
      <txpower>99</txpower>
      <distance>10000</distance>
      <wpa><macaddr_acl></macaddr_acl>
      <auth_algs>1</auth_algs>
      <wpa_mode>3</wpa_mode>
      <wpa_key_mgmt>WPA-PSK</wpa_key_mgmt>
      <wpa_pairwise>CCMP TKIP</wpa_pairwise>
      <wpa_group_rekey>60</wpa_group_rekey>
      <wpa_gmk_rekey>3600</wpa_gmk_rekey>
      <passphrase><ext_wpa_sw></ext_wpa_sw></passphrase></wpa></wireless>
      <descr>OPT1_AP</descr>
      <bridge>wan</bridge>
      <ipaddr>192.168.100.211</ipaddr>
      <subnet>22</subnet>
      <gateway>192.168.102.1</gateway>
      <spoofmac><mtu><enable><disableftpproxy></disableftpproxy></enable></mtu></spoofmac></opt1></interfaces>
      <staticroutes><pppoe><username><password></password></username></pppoe>
      <pptp><username><password><local></local></password></username></pptp>
      <bigpond><username><password><authserver><authdomain><minheartbeatinterval></minheartbeatinterval></authdomain></authserver></password></username></bigpond>
      <dyndns><type>dyndns</type>
      <username><password></password></username></dyndns>
      <dhcpd><lan><enable><range><from>192.168.2.10</from>
      <to>192.168.2.19</to></range>
      <defaultleasetime><maxleasetime><netmask><failover_peerip><gateway><ddnsdomain><next-server><filename></filename></next-server></ddnsdomain></gateway></failover_peerip></netmask></maxleasetime></defaultleasetime></enable></lan></dhcpd>
      <pptpd><mode><redir><localip></localip></redir></mode></pptpd>
      <ovpn><dnsmasq><enable></enable></dnsmasq>
      <snmpd><syslocation><syscontact><rocommunity>public</rocommunity></syscontact></syslocation></snmpd>
      <diag><ipv6nat><ipaddr></ipaddr></ipv6nat></diag>
      <bridge><syslog><nat><ipsecpassthru><enable></enable></ipsecpassthru></nat>
      <filter><rule><type>pass</type>
      <interface>opt1</interface>
      <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
      <os><source>
      <any><destination><any></any></destination>
      <descr>Opt1-PassThru</descr></any></os></statetimeout></max-src-states></max-src-nodes></rule>
      <rule><type>pass</type>
      <descr>Default LAN -> any</descr>
      <interface>lan</interface>
      <source>
      <network>lan</network>

      <destination><any></any></destination></rule>
      <rule><type>pass</type>
      <interface>wan</interface>
      <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
      <os><source>
      <any><destination><any></any></destination>
      <descr>WAN-PassThru</descr></any></os></statetimeout></max-src-states></max-src-nodes></rule></filter>
      <shaper><ipsec><preferredoldsa></preferredoldsa></ipsec>
      <aliases><proxyarp><wol><cron><minute>0</minute>
      <hour></hour>
      <mday>      </mday>
      <month></month>
      <wday>      </wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 newsyslog
      <minute>1,31</minute>
      <hour>0-5</hour>
      <mday></mday>
      <month>      </month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 adjkerntz -a
      <minute>1</minute>
      <hour>3</hour>
      <mday>1</mday>
      <month>      </month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh
      <minute>      /60</minute>
      <hour></hour>
      <mday>      </mday>
      <month></month>
      <wday>      </wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
      <minute>1</minute>
      <hour>1</hour>
      <mday></mday>
      <month>      </month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update
      <minute>      /60</minute>
      <hour></hour>
      <mday>      </mday>
      <month></month>
      <wday>      </wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
      <minute>/60</minute>
      <hour>      </hour>
      <mday></mday>
      <month>      </month>
      <wday></wday>
      <who>root</who>
      <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c
      <minute>      /5</minute>
      <hour></hour>
      <mday>      </mday>
      <month></month>
      <wday>      </wday>
      <who>root</who>
      <command></command>/usr/local/bin/checkreload.sh
      <minute>/5</minute>
      <hour>      </hour>
      <mday></mday>
      <month>      </month>
      <wday></wday>
      <who>root</who>
      <command></command>/etc/ping_hosts.sh
      <minute>      /140</minute>
      <hour></hour>
      <mday>      </mday>
      <month></month>
      <wday>      </wday>
      <who>root</who>
      <command></command>/usr/local/sbin/reset_slbd.sh</cron>
      <installedpackages><rrd><enable></enable></rrd>
      <revision><description>/interfaces_opt.php made unknown change</description>
      <time>1245258478</time></revision></installedpackages></wol></proxyarp></aliases></shaper></syslog></bridge></ovpn></staticroutes></lastchange></pfsense>

      Incidentally, I was not able to preview this so forgive if it comes out without the mark-up

      1 Reply Last reply Reply Quote 0
      • C
        clarknova
        last edited by

        You may want to edit your post and take out your wireless passphrases.

        It appears from your config that you have a firewall rule on OPT allowing anything out, so that's good. Your two wireless NICs are on different channels, so that's good.

        You may want to check your logs and state tables. I'm afraid I can't think of anything else at the moment.

        db

        db

        1 Reply Last reply Reply Quote 0
        • B
          bonnecomm
          last edited by

          Nope. It's not that.

          I brought everything home, and just took delivery of an ALIX 2D0 (2 ethernet, 2miniPCI).

          vr0 (ethernet0) is always set to LAN.
          If WAN is set to vr1, I can set OPT1 or OPT2 to AP mode, bridge them to the WAN, and it works fine (although very slow, very much slower than m0n0wall).
          If WAN is set to ath0 (wireless0), even though the LAN works fine, and even though I receive no error message about bridging something to a wireless WAN, the bridge essentially does not work. The problem seems to be that you can't bridge anything to a wireless WAN.

          So right now, I have several SBCs with a half dozen radio cards and working repeater stations.

          So, do I try a Linux-based solution instead?

          It's either that or I'm going to need to spend several months fixing m0n0wall to do what I want. I'd likely do it as a branch.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.