PfSense VMware + USB Wireless AP
-
Hi,
I've been running pfSense 2.0 RC1 and subsequent updates under VMware Workstation 7.1 for a while now and not had any problems. Running on VMware as I don't have dedicated hardware at the moment.
Anyway, I purchased a edimax7711Uan wireless dongle in the hope I could use the as an wireless access point in pfSense. Initially I could not get the device recognised in pfSense, I would receive the error "uhub_reattach_port: port 1 reset failed, error=USB_ERR_TIMEOUT". I got around the by disabling USB 2 in the VMware settings. Out of interest I also tried FreeBSD 8.2 under VMware and got the same problem with VMware tools installed. Booting pfSense from a LiveCD on a laptop and testing the wireless dongle directly connected to the hardware worked fine. So I guess this is either a VMware issue or FreeBSD issue.
Back to the wireless AP.
So after getting the device correctly recognised in pfSense I proceeded to setup the new interface which correctly uses the RUN driver. I add the interface, setup the most basic wireless options, open network, broadcast SSID, added static ip 192.168.2.1/24 and configured a dhcp server for this subnet. My LAN subnet is 192.168.1.1/24. When I scan for networks I can see the SSID I setup but when I try to connect nothing happens, no errors. I've tried from 2 different laptops and my Android phone but nothing. As far as I can tell it's not even trying to get an IP address.
Now am I correct in thinking that regardless of whether I have setup a rule to allow traffic between the LAN and WLAN, clients should still be able to associate as the WLAN subnet is running a DHCP server?
I've attempted configuring a bridged network between LAN and WLAN but then I get an error run0 device timed out, also I don't seem to be able to configure wireless options in bridged mode?
Basically I'm looking for any pointers as to where I can poke around, the logs I've looked at so far have give me nothing to go on. And in theory am I setting it up correctly, new wireless interface vs bridged to LAN ?
I've checked out most of the "how-to setup wireless AP under pfSense" I could find but so far no joy.
Cheers,
Gareth.
-
From the web GUI, Status -> Wireless will display associated clients.
You will need to put some firewall rules on the OPT1 interface to allow in the DHCP requests (Firewall -> Rules) and then normal traffic. (Default is to block everything from non-LAN interfaces.) While you are debugging you could use a "wide open" rule (allow anything from anywhere to anywhere) and tighten it up once you have it working.
Get a client to attempt to acquire an IP address through DHCP. A couple of minutes later take a look at least the system log, firewall log and dhcp log (Status -> System Logs, click on appropriate tab). Anything seemingly relevant to the DHCP requests?
-
wallabybob, thanks for the pointers.
Added a firewall rule for OPT1: Pass, Protocol 'Any', Source 'Any', Destination 'Any', Log packets enabled. So this should allow anything through on the wireless side. Tried connecting via a wireless client and same problem, tries to connect then disconnects. I've looked in the System Log, Firewall Log and DHCP log and I can't see anything relating to when I tried to connect.
I've since tried downloading the latest snapshot and doing a complete reinstall under VMware but the same thing happens. I did notice that if I set the Channel to 'Auto' in the wireless settings then I could not see the access point so I have since set this manually.
Here is the current config of my network devices
run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290 ether 00:1f:1f:2f:fd:55 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status:running run0_wlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:1f:1f:2f:fd:55 inet6 fe80::21f:1fff:fe2f:fd55%run0_wlan1 prefixlen 64 scopeid 0x9 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running ssid AP channel 11 (2462 Mhz 11g) bssid 00:1f:1f:2f:fd:55 regdomain xxx country xx indoor authmode OPEN privacy OFF txpower 30 scanvalid 60 protmode OFF -apbridge dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></hostap></up,broadcast,running,allmulti,simplex,multicast>
I have the DHCP server setup on 192.168.2.1/24 subnet and it has a pool of addresses to handout. I have the above firewall setting to allow anything on OPT1 to go anywhere. The logs are giving me nothing to work with.
I occasionally get the following error but from what I have read this is nothing to worry about.
run0_wlan1: ieee80211_new_state_locked: pending RUN -> SCAN transition lost
For info here is the device information when I plug in the adapter
run0: MAC/BBP RT3070 (rev 0x0200), RF RT3020 (MIMO 1T1R), address 00:1f:1f:2f:fd:55 run0: firmware RT2870 loaded
Device labeled as Edimax EW-7711Uan v1.0b
Can I enable more verbose logging?
What I shall try in the meantime is setting this up on my laptop to ensure its nothing to do with VMware although it shouldn't be as it's just a USB hub allowing the device through.
Cheers,
Gareth.
-
Just a bit more info.
In the interfaces page to device OPT1 (run0_wlan1) displays no packets in or out and performing a packet capture on the device OPT1 whilst trying to connect to the wireless device also displays no packets. ???
Gareth
-
Well I've narrowed the problem down.
I used the livecd to setup pfSense on my laptop configured everything and the wireless USB worked first time. I could see the AP and associate to it. I then installed VirtualBox on my PC and tried the same with that, again I get the problem with USB 2.0 so need to revert to USB1 but after that the device is seen and I can configure it and connect to it. :)
So it must be a problem with the implementation of USB on VMware, although its strange I can see the device and the broadcasting of the access point but not connect.
Anyway I'm going to do some more digging around to see if I can get it working in VMware and log a bug report with them.
Also does anyone know if the following patches: http://lists.freebsd.org/pipermail/freebsd-current/2010-October/020504.html are in pfSense? I was just wondering if they would resolve the USB 2.0 issue that is present in both VMware and VirtualBox.
Gareth
-
For clarification, the problems I've been having with VMware have been for Workstation 7.1.4 (running on Windows 7 x64) I have just uninstalled this and installed VMware 6.5.5 and it looks to be working as it should, the wireless USB device also now connects correctly using USB 2.0.
Although I still need to do some more tests its looking promising :)
Cheers,
Gareth