Seriously!!! How to make pfsense act as a client to connect to wifi router?



  • Hi everyone,

    I have previously set-up pfsense in Access Point mode where my laptop connects to it and gets internet. But now, I want to do the reverse. I want to connect a USB Wifi dongle to pfSense and have it connect to my other Wifi Router SSID and pick an IP from that router and then make the wifi to be my WAN Gateway so that clients connecting directly to pfsense can access internet.

    D-Link Wifi Router –--------------------------->>>> pfSense + USB Wifi Dongle
                                                                                  ^
                                                                                  |
                                                                                  |RJ-45
                                                                                  |
                                                                              Laptop

    So, the USB Wifi dongle connects to D-link wifi router wireless and then laptop connects to pfSense with wire. Laptop would be able to ping google.com.  D-Link Wifi Router is connected to internet.

    Here is what I don't know exactly in this set-up on the Wifi USB dongle interface - (Product I use it Alix2d13 + Cisco WUSB54GC):
    1- I am at loss about Infrastructure, Access Point, and Ad-Hoc mode to select. Which one should I pick?
    2- What about Type? Static? DHCP or None?
    3- Different WPA modes? Can I just select "Both" for everything so the right authentication mode is selected automatically?
    4- How to change the default Gateway to be that of the Wifi USB Dongle once I have this setup? Because right now it's the physical WAN interface which is the default gateway.
    5- I wish there was a way for pfSense to auto scan wifi signals and display SSIDs to select. I assume I have to put in the SSID in myself now?

    I appreciate any and all feedback.



  • @torontob:

    Here is what I don't know exactly in this set-up on the Wifi USB dongle interface - (Product I use it Alix2d13 + Cisco WUSB54GC):

    One of sources lists four variants of the WUSB54GC, three different Ralink chipsets and one Realtek chipsets. Maybe you'll be lucky and have a supported version.

    @torontob:

    1- I am at loss about Infrastructure, Access Point, and Ad-Hoc mode to select. Which one should I pick?

    Infrastructure means connects to an external Access Point; Ad-Hoc means connects to another Ad-Hoc station (point to point, no access point)

    @torontob:

    2- What about Type? Static? DHCP or None?

    Whatever is compatible with the D-Link: None if you are bridging, Static if the D-Link is not a DHCP server on that interface, DHCP or Static if the D-Link is running a DHCP server.

    @torontob:

    3- Different WPA modes? Can I just select "Both" for everything so the right authentication mode is selected automatically?

    Anything reasonably recent should be able to use WPA2 - you may have to enable WPA2 on the D-Link.

    @torontob:

    4- How to change the default Gateway to be that of the Wifi USB Dongle once I have this setup? Because right now it's the physical WAN interface which is the default gateway.

    Change the WiFi to be the WAN interface once you have it working and then reboot to verify.

    @torontob:

    5- I wish there was a way for pfSense to auto scan wifi signals and display SSIDs to select. I assume I have to put in the SSID in myself now?

    Yes.



  • Thanks for precise details.

    I have this showing as "associated" and I see it showing the DNS (which I have set to Google DNS by the way) but I don't see it picking up an IP from my D-Link. This is not an issue of D-Link as my laptop connects to it just fine.

    I think the netmask also shows fine but IP shows as 0.0.0.0 under Status -> Interfaces.

    Checking the System Logs, I see that run0 (which is the USB Wifi Dongle) shows that it comes up and then goes down. Up and down, up and down for ever.

    I would be really disappointed if the client mode is not supported by Access Point mode is. I would like to think that is what the dongle is actually made for and not the other way around.

    Anything else I can check?



  • @torontob:

    Checking the System Logs, I see that run0 (which is the USB Wifi Dongle) shows that it comes up and then goes down. Up and down, up and down for ever.

    Any chance you would part with a relevant extract from the logs?

    Have you checked the firewall log to see if DHCP response is being blocked?

    Have you tried a packet capture on the link?

    Is it possible to persuade the D-Link to log events such as DHCP request seen, DHCP address offered etc?
    Does the D-Link think it has plenty of spare IP addresses for DHCP allocation? If you are counting for it, are you also counting all the systems that have been allocated an address within the last DHCP lease time?

    I would go for reducing the number of options: see if you can get the link working with no encryption.



  • Here is what I have from Interfaces status:

    Status	 associated
    DHCP	 up    
    MAC address	 00:1f:3b:be:11:bb
    IP address	 0.0.0.0	  
    Subnet mask	 255.0.0.0
    ISP DNS servers	 127.0.0.1
    8.8.8.8
    8.8.4.4
    Media	 DS/1Mbps mode 11g
    Channel	 11
    SSID	 dlink
    In/out packets	 2427/934 (697 KB/154 KB)
    In/out packets (pass)	 934/1923 (290 KB/154 KB)
    In/out packets (block)	 1493/0 (407 KB/0 bytes)
    In/out errors	 427/1023
    Collisions	 0
    

    Don't be fooled by in/out packets and DHCP shows down and now IP assigned. This is when I put dlink router in open mode. No security or shared key. Following is the System Logs:

    Nov 18 11:46:37	dnsmasq[26773]: using nameserver 8.8.4.4#53
    Nov 18 11:46:37	dnsmasq[26773]: using nameserver 8.8.8.8#53
    Nov 18 11:46:37	dnsmasq[26773]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 11:46:37	dnsmasq[26773]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 11:46:40	php: : Hotplug event detected for lan but ignoring since interface is configured with static IP (10.10.11.1)
    Nov 18 11:46:40	check_reload_status: rc.newwanip starting vr0
    Nov 18 11:46:45	dhclient[38256]: No DHCPOFFERS received.
    Nov 18 11:46:45	dhclient[38256]: No working leases in persistent database - sleeping.
    Nov 18 11:46:45	dhclient: FAIL
    Nov 18 11:46:46	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
    Nov 18 11:46:47	php: : rc.newwanip: Informational is starting vr0.
    Nov 18 11:46:47	php: : rc.newwanip: on (IP address: 10.10.11.1) (interface: lan) (real interface: vr0).
    Nov 18 11:46:47	php: : The command '/sbin/ifconfig bridge0 addm vr0' returned exit code '1', the output was 'ifconfig: BRDGADD vr0: File exists'
    Nov 18 11:46:47	dnsmasq[26773]: exiting on receipt of SIGTERM
    Nov 18 11:46:48	check_reload_status: Reloading filter
    Nov 18 11:46:48	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
    Nov 18 11:46:48	apinger: Starting Alarm Pinger, apinger(11659)
    Nov 18 11:46:48	apinger: No usable targets found, exiting
    Nov 18 11:46:49	dnsmasq[13092]: started, version 2.55 cachesize 10000
    Nov 18 11:46:49	dnsmasq[13092]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
    Nov 18 11:46:49	dnsmasq[13092]: reading /etc/resolv.conf
    Nov 18 11:46:49	dnsmasq[13092]: using nameserver 8.8.4.4#53
    Nov 18 11:46:49	dnsmasq[13092]: using nameserver 8.8.8.8#53
    Nov 18 11:46:49	dnsmasq[13092]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 11:46:49	dnsmasq[13092]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 11:46:49	dnsmasq[13092]: read /etc/hosts - 2 addresses
    Nov 18 11:46:50	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
    Nov 18 11:46:50	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
    Nov 18 11:46:50	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Nov 18 11:46:50	dhcpd: All rights reserved.
    Nov 18 11:46:50	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Nov 18 11:46:50	check_reload_status: updating dyndns wan
    Nov 18 11:46:52	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
    Nov 18 11:46:53	check_reload_status: Reloading filter
    Nov 18 11:46:53	apinger: Starting Alarm Pinger, apinger(20123)
    Nov 18 11:46:53	apinger: No usable targets found, exiting
    Nov 18 11:46:53	php: /interfaces.php: Creating rrd update script
    Nov 18 11:46:57	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 14
    Nov 18 11:47:11	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 8
    Nov 18 11:47:19	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 10
    Nov 18 11:47:29	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 13
    Nov 18 11:47:42	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
    Nov 18 11:47:47	dhclient[5157]: No DHCPOFFERS received.
    Nov 18 11:47:47	dhclient[5157]: No working leases in persistent database - sleeping.
    Nov 18 11:47:47	dhclient: FAIL
    Nov 18 11:47:48	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 1
    Nov 18 11:47:49	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 1
    Nov 18 11:47:50	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 1
    Nov 18 11:47:51	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
    Nov 18 11:47:53	dhclient[5157]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 3
    

    I checked dlink related issues and it's not the problem. I have a full subnet of /24 and only 4 other laptops connected to it. USB dongle is version 3 in case that boils it down to something specific?! And I can't get any logs from dlink.

    I see all this firewall blocked logs but this what I have in WAN for firewall:

    	 *	 *	 *	 *	 *	 *	 none	  	 All 
    

    Logs from firewall - There is a red X in-front of all these lines despite the allow all rule that I added above.:

    Nov 18 12:09:45	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:54339	   239.255.255.250:3702	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:54339	   239.255.255.250:3702	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:45	WAN	   10.10.9.20:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:68	   255.255.255.255:67	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:50952	   224.0.0.252:5355	UDP
    
    Nov 18 12:09:46	WAN	   10.10.9.20:62466	   224.0.0.252:5355	UDP
    
    Nov 18 12:09:47	WAN	   10.10.9.20:50952	   224.0.0.252:5355	UDP
    
    Nov 18 12:09:47	WAN	   10.10.9.20:62466	   224.0.0.252:5355	UDP
    
    Nov 18 12:09:47	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:47	WAN	   10.10.9.20:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:47	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:138	   10.10.9.255:138	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:48	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:49	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:49	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:49	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:50	WAN	   10.10.9.20:49747	   239.255.255.250:3702	UDP
    
    Nov 18 12:09:50	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:50	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:50	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:51	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:51	WAN	   10.10.9.20:137	   10.10.9.255:137	UDP
    
    Nov 18 12:09:51	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:53	WAN	   10.10.9.1	   224.0.0.1	IGMP
    
    Nov 18 12:09:54	WAN	   10.10.9.20:59850	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:58	WAN	   10.10.9.1:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:58	WAN	   10.10.9.1:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:58	WAN	   10.10.9.1:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:58	WAN	   10.10.9.1:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:09:58	WAN	   10.10.9.1:1900	   239.255.255.250:1900	UDP
    
    Nov 18 12:10:00	WAN	   10.10.9.1	   239.255.255.250	IGMP
    
    Nov 18 12:10:04	WAN	   10.10.9.20:138	   10.10.9.255:138	UDP
    
    

    Thanks again



  • Your log extract shows the pfSense box is not seeing a valid response to its DHCP REQUEST. Is that because the D-Link isn't seeing it, the pfSense box isn't seeing anything at all or the pfSense box is seeing a "badly formed" response?

    Shame about the logging on the D-Link. (Sometimes its worth paying a bit more!)

    Find the MAC address of your card. Does the D-Link have a DHCP Lease for that MAC address with a Lease expiry time suggesting the lease was allocated sufficiently recently?

    It is unclear to me if the link comes up (you get an IP address from the Dlink) with encryption disabled.

    The report from the interface status:```
    Media DS/1Mbps mode 11g



  • So, I have checked for MAC number of pfsense or it's hostname on the Dlink but it doesn't show anywhere as active or expired. I do see list of other offline clients but this is not in list meaning it was never able to pick up DHCP. But like you mentioned it shows the signal strength and exchanges some packets back and forth. The SSID for Dlink also shows up at under Status > Wireless and there is good signal.

    Just to test the theory I did go close to it and result was the same. So, now I tested this with a Motorola Android phone which can do 3G tethering. It's the latest Android so it has the "hotspot" feature built in. I have my laptop connected to the same Android already and all works fine. So, I connected pfSense and guess what? It's exactly the same behaviour as the Dlink router so it's not the router issue.

    Here is something interesting this log: "Nov 18 21:35:30 php: : Could not find gateway for interface(opt2)."

    Nov 18 21:35:07	dhclient[39664]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 7
    Nov 18 21:35:14	dhclient[39664]: No DHCPOFFERS received.
    Nov 18 21:35:14	dhclient[39664]: No working leases in persistent database - sleeping.
    Nov 18 21:35:14	dhclient: FAIL
    Nov 18 21:35:15	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 2
    Nov 18 21:35:17	dnsmasq[60706]: exiting on receipt of SIGTERM
    Nov 18 21:35:17	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 4
    Nov 18 21:35:18	dnsmasq[7725]: started, version 2.55 cachesize 10000
    Nov 18 21:35:18	dnsmasq[7725]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
    Nov 18 21:35:18	dnsmasq[7725]: reading /etc/resolv.conf
    Nov 18 21:35:18	dnsmasq[7725]: using nameserver 8.8.4.4#53
    Nov 18 21:35:18	dnsmasq[7725]: using nameserver 8.8.8.8#53
    Nov 18 21:35:18	dnsmasq[7725]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 21:35:18	dnsmasq[7725]: ignoring nameserver 127.0.0.1 - local interface
    Nov 18 21:35:18	dnsmasq[7725]: read /etc/hosts - 2 addresses
    Nov 18 21:35:19	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
    Nov 18 21:35:19	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Nov 18 21:35:19	dhcpd: All rights reserved.
    Nov 18 21:35:19	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Nov 18 21:35:19	check_reload_status: updating dyndns opt2
    Nov 18 21:35:21	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 6
    Nov 18 21:35:22	check_reload_status: Reloading filter
    Nov 18 21:35:22	apinger: Starting Alarm Pinger, apinger(14779)
    Nov 18 21:35:22	apinger: No usable targets found, exiting
    Nov 18 21:35:22	php: /interfaces.php: Creating rrd update script
    Nov 18 21:35:27	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 14
    Nov 18 21:35:30	php: : Could not find gateway for interface(opt2).
    Nov 18 21:35:41	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 13
    Nov 18 21:35:54	dhclient[2715]: DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 15
    
    

    How about those blocks in WAN firewall? I shouldn't see them if I have "* * * * * * none" opened it all up. Isn't that right?

    Thanks



  • I would run a packet capture on the pfSense. You should see DHCPDISCOVER frames. Anything else?

    Can you run a packet capture on the Android? You should see the DHCPDISCOVER and a response. Does the Android log the DHCP request? (But I don't yet understand exactly what a phone does when it is tethering so the question might be inappropriate.)

    @torontob:

    Here is something interesting this log: "Nov 18 21:35:30 php: : Could not find gateway for interface(opt2)."

    Assuming pfSense interface OPT2 is run0_wlan0 this is not surprising - the gateway should be specified in the DHCP assignment, but the gateway is not known because the DHCP assignment hasn't completed.



  • Here is a log of packet capture from pfSense Diagnostic. I pressed Renew on the wireless WAN interface and captured this:

    23:51:02.820255 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:03.821543 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:18.587335 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:18.717813 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 70: LLC, dsap Unknown (0x2a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 56
    23:51:19.589089 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:20.562230 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 70: LLC, dsap Unknown (0x2c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 56
    23:51:20.590850 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:21.278068 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x2c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:21.592677 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:22.380514 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 274: LLC, dsap Unknown (0x2e) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 260
    23:51:23.418606 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2e) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
    23:51:23.524400 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x30) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
    23:51:23.554837 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x30) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
    23:51:23.667833 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x32) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
    23:51:23.910075 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x32) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
    23:51:23.937443 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x34) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
    23:51:24.059939 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x34) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 1046
    23:51:24.305853 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:25.037519 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:26.039094 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:26.401451 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x36) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 708
    23:51:26.503942 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x38) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 708
    23:51:27.040918 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:27.318651 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x38) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:28.042747 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:30.390134 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x3a) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:32.454162 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:33.456001 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:33.461859 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x3a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:34.457826 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:35.716694 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 366: LLC, dsap Unknown (0x3c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 352
    23:51:35.720229 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 357: LLC, dsap Unknown (0x3c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 343
    23:51:35.723690 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 409: LLC, dsap Unknown (0x3e) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 395
    23:51:35.727826 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 421: LLC, dsap Unknown (0x3e) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 407
    23:51:35.732356 c8:cd:72:d5:42:b1 > 01:00:5e:7f:ff:fa, 802.3, length 423: LLC, dsap Unknown (0x40) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 409
    23:51:36.430845 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x40) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:37.938027 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:38.939227 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:39.400198 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap STP (0x42) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:51:39.941054 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:40.942879 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:45.460291 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:47.463946 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:50.838535 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:51.840360 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:52.302710 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x44) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
    23:51:52.842187 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:53.844015 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:51:54.347739 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x44) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
    23:51:54.349108 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x46) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
    23:51:56.293195 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 116: LLC, dsap Unknown (0x46) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 102
    23:51:56.295642 c8:cd:72:d5:42:b1 > ff:ff:ff:ff:ff:ff, 802.3, length 249: LLC, dsap Unknown (0x48) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 235
    23:51:57.288793 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:00.294082 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:03.740043 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:04.741366 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:06.745147 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:07.350249 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x48) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 52
    23:52:07.647610 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4a) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:52:10.730206 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4a) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:52:11.293431 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:12.295257 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:13.297205 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:13.699062 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4c) Individual, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:52:16.770667 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x4c) Group, ssap Unknown (0x72) Command, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Command], length 185
    23:52:16.844161 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:17.845491 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    23:52:18.847332 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    
    

    Does it tell anything important? Checking google myself now.

    Ouch…..seems like a BUG from this page: http://lists.freebsd.org/pipermail/freebsd-bugs/2009-March/034514.html

    Thanks



  • c8💿72:d5:42:b3 is ?
    00:25:9c:a5:c7:67 is ?
    00:1f:e1:01:1e:59 is?
    01:00:5e:7f:ff:fa is ?
    c8💿72:d5:42:b1 is ?

    I'd guess 00:1f:e1:01:1e:59 is the USB dongle since it is sending to the broadcast MAC address, the destination of the DHCPDISCOVER frames. But c8💿72:d5:42:b1 is also sending to the broadcast MAC address.

    Your trace doesn't show anything going to 00:1f:e1:01:1e:59. It doesn't appear to be receiving frames. Does your Android phone report (in a packet capture) anything being sent to the WiFi dongle.

    According to http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00800b0871.shtml#multi 01:00:5e:7f:ff:fa is a GDA (Group Destination Address) corresponding to IP address 239.127.255.250 http://tools.ietf.org/html/rfc2365 says 239.127.255.250 is an "administratively scoped IPv4 multicast address". There I seem to have run into a dead end. Its not clear that this multicast address is relevant to your particular problem.



  • No, 00:1f:e1:01:1e:59 is my laptop. This was the log from another router which shows logs on it. And I checked system logs on that and I don't see any DHCPREQUESTS from the pfSense box.

    The MAC for pfSense USB Dongle is: 00:1f:3b:be:11:bb

    Here is the System Logs from pfSense again. You can ignore previous logs as I was switching between routers….........so this new router has logs and shows any incoming packets. Problem is it shows "associated" but no IP picked up.

    10.10.9.0/24 is the IP subnet that should be picked up by pfSense USB dongle.

    pfSense System Logs:

    Nov 19 17:15:21	syslogd: kernel boot file is /boot/kernel/kernel
    Nov 19 17:16:23	kernel: run0_wlan0: promiscuous mode enabled
    Nov 19 17:16:30	check_reload_status: Syncing firewall
    Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''
    Nov 19 17:16:48	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:16:49	dnsmasq[11468]: reading /etc/resolv.conf
    Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.4.4#53
    Nov 19 17:16:49	dnsmasq[11468]: using nameserver 8.8.8.8#53
    Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
    Nov 19 17:16:49	dnsmasq[11468]: ignoring nameserver 127.0.0.1 - local interface
    Nov 19 17:16:49	dnsmasq[11468]: exiting on receipt of SIGTERM
    Nov 19 17:16:51	dnsmasq[43665]: started, version 2.55 cachesize 10000
    Nov 19 17:16:51	dnsmasq[43665]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
    Nov 19 17:16:51	dnsmasq[43665]: reading /etc/resolv.conf
    Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.4.4#53
    Nov 19 17:16:51	dnsmasq[43665]: using nameserver 8.8.8.8#53
    Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
    Nov 19 17:16:51	dnsmasq[43665]: ignoring nameserver 127.0.0.1 - local interface
    Nov 19 17:16:51	dnsmasq[43665]: read /etc/hosts - 2 addresses
    Nov 19 17:16:52	dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1
    Nov 19 17:16:52	dhcpd: Copyright 2004-2011 Internet Systems Consortium.
    Nov 19 17:16:52	dhcpd: All rights reserved.
    Nov 19 17:16:52	dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Nov 19 17:16:52	check_reload_status: updating dyndns wan
    Nov 19 17:16:54	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:16:54	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:16:55	check_reload_status: Reloading filter
    Nov 19 17:16:55	apinger: Starting Alarm Pinger, apinger(51089)
    Nov 19 17:16:55	apinger: No usable targets found, exiting
    Nov 19 17:16:55	php: /interfaces.php: Creating rrd update script
    Nov 19 17:17:01	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:01	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
    Nov 19 17:17:02	php: : Could not find gateway for interface(wan).
    Nov 19 17:17:07	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:07	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:17:13	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:14	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:17:20	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:20	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:17:25	kernel: run0_wlan0: promiscuous mode disabled
    Nov 19 17:17:26	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:26	kernel: run0_wlan0: link state changed to UP
    Nov 19 17:17:33	kernel: run0_wlan0: link state changed to DOWN
    Nov 19 17:17:33	kernel: run0_wlan0: link state changed to UP
    

    Packet Capture:

    17:16:48.582609 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:49.469190 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x28) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
    17:16:49.584430 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:50.586262 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:51.588091 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:51.798322 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
    17:16:52.486549 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2a) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
    17:16:53.486371 00:1f:3b:be:11:c3 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2c) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
    17:16:54.465362 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2c) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
    17:16:54.930564 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:55.934858 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:56.934395 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:57.936233 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:16:59.518673 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 164: LLC, dsap Unknown (0x2e) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 150
    17:17:01.422922 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:02.424611 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:03.426400 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:04.428547 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:07.830937 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:08.832640 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:09.834464 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:10.836292 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:14.341448 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:15.342703 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:16.344527 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:17.346353 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:17.537593 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x2e) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
    17:17:17.639963 00:1f:e1:01:1e:59 > ff:ff:ff:ff:ff:ff, 802.3, length 66: LLC, dsap Unknown (0x30) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 52
    17:17:17.750085 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x30) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
    17:17:17.759082 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 1060: LLC, dsap Unknown (0x32) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 1046
    17:17:17.948328 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x32) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
    17:17:17.954573 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
    17:17:18.157062 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 722: LLC, dsap Unknown (0x34) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 708
    17:17:20.731446 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:20.917429 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
    17:17:21.732769 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:22.734598 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:23.736425 c8:cd:72:d5:42:b3 > 00:25:9c:a5:c7:67, ethertype EAPOL (0x888e), length 113: EAPOL key (3) v1, len 95
    17:17:23.886412 00:1f:e1:01:1e:59 > 01:00:5e:7f:ff:fa, 802.3, length 199: LLC, dsap Unknown (0x36) Group, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 185
    17:17:24.398888 00:1b:a9:55:b6:23 > ff:ff:ff:ff:ff:ff, 802.3, length 267: LLC, dsap Unknown (0x38) Individual, ssap Unknown (0x2c) Response, ctrl 0x6000: Information, send seq 0, rcv seq 48, Flags [Response], length 253
    
    

    Log From My Router (Don't show any request from pfSense USB Dongle):

    
    <31>Nov 19 17:12:00 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:13:14 DHCP [581]: DHCPREQUEST for 10.10.9.20 from 00:1f:e1:01:1e:59 via br0
    <31>Nov 19 17:13:14 DHCP [581]: DHCPACK on 10.10.9.20 to 00:1f:e1:01:1e:59 via br0 (ath0)
    <31>Nov 19 17:13:19 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:13:22 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:14:18 DHCP [581]: DHCPREQUEST for 10.10.9.15 from 00:1f:32:70:bd:53 via br0
    <31>Nov 19 17:14:18 DHCP [581]: DHCPACK on 10.10.9.15 to 00:1f:32:70:bd:53 via br0 (ath0)
    <31>Nov 19 17:16:17 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:16:20 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:21:01 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:21:04 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:23:42 DHCP [581]: DHCPINFORM from 10.10.9.20
    <31>Nov 19 17:23:45 DHCP [581]: DHCPINFORM from 10.10.9.20
    

    So, this line pfSense System Logs is troubling and the fact that run0 keeps going UP and DOWN is probably due to this:

    Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''
    

    Regards,



  • Just a quick helpful step, if you're troubleshooting wireless it's a good idea to not use any encryption. It sounds to me like you're having issues with passing data. I'd guess if you set your Dlink to open you'll probably see better results.



  • @torontob:

    
    Nov 19 17:16:47	php: /interfaces.php: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output > /tmp/run0_wlan0_error_output' returned exit code '1', the output was ''
    
    

    The command should probably be:```
    /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output

    
    Well spotted. If dhclient is failing to start then that would explain why you are not getting an IP address.
    
    Suggest you ssh into pfSense select 8 for shell and give the shell command (all one line):```
    
    /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output
    
    

    I think dhclient will detach from the terminal and you will another shell prompt. Wait a couple of minutes and see if the WAN interface has an IP address. If not, check the router log to see if the router reported a DHCPDISCOVER from pfSense.



  • So, that line as you mentioned gives me this error:

    [2.0-RELEASE][root@home.xxxyyy.net]/root(3): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output 2> /tmp/run0_wlan0_error_output
    
    Ambiguous output redirect.
    

    When I changed it to this command then I got this:

    [2.0-RELEASE][root@home.xxxyyy.net]/root(8): /sbin/dhclient -c /var/etc/dhclient_wan.conf run0_wlan0 > /tmp/run0_wlan0_output
    run0_wlan0: no link …........... giving up

    The file exists and it's content is also "giving up" from 5 PM today per these commands:

    [2.0-RELEASE][root@home.xxxyyy.net]/root(7): ls -la /tmp/run0_wlan0_error_output 
    -rw-r--r--  1 root  wheel  45 Nov 19 17:51 /tmp/run0_wlan0_error_output
    
    [2.0-RELEASE][root@home.xxxyyy.net]/root(6): cat /tmp/run0_wlan0_error_output 
    run0_wlan0: no link .............. giving up
    

    And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

    run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
            ether 00:25:9c:a5:c7:67
            media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
            status: associated
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            ether 00:1e:ec:6b:d6:d5
            inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
            nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
            status: no carrier
            ssid MyRouter channel 11 (2462 MHz 11g)
            country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
            bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>
    

    Don't you think it's a setting that I am missing? The ifconfig output tells a lot about what I should have in my config like the CTS which I didn't setup. What do you think?

    Regards,



  • @torontob:

    And here is the ifconfig portion of the output for run0 - Please disregard all the changes in MAC address. Every-time I create a new interface a new MAC pops up for run0 and I also tried to change it to make sure that is not the problem.

    run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
            ether 00:25:9c:a5:c7:67
            media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
            status: associated
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            ether 00:1e:ec:6b:d6:d5
            inet6 fe80::225:9cff:fea5:c767%run0_wlan0 prefixlen 64 scopeid 0x9 
            nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/24Mbps mode 11g (autoselect)
            status: no carrier
            ssid MyRouter channel 11 (2462 MHz 11g)
            country US authmode WPA2/802.11i privacy ON deftxkey UNDEF txpower 0
            bmiss 7 scanvalid 60 pureg protmode CTS roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast>
    

    My run0 device doesn't behave that way (different MAC addresses):

    # ifconfig run0
    run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
    	ether c8:3a:35:c4:ee:f3
    	media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
    # ifconfig run0_wlan0
    run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
    	ether c8:3a:35:c4:ee:f3
    	inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9 
    	inet 192.168.xxx.yyy netmask 0xffffff00 broadcast 192.168.xxx.255
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
    	ssid zzz channel 6 (2437 MHz 11g) bssid c8:3a:35:c4:ee:f3
    	regdomain ROW country AU indoor authmode WPA2/802.11i privacy MIXED
    	deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60
    	protmode OFF dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></hostap></up,broadcast,running,allmulti,simplex,multicast> 
    

    I am surprised at the different MAC addresses reported. It leads me to suspect the run driver is erroneously claiming ownership of this device. I have previously had good results with the TP-Link TL-WN321G and Tenda W311U which are both available from local retail computer shops for under the local equivalent of US$15. I have used both these dongles in AP mode, not infrastructure mode. Considering the time you and I have both spent on this I would consider it a good trade off to put the Cisco USB WiFi dongle aside and get one of those two devices or even an external WiFi router that can work in wireless Infrastructure mode.



  • wallabybob :-) absolutely right. The plan is to get another dongle and try it again.
    P.S. this works in AP mode by the way.

    Thanks again for tall the help. I will post back resutls.



  • Hi,

    I just jump on that thread with more or less the same run0 problems. My router is simply unable to connect to a completely open AP using pfsense 2.0-RELEASE and two different wifi NIC namely

    • Cisco/Linksys WUSB100
    • TP-Link EW7711UAn

    all I get is NO CARRIER –> run0_wlan0

    
    [2.0-RELEASE][root@erika.localdomain]/root(5): ifconfig 
    vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	options=82808 <vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:1e:0b:3a:4b:02
    	inet6 fe80::21e:bff:fe3a:4b02%vr0 prefixlen 64 scopeid 0x1 
    	inet 192.168.7.1 netmask 0xffffff00 broadcast 192.168.7.255
    	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
    	status: active
    pfsync0: flags=0<> metric 0 mtu 1460
    	syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
    pflog0: flags=100 <promisc>metric 0 mtu 33200
    enc0: flags=0<> metric 0 mtu 1536
    lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
    	options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 
    	inet6 ::1 prefixlen 128 
    	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 
    	nd6 options=3 <performnud,accept_rtadv>run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290
    	ether 00:1f:1f:cf:97:73
    	media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
    	status: associated
    vr0_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether 00:1e:0b:3a:4b:02
    	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan1 prefixlen 64 scopeid 0x7 
    	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
    	status: active
    	vlan: 1 parent interface: vr0
    vr0_vlan2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether 00:1e:0b:3a:4b:02
    	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan2 prefixlen 64 scopeid 0x8 
    	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
    	status: active
    	vlan: 2 parent interface: vr0
    vr0_vlan77: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether 00:1e:0b:3a:4b:02
    	inet6 fe80::21e:bff:fe3a:4b02%vr0_vlan77 prefixlen 64 scopeid 0x9 
    	nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
    	status: active
    	vlan: 77 parent interface: vr0
    run0_wlan0: flags=8c43 <up,broadcast,running,oactive,simplex,multicast>metric 0 mtu 1500
    	ether 00:1f:1f:cf:97:73
    	inet6 fe80::21f:1fff:fecf:9773%run0_wlan0 prefixlen 64 scopeid 0xa 
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11b
    	status: no carrier
    	ssid EWA@GUEST channel 1 (2412 MHz 11b)
    	regdomain ETSI country DE authmode OPEN privacy OFF txpower 30
    	bmiss 7 scanvalid 60
    ovpnc1: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
    	options=80000 <linkstate></linkstate></pointopoint,multicast></performnud,accept_rtadv></up,broadcast,running,oactive,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></full-duplex></performnud,accept_rtadv></vlan_mtu,wol_ucast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 
    

    any ideas on how to continue troubleshooting this issue?

    /Uwe



  • I have a Tenda W311U (FreeBSD run device) on my backup pfSense. I normally run the Tenda as an AP but I have just configured it to connect to the AP on my main pfSense box. It successfully associated and received a DHCP lease.

    Here is the relevant ifconfig output:

    ifconfig run0

    run0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 2290
    ether c8:3a:35:c4:ee:f3
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
    status: associated

    ifconfig run0_wlan0

    run0_wlan0: flags=108843 <up,broadcast,running,simplex,multicast,ipfw_filter>metric 0 mtu 1500
    ether c8:3a:35:c4:ee:f3
    inet6 fe80::ca3a:35ff:fec4:eef3%run0_wlan0 prefixlen 64 scopeid 0x9
    inet 192.168.211.214 netmask 0xffffff80 broadcast 192.168.211.255
    nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
    status: associated
    ssid xxxxxxxxx channel 1 (2412 MHz 11g) bssid 00:19:e0:68:31:4b
    regdomain ROW country AU indoor authmode WPA2/802.11i privacy ON
    deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7
    scanvalid 60 protmode OFF roaming MANUAL

    ifconfig run0_wlan0 scan

    SSID/MESH ID    BSSID              CHAN RATE  S:N    INT CAPS
    xxxxxxxxx      00:19:e0:68:31:4b    1  54M -53:-75  100 EPS  RSN
    #</performnud,accept_rtadv></up,broadcast,running,simplex,multicast,ipfw_filter></up,broadcast,running,allmulti,simplex,multicast>

    I didn't have to do anything special to the pfSense wireless configuration. I just disabled the WiFi interface, changed the channel to auto, Mode from Access Point to Infrastructure and SSID to match the other Access Point and the WiFi interface associated straight away after enabling.

    @harry66:

    any ideas on how to continue troubleshooting this issue?

    Checking the wireless signal quality at the client would be a good start. The ifconfig scan command I gave above might provide some useful information. Keeping the dongle in the same location (as far as possible) can you get the dongle to associate when it is connected to (say) a laptop? Can you get a WiFi capable phone to associate when the phone is in the same location as the dongle? If you connect the dongle to a USB extension cord do you get better results if the change the position or orientation of the dongle?



  • Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

    What I tried so far with both of the above mentioned devices was

    • switching the regulatory domain on and off (ETSI, Germany)
    • switching channel between dedicated channel number and auto setting
    • experimenting with no, WEP and WPA(2) encryption
      but none of the above led to a successful association.
      As both devices (access point and client) are under my direct control it is an easy thing to make sure they are in direct reach and have reasonable good signal quality and strength.

    In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.
    What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

    The only conclusion I can draw from what I know for the moment is: For the run-based devices we can not reliably predict it's designed function as we see the Tenda stick running but others not, independently of its brands reputation.

    I have no idea how we could further investigate.

    /Uwe



  • @harry66:

    Something seems to be special with the Tenda device as it seems to perform extraordinarily good on pfsense.

    Lucky choice on my part! It seems sometimes its possible to get more than what you pay for.

    @harry66:

    In addition to these experiments I decided to attach another USB wifi nic to the pfsense box to be able to compare my experiences against another chipset: It is an Alfa AWUS036H. Although all of the device I refer to show good performance under other OSes the Alfa is an exceptional player. As well with pfsense it behaves in more or less the same way you describe it for your Tenda stick.

    What other OSes did you try? Linux?

    @harry66:

    What I can say directly by comparing scan results is, that the Alfa constantly shows WLANs in reach where the Edimax and the Linksys always only show a subset. On top this subset is always different with every scan run.

    You mean on pfSense? Or do you get the varying scan results on other OSes as well?

    @harry66:

    I have no idea how we could further investigate.

    Perhaps contact support for the other suppliers and ask them to account for the results. Maybe they have their own firmware that needs their own driver tweaks to get best results.

    Thanks for the informative followup.


Log in to reply