Channels beyond 11 not visible



  • Hello!

    I have set up a USB Wifi adapter as the WAN interface and set it in Infrastructure (BSS) mode, while the built-in ethernet adapter is acting as the LAN interface, to which I plan to connect clients (potentially a hub). However, when I try to configure the WAN to act as a client on my existing WLAN, I am unable because the channel which the WLAN uses cannot be selected in the drop-down menu. Channels available are 1-11, the WLAN uses chan 13. :(

    Here's an illustration of the network:
    ISP → Modem/router WLAN (WPA2) →  old laptop (LAN) → users

    I have already set the country code as a european country, where these channels are used, but that does not add options to the channel menu. I also tried leaving it on “auto” but then it just started trying random channels within the 1-11 range.

    How do I fix this? I have read that the chipset is supported and it loads without problems.

    Old laptop sys specs:
    Pentium III (Coppermine), 900 MHz, 256 KB cache
    500MB RAM
    20.0GB HDD
    1x Ethernet port
    1x USB port
    (pfSense 2.0.1 i386)

    USB Wifi adapter: D-link DWA-140 (RT2870)

    Please, help! Thanks in advance!

    EDIT: Sorry! I accidentally posted this in the installation and upgrades. I am unsure, but I think this thread belongs in Wireless? Mods, please move it. Thank you.


  • Netgate Administrator

    Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
    Can this adapter see 12 or 13 under a different OS?

    Steve



  • @stephenw10:

    Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
    Can this adapter see 12 or 13 under a different OS?

    Steve

    Yes, I have used it with Windows and Linux. The RT2870 chipset is widely supported, one of the reasons for my purchase.



  • The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.



  • @cmb:

    The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.

    Interesting. I am having trouble locating v2.1, the main website only has v2.0.1, which I already downloaded. Has it been released? Is it possible to upgrade just the driver or do I have to do a full upgrade? Can a full upgrade be done through ssh?



  • check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board



  • @cmb:

    check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board

    Ok. I updated to the latest snapshot (pfSense-Full-Update-2.1-BETA1-i386-20121216-1746), however this did not solve my problem.. the card still only sees channels 1-11. :(
    Any tips?

    EDIT: Here's output from dmesg. Maybe this can clarify something:

    $ dmesg ; uname -a
    Copyright (c) 1992-2010 The FreeBSD Project.
    Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
    	The Regents of the University of California. All rights reserved.
    FreeBSD is a registered trademark of The FreeBSD Foundation.
    FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 17:53:00 EST 2011
        root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
    Timecounter "i8254" frequency 1193182 Hz quality 0
    CPU: Intel Pentium III (896.11-MHz 686-class CPU)
      Origin = "GenuineIntel"  Id = 0x68a  Family = 6  Model = 8  Stepping = 10
      Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory  = 536870912 (512 MB)
    avail memory = 501624832 (478 MB)
    netisr_init: forcing maxthreads to 1 and bindthreads to 0 for device polling
    wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/.
    wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (wpi_fw, 0xc0988300, 0) error 1
    ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_bss_fw, 0xc0789340, 0) error 1
    ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07893e0, 0) error 1
    ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0789480, 0) error 1
    wlan: mac acl policy registered
    kbd1 at kbdmux0
    cryptosoft0: <software crypto=""> on motherboard
    padlock0: No ACE support.
    acpi0: <ptltd  ="" rsdt=""> on motherboard
    acpi0: [ITHREAD]
    acpi0: Power Button (fixed)
    acpi0: reservation of 0, a0000 (3) failed
    acpi0: reservation of 100000, 1ff00000 (3) failed
    Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
    acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
    cpu0: <acpi cpu=""> on acpi0
    acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0
    acpi_lid0: <control method="" lid="" switch=""> on acpi0
    acpi_button0: <sleep button=""> on acpi0
    pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0
    pci0: <acpi pci="" bus=""> on pcib0
    agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0
    pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0
    pci1: <acpi pci="" bus=""> on pcib1
    vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1
    cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0
    cardbus0: <cardbus bus=""> on cbb0
    pccard0: <16-bit PCCard bus> on cbb0
    cbb0: [FILTER]
    cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0
    cardbus1: <cardbus bus=""> on cbb1
    pccard1: <16-bit PCCard bus> on cbb1
    cbb1: [FILTER]
    fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0
    miibus0: <mii bus=""> on fxp0
    inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0
    inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
    fxp0: [ITHREAD]
    pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached)
    pci0: <multimedia, audio=""> at device 5.0 (no driver attached)
    isab0: <pci-isa bridge=""> at device 7.0 on pci0
    isa0: <isa bus=""> on isab0
    atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0
    ata0: <ata 0="" channel=""> on atapci0
    ata0: [ITHREAD]
    ata1: <ata 1="" channel=""> on atapci0
    ata1: [ITHREAD]
    uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0
    uhci0: [ITHREAD]
    usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0
    pci0: <bridge> at device 7.3 (no driver attached)
    acpi_tz0: <thermal zone=""> on acpi0
    atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0
    atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0
    atkbd0: <at keyboard=""> irq 1 on atkbdc0
    kbd0 at atkbd0
    atkbd0: [GIANT-LOCKED]
    atkbd0: [ITHREAD]
    psm0: <ps 2="" mouse=""> irq 12 on atkbdc0
    psm0: [GIANT-LOCKED]
    psm0: [ITHREAD]
    psm0: model Generic PS/2 mouse, device ID 0
    ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0
    ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
    ppc0: [ITHREAD]
    ppbus0: <parallel port="" bus=""> on ppc0
    plip0: <plip network="" interface=""> on ppbus0
    plip0: [ITHREAD]
    lpt0: <printer> on ppbus0
    lpt0: [ITHREAD]
    lpt0: Interrupt-driven port
    ppi0: <parallel i="" o=""> on ppbus0
    battery0: <acpi control="" method="" battery=""> on acpi0
    acpi_acad0: <ac adapter=""> on acpi0
    pmtimer0 on isa0
    orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0
    sc0: <system console=""> at flags 0x100 on isa0
    sc0: VGA <16 virtual consoles, flags=0x300>
    vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
    acpi_throttle0: <acpi cpu="" throttling=""> on cpu0
    smist0: <speedstep smi=""> on cpu0
    Timecounter "TSC" frequency 896108961 Hz quality 800
    Timecounters tick every 1.000 msec
    IPsec: Initialized Security Association Processing.
    usbus0: 12Mbps Full Speed USB v1.0
    ugen0.1: <intel> at usbus0
    uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
    ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 
    acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 
    Root mount waiting for: usbus0
    uhub0: 2 ports with 2 removable, self powered
    Root mount waiting for: usbus0
    ugen0.2: <ralink> at usbus0
    run0: <1.0> on usbus0
    run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    run0: firmware RT2870 loaded
    Trying to mount root from ufs:/dev/ad0s1a
    pflog0: promiscuous mode enabled
    fxp0: link state changed to UP
    pflog0: promiscuous mode disabled
    Waiting (max 60 seconds) for system process `vnlru' to stop...done
    Waiting (max 60 seconds) for system process `syncer' to stop...
    Syncing disks, vnodes remaining...0 0 0 done
    Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
    All buffers synced.
    Uptime: 1h7m6s
    Rebooting...
    Copyright (c) 1992-2012 The FreeBSD Project.
    Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
    	The Regents of the University of California. All rights reserved.
    FreeBSD is a registered trademark of The FreeBSD Foundation.
    FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012
        root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
    Timecounter "i8254" frequency 1193182 Hz quality 0
    CPU: Intel Pentium III (896.11-MHz 686-class CPU)
      Origin = "GenuineIntel"  Id = 0x68a  Family = 6  Model = 8  Stepping = 10
      Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory  = 536870912 (512 MB)
    avail memory = 501600256 (478 MB)
    wlan: mac acl policy registered
    ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07b98b0, 0) error 1
    ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07b9950, 0) error 1
    ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
    ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
    module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc07b99f0, 0) error 1
    kbd1 at kbdmux0
    cryptosoft0: <software crypto=""> on motherboard
    padlock0: No ACE support.
    acpi0: <ptltd  ="" rsdt=""> on motherboard
    acpi0: [ITHREAD]
    acpi0: Power Button (fixed)
    acpi0: reservation of 0, a0000 (3) failed
    acpi0: reservation of 100000, 1ff00000 (3) failed
    Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
    acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
    cpu0: <acpi cpu=""> on acpi0
    acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0
    acpi_lid0: <control method="" lid="" switch=""> on acpi0
    acpi_button0: <sleep button=""> on acpi0
    pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0
    pci0: <acpi pci="" bus=""> on pcib0
    agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0
    pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0
    pci1: <acpi pci="" bus=""> on pcib1
    vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1
    cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0
    cardbus0: <cardbus bus=""> on cbb0
    pccard0: <16-bit PCCard bus> on cbb0
    cbb0: [FILTER]
    cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0
    cardbus1: <cardbus bus=""> on cbb1
    pccard1: <16-bit PCCard bus> on cbb1
    cbb1: [FILTER]
    fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0
    miibus0: <mii bus=""> on fxp0
    inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0
    inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
    fxp0: [ITHREAD]
    pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached)
    pci0: <multimedia, audio=""> at device 5.0 (no driver attached)
    isab0: <pci-isa bridge=""> at device 7.0 on pci0
    isa0: <isa bus=""> on isab0
    atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0
    ata0: <ata channel=""> at channel 0 on atapci0
    ata0: [ITHREAD]
    ata1: <ata channel=""> at channel 1 on atapci0
    ata1: [ITHREAD]
    uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0
    uhci0: [ITHREAD]
    usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0
    pci0: <bridge> at device 7.3 (no driver attached)
    acpi_tz0: <thermal zone=""> on acpi0
    atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0
    atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0
    atkbd0: <at keyboard=""> irq 1 on atkbdc0
    kbd0 at atkbd0
    atkbd0: [GIANT-LOCKED]
    atkbd0: [ITHREAD]
    psm0: <ps 2="" mouse=""> irq 12 on atkbdc0
    psm0: [GIANT-LOCKED]
    psm0: [ITHREAD]
    psm0: model Generic PS/2 mouse, device ID 0
    ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0
    ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
    ppc0: [ITHREAD]
    ppbus0: <parallel port="" bus=""> on ppc0
    plip0: <plip network="" interface=""> on ppbus0
    plip0: [ITHREAD]
    lpt0: <printer> on ppbus0
    lpt0: [ITHREAD]
    lpt0: Interrupt-driven port
    ppi0: <parallel i="" o=""> on ppbus0
    battery0: <acpi control="" method="" battery=""> on acpi0
    acpi_acad0: <ac adapter=""> on acpi0
    pmtimer0 on isa0
    orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0
    sc0: <system console=""> at flags 0x100 on isa0
    sc0: VGA <16 virtual consoles, flags=0x300>
    vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
    acpi_throttle0: <acpi cpu="" throttling=""> on cpu0
    smist0: <speedstep smi=""> on cpu0
    Timecounter "TSC" frequency 896110190 Hz quality 800
    Timecounters tick every 1.000 msec
    IPsec: Initialized Security Association Processing.
    usbus0: 12Mbps Full Speed USB v1.0
    ugen0.1: <intel> at usbus0
    uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
    ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 
    acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 
    Root mount waiting for: usbus0
    uhub0: 2 ports with 2 removable, self powered
    Root mount waiting for: usbus0
    ugen0.2: <ralink> at usbus0
    run0: <1.0> on usbus0
    run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    Root mount waiting for: usbus0
    run0: firmware RT2870 loaded
    Trying to mount root from ufs:/dev/ad0s1a
    pflog0: promiscuous mode enabled
    fxp0: link state changed to UP
    pflog0: promiscuous mode disabled
    pflog0: promiscuous mode enabled
    fxp0: link state changed to DOWN
    fxp0: link state changed to UP
    FreeBSD 1212.bigcountry 8.3-RELEASE-p5 FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012     root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8  i386</ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse></ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>
    

    EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…



  • @b-vigilanT:

    EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…

    I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.

    I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?

    Please post the output of the pfSense shell command```

    ifconfig run0



  • @wallabybob:

    @b-vigilanT:

    EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…

    I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.

    I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?

    Please post the output of the pfSense shell command```

    ifconfig run0

    Yes, from everything I have read, this chipset should work indeed.. and it is recognized at start, so I don't know what is wrong. Could it be that the laptop I have it installed on  is simply too old? But that would be strange, since everything is going through USB…

    Also, I saw that it had "carrier" briefly(upwards green arrow) on the dashboard, but then it disappeared. In the logs on the WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . .  "
    This is really bizarre.

    Here's the output from ifconfig:

    fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500                                
            options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:03:47:b8:d8:8b                                                                           
            inet 10.10.1.1 netmask 0xffffff00 broadcast 10.10.1.255                                           
            inet6 fe80::203:47ff:feb8:d88b%fxp0 prefixlen 64 scopeid 0x1                                      
            nd6 options=1 <performnud>media: Ethernet autoselect (100baseTX <full-duplex>)                                              
            status: active                                                                                    
    plip0: flags=8810 <pointopoint,simplex,multicast>metric 0 mtu 1500                                        
    enc0: flags=0<> metric 0 mtu 1536                                                                         
    pfsync0: flags=0<> metric 0 mtu 1460                                                                      
            syncpeer: 224.0.0.240 maxupd: 128 syncok: 1                                                       
    lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384                                         
            options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000                                                                 
            inet6 ::1 prefixlen 128                                                                           
            inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6                                                        
            nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33200                                                             
    run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290                                
            ether 00:22:b0:6d:6a:df                                                                           
            media: IEEE 802.11 Wireless Ethernet autoselect mode 11g                                          
            status: associated
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500                          
            ether 00:22:b0:6d:6a:df                                                                           
            inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9                                
            nd6 options=1 <performnud>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g                                          
            status: no carrier                                                                                
            ssid MeMM channel 2 (2417 MHz 11g)                                                                
            regdomain ETSI country SE authmode WPA1+WPA2/802.11i privacy ON                                   
            deftxkey UNDEF txpower 30 bmiss 7 scanvalid 60 protmode OFF                                       
            roaming MANUAL</performnud></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></pointopoint,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,simplex,multicast>
    

    And here's scan output (ifconfig run0_wlan0 scan) results:

    SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS                                           
    MeMM            30:46:9a:1b:42:14    2   54M -32:-62  100 EPS  RSN WPA WME HTCAP ATH WPS                  
    


  • @b-vigilanT:

    WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . .  "

    That is the MAC address of your pfSense WiFi dongle.

    The message on the Netgear suggests an incompatibility in security settings. I suggest you carefully compare the two sets of settings. I would be happy to comment further if you posted them here (e.g. screenshots.)



  • Yeah, of course.

    http://i.imgur.com/1ttW4.png
    http://i.imgur.com/um2mF.png
    http://i.imgur.com/YkMAb.png

    EDIT:
    P.S
    Just in case: Im not running pfSense in a vm. I just used it to connect to it.



  • On pfSense I suggest you change the WPA Pairwise parameter from Both to AES to match what you have set in the Netgear.


  • Netgate Administrator

    One thing I have found in the past is that the algorithm used to generate the key from the 'pass phrase' is not always the same across different devices/manufacturers. Such that although you have entered the same pass phrase on each it results in different keys and hence no access. This seems particularly true when it comes to upper and lower case letters. Some are case sensitive others are not. For example on my iphone I almost always have to enter a pass phrase using all capital letters but do not on my laptop.
    You have, quite correctly, smudged your pass phrase from the screen shots but I can see the first letter is upper case. I suggest you change the key to have only lower case letters (or only upper case) if Wallabybobs suggestion above doesn't work.

    Also from a more general point of view when setting up a new wifi connection, especially if it's at all unusual, I always start out with the simplest possible setup and then add complexity as I go. In this case I would have first tested un-encrypted.

    Steve


  • Rebel Alliance Developer Netgate

    If you expect to see channels above 11, make sure you set the appropriate regulatory domain, country, etc. Not all channels are available in all regions, so the driver limits what it shows based on where those channels are allowed.



  • Ok, guys.. this is really strange behavior and I am feeling quite depressed about it all. I have tried all the things you wrote, I set the security to only AES, I specified the regulatory domain and all the options in that area, I even tried to invert the password case (ie. uppercase -> lowercase, lowercase->uppercase). I just wont budge. In the logs I can still read that the "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Wednesday, December 19,2012 01:44:13"

    I tried setting a reserved IP for the card and mac address in the Netgear router. When I did that, pfSense reported that the interface was associated and that the "Media" is OFDM/36mbps mode 11g (what is that?). I tried to ping, nothing happens.

    I even changed the SSID, hoping for soemthing.

    So, then I removed the RT2870 card from the pfSense box, attach it to my linux laptop, try to connect to the AP with same settings as in pfSense. Lo and behold, I have internet. What the hell? In fact, I am posting this very message from my linux laptop now.

    EDIT:

    Some screens of the interfaces page showing the NIC is associated, but not getting an IP.
    I have also tried doing this with the RT3070 (Alfa AWUS036NH) card I have, but that had even worse results than RT2870 if you can believe it.. and I did a reboot before I tried setting it up.

    I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?





  • Netgate Administrator

    As a test you should try with no encryption. It may be some underlying cause that isn't obvious.
    You could try a WPA pass phrase that is all numbers, that way it's not possible to get a case error. It's also usually possible to enter the key in hex directly. I have had equipment that required that, though not for a number of years now.

    That log entry does seem to imply they just aren't using the same encryption type. Any logs from pfSense?

    Steve



  • Based on a fairly limited experience I have formed the suspicion that WiFi interfaces in Infrastructure mode re rather less well tested than the devices in AP mode.

    Can you switch the pfSense to AP mode and the Netgear to Infrastructure mode, even for a short period to see what happens?



  • Well, I am not sure the NETGEAR is able to go into BSS mode, the device is from the ISP, so I don't want to mess with that too much, to be honest.

    Setting the RT2870 in AP mode appears to be working just fine. It is broadcasting and all; I tried having it with and without encryption and was able to connect in both situations. I did not manage to access the webconfiguration page from the wireless connection, however. Maybe I forgot to do some settings…

    Then I finally tried to have NETGEAR unencrypted, and to my big surprise I was able to connect to it and have an IP address assignet to RT2870! However, I  was not able to go on the internet, save for pinging google and pfsense.org and some other choice websites, I was not able to do anything. Not even traceroute. Something was curious, though. In the list of DNS servers 127.0.0.1 was present. I knew I had not put it there, so this must have been pfSense's doing. This lead me to notice that the DNS Forwarding service was enabled and was preventing communication to the internet. I disabled that, and was able to browse the internet! Amazing! I managed to download the latest BETA1 snapshot through the auto-update utility and update pfSense to have the current snapshot.

    This is all great, but it does not really help me as I cannot have NETGEAR unsecured. That would be a trade-off I am not willing to do. :( And now that I have enabled security on NETGEAR, it is same old again. Why?



  • @b-vigilanT:

    I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?

    A quick search hasn't provided any evidence that device is supported.

    I suspect the chipsets you have tried are the only "newish" USB chipsets supported.

    The only other likely expansion slot on a laptop of that vintage is PCMCIA/Cardbus, but, in my limited experience, Cardbus support in FreeBSD is highly dependent on the BIOS corrctly initialising the Cardbus bridge and Windows doesn't seem to require that.

    Fruitful field for you for research!

    If you don't run want to run the risk of spending lots of hours and still not getting that configuration working I suggest you try to pick up a cheap second hand desktop or small server PC where your connectivity options will be considerably greater: an ability to add extra NICs to support a external wireless router/bridge and a greater range of supported PCI/PCI-e devices if you prefer to have the wireless NIC in pfSense.

    It is experiences such as you have recounted that form the basis of my suspicion that WiFi interfaces in Infrastructure mode are rather less well tested on FreeBSD than the devices in AP mode.

    If you want to persevere with the laptop AND it has PCMCIA slots you could go looking on eBay for Cardbus/PCMCIA wireless NICs with Atheros chipset or Ralink RT2560 or RT2561 but … If you want to explore that option further I'll make some further suggestions.

    I



  • Well, I wouldn't call the RT2870 new. I bought it 3 or 4 years ago, iirc.

    I haven't looked, but I think the laptop has a pcmcia slot. Though, like you said, it is most likely a hassle to deal with. A fruitful field I rather leave unexplored.

    I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.

    Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support. This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release? From what I gather, there's still the issue of 802.11n support in FreeBSD… :(



  • @b-vigilanT:

    I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.

    My Linux netbook came with a VIA mini-PCI-E (USB) WiFi adapter. It worked fine with my then pfSense. After a Linux upgrade the WiFi stopped working and wouldn't work again until I changed the WPA Pairwise setting on my pfSense from Both to AES. (TKIP wouldn't work.) On upgrade to Ubuntu 12.04 the WiFi adapter was "unsupported" and was unrecognised. I bought an Intel mini-PCI-E WiFi adapter on eBay for a few dollars and it has worked fine for about the last 6 months.

    I am recounting this to show that bizarre WiFi encryption behaviour is not exclusive to FreeBSD.

    @b-vigilanT:

    Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support.

    One of the reasons I ditched Smoothwall for pfSense some years ago was that I would have had to build WiFi drivers for it myself. I don't know about xxWRT.

    @b-vigilanT:

    This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release?

    My guess is "zip if no-one files a FreeBSD Problem Report". You can file a FreeBSD Problem Report at http://www.freebsd.org/send-pr.html

    @b-vigilanT:

    From what I gather, there's still the issue of 802.11n support in FreeBSD… :(

    Coming, but Christmas will be here sooner!


  • Netgate Administrator

    Well this is a big step forward.  :)
    You have shown that the connection can work if both sides are talking the same encryption type.
    Can you try WEP instead? Clearly it's not secure any more but since it's much older it's far more tested and likely to work.
    If you deliberately put in a completely incorrect pass phrase does the Netgear log still show the same thing? I suspect that it never gets as far as actually checking the key if the encryption type doesn't match.
    Maybe try configuring your laptop 'wrong' in various ways to see what errors are produced in the log. When you see the same error that pfSense is generating you will know what you have configured wrong that is producing it.
    I would expect some errors in the pfSense logs that may give a clue.  :-\

    Reading back through the thread it seems to me one of three things could be happening here:
    1: The run(4) driver is fundamentally broken in some way that prevents it doing the correct encryption.
    This seems unlikely since, even by FreeBSD standards, 3-4 years is quite old and I would expect to see many threads in the FreeBSD forums if it were the case.

    2: The pfSense webGUI is not correctly setting up the driver. This is more likely since, as Wallabybob said, almost everyone who uses wifi in pfSense uses hostap mode. It could be a new bug. This is relatively easy to test however by simply setting up the NIC from the CLI.

    3: The encryption types are simply setup mismatched and it's not obvious from the two web interfaces that this is happening. This still seems the most likely to me.  ;)
    I notice fro your screenshot of the Netgear that it cannot do WPA-AES or WPA2-TKIP. It's possible pfSense is defaulting to one of those unless you have specifically told it not to.

    Steve


  • Netgate Administrator

    In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:

    ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            ether 00:11:f5:ee:41:8b
            inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11
            inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
            nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
            ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:********
            regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i
            privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit
            txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    

    Also what does your card show for it's capabilities:

    [2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps
    drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag> 
    

    Steve



  • @stephenw10:

    In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:

    ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            ether 00:11:f5:ee:41:8b
            inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11
            inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
            nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
            ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:********
            regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i
            privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit
            txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    

    Also what does your card show for it's capabilities:

    [2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps
    drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag> 
    

    Steve

    Here's cap list:

     ifconfig run0_wlan0 list caps                                                 
    drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b<wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>
    

    And here are the logs: http://speedy.sh/7ugBP/logs.zip

    Not sure which ones are relevant, system.log and dhcpd.log, I guess… anyway, I cp'd the whole /var/logs/ :/

    EDIT:

    Oh, here's the ifconfig output:

    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether 00:22:b0:6d:6a:df
    	inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9 
    	inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet DS/5.5Mbps mode 11g
    	status: associated
    	ssid LGM2 channel 2 (2417 MHz 11g) bssid 30:46:9a:1b:42:14
    	regdomain ETSI country SE outdoor authmode WPA2/802.11i privacy ON
    	deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7
    	scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    

    It's kind of interesting, in fact. Now that I powered pfSense off, and turned it on a bit later, the NIC seems to be associated and authenticated with the AP. It has it's own IP, but I cannot access the internet; ping and traceroute do not work.


  • Netgate Administrator

    Well I immediately see that your device is not capable of AES only AES_CCM. If the Netgear router is expecting AES it won't work. Try setting both ends to TKIP.
    Looking at the logs now…

    Steve

    Edit: You edited while I typed! Can you not even ping the router when it has acquired an IP?


  • Rebel Alliance Developer Netgate

    FYI- When updating the wireless chapter of the book over the last few weeks I did configure and test acting as a wireless client, and it worked fine. (My only issue was a signal/antenna issue, namely that my test box didn't have one. Once I plugged one in, it worked ;-)

    Some cards/drivers can be picky about AES vs TKIP and also Open System vs Shared Key, and also PSK vs EAP.


  • Netgate Administrator

    Was that with the run(4) driver Jim?

    @B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.


  • Rebel Alliance Developer Netgate

    No, all I have are ath(4) cards on hand at the moment, various 52xx and 59xx models. (And mwl(4) but I didn't test those recently)



  • @stephenw10:

    Was that with the run(4) driver Jim?

    @B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.

    Try this, I packed it in .rar for you: http://speedy.sh/7ujcP/logs.rar

    I have not tested pinging the router. The battery in my laptop is dead. I have to wait for charge. I will try asap.


  • Netgate Administrator

    I have a device that uses the run(4) driver here so plugged it in to see what was what. I'm seeing pretty much exactly the same as you.

    
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig run0_wlan0
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether f8:d1:11:********
    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
    	status: associated
    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
    	regdomain ETSI country GB authmode WPA2/802.11i privacy ON
    	deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7
    	scanvalid 60 protmode OFF roaming MANUAL
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(2): ifconfig run0_wlan0 list caps
    drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b <wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    

    You can see it's trying to use TKIP although it's set to 'both' in the config. In the router I'm trying to connect to, which is also set to both encrytion types and wpa/wpa2, I am seeing:

    Process=hostapd  msg=ath1: STA f8:d1:11:******* WPA: EAPOL-Key timeout
    

    Hmm, I'll try some more combinations. If it does work I'll probablyget some hideous network loop!  ::)

    Steve


  • Netgate Administrator

    Hmm well that was interesting.
    So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
    The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else.  ::)

    Steve


  • Netgate Administrator

    Ok there's some bug here. With the wifi interface set to dhcp in the web gui I don't get an address. Yet:

    [2.0.1-RELEASE][root@pfSense.localdomain]/root(8): ifconfig run0_wlan0
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether f8:d1:11:********
    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
    	status: associated
    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
    	regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF
    	TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60
    	protmode OFF roaming MANUAL
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0
    dhclient: PREINIT
    DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
    DHCPOFFER from 192.168.111.1
    DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
    DHCPACK from 192.168.111.1
    bound to 192.168.111.11 -- renewal in 14400 seconds.
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether f8:d1:11:********
    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
    	inet 192.168.111.11 netmask 0xffffff00 broadcast 192.168.111.255
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
    	status: associated
    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
    	regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF
    	TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60
    	protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    

    Steve



  • @stephenw10:

    Hmm well that was interesting.
    So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
    The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else.  ::)

    Steve

    Yeah, I was thinking that too previously. However, I am unsure if I am setting the subnet correctly.. /24 should be 255.255.255.0, I think.. but im unsure if that is what it should be even. Also, in the Static IPv4 Configuration should I set the NETGEAR gateway address(192.168.1.1) in the Gateway drop-down menu or the gateway for the pfSense (10.10.1.1) box?

    Now, I tried switching to static IP and it dropped connection and is not regaining it. BTW, which are the proper Authentication and Key Management mode in my case? I noticed, by running ifconfig over and over again, that having them in Both the interface is switching mode all the time.


  • Netgate Administrator

    If the wifi is effectively your WAN connection then the gateway should be address of the Netgear router.

    You should be able to leave Authentication set as 'both' although like it says it will only use 'Shared Key Authentication' if you are using WEP.
    My access point doesn't supports EAP at all so I have it set to PSK for management mode.

    From the many combinations I have tested I have found that as long as your intrface is reporting 'status: associated' and is showing some encryption in use, TKIP or AES, then it should be working. At that point if you manually start the dhcp client it will work:

    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0
    dhclient: PREINIT
    DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
    DHCPOFFER from 192.168.111.1
    DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
    DHCPACK from 192.168.111.1
    bound to 192.168.111.11 -- renewal in 14400 seconds.
    

    However it won't come up at boot (or at least mine didn't) so it's probably easier to use static addressing as a work around.

    Steve


  • Netgate Administrator

    Just to confirm this I have reset all the values in the pfSense wireless setup to 'both' and set the values in my router/access point back to their defaults. The behaviour is the same:

    [2.0.1-RELEASE][root@pfSense.localdomain]/root(6): ifconfig run0_wlan0
    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	ether f8:d1:11:********
    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xd 
    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
    	status: associated
    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
    	regdomain ETSI country GB authmode WPA2/802.11i privacy ON
    	deftxkey UNDEF TKIP 2:128-bit txpower 30 bmiss 7 scanvalid 60
    	protmode OFF roaming MANUAL
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(7): dhclient run0_wlan0
    dhclient: PREINIT
    DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
    DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
    DHCPACK from 192.168.111.1
    bound to 192.168.111.11 -- renewal in 14400 seconds.</performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
    


  • I think I've heard of this DHCP issue before when using the wireless in client mode.  I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it).  No one else has attempted working on it (that I'm aware of).

    As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area.  This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them.  As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.



  • Ok. I finally managed to get an IP doing it Steve's way, by setting a static IP of 192.168.1.9/24 (I think I was using the incorrect CIDR notation previously) and Netgear gateway on 192.168.1.1 then running dhclient manually in the ssh session.

    There is still the issue of internet connectivity – I can ping the gateway fine in both in the web gui and ssh terminal, but I can ping outside the WLAN only through the web gui, and that is only after I enabled the DNS forwarder again...

    When I attempt to ping google in ssh, I get "No route to host" message. I need to fix this.

    This is certainly progress, but it is quite impractical. Today, I plan on acquiring a USB hub, so that I can connect a 2nd wifi adapter, my RT3070 card (Alfa awus036nh). I plan on using that card to connect to the Netgear and the RT2870 in host AP mode to extend the WLAN.

    EDIT:
    @Efonne:

    I think I've heard of this DHCP issue before when using the wireless in client mode.  I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it).  No one else has attempted working on it (that I'm aware of).

    As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area.  This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them.  As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.

    I gathered as much, the regional settings are only there to filter but in this case, when I set the correct regional settings (Europe ESTI) why does it still only show 1-11? My adapter's firmware should support at least up to 14, and I think it also supports the 5GHz channels too, actually.


  • Netgate Administrator

    Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
    Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.

    I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.

    You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
    Edit: Unless you were referring to 802.11A of course!  ;)

    My own card, a TP-Link TL_WN7200N, is seen as:

    run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:********
    run0: firmware RT2870 loaded
    
    

    What does your card list as it's channel capabilites from the CLI?

    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
    Channel   6 : 2437  MHz 11g          
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
    Channel   6 : 2437  MHz 11g 
    

    My NIC can't see 12 or 13 either under pfSense.

    @Efonne If you are looking into this (should the urge come over you  ;)) and need testers or logs etc, please ask.

    Steve


  • Netgate Administrator

    Back to the original topic the reason we only have 11 channels is probably this:
    http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052236.html

    I wonder how tough it would be to make run(4) setup the channel list correctly? Hmm…

    Steve



  • @stephenw10:

    Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
    Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.

    The Wifi is set as WAN. Yet, I cannot ping from the ssh session, only in the web gui and not all websites either.

    I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.

    You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
    Edit: Unless you were referring to 802.11A of course!  ;)

    My own card, a TP-Link TL_WN7200N, is seen as:

    run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:********
    run0: firmware RT2870 loaded
    
    

    What does your card list as it's channel capabilites from the CLI?

    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
    Channel   6 : 2437  MHz 11g          
    [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
    Channel   6 : 2437  MHz 11g 
    

    My NIC can't see 12 or 13 either under pfSense.

    @Efonne If you are looking into this (should the urge come over you  ;)) and need testers or logs etc, please ask.

    Steve

    My list is same as yours, it seems:

    [2.1-BETA1][root@1212.bigcountry]/root(4): ifconfig run0_wlan0 list chans                                                
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g                                                         
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g                                                         
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g                                                         
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g                                                         
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g                                                         
    Channel   6 : 2437  MHz 11g                                                                                              
    [2.1-BETA1][root@1212.bigcountry]/root(5): ifconfig run0_wlan0 list active                                               
    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g                                                         
    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g                                                         
    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g                                                         
    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g                                                         
    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g                                                         
    Channel   6 : 2437  MHz 11g
    
    

    Also, I can no longer associate. I have not changed anything in the Netgear device. I have tried setting the management mode to PSK, and doing all the different settings, what have you.. nothing. I am going to try using the RT3070. Hopefully, I will have same success as you.

    EDIT:

    The RT3070 does not work for me at all. Even after reboot, I am not even able to do

    ifconfig run0_wlan0 scan
    

    Instead, I plugged RT2870 back and managed to associate by setting the proper subnet mask: 192.168.1.1/16

    That's strange, because last time it was something different, iirc. So, I can ping and traceroute the Netgear gateway just fine but I still cannot ping/tracert outside the WLAN. Getting the cannot resolve host/no route to host messages. I am now trying to set up a static route in the Gateways > routes section, but pfSense seems to have crashed as a result.


Locked