Channels beyond 11 not visible
-
Hello!
I have set up a USB Wifi adapter as the WAN interface and set it in Infrastructure (BSS) mode, while the built-in ethernet adapter is acting as the LAN interface, to which I plan to connect clients (potentially a hub). However, when I try to configure the WAN to act as a client on my existing WLAN, I am unable because the channel which the WLAN uses cannot be selected in the drop-down menu. Channels available are 1-11, the WLAN uses chan 13. :(
Here's an illustration of the network:
ISP → Modem/router WLAN (WPA2) → old laptop (LAN) → usersI have already set the country code as a european country, where these channels are used, but that does not add options to the channel menu. I also tried leaving it on “auto” but then it just started trying random channels within the 1-11 range.
How do I fix this? I have read that the chipset is supported and it loads without problems.
Old laptop sys specs:
Pentium III (Coppermine), 900 MHz, 256 KB cache
500MB RAM
20.0GB HDD
1x Ethernet port
1x USB port
(pfSense 2.0.1 i386)USB Wifi adapter: D-link DWA-140 (RT2870)
Please, help! Thanks in advance!
EDIT: Sorry! I accidentally posted this in the installation and upgrades. I am unsure, but I think this thread belongs in Wireless? Mods, please move it. Thank you.
-
Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
Can this adapter see 12 or 13 under a different OS?Steve
-
Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
Can this adapter see 12 or 13 under a different OS?Steve
Yes, I have used it with Windows and Linux. The RT2870 chipset is widely supported, one of the reasons for my purchase.
-
The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.
-
@cmb:
The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.
Interesting. I am having trouble locating v2.1, the main website only has v2.0.1, which I already downloaded. Has it been released? Is it possible to upgrade just the driver or do I have to do a full upgrade? Can a full upgrade be done through ssh?
-
check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board
-
@cmb:
check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board
Ok. I updated to the latest snapshot (pfSense-Full-Update-2.1-BETA1-i386-20121216-1746), however this did not solve my problem.. the card still only sees channels 1-11. :(
Any tips?EDIT: Here's output from dmesg. Maybe this can clarify something:
$ dmesg ; uname -a Copyright (c) 1992-2010 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 17:53:00 EST 2011 root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel Pentium III (896.11-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x68a Family = 6 Model = 8 Stepping = 10 Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory = 536870912 (512 MB) avail memory = 501624832 (478 MB) netisr_init: forcing maxthreads to 1 and bindthreads to 0 for device polling wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/. wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (wpi_fw, 0xc0988300, 0) error 1 ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_bss_fw, 0xc0789340, 0) error 1 ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07893e0, 0) error 1 ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0789480, 0) error 1 wlan: mac acl policy registered kbd1 at kbdmux0 cryptosoft0: <software crypto=""> on motherboard padlock0: No ACE support. acpi0: <ptltd ="" rsdt=""> on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi0: reservation of 0, a0000 (3) failed acpi0: reservation of 100000, 1ff00000 (3) failed Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0 cpu0: <acpi cpu=""> on acpi0 acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0 acpi_lid0: <control method="" lid="" switch=""> on acpi0 acpi_button0: <sleep button=""> on acpi0 pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0 pci0: <acpi pci="" bus=""> on pcib0 agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0 pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0 pci1: <acpi pci="" bus=""> on pcib1 vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1 cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0 cardbus0: <cardbus bus=""> on cbb0 pccard0: <16-bit PCCard bus> on cbb0 cbb0: [FILTER] cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0 cardbus1: <cardbus bus=""> on cbb1 pccard1: <16-bit PCCard bus> on cbb1 cbb1: [FILTER] fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0 miibus0: <mii bus=""> on fxp0 inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp0: [ITHREAD] pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached) pci0: <multimedia, audio=""> at device 5.0 (no driver attached) isab0: <pci-isa bridge=""> at device 7.0 on pci0 isa0: <isa bus=""> on isab0 atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0 ata0: <ata 0="" channel=""> on atapci0 ata0: [ITHREAD] ata1: <ata 1="" channel=""> on atapci0 ata1: [ITHREAD] uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0 uhci0: [ITHREAD] usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0 pci0: <bridge> at device 7.3 (no driver attached) acpi_tz0: <thermal zone=""> on acpi0 atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0 atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0 atkbd0: <at keyboard=""> irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] atkbd0: [ITHREAD] psm0: <ps 2="" mouse=""> irq 12 on atkbdc0 psm0: [GIANT-LOCKED] psm0: [ITHREAD] psm0: model Generic PS/2 mouse, device ID 0 ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0 ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode ppc0: [ITHREAD] ppbus0: <parallel port="" bus=""> on ppc0 plip0: <plip network="" interface=""> on ppbus0 plip0: [ITHREAD] lpt0: <printer> on ppbus0 lpt0: [ITHREAD] lpt0: Interrupt-driven port ppi0: <parallel i="" o=""> on ppbus0 battery0: <acpi control="" method="" battery=""> on acpi0 acpi_acad0: <ac adapter=""> on acpi0 pmtimer0 on isa0 orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0 sc0: <system console=""> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 acpi_throttle0: <acpi cpu="" throttling=""> on cpu0 smist0: <speedstep smi=""> on cpu0 Timecounter "TSC" frequency 896108961 Hz quality 800 Timecounters tick every 1.000 msec IPsec: Initialized Security Association Processing. usbus0: 12Mbps Full Speed USB v1.0 ugen0.1: <intel> at usbus0 uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0 ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 Root mount waiting for: usbus0 uhub0: 2 ports with 2 removable, self powered Root mount waiting for: usbus0 ugen0.2: <ralink> at usbus0 run0: <1.0> on usbus0 run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 run0: firmware RT2870 loaded Trying to mount root from ufs:/dev/ad0s1a pflog0: promiscuous mode enabled fxp0: link state changed to UP pflog0: promiscuous mode disabled Waiting (max 60 seconds) for system process `vnlru' to stop...done Waiting (max 60 seconds) for system process `syncer' to stop... Syncing disks, vnodes remaining...0 0 0 done Waiting (max 60 seconds) for system process `bufdaemon' to stop...done All buffers synced. Uptime: 1h7m6s Rebooting... Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012 root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel Pentium III (896.11-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x68a Family = 6 Model = 8 Stepping = 10 Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory = 536870912 (512 MB) avail memory = 501600256 (478 MB) wlan: mac acl policy registered ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07b98b0, 0) error 1 ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07b9950, 0) error 1 ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/. ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc07b99f0, 0) error 1 kbd1 at kbdmux0 cryptosoft0: <software crypto=""> on motherboard padlock0: No ACE support. acpi0: <ptltd ="" rsdt=""> on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi0: reservation of 0, a0000 (3) failed acpi0: reservation of 100000, 1ff00000 (3) failed Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0 cpu0: <acpi cpu=""> on acpi0 acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0 acpi_lid0: <control method="" lid="" switch=""> on acpi0 acpi_button0: <sleep button=""> on acpi0 pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0 pci0: <acpi pci="" bus=""> on pcib0 agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0 pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0 pci1: <acpi pci="" bus=""> on pcib1 vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1 cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0 cardbus0: <cardbus bus=""> on cbb0 pccard0: <16-bit PCCard bus> on cbb0 cbb0: [FILTER] cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0 cardbus1: <cardbus bus=""> on cbb1 pccard1: <16-bit PCCard bus> on cbb1 cbb1: [FILTER] fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0 miibus0: <mii bus=""> on fxp0 inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow fxp0: [ITHREAD] pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached) pci0: <multimedia, audio=""> at device 5.0 (no driver attached) isab0: <pci-isa bridge=""> at device 7.0 on pci0 isa0: <isa bus=""> on isab0 atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0 ata0: <ata channel=""> at channel 0 on atapci0 ata0: [ITHREAD] ata1: <ata channel=""> at channel 1 on atapci0 ata1: [ITHREAD] uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0 uhci0: [ITHREAD] usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0 pci0: <bridge> at device 7.3 (no driver attached) acpi_tz0: <thermal zone=""> on acpi0 atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0 atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0 atkbd0: <at keyboard=""> irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] atkbd0: [ITHREAD] psm0: <ps 2="" mouse=""> irq 12 on atkbdc0 psm0: [GIANT-LOCKED] psm0: [ITHREAD] psm0: model Generic PS/2 mouse, device ID 0 ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0 ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode ppc0: [ITHREAD] ppbus0: <parallel port="" bus=""> on ppc0 plip0: <plip network="" interface=""> on ppbus0 plip0: [ITHREAD] lpt0: <printer> on ppbus0 lpt0: [ITHREAD] lpt0: Interrupt-driven port ppi0: <parallel i="" o=""> on ppbus0 battery0: <acpi control="" method="" battery=""> on acpi0 acpi_acad0: <ac adapter=""> on acpi0 pmtimer0 on isa0 orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0 sc0: <system console=""> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 acpi_throttle0: <acpi cpu="" throttling=""> on cpu0 smist0: <speedstep smi=""> on cpu0 Timecounter "TSC" frequency 896110190 Hz quality 800 Timecounters tick every 1.000 msec IPsec: Initialized Security Association Processing. usbus0: 12Mbps Full Speed USB v1.0 ugen0.1: <intel> at usbus0 uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0 ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 Root mount waiting for: usbus0 uhub0: 2 ports with 2 removable, self powered Root mount waiting for: usbus0 ugen0.2: <ralink> at usbus0 run0: <1.0> on usbus0 run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 Root mount waiting for: usbus0 run0: firmware RT2870 loaded Trying to mount root from ufs:/dev/ad0s1a pflog0: promiscuous mode enabled fxp0: link state changed to UP pflog0: promiscuous mode disabled pflog0: promiscuous mode enabled fxp0: link state changed to DOWN fxp0: link state changed to UP FreeBSD 1212.bigcountry 8.3-RELEASE-p5 FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012 root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386</ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse></ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…
-
EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…
I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.
I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?
Please post the output of the pfSense shell command```
ifconfig run0
-
EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…
I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.
I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?
Please post the output of the pfSense shell command```
ifconfig run0
Yes, from everything I have read, this chipset should work indeed.. and it is recognized at start, so I don't know what is wrong. Could it be that the laptop I have it installed on is simply too old? But that would be strange, since everything is going through USB…
Also, I saw that it had "carrier" briefly(upwards green arrow) on the dashboard, but then it disappeared. In the logs on the WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . . "
This is really bizarre.Here's the output from ifconfig:
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:03:47:b8:d8:8b inet 10.10.1.1 netmask 0xffffff00 broadcast 10.10.1.255 inet6 fe80::203:47ff:feb8:d88b%fxp0 prefixlen 64 scopeid 0x1 nd6 options=1 <performnud>media: Ethernet autoselect (100baseTX <full-duplex>) status: active plip0: flags=8810 <pointopoint,simplex,multicast>metric 0 mtu 1500 enc0: flags=0<> metric 0 mtu 1536 pfsync0: flags=0<> metric 0 mtu 1460 syncpeer: 224.0.0.240 maxupd: 128 syncok: 1 lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33200 run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290 ether 00:22:b0:6d:6a:df media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: associated run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:22:b0:6d:6a:df inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9 nd6 options=1 <performnud>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: no carrier ssid MeMM channel 2 (2417 MHz 11g) regdomain ETSI country SE authmode WPA1+WPA2/802.11i privacy ON deftxkey UNDEF txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL</performnud></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></pointopoint,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,simplex,multicast>And here's scan output (ifconfig run0_wlan0 scan) results:
SSID/MESH ID BSSID CHAN RATE S:N INT CAPS MeMM 30:46:9a:1b:42:14 2 54M -32:-62 100 EPS RSN WPA WME HTCAP ATH WPS
-
WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . . "
That is the MAC address of your pfSense WiFi dongle.
The message on the Netgear suggests an incompatibility in security settings. I suggest you carefully compare the two sets of settings. I would be happy to comment further if you posted them here (e.g. screenshots.)
-
Yeah, of course.
http://i.imgur.com/1ttW4.png
http://i.imgur.com/um2mF.png
http://i.imgur.com/YkMAb.pngEDIT:
P.S
Just in case: Im not running pfSense in a vm. I just used it to connect to it.
-
On pfSense I suggest you change the WPA Pairwise parameter from Both to AES to match what you have set in the Netgear.
-
One thing I have found in the past is that the algorithm used to generate the key from the 'pass phrase' is not always the same across different devices/manufacturers. Such that although you have entered the same pass phrase on each it results in different keys and hence no access. This seems particularly true when it comes to upper and lower case letters. Some are case sensitive others are not. For example on my iphone I almost always have to enter a pass phrase using all capital letters but do not on my laptop.
You have, quite correctly, smudged your pass phrase from the screen shots but I can see the first letter is upper case. I suggest you change the key to have only lower case letters (or only upper case) if Wallabybobs suggestion above doesn't work.Also from a more general point of view when setting up a new wifi connection, especially if it's at all unusual, I always start out with the simplest possible setup and then add complexity as I go. In this case I would have first tested un-encrypted.
Steve
-
If you expect to see channels above 11, make sure you set the appropriate regulatory domain, country, etc. Not all channels are available in all regions, so the driver limits what it shows based on where those channels are allowed.
-
Ok, guys.. this is really strange behavior and I am feeling quite depressed about it all. I have tried all the things you wrote, I set the security to only AES, I specified the regulatory domain and all the options in that area, I even tried to invert the password case (ie. uppercase -> lowercase, lowercase->uppercase). I just wont budge. In the logs I can still read that the "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Wednesday, December 19,2012 01:44:13"
I tried setting a reserved IP for the card and mac address in the Netgear router. When I did that, pfSense reported that the interface was associated and that the "Media" is OFDM/36mbps mode 11g (what is that?). I tried to ping, nothing happens.
I even changed the SSID, hoping for soemthing.
So, then I removed the RT2870 card from the pfSense box, attach it to my linux laptop, try to connect to the AP with same settings as in pfSense. Lo and behold, I have internet. What the hell? In fact, I am posting this very message from my linux laptop now.
EDIT:
Some screens of the interfaces page showing the NIC is associated, but not getting an IP.
I have also tried doing this with the RT3070 (Alfa AWUS036NH) card I have, but that had even worse results than RT2870 if you can believe it.. and I did a reboot before I tried setting it up.I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?
-
As a test you should try with no encryption. It may be some underlying cause that isn't obvious.
You could try a WPA pass phrase that is all numbers, that way it's not possible to get a case error. It's also usually possible to enter the key in hex directly. I have had equipment that required that, though not for a number of years now.That log entry does seem to imply they just aren't using the same encryption type. Any logs from pfSense?
Steve
-
Based on a fairly limited experience I have formed the suspicion that WiFi interfaces in Infrastructure mode re rather less well tested than the devices in AP mode.
Can you switch the pfSense to AP mode and the Netgear to Infrastructure mode, even for a short period to see what happens?
-
Well, I am not sure the NETGEAR is able to go into BSS mode, the device is from the ISP, so I don't want to mess with that too much, to be honest.
Setting the RT2870 in AP mode appears to be working just fine. It is broadcasting and all; I tried having it with and without encryption and was able to connect in both situations. I did not manage to access the webconfiguration page from the wireless connection, however. Maybe I forgot to do some settings…
Then I finally tried to have NETGEAR unencrypted, and to my big surprise I was able to connect to it and have an IP address assignet to RT2870! However, I was not able to go on the internet, save for pinging google and pfsense.org and some other choice websites, I was not able to do anything. Not even traceroute. Something was curious, though. In the list of DNS servers 127.0.0.1 was present. I knew I had not put it there, so this must have been pfSense's doing. This lead me to notice that the DNS Forwarding service was enabled and was preventing communication to the internet. I disabled that, and was able to browse the internet! Amazing! I managed to download the latest BETA1 snapshot through the auto-update utility and update pfSense to have the current snapshot.
This is all great, but it does not really help me as I cannot have NETGEAR unsecured. That would be a trade-off I am not willing to do. :( And now that I have enabled security on NETGEAR, it is same old again. Why?
-
I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?
A quick search hasn't provided any evidence that device is supported.
I suspect the chipsets you have tried are the only "newish" USB chipsets supported.
The only other likely expansion slot on a laptop of that vintage is PCMCIA/Cardbus, but, in my limited experience, Cardbus support in FreeBSD is highly dependent on the BIOS corrctly initialising the Cardbus bridge and Windows doesn't seem to require that.
Fruitful field for you for research!
If you don't run want to run the risk of spending lots of hours and still not getting that configuration working I suggest you try to pick up a cheap second hand desktop or small server PC where your connectivity options will be considerably greater: an ability to add extra NICs to support a external wireless router/bridge and a greater range of supported PCI/PCI-e devices if you prefer to have the wireless NIC in pfSense.
It is experiences such as you have recounted that form the basis of my suspicion that WiFi interfaces in Infrastructure mode are rather less well tested on FreeBSD than the devices in AP mode.
If you want to persevere with the laptop AND it has PCMCIA slots you could go looking on eBay for Cardbus/PCMCIA wireless NICs with Atheros chipset or Ralink RT2560 or RT2561 but … If you want to explore that option further I'll make some further suggestions.
I
-
Well, I wouldn't call the RT2870 new. I bought it 3 or 4 years ago, iirc.
I haven't looked, but I think the laptop has a pcmcia slot. Though, like you said, it is most likely a hassle to deal with. A fruitful field I rather leave unexplored.
I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.
Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support. This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release? From what I gather, there's still the issue of 802.11n support in FreeBSD… :(
-
I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.
My Linux netbook came with a VIA mini-PCI-E (USB) WiFi adapter. It worked fine with my then pfSense. After a Linux upgrade the WiFi stopped working and wouldn't work again until I changed the WPA Pairwise setting on my pfSense from Both to AES. (TKIP wouldn't work.) On upgrade to Ubuntu 12.04 the WiFi adapter was "unsupported" and was unrecognised. I bought an Intel mini-PCI-E WiFi adapter on eBay for a few dollars and it has worked fine for about the last 6 months.
I am recounting this to show that bizarre WiFi encryption behaviour is not exclusive to FreeBSD.
Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support.
One of the reasons I ditched Smoothwall for pfSense some years ago was that I would have had to build WiFi drivers for it myself. I don't know about xxWRT.
This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release?
My guess is "zip if no-one files a FreeBSD Problem Report". You can file a FreeBSD Problem Report at http://www.freebsd.org/send-pr.html
From what I gather, there's still the issue of 802.11n support in FreeBSD… :(
Coming, but Christmas will be here sooner!
-
Well this is a big step forward. :)
You have shown that the connection can work if both sides are talking the same encryption type.
Can you try WEP instead? Clearly it's not secure any more but since it's much older it's far more tested and likely to work.
If you deliberately put in a completely incorrect pass phrase does the Netgear log still show the same thing? I suspect that it never gets as far as actually checking the key if the encryption type doesn't match.
Maybe try configuring your laptop 'wrong' in various ways to see what errors are produced in the log. When you see the same error that pfSense is generating you will know what you have configured wrong that is producing it.
I would expect some errors in the pfSense logs that may give a clue. :-\Reading back through the thread it seems to me one of three things could be happening here:
1: The run(4) driver is fundamentally broken in some way that prevents it doing the correct encryption.
This seems unlikely since, even by FreeBSD standards, 3-4 years is quite old and I would expect to see many threads in the FreeBSD forums if it were the case.2: The pfSense webGUI is not correctly setting up the driver. This is more likely since, as Wallabybob said, almost everyone who uses wifi in pfSense uses hostap mode. It could be a new bug. This is relatively easy to test however by simply setting up the NIC from the CLI.
3: The encryption types are simply setup mismatched and it's not obvious from the two web interfaces that this is happening. This still seems the most likely to me. ;)
I notice fro your screenshot of the Netgear that it cannot do WPA-AES or WPA2-TKIP. It's possible pfSense is defaulting to one of those unless you have specifically told it not to.Steve
-
In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:
ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:11:f5:ee:41:8b inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11 inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:******** regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>Also what does your card show for it's capabilities:
[2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>Steve
-
In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:
ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:11:f5:ee:41:8b inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11 inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:******** regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>Also what does your card show for it's capabilities:
[2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>Steve
Here's cap list:
ifconfig run0_wlan0 list caps drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b<wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>And here are the logs: http://speedy.sh/7ugBP/logs.zip
Not sure which ones are relevant, system.log and dhcpd.log, I guess… anyway, I cp'd the whole /var/logs/ :/
EDIT:
Oh, here's the ifconfig output:
run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether 00:22:b0:6d:6a:df inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9 inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet DS/5.5Mbps mode 11g status: associated ssid LGM2 channel 2 (2417 MHz 11g) bssid 30:46:9a:1b:42:14 regdomain ETSI country SE outdoor authmode WPA2/802.11i privacy ON deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast>It's kind of interesting, in fact. Now that I powered pfSense off, and turned it on a bit later, the NIC seems to be associated and authenticated with the AP. It has it's own IP, but I cannot access the internet; ping and traceroute do not work.
-
Well I immediately see that your device is not capable of AES only AES_CCM. If the Netgear router is expecting AES it won't work. Try setting both ends to TKIP.
Looking at the logs now…Steve
Edit: You edited while I typed! Can you not even ping the router when it has acquired an IP?
-
FYI- When updating the wireless chapter of the book over the last few weeks I did configure and test acting as a wireless client, and it worked fine. (My only issue was a signal/antenna issue, namely that my test box didn't have one. Once I plugged one in, it worked ;-)
Some cards/drivers can be picky about AES vs TKIP and also Open System vs Shared Key, and also PSK vs EAP.
-
Was that with the run(4) driver Jim?
@B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.
-
No, all I have are ath(4) cards on hand at the moment, various 52xx and 59xx models. (And mwl(4) but I didn't test those recently)
-
Was that with the run(4) driver Jim?
@B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.
Try this, I packed it in .rar for you: http://speedy.sh/7ujcP/logs.rar
I have not tested pinging the router. The battery in my laptop is dead. I have to wait for charge. I will try asap.
-
I have a device that uses the run(4) driver here so plugged it in to see what was what. I'm seeing pretty much exactly the same as you.
[2.0.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA2/802.11i privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(2): ifconfig run0_wlan0 list caps drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b <wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>You can see it's trying to use TKIP although it's set to 'both' in the config. In the router I'm trying to connect to, which is also set to both encrytion types and wpa/wpa2, I am seeing:
Process=hostapd msg=ath1: STA f8:d1:11:******* WPA: EAPOL-Key timeoutHmm, I'll try some more combinations. If it does work I'll probablyget some hideous network loop! ::)
Steve
-
Hmm well that was interesting.
So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else. ::)Steve
-
Ok there's some bug here. With the wifi interface set to dhcp in the web gui I don't get an address. Yet:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(8): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0 dhclient: PREINIT DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5 DHCPOFFER from 192.168.111.1 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds. [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe inet 192.168.111.11 netmask 0xffffff00 broadcast 192.168.111.255 nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast>Steve
-
Hmm well that was interesting.
So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else. ::)Steve
Yeah, I was thinking that too previously. However, I am unsure if I am setting the subnet correctly.. /24 should be 255.255.255.0, I think.. but im unsure if that is what it should be even. Also, in the Static IPv4 Configuration should I set the NETGEAR gateway address(192.168.1.1) in the Gateway drop-down menu or the gateway for the pfSense (10.10.1.1) box?
Now, I tried switching to static IP and it dropped connection and is not regaining it. BTW, which are the proper Authentication and Key Management mode in my case? I noticed, by running ifconfig over and over again, that having them in Both the interface is switching mode all the time.
-
If the wifi is effectively your WAN connection then the gateway should be address of the Netgear router.
You should be able to leave Authentication set as 'both' although like it says it will only use 'Shared Key Authentication' if you are using WEP.
My access point doesn't supports EAP at all so I have it set to PSK for management mode.From the many combinations I have tested I have found that as long as your intrface is reporting 'status: associated' and is showing some encryption in use, TKIP or AES, then it should be working. At that point if you manually start the dhcp client it will work:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0 dhclient: PREINIT DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5 DHCPOFFER from 192.168.111.1 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds.However it won't come up at boot (or at least mine didn't) so it's probably easier to use static addressing as a work around.
Steve
-
Just to confirm this I have reset all the values in the pfSense wireless setup to 'both' and set the values in my router/access point back to their defaults. The behaviour is the same:
[2.0.1-RELEASE][root@pfSense.localdomain]/root(6): ifconfig run0_wlan0 run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 ether f8:d1:11:******** inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xd nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:******** regdomain ETSI country GB authmode WPA2/802.11i privacy ON deftxkey UNDEF TKIP 2:128-bit txpower 30 bmiss 7 scanvalid 60 protmode OFF roaming MANUAL [2.0.1-RELEASE][root@pfSense.localdomain]/root(7): dhclient run0_wlan0 dhclient: PREINIT DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.111.1 bound to 192.168.111.11 -- renewal in 14400 seconds.</performnud,accept_rtadv></up,broadcast,running,simplex,multicast>
-
I think I've heard of this DHCP issue before when using the wireless in client mode. I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it). No one else has attempted working on it (that I'm aware of).
As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area. This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them. As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.
-
Ok. I finally managed to get an IP doing it Steve's way, by setting a static IP of 192.168.1.9/24 (I think I was using the incorrect CIDR notation previously) and Netgear gateway on 192.168.1.1 then running dhclient manually in the ssh session.
There is still the issue of internet connectivity – I can ping the gateway fine in both in the web gui and ssh terminal, but I can ping outside the WLAN only through the web gui, and that is only after I enabled the DNS forwarder again...
When I attempt to ping google in ssh, I get "No route to host" message. I need to fix this.
This is certainly progress, but it is quite impractical. Today, I plan on acquiring a USB hub, so that I can connect a 2nd wifi adapter, my RT3070 card (Alfa awus036nh). I plan on using that card to connect to the Netgear and the RT2870 in host AP mode to extend the WLAN.
EDIT:
@Efonne:I think I've heard of this DHCP issue before when using the wireless in client mode. I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it). No one else has attempted working on it (that I'm aware of).
As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area. This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them. As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.
I gathered as much, the regional settings are only there to filter but in this case, when I set the correct regional settings (Europe ESTI) why does it still only show 1-11? My adapter's firmware should support at least up to 14, and I think it also supports the 5GHz channels too, actually.
-
Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.
You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
Edit: Unless you were referring to 802.11A of course! ;)My own card, a TP-Link TL_WN7200N, is seen as:
run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:******** run0: firmware RT2870 loadedWhat does your card list as it's channel capabilites from the CLI?
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11gMy NIC can't see 12 or 13 either under pfSense.
@Efonne If you are looking into this (should the urge come over you ;)) and need testers or logs etc, please ask.
Steve
-
Back to the original topic the reason we only have 11 channels is probably this:
http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052236.htmlI wonder how tough it would be to make run(4) setup the channel list correctly? Hmm…
Steve
-
Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.The Wifi is set as WAN. Yet, I cannot ping from the ssh session, only in the web gui and not all websites either.
I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.
You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
Edit: Unless you were referring to 802.11A of course! ;)My own card, a TP-Link TL_WN7200N, is seen as:
run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:******** run0: firmware RT2870 loadedWhat does your card list as it's channel capabilites from the CLI?
[2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11gMy NIC can't see 12 or 13 either under pfSense.
@Efonne If you are looking into this (should the urge come over you ;)) and need testers or logs etc, please ask.
Steve
My list is same as yours, it seems:
[2.1-BETA1][root@1212.bigcountry]/root(4): ifconfig run0_wlan0 list chans Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11g [2.1-BETA1][root@1212.bigcountry]/root(5): ifconfig run0_wlan0 list active Channel 1 : 2412 MHz 11g Channel 7 : 2442 MHz 11g Channel 2 : 2417 MHz 11g Channel 8 : 2447 MHz 11g Channel 3 : 2422 MHz 11g Channel 9 : 2452 MHz 11g Channel 4 : 2427 MHz 11g Channel 10 : 2457 MHz 11g Channel 5 : 2432 MHz 11g Channel 11 : 2462 MHz 11g Channel 6 : 2437 MHz 11gAlso, I can no longer associate. I have not changed anything in the Netgear device. I have tried setting the management mode to PSK, and doing all the different settings, what have you.. nothing. I am going to try using the RT3070. Hopefully, I will have same success as you.
EDIT:
The RT3070 does not work for me at all. Even after reboot, I am not even able to do
ifconfig run0_wlan0 scanInstead, I plugged RT2870 back and managed to associate by setting the proper subnet mask: 192.168.1.1/16
That's strange, because last time it was something different, iirc. So, I can ping and traceroute the Netgear gateway just fine but I still cannot ping/tracert outside the WLAN. Getting the cannot resolve host/no route to host messages. I am now trying to set up a static route in the Gateways > routes section, but pfSense seems to have crashed as a result.
