Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Channels beyond 11 not visible

    Wireless
    6
    41
    11317
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      b-vigilanT last edited by

      Hello!

      I have set up a USB Wifi adapter as the WAN interface and set it in Infrastructure (BSS) mode, while the built-in ethernet adapter is acting as the LAN interface, to which I plan to connect clients (potentially a hub). However, when I try to configure the WAN to act as a client on my existing WLAN, I am unable because the channel which the WLAN uses cannot be selected in the drop-down menu. Channels available are 1-11, the WLAN uses chan 13. :(

      Here's an illustration of the network:
      ISP → Modem/router WLAN (WPA2) →  old laptop (LAN) → users

      I have already set the country code as a european country, where these channels are used, but that does not add options to the channel menu. I also tried leaving it on “auto” but then it just started trying random channels within the 1-11 range.

      How do I fix this? I have read that the chipset is supported and it loads without problems.

      Old laptop sys specs:
      Pentium III (Coppermine), 900 MHz, 256 KB cache
      500MB RAM
      20.0GB HDD
      1x Ethernet port
      1x USB port
      (pfSense 2.0.1 i386)

      USB Wifi adapter: D-link DWA-140 (RT2870)

      Please, help! Thanks in advance!

      EDIT: Sorry! I accidentally posted this in the installation and upgrades. I am unsure, but I think this thread belongs in Wireless? Mods, please move it. Thank you.

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
        Can this adapter see 12 or 13 under a different OS?

        Steve

        1 Reply Last reply Reply Quote 0
        • B
          b-vigilanT last edited by

          @stephenw10:

          Some wifi chipsets are unable to go above 11 eventhough it would be legal to do so. Mostly this is because the us is the biggest market and its easier to restrict 12 and 13 (and 14) from everywhere than to write drivers/firmware to do it correctly.
          Can this adapter see 12 or 13 under a different OS?

          Steve

          Yes, I have used it with Windows and Linux. The RT2870 chipset is widely supported, one of the reasons for my purchase.

          1 Reply Last reply Reply Quote 0
          • C
            cmb last edited by

            The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.

            1 Reply Last reply Reply Quote 0
            • B
              b-vigilanT last edited by

              @cmb:

              The channels shown are those that the driver reports the card is capable of using. If that card definitely works on those other channels on other OSes, it's probably a driver problem. Upgrading to 2.1 may resolve.

              Interesting. I am having trouble locating v2.1, the main website only has v2.0.1, which I already downloaded. Has it been released? Is it possible to upgrade just the driver or do I have to do a full upgrade? Can a full upgrade be done through ssh?

              1 Reply Last reply Reply Quote 0
              • C
                cmb last edited by

                check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board

                1 Reply Last reply Reply Quote 0
                • B
                  b-vigilanT last edited by

                  @cmb:

                  check the 2.1 board here. Downloads at snapshots.pfsense.org. You can upgrade in place. Other details on the 2.1 board

                  Ok. I updated to the latest snapshot (pfSense-Full-Update-2.1-BETA1-i386-20121216-1746), however this did not solve my problem.. the card still only sees channels 1-11. :(
                  Any tips?

                  EDIT: Here's output from dmesg. Maybe this can clarify something:

                  $ dmesg ; uname -a
                  Copyright (c) 1992-2010 The FreeBSD Project.
                  Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
                  	The Regents of the University of California. All rights reserved.
                  FreeBSD is a registered trademark of The FreeBSD Foundation.
                  FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 17:53:00 EST 2011
                      root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
                  Timecounter "i8254" frequency 1193182 Hz quality 0
                  CPU: Intel Pentium III (896.11-MHz 686-class CPU)
                    Origin = "GenuineIntel"  Id = 0x68a  Family = 6  Model = 8  Stepping = 10
                    Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory  = 536870912 (512 MB)
                  avail memory = 501624832 (478 MB)
                  netisr_init: forcing maxthreads to 1 and bindthreads to 0 for device polling
                  wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/.
                  wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (wpi_fw, 0xc0988300, 0) error 1
                  ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_bss_fw, 0xc0789340, 0) error 1
                  ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07893e0, 0) error 1
                  ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc0789480, 0) error 1
                  wlan: mac acl policy registered
                  kbd1 at kbdmux0
                  cryptosoft0: <software crypto=""> on motherboard
                  padlock0: No ACE support.
                  acpi0: <ptltd  ="" rsdt=""> on motherboard
                  acpi0: [ITHREAD]
                  acpi0: Power Button (fixed)
                  acpi0: reservation of 0, a0000 (3) failed
                  acpi0: reservation of 100000, 1ff00000 (3) failed
                  Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
                  acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
                  cpu0: <acpi cpu=""> on acpi0
                  acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0
                  acpi_lid0: <control method="" lid="" switch=""> on acpi0
                  acpi_button0: <sleep button=""> on acpi0
                  pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0
                  pci0: <acpi pci="" bus=""> on pcib0
                  agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0
                  pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0
                  pci1: <acpi pci="" bus=""> on pcib1
                  vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1
                  cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0
                  cardbus0: <cardbus bus=""> on cbb0
                  pccard0: <16-bit PCCard bus> on cbb0
                  cbb0: [FILTER]
                  cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0
                  cardbus1: <cardbus bus=""> on cbb1
                  pccard1: <16-bit PCCard bus> on cbb1
                  cbb1: [FILTER]
                  fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0
                  miibus0: <mii bus=""> on fxp0
                  inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0
                  inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
                  fxp0: [ITHREAD]
                  pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached)
                  pci0: <multimedia, audio=""> at device 5.0 (no driver attached)
                  isab0: <pci-isa bridge=""> at device 7.0 on pci0
                  isa0: <isa bus=""> on isab0
                  atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0
                  ata0: <ata 0="" channel=""> on atapci0
                  ata0: [ITHREAD]
                  ata1: <ata 1="" channel=""> on atapci0
                  ata1: [ITHREAD]
                  uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0
                  uhci0: [ITHREAD]
                  usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0
                  pci0: <bridge> at device 7.3 (no driver attached)
                  acpi_tz0: <thermal zone=""> on acpi0
                  atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0
                  atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0
                  atkbd0: <at keyboard=""> irq 1 on atkbdc0
                  kbd0 at atkbd0
                  atkbd0: [GIANT-LOCKED]
                  atkbd0: [ITHREAD]
                  psm0: <ps 2="" mouse=""> irq 12 on atkbdc0
                  psm0: [GIANT-LOCKED]
                  psm0: [ITHREAD]
                  psm0: model Generic PS/2 mouse, device ID 0
                  ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0
                  ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
                  ppc0: [ITHREAD]
                  ppbus0: <parallel port="" bus=""> on ppc0
                  plip0: <plip network="" interface=""> on ppbus0
                  plip0: [ITHREAD]
                  lpt0: <printer> on ppbus0
                  lpt0: [ITHREAD]
                  lpt0: Interrupt-driven port
                  ppi0: <parallel i="" o=""> on ppbus0
                  battery0: <acpi control="" method="" battery=""> on acpi0
                  acpi_acad0: <ac adapter=""> on acpi0
                  pmtimer0 on isa0
                  orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0
                  sc0: <system console=""> at flags 0x100 on isa0
                  sc0: VGA <16 virtual consoles, flags=0x300>
                  vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
                  acpi_throttle0: <acpi cpu="" throttling=""> on cpu0
                  smist0: <speedstep smi=""> on cpu0
                  Timecounter "TSC" frequency 896108961 Hz quality 800
                  Timecounters tick every 1.000 msec
                  IPsec: Initialized Security Association Processing.
                  usbus0: 12Mbps Full Speed USB v1.0
                  ugen0.1: <intel> at usbus0
                  uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
                  ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 
                  acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 
                  Root mount waiting for: usbus0
                  uhub0: 2 ports with 2 removable, self powered
                  Root mount waiting for: usbus0
                  ugen0.2: <ralink> at usbus0
                  run0: <1.0> on usbus0
                  run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  run0: firmware RT2870 loaded
                  Trying to mount root from ufs:/dev/ad0s1a
                  pflog0: promiscuous mode enabled
                  fxp0: link state changed to UP
                  pflog0: promiscuous mode disabled
                  Waiting (max 60 seconds) for system process `vnlru' to stop...done
                  Waiting (max 60 seconds) for system process `syncer' to stop...
                  Syncing disks, vnodes remaining...0 0 0 done
                  Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
                  All buffers synced.
                  Uptime: 1h7m6s
                  Rebooting...
                  Copyright (c) 1992-2012 The FreeBSD Project.
                  Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
                  	The Regents of the University of California. All rights reserved.
                  FreeBSD is a registered trademark of The FreeBSD Foundation.
                  FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012
                      root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
                  Timecounter "i8254" frequency 1193182 Hz quality 0
                  CPU: Intel Pentium III (896.11-MHz 686-class CPU)
                    Origin = "GenuineIntel"  Id = 0x68a  Family = 6  Model = 8  Stepping = 10
                    Features=0x383f9ff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>real memory  = 536870912 (512 MB)
                  avail memory = 501600256 (478 MB)
                  wlan: mac acl policy registered
                  ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07b98b0, 0) error 1
                  ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07b9950, 0) error 1
                  ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
                  ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
                  module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc07b99f0, 0) error 1
                  kbd1 at kbdmux0
                  cryptosoft0: <software crypto=""> on motherboard
                  padlock0: No ACE support.
                  acpi0: <ptltd  ="" rsdt=""> on motherboard
                  acpi0: [ITHREAD]
                  acpi0: Power Button (fixed)
                  acpi0: reservation of 0, a0000 (3) failed
                  acpi0: reservation of 100000, 1ff00000 (3) failed
                  Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
                  acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
                  cpu0: <acpi cpu=""> on acpi0
                  acpi_ec0: <embedded controller:="" gpe="" 0x9,="" glk=""> port 0x62,0x66 on acpi0
                  acpi_lid0: <control method="" lid="" switch=""> on acpi0
                  acpi_button0: <sleep button=""> on acpi0
                  pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0
                  pci0: <acpi pci="" bus=""> on pcib0
                  agp0: <intel 82443bx="" (440="" bx)="" host="" to="" pci="" bridge=""> on hostb0
                  pcib1: <acpi pci-pci="" bridge=""> at device 1.0 on pci0
                  pci1: <acpi pci="" bus=""> on pcib1
                  vgapci0: <vga-compatible display=""> mem 0xf0000000-0xf7ffffff irq 11 at device 0.0 on pci1
                  cbb0: <ti1450 pci-cardbus="" bridge=""> mem 0x50000000-0x50000fff irq 11 at device 2.0 on pci0
                  cardbus0: <cardbus bus=""> on cbb0
                  pccard0: <16-bit PCCard bus> on cbb0
                  cbb0: [FILTER]
                  cbb1: <ti1450 pci-cardbus="" bridge=""> mem 0x50100000-0x50100fff irq 11 at device 2.1 on pci0
                  cardbus1: <cardbus bus=""> on cbb1
                  pccard1: <16-bit PCCard bus> on cbb1
                  cbb1: [FILTER]
                  fxp0: <intel 100="" 82550="" pro="" ethernet=""> port 0x1800-0x183f mem 0xe8120000-0xe8120fff,0xe8100000-0xe811ffff irq 11 at device 3.0 on pci0
                  miibus0: <mii bus=""> on fxp0
                  inphy0: <i82555 10="" 100="" media="" interface=""> PHY 1 on miibus0
                  inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow
                  fxp0: [ITHREAD]
                  pci0: <simple comms,="" uart=""> at device 3.1 (no driver attached)
                  pci0: <multimedia, audio=""> at device 5.0 (no driver attached)
                  isab0: <pci-isa bridge=""> at device 7.0 on pci0
                  isa0: <isa bus=""> on isab0
                  atapci0: <intel piix4="" udma33="" controller=""> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1850-0x185f at device 7.1 on pci0
                  ata0: <ata channel=""> at channel 0 on atapci0
                  ata0: [ITHREAD]
                  ata1: <ata channel=""> at channel 1 on atapci0
                  ata1: [ITHREAD]
                  uhci0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> port 0x1860-0x187f irq 11 at device 7.2 on pci0
                  uhci0: [ITHREAD]
                  usbus0: <intel 82371ab="" eb="" (piix4)="" usb="" controller=""> on uhci0
                  pci0: <bridge> at device 7.3 (no driver attached)
                  acpi_tz0: <thermal zone=""> on acpi0
                  atrtc0: <at realtime="" clock=""> port 0x70-0x73 irq 8 on acpi0
                  atkbdc0: <keyboard controller="" (i8042)=""> port 0x60,0x64 irq 1 on acpi0
                  atkbd0: <at keyboard=""> irq 1 on atkbdc0
                  kbd0 at atkbd0
                  atkbd0: [GIANT-LOCKED]
                  atkbd0: [ITHREAD]
                  psm0: <ps 2="" mouse=""> irq 12 on atkbdc0
                  psm0: [GIANT-LOCKED]
                  psm0: [ITHREAD]
                  psm0: model Generic PS/2 mouse, device ID 0
                  ppc0: <parallel port=""> port 0x3bc-0x3bf irq 7 on acpi0
                  ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
                  ppc0: [ITHREAD]
                  ppbus0: <parallel port="" bus=""> on ppc0
                  plip0: <plip network="" interface=""> on ppbus0
                  plip0: [ITHREAD]
                  lpt0: <printer> on ppbus0
                  lpt0: [ITHREAD]
                  lpt0: Interrupt-driven port
                  ppi0: <parallel i="" o=""> on ppbus0
                  battery0: <acpi control="" method="" battery=""> on acpi0
                  acpi_acad0: <ac adapter=""> on acpi0
                  pmtimer0 on isa0
                  orm0: <isa option="" roms=""> at iomem 0xc0000-0xcbfff,0xcc000-0xcd7ff,0xdc000-0xdffff,0xe0000-0xeffff pnpid ORM0000 on isa0
                  sc0: <system console=""> at flags 0x100 on isa0
                  sc0: VGA <16 virtual consoles, flags=0x300>
                  vga0: <generic isa="" vga=""> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
                  acpi_throttle0: <acpi cpu="" throttling=""> on cpu0
                  smist0: <speedstep smi=""> on cpu0
                  Timecounter "TSC" frequency 896110190 Hz quality 800
                  Timecounters tick every 1.000 msec
                  IPsec: Initialized Security Association Processing.
                  usbus0: 12Mbps Full Speed USB v1.0
                  ugen0.1: <intel> at usbus0
                  uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr=""> on usbus0
                  ad0: 19077MB <ibm djsa-220="" js4iac6a=""> at ata0-master UDMA33 
                  acd0: DVDROM <toshiba 1115="" dvd-rom="" sd-c2512=""> at ata1-master UDMA33 
                  Root mount waiting for: usbus0
                  uhub0: 2 ports with 2 removable, self powered
                  Root mount waiting for: usbus0
                  ugen0.2: <ralink> at usbus0
                  run0: <1.0> on usbus0
                  run0: MAC/BBP RT2872 (rev 0x0202), RF RT2820 (MIMO 2T2R), address 00:22:b0:6d:6a:df
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  Root mount waiting for: usbus0
                  run0: firmware RT2870 loaded
                  Trying to mount root from ufs:/dev/ad0s1a
                  pflog0: promiscuous mode enabled
                  fxp0: link state changed to UP
                  pflog0: promiscuous mode disabled
                  pflog0: promiscuous mode enabled
                  fxp0: link state changed to DOWN
                  fxp0: link state changed to UP
                  FreeBSD 1212.bigcountry 8.3-RELEASE-p5 FreeBSD 8.3-RELEASE-p5 #1: Sun Dec 16 18:13:48 EST 2012     root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8  i386</ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse></ralink></toshiba></ibm></intel></intel></speedstep></acpi></generic></system></isa></ac></acpi></parallel></printer></plip></parallel></parallel></ps></at></keyboard></at></thermal></bridge></intel></intel></ata></ata></intel></isa></pci-isa></multimedia,></simple></i82555></mii></intel></cardbus></ti1450></cardbus></ti1450></vga-compatible></acpi></acpi></intel></acpi></acpi></sleep></control></embedded></acpi></ptltd></software></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse>
                  

                  EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…

                  1 Reply Last reply Reply Quote 0
                  • W
                    wallabybob last edited by

                    @b-vigilanT:

                    EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…

                    I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.

                    I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?

                    Please post the output of the pfSense shell command```

                    ifconfig run0

                    1 Reply Last reply Reply Quote 0
                    • B
                      b-vigilanT last edited by

                      @wallabybob:

                      @b-vigilanT:

                      EDIT2: Now, I have tried to set the AP, to which I am trying to connect, to a channel that is visible to my WLAN-adapter, the DWA-140 sporting a RT2870 chipset. Not even then does it connect. WHat is wrong? Help! I have a hard time believing that this chipset is completely unsupported under FreeBSD…

                      I have a Tenda W31U (RT2870 or equivalent chipset) and it works fine on all the pfSense 2.1 snapshot builds I have tried.

                      I suggest you go to Status -> Wireless, see if your AP is reported and if not, click on Rescan and see if anything changes. Maybe your AP needs to be "poked" (e.g. rebooted) for the configuration change to take effect?

                      Please post the output of the pfSense shell command```

                      ifconfig run0

                      Yes, from everything I have read, this chipset should work indeed.. and it is recognized at start, so I don't know what is wrong. Could it be that the laptop I have it installed on  is simply too old? But that would be strange, since everything is going through USB…

                      Also, I saw that it had "carrier" briefly(upwards green arrow) on the dashboard, but then it disappeared. In the logs on the WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . .  "
                      This is really bizarre.

                      Here's the output from ifconfig:

                      fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500                                
                              options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:03:47:b8:d8:8b                                                                           
                              inet 10.10.1.1 netmask 0xffffff00 broadcast 10.10.1.255                                           
                              inet6 fe80::203:47ff:feb8:d88b%fxp0 prefixlen 64 scopeid 0x1                                      
                              nd6 options=1 <performnud>media: Ethernet autoselect (100baseTX <full-duplex>)                                              
                              status: active                                                                                    
                      plip0: flags=8810 <pointopoint,simplex,multicast>metric 0 mtu 1500                                        
                      enc0: flags=0<> metric 0 mtu 1536                                                                         
                      pfsync0: flags=0<> metric 0 mtu 1460                                                                      
                              syncpeer: 224.0.0.240 maxupd: 128 syncok: 1                                                       
                      lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384                                         
                              options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000                                                                 
                              inet6 ::1 prefixlen 128                                                                           
                              inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6                                                        
                              nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33200                                                             
                      run0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 2290                                
                              ether 00:22:b0:6d:6a:df                                                                           
                              media: IEEE 802.11 Wireless Ethernet autoselect mode 11g                                          
                              status: associated
                      run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500                          
                              ether 00:22:b0:6d:6a:df                                                                           
                              inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9                                
                              nd6 options=1 <performnud>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g                                          
                              status: no carrier                                                                                
                              ssid MeMM channel 2 (2417 MHz 11g)                                                                
                              regdomain ETSI country SE authmode WPA1+WPA2/802.11i privacy ON                                   
                              deftxkey UNDEF txpower 30 bmiss 7 scanvalid 60 protmode OFF                                       
                              roaming MANUAL</performnud></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></pointopoint,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,simplex,multicast>
                      

                      And here's scan output (ifconfig run0_wlan0 scan) results:

                      SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS                                           
                      MeMM            30:46:9a:1b:42:14    2   54M -32:-62  100 EPS  RSN WPA WME HTCAP ATH WPS                  
                      
                      1 Reply Last reply Reply Quote 0
                      • W
                        wallabybob last edited by

                        @b-vigilanT:

                        WLAN router (a NETGEAR WNDR3700) there's a message "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Tuesday, December 18,2012 . . .  "

                        That is the MAC address of your pfSense WiFi dongle.

                        The message on the Netgear suggests an incompatibility in security settings. I suggest you carefully compare the two sets of settings. I would be happy to comment further if you posted them here (e.g. screenshots.)

                        1 Reply Last reply Reply Quote 0
                        • B
                          b-vigilanT last edited by

                          Yeah, of course.

                          http://i.imgur.com/1ttW4.png
                          http://i.imgur.com/um2mF.png
                          http://i.imgur.com/YkMAb.png

                          EDIT:
                          P.S
                          Just in case: Im not running pfSense in a vm. I just used it to connect to it.

                          1 Reply Last reply Reply Quote 0
                          • W
                            wallabybob last edited by

                            On pfSense I suggest you change the WPA Pairwise parameter from Both to AES to match what you have set in the Netgear.

                            1 Reply Last reply Reply Quote 0
                            • stephenw10
                              stephenw10 Netgate Administrator last edited by

                              One thing I have found in the past is that the algorithm used to generate the key from the 'pass phrase' is not always the same across different devices/manufacturers. Such that although you have entered the same pass phrase on each it results in different keys and hence no access. This seems particularly true when it comes to upper and lower case letters. Some are case sensitive others are not. For example on my iphone I almost always have to enter a pass phrase using all capital letters but do not on my laptop.
                              You have, quite correctly, smudged your pass phrase from the screen shots but I can see the first letter is upper case. I suggest you change the key to have only lower case letters (or only upper case) if Wallabybobs suggestion above doesn't work.

                              Also from a more general point of view when setting up a new wifi connection, especially if it's at all unusual, I always start out with the simplest possible setup and then add complexity as I go. In this case I would have first tested un-encrypted.

                              Steve

                              1 Reply Last reply Reply Quote 0
                              • jimp
                                jimp Rebel Alliance Developer Netgate last edited by

                                If you expect to see channels above 11, make sure you set the appropriate regulatory domain, country, etc. Not all channels are available in all regions, so the driver limits what it shows based on where those channels are allowed.

                                1 Reply Last reply Reply Quote 0
                                • B
                                  b-vigilanT last edited by

                                  Ok, guys.. this is really strange behavior and I am feeling quite depressed about it all. I have tried all the things you wrote, I set the security to only AES, I specified the regulatory domain and all the options in that area, I even tried to invert the password case (ie. uppercase -> lowercase, lowercase->uppercase). I just wont budge. In the logs I can still read that the "[WLAN access rejected: incorrect security] from MAC address 00:22:b0:6d:6a:df, Wednesday, December 19,2012 01:44:13"

                                  I tried setting a reserved IP for the card and mac address in the Netgear router. When I did that, pfSense reported that the interface was associated and that the "Media" is OFDM/36mbps mode 11g (what is that?). I tried to ping, nothing happens.

                                  I even changed the SSID, hoping for soemthing.

                                  So, then I removed the RT2870 card from the pfSense box, attach it to my linux laptop, try to connect to the AP with same settings as in pfSense. Lo and behold, I have internet. What the hell? In fact, I am posting this very message from my linux laptop now.

                                  EDIT:

                                  Some screens of the interfaces page showing the NIC is associated, but not getting an IP.
                                  I have also tried doing this with the RT3070 (Alfa AWUS036NH) card I have, but that had even worse results than RT2870 if you can believe it.. and I did a reboot before I tried setting it up.

                                  I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?




                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10
                                    stephenw10 Netgate Administrator last edited by

                                    As a test you should try with no encryption. It may be some underlying cause that isn't obvious.
                                    You could try a WPA pass phrase that is all numbers, that way it's not possible to get a case error. It's also usually possible to enter the key in hex directly. I have had equipment that required that, though not for a number of years now.

                                    That log entry does seem to imply they just aren't using the same encryption type. Any logs from pfSense?

                                    Steve

                                    1 Reply Last reply Reply Quote 0
                                    • W
                                      wallabybob last edited by

                                      Based on a fairly limited experience I have formed the suspicion that WiFi interfaces in Infrastructure mode re rather less well tested than the devices in AP mode.

                                      Can you switch the pfSense to AP mode and the Netgear to Infrastructure mode, even for a short period to see what happens?

                                      1 Reply Last reply Reply Quote 0
                                      • B
                                        b-vigilanT last edited by

                                        Well, I am not sure the NETGEAR is able to go into BSS mode, the device is from the ISP, so I don't want to mess with that too much, to be honest.

                                        Setting the RT2870 in AP mode appears to be working just fine. It is broadcasting and all; I tried having it with and without encryption and was able to connect in both situations. I did not manage to access the webconfiguration page from the wireless connection, however. Maybe I forgot to do some settings…

                                        Then I finally tried to have NETGEAR unencrypted, and to my big surprise I was able to connect to it and have an IP address assignet to RT2870! However, I  was not able to go on the internet, save for pinging google and pfsense.org and some other choice websites, I was not able to do anything. Not even traceroute. Something was curious, though. In the list of DNS servers 127.0.0.1 was present. I knew I had not put it there, so this must have been pfSense's doing. This lead me to notice that the DNS Forwarding service was enabled and was preventing communication to the internet. I disabled that, and was able to browse the internet! Amazing! I managed to download the latest BETA1 snapshot through the auto-update utility and update pfSense to have the current snapshot.

                                        This is all great, but it does not really help me as I cannot have NETGEAR unsecured. That would be a trade-off I am not willing to do. :( And now that I have enabled security on NETGEAR, it is same old again. Why?

                                        1 Reply Last reply Reply Quote 0
                                        • W
                                          wallabybob last edited by

                                          @b-vigilanT:

                                          I am now considering acquiring an Atheros NIC, namely the TL-WN722N which has the AR9002U chipset. Could this solve the problem?

                                          A quick search hasn't provided any evidence that device is supported.

                                          I suspect the chipsets you have tried are the only "newish" USB chipsets supported.

                                          The only other likely expansion slot on a laptop of that vintage is PCMCIA/Cardbus, but, in my limited experience, Cardbus support in FreeBSD is highly dependent on the BIOS corrctly initialising the Cardbus bridge and Windows doesn't seem to require that.

                                          Fruitful field for you for research!

                                          If you don't run want to run the risk of spending lots of hours and still not getting that configuration working I suggest you try to pick up a cheap second hand desktop or small server PC where your connectivity options will be considerably greater: an ability to add extra NICs to support a external wireless router/bridge and a greater range of supported PCI/PCI-e devices if you prefer to have the wireless NIC in pfSense.

                                          It is experiences such as you have recounted that form the basis of my suspicion that WiFi interfaces in Infrastructure mode are rather less well tested on FreeBSD than the devices in AP mode.

                                          If you want to persevere with the laptop AND it has PCMCIA slots you could go looking on eBay for Cardbus/PCMCIA wireless NICs with Atheros chipset or Ralink RT2560 or RT2561 but … If you want to explore that option further I'll make some further suggestions.

                                          I

                                          1 Reply Last reply Reply Quote 0
                                          • B
                                            b-vigilanT last edited by

                                            Well, I wouldn't call the RT2870 new. I bought it 3 or 4 years ago, iirc.

                                            I haven't looked, but I think the laptop has a pcmcia slot. Though, like you said, it is most likely a hassle to deal with. A fruitful field I rather leave unexplored.

                                            I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.

                                            Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support. This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release? From what I gather, there's still the issue of 802.11n support in FreeBSD… :(

                                            1 Reply Last reply Reply Quote 0
                                            • W
                                              wallabybob last edited by

                                              @b-vigilanT:

                                              I just cant get my head around why it would not connect because the network is encrypted. That's really.. strange. Well, my other choice would be to use an old PC I have standing around, but I want to avoid that as I am trying to keep unnecessary power-consumption at a minimum.

                                              My Linux netbook came with a VIA mini-PCI-E (USB) WiFi adapter. It worked fine with my then pfSense. After a Linux upgrade the WiFi stopped working and wouldn't work again until I changed the WPA Pairwise setting on my pfSense from Both to AES. (TKIP wouldn't work.) On upgrade to Ubuntu 12.04 the WiFi adapter was "unsupported" and was unrecognised. I bought an Intel mini-PCI-E WiFi adapter on eBay for a few dollars and it has worked fine for about the last 6 months.

                                              I am recounting this to show that bizarre WiFi encryption behaviour is not exclusive to FreeBSD.

                                              @b-vigilanT:

                                              Currently, I am looking at trying DD-WRT or OpenWRT or some other Linux-based solution because it looks like Linux has better driver support.

                                              One of the reasons I ditched Smoothwall for pfSense some years ago was that I would have had to build WiFi drivers for it myself. I don't know about xxWRT.

                                              @b-vigilanT:

                                              This is sad, because I think pfSense has a great list of features and capabilities. What are the chances this will be fixed in an upcoming release?

                                              My guess is "zip if no-one files a FreeBSD Problem Report". You can file a FreeBSD Problem Report at http://www.freebsd.org/send-pr.html

                                              @b-vigilanT:

                                              From what I gather, there's still the issue of 802.11n support in FreeBSD… :(

                                              Coming, but Christmas will be here sooner!

                                              1 Reply Last reply Reply Quote 0
                                              • stephenw10
                                                stephenw10 Netgate Administrator last edited by

                                                Well this is a big step forward.  :)
                                                You have shown that the connection can work if both sides are talking the same encryption type.
                                                Can you try WEP instead? Clearly it's not secure any more but since it's much older it's far more tested and likely to work.
                                                If you deliberately put in a completely incorrect pass phrase does the Netgear log still show the same thing? I suspect that it never gets as far as actually checking the key if the encryption type doesn't match.
                                                Maybe try configuring your laptop 'wrong' in various ways to see what errors are produced in the log. When you see the same error that pfSense is generating you will know what you have configured wrong that is producing it.
                                                I would expect some errors in the pfSense logs that may give a clue.  :-\

                                                Reading back through the thread it seems to me one of three things could be happening here:
                                                1: The run(4) driver is fundamentally broken in some way that prevents it doing the correct encryption.
                                                This seems unlikely since, even by FreeBSD standards, 3-4 years is quite old and I would expect to see many threads in the FreeBSD forums if it were the case.

                                                2: The pfSense webGUI is not correctly setting up the driver. This is more likely since, as Wallabybob said, almost everyone who uses wifi in pfSense uses hostap mode. It could be a new bug. This is relatively easy to test however by simply setting up the NIC from the CLI.

                                                3: The encryption types are simply setup mismatched and it's not obvious from the two web interfaces that this is happening. This still seems the most likely to me.  ;)
                                                I notice fro your screenshot of the Netgear that it cannot do WPA-AES or WPA2-TKIP. It's possible pfSense is defaulting to one of those unless you have specifically told it not to.

                                                Steve

                                                1 Reply Last reply Reply Quote 0
                                                • stephenw10
                                                  stephenw10 Netgate Administrator last edited by

                                                  In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:

                                                  ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                          ether 00:11:f5:ee:41:8b
                                                          inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11
                                                          inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
                                                          nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
                                                          ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:********
                                                          regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i
                                                          privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit
                                                          txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                  

                                                  Also what does your card show for it's capabilities:

                                                  [2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps
                                                  drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag> 
                                                  

                                                  Steve

                                                  1 Reply Last reply Reply Quote 0
                                                  • B
                                                    b-vigilanT last edited by

                                                    @stephenw10:

                                                    In your previous ifconfig I see no mention of AES or any other encryption type. Where as my home box with it's ath0 card set as hostap:

                                                    ath0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                            ether 00:11:f5:ee:41:8b
                                                            inet6 fe80::211:f5ff:feee:418b%ath0_wlan0 prefixlen 64 scopeid 0x11
                                                            inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
                                                            nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: running
                                                            ssid ******** channel 8 (2447 MHz 11g) bssid 00:11:f5:********
                                                            regdomain ETSI country GB indoor ecm authmode WPA1+WPA2/802.11i
                                                            privacy MIXED deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit
                                                            txpower 30 scanvalid 60 protmode OFF burst dtimperiod 1 -dfs</hostap></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                    

                                                    Also what does your card show for it's capabilities:

                                                    [2.0.1-RELEASE][root@pfsense.fire.box]/root(13): ifconfig ath0_wlan0 list caps
                                                    drivercaps=6f85ed01 <sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag>cryptocaps=1f <wep,tkip,aes,aes_ccm,tkipmic></wep,tkip,aes,aes_ccm,tkipmic></sta,ibss,hostap,ahdemo,txpmgt,shslot,shpreamble,monitor,mbss,wpa1,wpa2,burst,wme,wds,bgscan,txfrag> 
                                                    

                                                    Steve

                                                    Here's cap list:

                                                     ifconfig run0_wlan0 list caps                                                 
                                                    drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b<wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>
                                                    

                                                    And here are the logs: http://speedy.sh/7ugBP/logs.zip

                                                    Not sure which ones are relevant, system.log and dhcpd.log, I guess… anyway, I cp'd the whole /var/logs/ :/

                                                    EDIT:

                                                    Oh, here's the ifconfig output:

                                                    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                    	ether 00:22:b0:6d:6a:df
                                                    	inet6 fe80::222:b0ff:fe6d:6adf%run0_wlan0 prefixlen 64 scopeid 0x9 
                                                    	inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255
                                                    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet DS/5.5Mbps mode 11g
                                                    	status: associated
                                                    	ssid LGM2 channel 2 (2417 MHz 11g) bssid 30:46:9a:1b:42:14
                                                    	regdomain ETSI country SE outdoor authmode WPA2/802.11i privacy ON
                                                    	deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 7
                                                    	scanvalid 60 protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                    

                                                    It's kind of interesting, in fact. Now that I powered pfSense off, and turned it on a bit later, the NIC seems to be associated and authenticated with the AP. It has it's own IP, but I cannot access the internet; ping and traceroute do not work.

                                                    1 Reply Last reply Reply Quote 0
                                                    • stephenw10
                                                      stephenw10 Netgate Administrator last edited by

                                                      Well I immediately see that your device is not capable of AES only AES_CCM. If the Netgear router is expecting AES it won't work. Try setting both ends to TKIP.
                                                      Looking at the logs now…

                                                      Steve

                                                      Edit: You edited while I typed! Can you not even ping the router when it has acquired an IP?

                                                      1 Reply Last reply Reply Quote 0
                                                      • jimp
                                                        jimp Rebel Alliance Developer Netgate last edited by

                                                        FYI- When updating the wireless chapter of the book over the last few weeks I did configure and test acting as a wireless client, and it worked fine. (My only issue was a signal/antenna issue, namely that my test box didn't have one. Once I plugged one in, it worked ;-)

                                                        Some cards/drivers can be picky about AES vs TKIP and also Open System vs Shared Key, and also PSK vs EAP.

                                                        1 Reply Last reply Reply Quote 0
                                                        • stephenw10
                                                          stephenw10 Netgate Administrator last edited by

                                                          Was that with the run(4) driver Jim?

                                                          @B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.

                                                          1 Reply Last reply Reply Quote 0
                                                          • jimp
                                                            jimp Rebel Alliance Developer Netgate last edited by

                                                            No, all I have are ath(4) cards on hand at the moment, various 52xx and 59xx models. (And mwl(4) but I didn't test those recently)

                                                            1 Reply Last reply Reply Quote 0
                                                            • B
                                                              b-vigilanT last edited by

                                                              @stephenw10:

                                                              Was that with the run(4) driver Jim?

                                                              @B-vigilanT: Hmm, the zip file with the logs in it won't open on my Linux laptop.

                                                              Try this, I packed it in .rar for you: http://speedy.sh/7ujcP/logs.rar

                                                              I have not tested pinging the router. The battery in my laptop is dead. I have to wait for charge. I will try asap.

                                                              1 Reply Last reply Reply Quote 0
                                                              • stephenw10
                                                                stephenw10 Netgate Administrator last edited by

                                                                I have a device that uses the run(4) driver here so plugged it in to see what was what. I'm seeing pretty much exactly the same as you.

                                                                
                                                                [2.0.1-RELEASE][root@pfSense.localdomain]/root(1): ifconfig run0_wlan0
                                                                run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                                	ether f8:d1:11:********
                                                                	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
                                                                	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
                                                                	status: associated
                                                                	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
                                                                	regdomain ETSI country GB authmode WPA2/802.11i privacy ON
                                                                	deftxkey UNDEF TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7
                                                                	scanvalid 60 protmode OFF roaming MANUAL
                                                                [2.0.1-RELEASE][root@pfSense.localdomain]/root(2): ifconfig run0_wlan0 list caps
                                                                drivercaps=d85c501 <sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds>cryptocaps=1b <wep,tkip,aes_ccm,tkipmic></wep,tkip,aes_ccm,tkipmic></sta,ibss,hostap,shslot,shpreamble,monitor,mbss,wpa1,wpa2,wme,wds></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                                

                                                                You can see it's trying to use TKIP although it's set to 'both' in the config. In the router I'm trying to connect to, which is also set to both encrytion types and wpa/wpa2, I am seeing:

                                                                Process=hostapd  msg=ath1: STA f8:d1:11:******* WPA: EAPOL-Key timeout
                                                                

                                                                Hmm, I'll try some more combinations. If it does work I'll probablyget some hideous network loop!  ::)

                                                                Steve

                                                                1 Reply Last reply Reply Quote 0
                                                                • stephenw10
                                                                  stephenw10 Netgate Administrator last edited by

                                                                  Hmm well that was interesting.
                                                                  So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
                                                                  The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else.  ::)

                                                                  Steve

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • stephenw10
                                                                    stephenw10 Netgate Administrator last edited by

                                                                    Ok there's some bug here. With the wifi interface set to dhcp in the web gui I don't get an address. Yet:

                                                                    [2.0.1-RELEASE][root@pfSense.localdomain]/root(8): ifconfig run0_wlan0
                                                                    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                                    	ether f8:d1:11:********
                                                                    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
                                                                    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
                                                                    	status: associated
                                                                    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
                                                                    	regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF
                                                                    	TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60
                                                                    	protmode OFF roaming MANUAL
                                                                    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0
                                                                    dhclient: PREINIT
                                                                    DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
                                                                    DHCPOFFER from 192.168.111.1
                                                                    DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
                                                                    DHCPACK from 192.168.111.1
                                                                    bound to 192.168.111.11 -- renewal in 14400 seconds.
                                                                    [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0
                                                                    run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                                    	ether f8:d1:11:********
                                                                    	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xe 
                                                                    	inet 192.168.111.11 netmask 0xffffff00 broadcast 192.168.111.255
                                                                    	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
                                                                    	status: associated
                                                                    	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
                                                                    	regdomain ETSI country GB authmode WPA privacy ON deftxkey UNDEF
                                                                    	TKIP 2:128-bit TKIP 3:128-bit txpower 30 bmiss 7 scanvalid 60
                                                                    	protmode OFF roaming MANUAL</performnud,accept_rtadv></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                                    

                                                                    Steve

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • B
                                                                      b-vigilanT last edited by

                                                                      @stephenw10:

                                                                      Hmm well that was interesting.
                                                                      So I have it working by simply using a static IP instead of relying on DHCP. No idea why that worked, presumably DHCP is being blocked somewhere.
                                                                      The run driver seems to ignore the WPA/WPA2 selection in the GUI or at least it can choose to use something else.  ::)

                                                                      Steve

                                                                      Yeah, I was thinking that too previously. However, I am unsure if I am setting the subnet correctly.. /24 should be 255.255.255.0, I think.. but im unsure if that is what it should be even. Also, in the Static IPv4 Configuration should I set the NETGEAR gateway address(192.168.1.1) in the Gateway drop-down menu or the gateway for the pfSense (10.10.1.1) box?

                                                                      Now, I tried switching to static IP and it dropped connection and is not regaining it. BTW, which are the proper Authentication and Key Management mode in my case? I noticed, by running ifconfig over and over again, that having them in Both the interface is switching mode all the time.

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • stephenw10
                                                                        stephenw10 Netgate Administrator last edited by

                                                                        If the wifi is effectively your WAN connection then the gateway should be address of the Netgear router.

                                                                        You should be able to leave Authentication set as 'both' although like it says it will only use 'Shared Key Authentication' if you are using WEP.
                                                                        My access point doesn't supports EAP at all so I have it set to PSK for management mode.

                                                                        From the many combinations I have tested I have found that as long as your intrface is reporting 'status: associated' and is showing some encryption in use, TKIP or AES, then it should be working. At that point if you manually start the dhcp client it will work:

                                                                        [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): dhclient run0_wlan0
                                                                        dhclient: PREINIT
                                                                        DHCPDISCOVER on run0_wlan0 to 255.255.255.255 port 67 interval 5
                                                                        DHCPOFFER from 192.168.111.1
                                                                        DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
                                                                        DHCPACK from 192.168.111.1
                                                                        bound to 192.168.111.11 -- renewal in 14400 seconds.
                                                                        

                                                                        However it won't come up at boot (or at least mine didn't) so it's probably easier to use static addressing as a work around.

                                                                        Steve

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • stephenw10
                                                                          stephenw10 Netgate Administrator last edited by

                                                                          Just to confirm this I have reset all the values in the pfSense wireless setup to 'both' and set the values in my router/access point back to their defaults. The behaviour is the same:

                                                                          [2.0.1-RELEASE][root@pfSense.localdomain]/root(6): ifconfig run0_wlan0
                                                                          run0_wlan0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                                                                          	ether f8:d1:11:********
                                                                          	inet6 fe80::fad1:11ff:fec1:5b57%run0_wlan0 prefixlen 64 scopeid 0xd 
                                                                          	nd6 options=3 <performnud,accept_rtadv>media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
                                                                          	status: associated
                                                                          	ssid Area58net channel 2 (2417 MHz 11g) bssid 00:90:7f:********
                                                                          	regdomain ETSI country GB authmode WPA2/802.11i privacy ON
                                                                          	deftxkey UNDEF TKIP 2:128-bit txpower 30 bmiss 7 scanvalid 60
                                                                          	protmode OFF roaming MANUAL
                                                                          [2.0.1-RELEASE][root@pfSense.localdomain]/root(7): dhclient run0_wlan0
                                                                          dhclient: PREINIT
                                                                          DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
                                                                          DHCPREQUEST on run0_wlan0 to 255.255.255.255 port 67
                                                                          DHCPACK from 192.168.111.1
                                                                          bound to 192.168.111.11 -- renewal in 14400 seconds.</performnud,accept_rtadv></up,broadcast,running,simplex,multicast> 
                                                                          
                                                                          1 Reply Last reply Reply Quote 0
                                                                          • E
                                                                            Efonnes last edited by

                                                                            I think I've heard of this DHCP issue before when using the wireless in client mode.  I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it).  No one else has attempted working on it (that I'm aware of).

                                                                            As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area.  This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them.  As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • B
                                                                              b-vigilanT last edited by

                                                                              Ok. I finally managed to get an IP doing it Steve's way, by setting a static IP of 192.168.1.9/24 (I think I was using the incorrect CIDR notation previously) and Netgear gateway on 192.168.1.1 then running dhclient manually in the ssh session.

                                                                              There is still the issue of internet connectivity – I can ping the gateway fine in both in the web gui and ssh terminal, but I can ping outside the WLAN only through the web gui, and that is only after I enabled the DNS forwarder again...

                                                                              When I attempt to ping google in ssh, I get "No route to host" message. I need to fix this.

                                                                              This is certainly progress, but it is quite impractical. Today, I plan on acquiring a USB hub, so that I can connect a 2nd wifi adapter, my RT3070 card (Alfa awus036nh). I plan on using that card to connect to the Netgear and the RT2870 in host AP mode to extend the WLAN.

                                                                              EDIT:
                                                                              @Efonne:

                                                                              I think I've heard of this DHCP issue before when using the wireless in client mode.  I know of a potential fix and it has been on my todo list, but I haven't really gotten around to it (I'm not a hired developer after all and do not work for any other company that would pay me to work on pfSense; I mostly just work on things when I feel like doing it).  No one else has attempted working on it (that I'm aware of).

                                                                              As for your earlier question about wireless channel availability – the regional settings are only really there to limit the list of channels to only show what you should be seeing for your area.  This setting is especially useful for drivers or firmwares that list every channel as available (cards supported by mwl do this, for example), because it will otherwise give a long list of channels that are essentially useless since other devices won't use them.  As the note below the group of settings states (but in different words), it can only impose further limits on the channels available; it cannot add channels locked out by the driver or firmware.

                                                                              I gathered as much, the regional settings are only there to filter but in this case, when I set the correct regional settings (Europe ESTI) why does it still only show 1-11? My adapter's firmware should support at least up to 14, and I think it also supports the 5GHz channels too, actually.

                                                                              1 Reply Last reply Reply Quote 0
                                                                              • stephenw10
                                                                                stephenw10 Netgate Administrator last edited by

                                                                                Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
                                                                                Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.

                                                                                I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.

                                                                                You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
                                                                                Edit: Unless you were referring to 802.11A of course!  ;)

                                                                                My own card, a TP-Link TL_WN7200N, is seen as:

                                                                                run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:********
                                                                                run0: firmware RT2870 loaded
                                                                                
                                                                                

                                                                                What does your card list as it's channel capabilites from the CLI?

                                                                                [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan
                                                                                Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
                                                                                Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
                                                                                Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
                                                                                Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
                                                                                Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
                                                                                Channel   6 : 2437  MHz 11g          
                                                                                [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active
                                                                                Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
                                                                                Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
                                                                                Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
                                                                                Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
                                                                                Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
                                                                                Channel   6 : 2437  MHz 11g 
                                                                                

                                                                                My NIC can't see 12 or 13 either under pfSense.

                                                                                @Efonne If you are looking into this (should the urge come over you  ;)) and need testers or logs etc, please ask.

                                                                                Steve

                                                                                1 Reply Last reply Reply Quote 0
                                                                                • stephenw10
                                                                                  stephenw10 Netgate Administrator last edited by

                                                                                  Back to the original topic the reason we only have 11 channels is probably this:
                                                                                  http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052236.html

                                                                                  I wonder how tough it would be to make run(4) setup the channel list correctly? Hmm…

                                                                                  Steve

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  • B
                                                                                    b-vigilanT last edited by

                                                                                    @stephenw10:

                                                                                    Unless you have set the wifi interface as WAN it will not be the default gateway. pfSense will always send traffic via the default gateway (unless you have used firewall rules to tell it otherwise). You can either reassign it as WAN or set it as the default gateway manually in System: Routing: Gateways
                                                                                    Personally I would try to reassign it as WAN, otherwise you will have unused gateways in the system which can only cause complications.

                                                                                    The Wifi is set as WAN. Yet, I cannot ping from the ssh session, only in the web gui and not all websites either.

                                                                                    I should add that I have since discovered that I have to have Management Mode set to PSK in order to associate.

                                                                                    You will not see any 5GHz channels in 2.0.1 as there is no support for 802.11N. You will see that you only have the choice of 802.11B or G.
                                                                                    Edit: Unless you were referring to 802.11A of course!  ;)

                                                                                    My own card, a TP-Link TL_WN7200N, is seen as:

                                                                                    run0: MAC/BBP RT3070 (rev 0x0201), RF RT3020 (MIMO 1T1R), address f8:d1:11:********
                                                                                    run0: firmware RT2870 loaded
                                                                                    
                                                                                    

                                                                                    What does your card list as it's channel capabilites from the CLI?

                                                                                    [2.0.1-RELEASE][root@pfSense.localdomain]/root(9): ifconfig run0_wlan0 list chan
                                                                                    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
                                                                                    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
                                                                                    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
                                                                                    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
                                                                                    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
                                                                                    Channel   6 : 2437  MHz 11g          
                                                                                    [2.0.1-RELEASE][root@pfSense.localdomain]/root(10): ifconfig run0_wlan0 list active
                                                                                    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g          
                                                                                    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g          
                                                                                    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g          
                                                                                    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g          
                                                                                    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g          
                                                                                    Channel   6 : 2437  MHz 11g 
                                                                                    

                                                                                    My NIC can't see 12 or 13 either under pfSense.

                                                                                    @Efonne If you are looking into this (should the urge come over you  ;)) and need testers or logs etc, please ask.

                                                                                    Steve

                                                                                    My list is same as yours, it seems:

                                                                                    [2.1-BETA1][root@1212.bigcountry]/root(4): ifconfig run0_wlan0 list chans                                                
                                                                                    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g                                                         
                                                                                    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g                                                         
                                                                                    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g                                                         
                                                                                    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g                                                         
                                                                                    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g                                                         
                                                                                    Channel   6 : 2437  MHz 11g                                                                                              
                                                                                    [2.1-BETA1][root@1212.bigcountry]/root(5): ifconfig run0_wlan0 list active                                               
                                                                                    Channel   1 : 2412  MHz 11g          Channel   7 : 2442  MHz 11g                                                         
                                                                                    Channel   2 : 2417  MHz 11g          Channel   8 : 2447  MHz 11g                                                         
                                                                                    Channel   3 : 2422  MHz 11g          Channel   9 : 2452  MHz 11g                                                         
                                                                                    Channel   4 : 2427  MHz 11g          Channel  10 : 2457  MHz 11g                                                         
                                                                                    Channel   5 : 2432  MHz 11g          Channel  11 : 2462  MHz 11g                                                         
                                                                                    Channel   6 : 2437  MHz 11g
                                                                                    
                                                                                    

                                                                                    Also, I can no longer associate. I have not changed anything in the Netgear device. I have tried setting the management mode to PSK, and doing all the different settings, what have you.. nothing. I am going to try using the RT3070. Hopefully, I will have same success as you.

                                                                                    EDIT:

                                                                                    The RT3070 does not work for me at all. Even after reboot, I am not even able to do

                                                                                    ifconfig run0_wlan0 scan
                                                                                    

                                                                                    Instead, I plugged RT2870 back and managed to associate by setting the proper subnet mask: 192.168.1.1/16

                                                                                    That's strange, because last time it was something different, iirc. So, I can ping and traceroute the Netgear gateway just fine but I still cannot ping/tracert outside the WLAN. Getting the cannot resolve host/no route to host messages. I am now trying to set up a static route in the Gateways > routes section, but pfSense seems to have crashed as a result.

                                                                                    1 Reply Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post

                                                                                    Products

                                                                                    • Platform Overview
                                                                                    • TNSR
                                                                                    • pfSense Plus
                                                                                    • Appliances

                                                                                    Services

                                                                                    • Training
                                                                                    • Professional Services

                                                                                    Support

                                                                                    • Subscription Plans
                                                                                    • Contact Support
                                                                                    • Product Lifecycle
                                                                                    • Documentation

                                                                                    News

                                                                                    • Media Coverage
                                                                                    • Press
                                                                                    • Events

                                                                                    Resources

                                                                                    • Blog
                                                                                    • FAQ
                                                                                    • Find a Partner
                                                                                    • Resource Library
                                                                                    • Security Information

                                                                                    Company

                                                                                    • About Us
                                                                                    • Careers
                                                                                    • Partners
                                                                                    • Contact Us
                                                                                    • Legal
                                                                                    Our Mission

                                                                                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                                                    Subscribe to our Newsletter

                                                                                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                                                    © 2021 Rubicon Communications, LLC | Privacy Policy