Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 14 Jan 2012 16:36:22 +1000
From:      Da Rock <freebsd-questions@herveybayaustralia.com.au>
To:        freebsd-questions@freebsd.org
Subject:   Re: wireless and/or routing question UPDATE - WPA
Message-ID:  <4F112266.10505@herveybayaustralia.com.au>
In-Reply-To: <CAFuo_fwGJvP5LV=x6keuHEWnj00NJrjw=ZwXCZ_uk_f3AWLPuA@mail.gmail.com>
References:  <CAFuo_fwGJvP5LV=x6keuHEWnj00NJrjw=ZwXCZ_uk_f3AWLPuA@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 01/14/12 16:28, Waitman Gobble wrote:
> On Fri, Jan 13, 2012 at 8:34 AM, Waitman Gobble<gobble.wa@gmail.com>  wrote:
>
>> On Jan 13, 2012 7:19 AM, "Matthias Apitz"<guru@unixarea.de>  wrote:
>>> El día Friday, January 13, 2012 a las 07:03:11AM -0800, Waitman Gobble
>> escribió:
>>>> Hi,
>>>>
>>>> Thanks. I've always heard countless rumors about WPA being wise :) I'll
>>>> take your advice and take a step up in technology. My "stubborn
>>>> conservatism" probably roots back to the time when not all devices
>> could do
>>>> WPA, or at least I had crazy trouble getting things to work. But this
>>>> learned attitude was probably around 2000, which was like a million
>> years
>>>> ago with dinosaurs and stuff. Time for me to finally get with it.
>>>>
>>>> ...
>>> Concerning WEP ./. WPA: From the technical point it is clear, WPA is
>>> more secure; but there are other aspects as well; we have had in Germany
>>> cases where the WAN IP of the AP appeared as source addr of some kind of
>>> crime (access to child porn or whatever) and the AP owner said: I'm
>>> using WEP, it was not me, and someone highjacked my AP ... and he/she
>>> went home as free person;
>>>
>>>         matthias
>>> --
>>> Matthias Apitz
>>> e<guru@unixarea.de>  - w http://www.unixarea.de/
>>> UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
>>> UNIX on x86 since SVR4.2 UnixWare 2.1.2, FreeBSD since 2.2.5
>> thanks, going to try WPA this weekend.
>>
>> My apartment is not so convenient for drive-by scanners (cant think of the
>> proper term at the moment) but i do have at least one neighbor who appears
>> potentially suspect.. like he might try to hack my ap for fun.
>>
>> Waitman
>>
>
> Hi,
>
> Today I picked up a D-Link DIR-815 and set it up for WPA with TKIP/PSK.
> I believe i followed the instructions in the FreeBSD handbook. However, the
> wpa_supplicant appears to hang indefinitely. If i control-c it barfs out an
> error.
>
> This clones ale0 wired NIC MAC to ath0 wireless NIC for lagg
>
> ifconfig ath0 ether 00:23:5a:59:e1:e4
> ifconfig wlan0 create wlandev ath0 ssid BOOTAY
> ifconfig wlan0 up scan
>
>
>
>
> here's the wpa_supplicant that's hanging:
>
> wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
>
>
>
>
> p00ntang# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
> Trying to associate with 1c:7e:e5:de:ed:52 (SSID='BOOTAY' freq=2452 MHz)
> Associated with 1c:7e:e5:de:ed:52
> WPA: Key negotiation completed with 1c:7e:e5:de:ed:52 [PTK=TKIP GTK=TKIP]
> CTRL-EVENT-CONNECTED - Connection to 1c:7e:e5:de:ed:52 completed (auth)
> [id=0 id_str=]
>
>
> ^CCTRL-EVENT-TERMINATING - signal 2 received
> ioctl[SIOCS80211, op 20, len 7]: Can't assign requested address
> ELOOP: remaining socket: sock=4 eloop_data=0x284081c0 user_data=0x28412080
> handler=0x806d620
>
>
> If I terminate with ampersand to run asynchronously it keeps running and i
> have a wireless connection - it works.
>
> p00ntang# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf&
>
>
> I guess that makes sense but the handbook is not clear to me that it's to
> be done this way. It's the first time i've set up WPA on FreeBSD so i'm not
> 100% about what to expect.
>
> i am noticing messages about rekeying, so maybe the wpa-supplicant is
> supposed to keep running.
>
> here's /etc/wpa_supplicant.conf
>
> network={
>          ssid="BOOTAY"
>          psk="PASSWORD GOES HERE"
> }
>
>
> here's the rest of the lagg to set wired/wireless interface with a failover
> configuration. this is pretty clear in the handbook but i'll put it here in
> case someone runs across the thread in the future.
>
> ifconfig ale0 up
> ifconfig wlan0 up
> ifconfig lagg0 create
> ifconfig lagg0 up laggproto failover laggport ale0 laggport wlan0
> 10.0.0.20/24
>
Just stick the config in rc.conf and make sure you include "WPA" in the 
wlan0 definition. It will "just work" then.

For reference, to run wpa_supplicant from the cli you usually add "-B" 
in the flags to daemonise it, and run in the background; otherwise it 
will run in the foreground for debugging purposes.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F112266.10505>