From owner-freebsd-current@FreeBSD.ORG Tue Mar 3 15:04:37 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C8671065673 for ; Tue, 3 Mar 2009 15:04:37 +0000 (UTC) (envelope-from mike@jellydonut.org) Received: from qw-out-2122.google.com (qw-out-2122.google.com [74.125.92.25]) by mx1.freebsd.org (Postfix) with ESMTP id 646808FC0A for ; Tue, 3 Mar 2009 15:04:36 +0000 (UTC) (envelope-from mike@jellydonut.org) Received: by qw-out-2122.google.com with SMTP id 3so2262474qwe.7 for ; Tue, 03 Mar 2009 07:04:36 -0800 (PST) MIME-Version: 1.0 Received: by 10.229.84.5 with SMTP id h5mr4027340qcl.25.1236092669018; Tue, 03 Mar 2009 07:04:29 -0800 (PST) In-Reply-To: References: Date: Tue, 3 Mar 2009 10:04:28 -0500 Message-ID: <1de79840903030704w2ab9e994i77d8461bb2a5778c@mail.gmail.com> From: Michael Proto To: Randy Bush Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: wpa2 hostap setup X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2009 15:04:37 -0000 On Tue, Mar 3, 2009 at 12:02 AM, Randy Bush wrote: > i386 (soekris) 8-current > > i currently have > > wlans_ath0="wlan0 wlan1" > create_args_wlan0="wlanmode hostap channel 11 ssid rgnet-aden wep wepkey itsasecretsilly weptxkey 1 media autoselect mode 11g up" > create_args_wlan1="wlanmode hostap ssid rg-free up" > cloned_interfaces=bridge0 > ifconfig_bridge0="192.168.0.1 addm vr1 addm vr2 addm vr3 addm wlan0 addm wlan1 up" > ifconfig_vr1=up > ifconfig_vr2=up > ifconfig_vr3=up > > i want to go to a more reasonable over the air crypt sceheme, e.g. wpa2. > clients are mac, airport express, and winxp. is there a well known > recipe? > > i think i need to run hostapd with a hostapd.conf something like > > interface=wlan0 > ctrl_interface=/var/run/hostapd > ctrl_interface_group=0 > ssid=rgnet-aden > country_code=JP > hw_mode=g > channel=42 > auth_algs=3 > wpa=1 > wpa_passphrase=itsasecretsilly > wpa_key_mgmt=WPA-PSK > > i could not really understand the dual bssid stuff and many of the > options. and when i get that sorted, what do i do to my /etc/rc.conf? > First, if you want to use WPA2, you'll want to change the hostapd.conf options a bit: wpa=2 wpa_pairwise=CCMP TKIP (or just wpa_pairwise=CCMP) You also don't need the wep settings in the ifconfig statement for wlan0 in your rc.conf, hostapd will take care of the encryption bits. Here's all my rc.conf has for my wlan0 interface (and I'm using WPA2 with it as well, which is configured as in hostapd.conf) which has been working very well for a variety of clients for some time now: ifconfig_ath0="mode 11g" wlans_ath0="wlan0" create_args_wlan0="wlanmode ap" ifconfig_wlan0="inet 192.168.1.1 netmask 255.255.255.0 channel 11" -Proto