Hello, My access point uses an Atheros AR9287 and I'm failing to figure out why it's not working right. My other wireless devices can see the access point but get immediately disconnected from it.
Last night I had set up a bridged AP with using the 'Building a Router' guide at https://www.openbsd.org/faq/pf/example1.html but replacing each of the different configuration changes for my athn0 WIFI interface instead of the em3/em4 as I have em0/em1/athn0. I have tried connecting to it with a static IP and using DHCP.. both methods just disconnect me immediately. I have triple checked passwords and made sure that the pf.conf rules are good. Any help would be massively appreciated. Thanks p.s. The LAN interface works just fine ## Here are the configs $ cat /etc/hostname.athn0 mediaopt hostap nwid funkyAP wpakey funkypassword up $ cat /etc/hostname.em0 inet 192.168.1.150 255.255.255.0 $ cat /etc/hostname.em1 up $ cat /etc/hostname.vether0 inet 192.168.2.1 255.255.255.0 $ cat /hostname.bridge0 add vether0 add em1 add athn0 blocknonip vether0 blocknonip em1 blocknonip athn0 $ cat /etc/pf.conf int_if="{ vether0 em1 athn0 }" table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 \ 172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 \ 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \ 203.0.113.0/24 } set block-policy drop set loginterface egress set skip on lo0 match in all scrub (no-df random-id max-mss 1440) match out on egress inet from !(egress:network) to any nat-to (egress:0) block in quick on egress from <martians> to any block return out quick on egress from any to <martians> block all pass out quick inet pass in on $int_if inet pass in on egress inet proto tcp from any to (egress) port 22 $ cat /etc/dhcpd.conf subnet 192.168.2.0 netmask 255.255.255.0 { option routers 192.168.2.1; option domain-name-servers 192.168.2.1; range 192.168.2.2 192.168.192.168.2.20; } $ cat /var/unbound/etc/unbound.conf server: interface: 192.168.2.1 interface: 127.0.0.1 access-control: 192.168.2.0/24 allow do-not-query-localhost: no hide-identity: yes hide-version: yes forward-zone: name: "." forward-addr: 8.8.8.8 $ cat /etc/resolv.conf
