Do I add this as a wireless rule?
On Tuesday, July 26, 2011, bsd wrote:
>
> Le 26 juil. 2011 à 19:48, Chris Brennan a écrit :
>
>> Greetings! I've got a Netgate m1n1-2d13 firewall device[1] and for the most
>> part, it works great (wired that is.) Wireless on the other hand is
>> questionable at best. Sometimes it works, sometimes it doesn't. The
>> wireless kit is [2]. pfSense 1.2.3-RELEASE sees the card just fine
>>
>> ath0: flags=8943 metric 0
>> mtu 1500
>> ether 90:a4:de:2f:1d:bb
>> inet6 fe80::92a4:deff:fe2f:1dbb%ath0 prefixlen 64 scopeid 0x4
>> media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
>> status: associated
>> ssid "The Realm" channel 1 (2412 Mhz 11g) bssid 90:a4:de:2f:1d:bb
>> authmode WPA privacy MIXED deftxkey 3 AES-CCM 2:128-bit
>> AES-CCM 3:128-bit txpower 31.5 scanvalid 60 bgscan bgscanintvl 300
>> bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode OFF burst
>> -apbridge dtimperiod 1
>>
>> and an pciconf -lv
>> ath0@pci0:0:12:0: class=0x02 card=0x1012185f chip=0x0013168c rev=0x01
>> hdr=0x00
>> class = network
>> subclass = ethernet
>>
>> I had my wireless working, my Sony TV was streaming Netflix for days, my
>> iPod was able to browse the internet as well as my android phone and
>> even my Debian laptop was working. Now, my TV can't associate, if it
>> does, it refuses to get an IP address from the DHCP server (which is
>> running)
>>
>> [ad...@router.xaerolimit.net]/root(7): ps auxf | grep dhcpd
>> dhcpd 24379 0.0 0.8 3156 2040 ?? Is Sun05AM 0:01.56
>> /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd
>> -cf /var/dhcpd/etc/dhcpd.conf vr0
>> root 60213 0.0 0.1 376 256 p0 R+ 10:32PM 0:00.00 grep
>> dhcpd
>> [1.2.3-RELEASE]
>> [ad...@router.xaerolimit.net]/root(8):
>>
>> My iPod Touch and my Android phone are able to associate and get an IP
>> without any issues, but they cannot browse, I've confirmed this by being
>> able to browse my LAN from both devices but I am unable to get to
>> google.com for example, or anywhere else. I've also confirmed that my TV
>> never does get an IP as when trying to connect Wirelessly, it is unable
>> to get to my local webserver running on the same subnet as the DHCP
>> daemon.
>>
>> So I am unsure what I missed, I'm pretty sure this is a configuration
>> issue with the firewall (basic details are below, if more is needed, by
>> all means ask).
>>
>> Interfaces -> OPT2 (Wireless)
>> Check box checked to enable device
>> Description: Wireless
>> Type: DHCP
>> Bridge with: LAN
>> Standard: 802.11g
>> Mode: Access Point
>> 802.11g OFDM Protection Mode: Protection mode off
>> SSID: The Realm
>> Transmit Power: 99
>> Channel: Auto (usually ch1 is used)
>> WPA: Enable WPA check box checked
>> PSK: SoMe ReAlLy LoNg PaSs WoRd
>> WPA Mode: Both
>> WPA Key Management Mode: Pre Shared Key
>> Authentication: Open System Authentication
>> WPA Pairwise: AES
>> Key Rotation: 60
>> Master Key Regeneration: 3600
>>
>> Firewall -> Rules -> Lan
>> Action: Pass
>> Interface: LAN
>> Protocol: Any
>> Source: LAN Subnet
>> Destination: Any
>> Gateway: Default (192.168.0.1)
>> Description: Default LAN -> any
>>
>> Firewall -> Rules -> Wireless
>> Action: Pass
>> Interface: Wireless
>> Protocol: Any
>> Source: LAN subnet (was any but someone on IRC recommended the
>> change to 'LAN subnet')
>> Adding a rule such as this one will do you no harm and might help you solve
>> your problem (at least for DHCP):
>
>
--
> --
> Chris Brennan
> A: Yes.
> >Q: Are you sure?
> >>A: Because it reverses the logical flow of conversation.
> >>>Q: Why is top posting frowned upon?
> http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/
> GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C)
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org