Le 26 juil. 2011 à 19:48, Chris Brennan a écrit : > Greetings! I've got a Netgate m1n1-2d13 firewall device[1] and for the most > part, it works great (wired that is.) Wireless on the other hand is > questionable at best. Sometimes it works, sometimes it doesn't. The > wireless kit is [2]. pfSense 1.2.3-RELEASE sees the card just fine > > ath0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 > mtu 1500 > ether 90:a4:de:2f:1d:bb > inet6 fe80::92a4:deff:fe2f:1dbb%ath0 prefixlen 64 scopeid 0x4 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap> > status: associated > ssid "The Realm" channel 1 (2412 Mhz 11g) bssid 90:a4:de:2f:1d:bb > authmode WPA privacy MIXED deftxkey 3 AES-CCM 2:128-bit > AES-CCM 3:128-bit txpower 31.5 scanvalid 60 bgscan bgscanintvl 300 > bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode OFF burst > -apbridge dtimperiod 1 > > and an pciconf -lv > ath0@pci0:0:12:0: class=0x020000 card=0x1012185f chip=0x0013168c rev=0x01 > hdr=0x00 > class = network > subclass = ethernet > > I had my wireless working, my Sony TV was streaming Netflix for days, my > iPod was able to browse the internet as well as my android phone and > even my Debian laptop was working. Now, my TV can't associate, if it > does, it refuses to get an IP address from the DHCP server (which is > running) > > [ad...@router.xaerolimit.net]/root(7): ps auxf | grep dhcpd > dhcpd 24379 0.0 0.8 3156 2040 ?? Is Sun05AM 0:01.56 > /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd > -cf /var/dhcpd/etc/dhcpd.conf vr0 > root 60213 0.0 0.1 376 256 p0 R+ 10:32PM 0:00.00 grep > dhcpd > [1.2.3-RELEASE] > > > [ad...@router.xaerolimit.net]/root(8): > > My iPod Touch and my Android phone are able to associate and get an IP > without any issues, but they cannot browse, I've confirmed this by being > able to browse my LAN from both devices but I am unable to get to > google.com for example, or anywhere else. I've also confirmed that my TV > never does get an IP as when trying to connect Wirelessly, it is unable > to get to my local webserver running on the same subnet as the DHCP > daemon. > > So I am unsure what I missed, I'm pretty sure this is a configuration > issue with the firewall (basic details are below, if more is needed, by > all means ask). > > Interfaces -> OPT2 (Wireless) > Check box checked to enable device > Description: Wireless > Type: DHCP > Bridge with: LAN > Standard: 802.11g > Mode: Access Point > 802.11g OFDM Protection Mode: Protection mode off > SSID: The Realm > Transmit Power: 99 > Channel: Auto (usually ch1 is used) > WPA: Enable WPA check box checked > PSK: SoMe ReAlLy LoNg PaSs WoRd > WPA Mode: Both > WPA Key Management Mode: Pre Shared Key > Authentication: Open System Authentication > WPA Pairwise: AES > Key Rotation: 60 > Master Key Regeneration: 3600 > > Firewall -> Rules -> Lan > Action: Pass > Interface: LAN > Protocol: Any > Source: LAN Subnet > Destination: Any > Gateway: Default (192.168.0.1) > Description: Default LAN -> any > > Firewall -> Rules -> Wireless > Action: Pass > Interface: Wireless > Protocol: Any > Source: LAN subnet (was any but someone on IRC recommended the > change to 'LAN subnet') > Destination: Any > Gateway: Default (192.168.0.1) > Description: Wi-Fi Out > > > If any other configuration details are required, please let me know and > I will provide them, but bear in mind, I don't know where/how pfSense > stores it's configuration files, The above data was typed manually from > the web interface.
Adding a rule such as this one will do you no harm and might help you solve your problem (at least for DHCP):
<<inline: Capture d’écran 2011-07-27 à 04.25.44.png>>
Proto Source Port Destination Port Gateway Queue UDP 0.0.0.0 68 255.255.255.255 67 * none Thanks > > [1] http://store.netgate.com/Netgate-m1n1wall-2D3-2D13-Black-P216.aspx > [2] http://store.netgate.com/KIT-ALIX-5004MP-DUAL-P190C34.aspx > -- >> Chris Brennan >> -- >> A: Yes. >>> Q: Are you sure? >>>> A: Because it reverses the logical flow of conversation. >>>>> Q: Why is top posting frowned upon? >> http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ >> GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) > ------------------------------------------------------------------------ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Grégory Bernard www.OsNet.eu ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ PGP ID --> 0x1BA3C2FD
--------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org