wireless and/or routing question UPDATE - WPA

Da Rock freebsd-questions at herveybayaustralia.com.au
Sat Jan 14 06:40:06 UTC 2012

On 01/14/12 16:28, Waitman Gobble wrote:
> On Fri, Jan 13, 2012 at 8:34 AM, Waitman Gobble<gobble.wa at gmail.com>  wrote:
>> On Jan 13, 2012 7:19 AM, "Matthias Apitz"<guru at unixarea.de>  wrote:
>>> El día Friday, January 13, 2012 a las 07:03:11AM -0800, Waitman Gobble
>> escribió:
>>>> Hi,
>>>> Thanks. I've always heard countless rumors about WPA being wise :) I'll
>>>> take your advice and take a step up in technology. My "stubborn
>>>> conservatism" probably roots back to the time when not all devices
>> could do
>>>> WPA, or at least I had crazy trouble getting things to work. But this
>>>> learned attitude was probably around 2000, which was like a million
>> years
>>>> ago with dinosaurs and stuff. Time for me to finally get with it.
>>>> ...
>>> Concerning WEP ./. WPA: From the technical point it is clear, WPA is
>>> more secure; but there are other aspects as well; we have had in Germany
>>> cases where the WAN IP of the AP appeared as source addr of some kind of
>>> crime (access to child porn or whatever) and the AP owner said: I'm
>>> using WEP, it was not me, and someone highjacked my AP ... and he/she
>>> went home as free person;
>>>         matthias
>>> --
>>> Matthias Apitz
>>> e<guru at unixarea.de>  - w http://www.unixarea.de/
>>> UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
>>> UNIX on x86 since SVR4.2 UnixWare 2.1.2, FreeBSD since 2.2.5
>> thanks, going to try WPA this weekend.
>> My apartment is not so convenient for drive-by scanners (cant think of the
>> proper term at the moment) but i do have at least one neighbor who appears
>> potentially suspect.. like he might try to hack my ap for fun.
>> Waitman
> Hi,
> Today I picked up a D-Link DIR-815 and set it up for WPA with TKIP/PSK.
> I believe i followed the instructions in the FreeBSD handbook. However, the
> wpa_supplicant appears to hang indefinitely. If i control-c it barfs out an
> error.
> This clones ale0 wired NIC MAC to ath0 wireless NIC for lagg
> ifconfig ath0 ether 00:23:5a:59:e1:e4
> ifconfig wlan0 create wlandev ath0 ssid BOOTAY
> ifconfig wlan0 up scan
> here's the wpa_supplicant that's hanging:
> wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
> p00ntang# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
> Trying to associate with 1c:7e:e5:de:ed:52 (SSID='BOOTAY' freq=2452 MHz)
> Associated with 1c:7e:e5:de:ed:52
> WPA: Key negotiation completed with 1c:7e:e5:de:ed:52 [PTK=TKIP GTK=TKIP]
> CTRL-EVENT-CONNECTED - Connection to 1c:7e:e5:de:ed:52 completed (auth)
> [id=0 id_str=]
> ^CCTRL-EVENT-TERMINATING - signal 2 received
> ioctl[SIOCS80211, op 20, len 7]: Can't assign requested address
> ELOOP: remaining socket: sock=4 eloop_data=0x284081c0 user_data=0x28412080
> handler=0x806d620
> If I terminate with ampersand to run asynchronously it keeps running and i
> have a wireless connection - it works.
> p00ntang# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf&
> I guess that makes sense but the handbook is not clear to me that it's to
> be done this way. It's the first time i've set up WPA on FreeBSD so i'm not
> 100% about what to expect.
> i am noticing messages about rekeying, so maybe the wpa-supplicant is
> supposed to keep running.
> here's /etc/wpa_supplicant.conf
> network={
>          ssid="BOOTAY"
>          psk="PASSWORD GOES HERE"
> }
> here's the rest of the lagg to set wired/wireless interface with a failover
> configuration. this is pretty clear in the handbook but i'll put it here in
> case someone runs across the thread in the future.
> ifconfig ale0 up
> ifconfig wlan0 up
> ifconfig lagg0 create
> ifconfig lagg0 up laggproto failover laggport ale0 laggport wlan0
Just stick the config in rc.conf and make sure you include "WPA" in the 
wlan0 definition. It will "just work" then.

For reference, to run wpa_supplicant from the cli you usually add "-B" 
in the flags to daemonise it, and run in the background; otherwise it 
will run in the foreground for debugging purposes.

More information about the freebsd-questions mailing list