Date: Fri, 25 Nov 2016 12:34:58 +0100 From: "Christoph P.U. Kukulies" <kuku@kukulies.org> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: setting up a FreeBSD access point (hostap, natd) Message-ID: <e59e6141-4c83-a3d9-629f-f813625f0d48@kukulies.org>
next in thread | raw e-mail | index | archive | help
FreeBSD-11.0 RELEASE
urtwn0: <vendor 0x7392 product 0x7811, class 0/0, rev 2.00/2.00, addr 2>
on usbus2
urtwn0: MAC/BB RTL8188CUS, RF 6052 1T1R
rc.conf:
gateway_enable="YES"
hostname="myhostap.somedomain.de"
ifconfig_re0=" inet 172.27.2.119 netmask 255.255.0.0"
defaultrouter="172.27.2.1"
dhcpd_enable="YES" # dhcpd enabled?
dhcpd_flags="-q" # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file
dhcpd_ifaces="wlan0" # ethernet interface(s)
dhcpd_withumask="022" # file creation mask
# I tried using pf but still not sure whether I really need it
pf_enable="YES"
pf_flags=""
pf_rules="/etc/pf.conf"
pflog_enable="YES"
pflog_logfile="/var/log/pflog" # where pflogd should store the logfile
pflog_flags="" # additional flags for pflogd startup
hostapd_enable="YES"
wlans_urtwn0="wlan0"
create_args_wlan0="wlanmode hostap"
ifconfig_wlan0="inet 192.168.0.1 netmask 255.255.255.0"
/etc/hostapd.conf:
interface=wlan0
debug=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=FREEBSD-HOSTAP
channel=1
wpa=2
wpa_passphrase=<secret>
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
# ifconfig
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGI
C,LINKSTATE>
ether 00:25:22:8a:ee:6e
inet 172.27.2.1 netmask 0xffff0000 broadcast 172.27.255.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 80:1f:02:e6:94:f1
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
status: running
ssid NETGEAR-AC1335689 channel 1 (2412 MHz 11g) bssid
80:1f:02:e6:94:f1
regdomain FCC country US authmode WPA2/802.11i privacy MIXED
deftxkey 2 AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30
scanvalid 60
protmode CTS wme dtimperiod 1 -dfs
groups: wlan
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33184
groups: pflog
#
re0 ist the outbound interface (it still connects to an intranet but the
router to the Internet is 172.27.2.1)
In this configuration I'm able to connect my iPhone to the WLAN. It
receives an IP (192.168.0.21)
and I can ping 198.168.0.21.
Now when I start /sbin/natd -n re0
I'm getting
natd: Unable to create divert socket.: Protocol not supported
When I add a line in
loader.conf:
ipdivert_load="YES"
things get messed.
I then can start
/sbin/natd -n re0
but I then cannot login anymore through re0 from the intranet. Routing
(nat) from wlan0 to re0 doesn't work either.
Could anyone help a bit setting this up correctly?
--
Christoph
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e59e6141-4c83-a3d9-629f-f813625f0d48>