FreeBSD as a Wireless Access Point (WAP)

FreeBSD Handbook: 30.3. Wireless Networking
FreeBSD Handbuch: 32.3. Drahtlose Netzwerke

FreeBSD 10.0-RELEASE Hardware Notes

Quick Wireless Setup On FreeBSD
Howto create a FreeBSD wireless router/access point
How To Set Up A FreeBSD Wireless Access Point
My home firewall router with FreeBSD—A year retrospective
Building my own wireless point

hostapd

hostapd(8) – authenticator for IEEE 802.11 networks
hostapd.conf(5) – configuration file for hostapd(8) utility

interface=wlan0
debug=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=Test Wifi
hw_mode=g
macaddr_acl=0
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=*****
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP TKIP

802.11n

ath(4) = Atheros Cardbus and PCI cards (AR5416, AR5418, AR9130,AR9160, AR9220, AR9280, AR9285, AR9227, AR9287
ipw(4) = Intel PRO/Wireless 2100 MiniPCI network adapter
iwi(4) = Intel PRO/Wireless 2200BG/2915ABG MiniPCI and 2225BG PCI network adapters
iwn(4) = Intel Wireless WiFi Link 4965AGN IEEE 802.11n PCI network adapters
wpi(4) = Intel 3945ABG Wireless LAN IEEE 802.11 driver

802.11n support for the ath(4) NICs
iwn(4) Intel 802.11n series NICs
ath and 802.11n on FreeBSD 10.0
WiFi configuration in FreeBSD (including WPA/WPA2)

# wlandebug
net.wlan.0.debug: 0x0

# wlandebug +11n 
net.wlan.0.debug: 0x0 => 0x80000000<11n>
wlan0: Ethernet address: 04:f0:21:0c:2b:a6
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called
wlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 98 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0
wlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 98 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called
wlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 173 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0
wlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 173 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called
wlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 248 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0
wlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 248 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0
wlan0: [f8:01:13:05:ef:1f] discard MPDU frame, BA win <6:21> (0 frames) rxseq 5 tid 0 (retransmit)
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0
wlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called
wlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called
wlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 120 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0
wlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 120 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0
wlan0: [38:0b:40:23:88:53] ieee80211_ht_node_cleanup: called
wlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called
wlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 203 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0
wlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 203 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0
wlan0: [38:0b:40:23:88:53] discard MPDU frame, BA win <7:38> (0 frames) rxseq 6 tid 0 (retransmit)
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0
wlan0: [38:0b:40:23:88:53] ieee80211_ht_node_cleanup: called
wlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called
wlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412/0x10480
wlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2
wlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 26 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0
wlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 26 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0
ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
	ether 04:f0:21:0c:2b:a6
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
	status: running
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	ether 04:f0:21:0c:2b:a6
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>
	status: running

Open:	ssid BACHI.NET channel 1 (2412 MHz 11g ht/40+) bssid 04:f0:21:0c:2b:a6
	country US ecm authmode OPEN privacy OFF txpower 27 scanvalid 60
	protmode CTS ampdulimit 64k ampdudensity 8 shortgi wme burst
	dtimperiod 1 -dfs

WPA US: ssid BACHI.NET channel 1 (2412 MHz 11g ht/40+) bssid 04:f0:21:0c:2b:a6
        country US ecm authmode WPA privacy MIXED deftxkey 2 TKIP 2:128-bit
        txpower 27 scanvalid 60 protmode CTS ampdulimit 64k ampdudensity 8
        shortgi wme burst dtimperiod 1 -dfs

WPA CH: ssid BACHI.NET channel 1 (2412 MHz 11g ht/40+) bssid 04:f0:21:0c:2b:a6
        regdomain ETSI country CH ecm authmode WPA privacy MIXED deftxkey 3
        TKIP 2:128-bit TKIP 3:128-bit txpower 30 scanvalid 60 protmode CTS
        ampdulimit 64k ampdudensity 8 shortgi wme burst dtimperiod 1 -dfs
# ifconfig wlan0 list sta
ADDR               AID CHAN RATE RSSI IDLE  TXSEQ  RXSEQ CAPS FLAG   
f8:01:13:05:ef:1f    1    1  21M 17.0    0     24  27152 EPS  AQEPHTR HTCAP WME WPA
38:0b:40:23:88:53    2    1  43M 12.5    0      6  12336 EPS  AQEHTR  HTCAP WPA WME
# bsd-airtools
# wicontrol

Multi-SSID

FreeBSDAccessPoint
FreeBSDOnEmbeddedDevice

# Eudoroam internal wired and wireless
ifconfig_sis0="up"
create_args_wlan0="wlanmode hostap mode 11g ssid eduroam.test up"
ifconfig_bridge0="addm wlan0 addm sis0 up"
ipv4_addrs_bridge0="192.168.42.1/24 192.168.1.2/24"

# Wireless Leiden Hub
ifconfig_sis2="up"
create_args_wlan1="wlanmode hostap bssid mode 11g ssid
ap-raam.snuit.wleiden.net up"
ifconfig_bridge1="addm wlan1 addm sis2 DHCP"

# Authentication enabled on my personal access point (wlan0)
hostapd_enable="YES"
interface=wlan0
driver=bsd

logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=2
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0

macaddr_acl=0
auth_algs=1

wpa=1
wpa_passphrase=FooBarPass
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP TKIP
EOF

multi vap Multi-SSID with ath on FreeBSD 10-current
multiple ssid’s over a single physical wireless interface
Trouble setting up multi SSID and 802.1X
Multiple SSIDs with hostapd (Linux)

$ ifconfig wlan0 create wlandev ath0 wlanmode monitor
$ ifconfig wlan0 channel 6
$ ifconfig wlan0 up
$ tcpdump -ni wlan0 -y IEEE802_11_RADIO
$ tcpdump -ni wlan0 -y IEEE802_11_RADIO -s0 -l -v -w output.pcap

WPA-EAP

FreeBSD + Freeradius2 + EAP-TLS + ssl-admin, a WPA2 Enterprise Guide
WPA2 Enterprise using DD-WRT and FreeBSD
hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Wpa/WPA2-Radius+EAP-TLS/EAP-PEAP
Setting up WLAN network with EAP-TLS using only PC hardware and free software

Leave a Reply

Your email address will not be published. Required fields are marked *