{"id":2727,"date":"2014-08-14T07:45:58","date_gmt":"2014-08-14T07:45:58","guid":{"rendered":"http:\/\/blog.bachi.net\/?p=2727"},"modified":"2014-10-01T19:23:32","modified_gmt":"2014-10-01T19:23:32","slug":"freebsd-as-a-wireless-access-point-wap","status":"publish","type":"post","link":"https:\/\/blog.bachi.net\/?p=2727","title":{"rendered":"FreeBSD as a Wireless Access Point (WAP)"},"content":{"rendered":"

FreeBSD Handbook: 30.3. Wireless Networking<\/a>
\nFreeBSD Handbuch: 32.3. Drahtlose Netzwerke<\/a><\/p>\n

FreeBSD 10.0-RELEASE Hardware Notes<\/a><\/p>\n

Quick Wireless Setup On FreeBSD<\/a>
\nHowto create a FreeBSD wireless router\/access point<\/a>
\nHow To Set Up A FreeBSD Wireless Access Point<\/a>
\nMy home firewall router with FreeBSD\u2014A year retrospective<\/a>
\nBuilding my own wireless point<\/a><\/p>\n

hostapd<\/h4>\n

hostapd(8) – authenticator for IEEE 802.11 networks<\/a>
\nhostapd.conf(5) – configuration file for hostapd(8) utility<\/a><\/p>\n

\r\ninterface=wlan0\r\ndebug=1\r\nctrl_interface=\/var\/run\/hostapd\r\nctrl_interface_group=wheel\r\nssid=Test Wifi\r\nhw_mode=g\r\nmacaddr_acl=0\r\nignore_broadcast_ssid=0\r\nwpa=3\r\nwpa_passphrase=*****\r\nwpa_key_mgmt=WPA-PSK\r\nwpa_pairwise=CCMP TKIP\r\n<\/pre>\n
802.11n<\/h3>\n
\r\nath(4) = Atheros Cardbus and PCI cards (AR5416, AR5418, AR9130,AR9160, AR9220, AR9280, AR9285, AR9227, AR9287\r\nipw(4) = Intel PRO\/Wireless 2100 MiniPCI network adapter\r\niwi(4) = Intel PRO\/Wireless 2200BG\/2915ABG MiniPCI and 2225BG PCI network adapters\r\niwn(4) = Intel Wireless WiFi Link 4965AGN IEEE 802.11n PCI network adapters\r\nwpi(4) = Intel 3945ABG Wireless LAN IEEE 802.11 driver\r\n<\/pre>\n
802.11n support for the ath(4) NICs<\/a>
\niwn(4) Intel 802.11n series NICs<\/a>
\nath and 802.11n on FreeBSD 10.0<\/a>
\nWiFi configuration in FreeBSD (including WPA\/WPA2)<\/a><\/p>\n
\r\n# wlandebug\r\nnet.wlan.0.debug: 0x0\r\n\r\n# wlandebug +11n \r\nnet.wlan.0.debug: 0x0 => 0x80000000<11n>\r\n<\/pre>\n
\r\nwlan0: Ethernet address: 04:f0:21:0c:2b:a6\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called\r\nwlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 98 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0\r\nwlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 98 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called\r\nwlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 173 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0\r\nwlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 173 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_init: called\r\nwlan0: [f8:01:13:05:ef:1f] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [f8:01:13:05:ef:1f] recv ADDBA request: dialogtoken 248 baparamset 0x402 (tid 0 bufsiz 16) batimeout 0 baseqctl 5:0\r\nwlan0: [f8:01:13:05:ef:1f] send ADDBA response: dialogtoken 248 status 0 baparamset 0x402 (tid 0) batimeout 0x0 baseqctl 0x0\r\nwlan0: [f8:01:13:05:ef:1f] discard MPDU frame, BA win <6:21> (0 frames) rxseq 5 tid 0 (retransmit)\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0\r\nwlan0: [f8:01:13:05:ef:1f] ieee80211_ht_node_cleanup: called\r\nwlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called\r\nwlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 120 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0\r\nwlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 120 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0\r\nwlan0: [38:0b:40:23:88:53] ieee80211_ht_node_cleanup: called\r\nwlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called\r\nwlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 203 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0\r\nwlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 203 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0\r\nwlan0: [38:0b:40:23:88:53] discard MPDU frame, BA win <7:38> (0 frames) rxseq 6 tid 0 (retransmit)\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 0 sta, 0 ht, 0 ht40, HT protmode now 0x0\r\nwlan0: [38:0b:40:23:88:53] ieee80211_ht_node_cleanup: called\r\nwlan0: [38:0b:40:23:88:53] ieee80211_ht_node_init: called\r\nwlan0: [38:0b:40:23:88:53] switch station to HT20 channel 2412\/0x10480\r\nwlan0: [04:f0:21:0c:2b:a6] HT bss occupancy change: 1 sta, 1 ht, 0 ht40, HT protmode now 0x2\r\nwlan0: [38:0b:40:23:88:53] recv ADDBA request: dialogtoken 26 baparamset 0x802 (tid 0 bufsiz 32) batimeout 0 baseqctl 0:0\r\nwlan0: [38:0b:40:23:88:53] send ADDBA response: dialogtoken 26 status 0 baparamset 0x802 (tid 0) batimeout 0x0 baseqctl 0x0\r\n<\/pre>\n
\r\nath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290\r\n\tether 04:f0:21:0c:2b:a6\r\n\tnd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>\r\n\tmedia: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>\r\n\tstatus: running\r\nwlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500\r\n\tether 04:f0:21:0c:2b:a6\r\n\tnd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>\r\n\tmedia: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <hostap>\r\n\tstatus: running\r\n\r\nOpen:\tssid BACHI.NET channel 1 (2412 MHz 11g ht\/40+) bssid 04:f0:21:0c:2b:a6\r\n\tcountry US ecm authmode OPEN privacy OFF txpower 27 scanvalid 60\r\n\tprotmode CTS ampdulimit 64k ampdudensity 8 shortgi wme burst\r\n\tdtimperiod 1 -dfs\r\n\r\nWPA US: ssid BACHI.NET channel 1 (2412 MHz 11g ht\/40+) bssid 04:f0:21:0c:2b:a6\r\n        country US ecm authmode WPA privacy MIXED deftxkey 2 TKIP 2:128-bit\r\n        txpower 27 scanvalid 60 protmode CTS ampdulimit 64k ampdudensity 8\r\n        shortgi wme burst dtimperiod 1 -dfs\r\n\r\nWPA CH: ssid BACHI.NET channel 1 (2412 MHz 11g ht\/40+) bssid 04:f0:21:0c:2b:a6\r\n        regdomain ETSI country CH ecm authmode WPA privacy MIXED deftxkey 3\r\n        TKIP 2:128-bit TKIP 3:128-bit txpower 30 scanvalid 60 protmode CTS\r\n        ampdulimit 64k ampdudensity 8 shortgi wme burst dtimperiod 1 -dfs\r\n<\/pre>\n
\r\n# ifconfig wlan0 list sta\r\nADDR               AID CHAN RATE RSSI IDLE  TXSEQ  RXSEQ CAPS FLAG   \r\nf8:01:13:05:ef:1f    1    1  21M 17.0    0     24  27152 EPS  AQEPHTR HTCAP WME WPA\r\n38:0b:40:23:88:53    2    1  43M 12.5    0      6  12336 EPS  AQEHTR  HTCAP WPA WME\r\n<\/pre>\n
\r\n# bsd-airtools\r\n# wicontrol\r\n<\/pre>\n
Multi-SSID<\/3><\/p>\n
FreeBSDAccessPoint<\/a>
\nFreeBSDOnEmbeddedDevice<\/a><\/p>\n
\r\n# Eudoroam internal wired and wireless\r\nifconfig_sis0="up"\r\ncreate_args_wlan0="wlanmode hostap mode 11g ssid eduroam.test up"\r\nifconfig_bridge0="addm wlan0 addm sis0 up"\r\nipv4_addrs_bridge0="192.168.42.1\/24 192.168.1.2\/24"\r\n\r\n# Wireless Leiden Hub\r\nifconfig_sis2="up"\r\ncreate_args_wlan1="wlanmode hostap bssid mode 11g ssid\r\nap-raam.snuit.wleiden.net up"\r\nifconfig_bridge1="addm wlan1 addm sis2 DHCP"\r\n\r\n# Authentication enabled on my personal access point (wlan0)\r\nhostapd_enable="YES"\r\n<\/pre>\n
\r\ninterface=wlan0\r\ndriver=bsd\r\n\r\nlogger_syslog=-1\r\nlogger_syslog_level=0\r\nlogger_stdout=-1\r\nlogger_stdout_level=2\r\ndump_file=\/tmp\/hostapd.dump\r\nctrl_interface=\/var\/run\/hostapd\r\nctrl_interface_group=0\r\n\r\nmacaddr_acl=0\r\nauth_algs=1\r\n\r\nwpa=1\r\nwpa_passphrase=FooBarPass\r\nwpa_key_mgmt=WPA-PSK\r\nwpa_pairwise=CCMP TKIP\r\nEOF\r\n<\/pre>\n
multi vap Multi-SSID with ath on FreeBSD 10-current<\/a>
\nmultiple ssid’s over a single physical wireless interface<\/a>
\nTrouble setting up multi SSID and 802.1X<\/a>
\nMultiple SSIDs with hostapd<\/a> (Linux)<\/p>\n
\r\n$ ifconfig wlan0 create wlandev ath0 wlanmode monitor\r\n$ ifconfig wlan0 channel 6\r\n$ ifconfig wlan0 up\r\n$ tcpdump -ni wlan0 -y IEEE802_11_RADIO\r\n$ tcpdump -ni wlan0 -y IEEE802_11_RADIO -s0 -l -v -w output.pcap\r\n<\/pre>\n
WPA-EAP<\/h3>\n
FreeBSD + Freeradius2 + EAP-TLS + ssl-admin, a WPA2 Enterprise Guide<\/a>
\nWPA2 Enterprise using DD-WRT and FreeBSD<\/a>
\nhostapd: IEEE 802.11 AP, IEEE 802.1X\/WPA\/WPA2\/EAP\/RADIUS Authenticator<\/a>
\nWpa\/WPA2-Radius+EAP-TLS\/EAP-PEAP<\/a>
\nSetting up WLAN network with EAP-TLS using only PC hardware and free software<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
FreeBSD Handbook: 30.3. Wireless Networking FreeBSD Handbuch: 32.3. Drahtlose Netzwerke FreeBSD 10.0-RELEASE Hardware Notes Quick Wireless Setup On FreeBSD Howto create a FreeBSD wireless router\/access point How To Set Up A FreeBSD Wireless Access Point My home firewall router with FreeBSD\u2014A year retrospective Building my own wireless point hostapd hostapd(8) – authenticator for IEEE 802.11 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2727","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/2727","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2727"}],"version-history":[{"count":21,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/2727\/revisions"}],"predecessor-version":[{"id":3104,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/2727\/revisions\/3104"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2727"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2727"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2727"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}