OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: nospam on September 12, 2018, 06:25:07 pm

Title: Help with WIFi errors
Post by: nospam on September 12, 2018, 06:25:07 pm

I was able to successfully configure a USB WiFi adapter to run a guest network with Captive Portal using no wireless authentication eg. no WEP or WPA

I'm trying to use either WEP or WPA or WPA2 with a shared password, however, I m unable to connect because I keep getting "incorrect password for network" error on the device and my wireless logfile shows:

Sep 12 12:17:44   hostapd: run0_wlan1: WPA rekeying GTK
Sep 12 12:17:44   hostapd: run0_wlan1: WPA GMK rekeyd
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx IEEE 802.1X: unauthorizing port
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx WPA: event 2 notification
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx IEEE 802.11: disassociated
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx MLME: MLME-DELETEKEYS.request(xx:xx:xx:xx:xx:xx)
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx MLME: MLME-DEAUTHENTICATE.indication(xx:xx:xx:xx:xx:xx, 2)
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx IEEE 802.1X: unauthorizing port
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx WPA: event 3 notification
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx WPA: PTKSTART: Retry limit 4 reached
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx WPA: EAPOL-Key timeout
Sep 12 12:17:43   hostapd: run0_wlan1: STA xx:xx:xx:xx:xx:xx WPA: Not in PTKINITDONE; skip Group Key update
Sep 12 12:17:43   hostapd: run0_wlan1: WPA rekeying GTK

Can anyone offer any insight as to why opnsense is rejecting the shared key?

Title: Re: Help with WIFi errors
Post by: bartjsmit on September 12, 2018, 07:08:44 pm

Kudos for getting this far  8)

FreeBSD, the underlying OS for OPNsense has notoriously poor support for WiFi adapters. Most drivers only allow client mode, without AP support.

Your best bet is to deploy a separate WiFi access point which is more secure and able to offer more features. Ubiquiti kit is great for this purpose.

Bart...

Title: Re: Help with WIFi errors
Post by: nospam on September 12, 2018, 08:18:11 pm

Seems to me a config problem with pfsense GUI. 

Title: Re: Help with WIFi errors
Post by: shtech on September 12, 2018, 09:15:13 pm

i agree with bart. Initially i added a wifi card to my box and it would constantly drop signal (or atleast our phones were dropping signal). I gave up after a day of troubleshooting and threw in an AP, created a VLAN, and haven't looked back.

Title: Re: Help with WIFi errors
Post by: nospam on September 12, 2018, 11:06:12 pm

I already have one external AP running I was hoping to use the USB WiFi for guest mode only to make keeping the wifi networks separate easier with less energy waste of running yet another AP and wall wart combo