Show Posts
1
Hardware and Performance / OPNsense WiFi FAQ, Guide & Quick Config
« on: January 16, 2018, 12:29:20 pm »
Decided to create this post based on my (awesome!) experiences with OPNsense 16.x to 18.x so far...and (not so awesome) WiFi support in the latest FreeBSD RELEASE (currently 11.1-RELEASE in OPNsense 18.1.x).
Overview:
Firstly, if you haven't yet, gather info to determine if your hardware is supported by OPNsense. First stops are the the Hardware and Performance forum board and (of course) the OPNsense User Manual.
You can always confirm your FreeBSD and OPNsense version in Lobby > Dashboard and System > Firmware > Updates, as it will depend on the exact OPNsense 18.x (currently, or later) release you have installed.
Also, OPNsense hardware support also depends on at least two things from FreeBSD: the FreeBSD kernel it's based on and the corresponding Hardware Notes for that FreeBSD RELEASE. Both can be found at the FreeBSD Release Notes page. Experienced users may wish to proceed directly to the FreeBSD 11.1-RELEASE Hardware Notes (WLAN Section) related to OPNsense 18.x.
Important! - FreeBSD WiFi Caveats:
Certain WiFi drivers only support "station mode" with certain hardware i.e. as a wireless client (PC)connecting to an existing router/AP - e.g. this Intel Dual Band Wireless AC-3160 on OPNsense 18.x.
On a related note, the FreeBSD kernel (up to 11.1-RELEASE) unlike Linux, does not yet have complete support for 802.11ac, so ANY supported WiFi Interfaces will be limited to 802.11n. Note that depending on your hardware and config, you may only be able to select either the 2.4GHz ("802.11ng") or the 5GHz ("802.11na") bands, but not both simultaneously.
Additionally, (IMHO) the best supported FreeBSD AP hardware running "hostap mode" (i.e. as WiFi routers, Access Points, etc.) use the "ath(4)" driver and Atheros ARxxxx hardware.. However, you will likely have to set "Standard = 802.11na" (5GHz mode) and Channel = "na - 1xx" (5GHz) along with WPA2/AES under Interfaces to obtain optimum speed.
Some USB adapters under FreeBSD/OPNsense *do* work in "hostap mode", but also tend to be limited to 802.11b/g/a (or any supported combination thereof) - even though the hardware and/or FreeBSD driver may support higher speeds and capabilities.
Taken together, these limitations are why the defacto standard (popular choice?) is to pair an external WiFi router or AP with FreeBSD/OPNsense firewalls.
OPNsense WiFi Quick Config Guide:
Troubleshooting:
NOTE: You can also search for your FreeBSD WiFi driver name e.g. ath, ral, run... under System > Log File to give you more diagnostic info on exactly what is happening with the specific driver(s) behind the scenes.
Additionally, here are some additional links and steps I took (including FreeBSD commands in an SSH session) to troubleshoot USB/WiFi issues I encountered while trying to get partially supported AEx000 Linksys USB adapters working with OPNsense.
Overview:
Firstly, if you haven't yet, gather info to determine if your hardware is supported by OPNsense. First stops are the the Hardware and Performance forum board and (of course) the OPNsense User Manual.
You can always confirm your FreeBSD and OPNsense version in Lobby > Dashboard and System > Firmware > Updates, as it will depend on the exact OPNsense 18.x (currently, or later) release you have installed.
Also, OPNsense hardware support also depends on at least two things from FreeBSD: the FreeBSD kernel it's based on and the corresponding Hardware Notes for that FreeBSD RELEASE. Both can be found at the FreeBSD Release Notes page. Experienced users may wish to proceed directly to the FreeBSD 11.1-RELEASE Hardware Notes (WLAN Section) related to OPNsense 18.x.
Important! - FreeBSD WiFi Caveats:
Certain WiFi drivers only support "station mode" with certain hardware i.e. as a wireless client (PC)connecting to an existing router/AP - e.g. this Intel Dual Band Wireless AC-3160 on OPNsense 18.x.
On a related note, the FreeBSD kernel (up to 11.1-RELEASE) unlike Linux, does not yet have complete support for 802.11ac, so ANY supported WiFi Interfaces will be limited to 802.11n. Note that depending on your hardware and config, you may only be able to select either the 2.4GHz ("802.11ng") or the 5GHz ("802.11na") bands, but not both simultaneously.
Additionally, (IMHO) the best supported FreeBSD AP hardware running "hostap mode" (i.e. as WiFi routers, Access Points, etc.) use the "ath(4)" driver and Atheros ARxxxx hardware.. However, you will likely have to set "Standard = 802.11na" (5GHz mode) and Channel = "na - 1xx" (5GHz) along with WPA2/AES under Interfaces to obtain optimum speed.
Some USB adapters under FreeBSD/OPNsense *do* work in "hostap mode", but also tend to be limited to 802.11b/g/a (or any supported combination thereof) - even though the hardware and/or FreeBSD driver may support higher speeds and capabilities.
Taken together, these limitations are why the defacto standard (popular choice?) is to pair an external WiFi router or AP with FreeBSD/OPNsense firewalls.
OPNsense WiFi Quick Config Guide:
- Start with Interfaces > Wireless > Devices to see what hardware has been recognized successfully by the system.
- Next, either Add or Assign interfaces under Interfaces > Assignment to map a wireless device to a new or existing Interface created there.
Interfaces > [INT#] should be configured with any additional settings like Enable Interface, SSID, Minimum Standard and WPA Pre-Shared Key (in addition to the recommendations above) to configure appropriate speeds, channels, etc. - You may also need to create a Bridge to the [LAN] interface, configure DHCP, or create/modify the Firewall as additional (optional) steps. For more info, see the OPNsense User Manual.
- Lastly, you should be able to see the results in Lobby > Dashboard and Interfaces > Overview.
Troubleshooting:
NOTE: You can also search for your FreeBSD WiFi driver name e.g. ath, ral, run... under System > Log File to give you more diagnostic info on exactly what is happening with the specific driver(s) behind the scenes.
Additionally, here are some additional links and steps I took (including FreeBSD commands in an SSH session) to troubleshoot USB/WiFi issues I encountered while trying to get partially supported AEx000 Linksys USB adapters working with OPNsense.