LinksysWrt54g

TableOfContents

back to http://scratchpad.wikia.com/wiki/Sasecurity

Linksys AP
{{{

=
== CONNECT Linksys Access Point to MESH: Attaching a standard AP to the ethernet port of a repeater node is a really good way to offer a local channel for wireless users. Use the "wired captiveportal" option to enable authentication over it and make sure to use a different channel/essid to your mesh. The AP needs to be operating in standard transparent bridging mode which is normally the default. This wont work on a gateway node though and if the "wired captive portal" option is enabled on a gateway it is likely to try and authenticate the upstream router resulting in no traffic being allowed to flow.

=
=

>I'm experimenting with locustworld meshbox and wrt54g with sveasoft >firmware loaded. > >I'm wondering, is it possible to connect use a wrt54g as a client >device connected to a meshbox network? > >I'd like the wrt54g to kind of act as a repeater, so that clients in >a house can use laptops etc, connected back to the wrt54g, which in >turn connectes in to the Locustworld mesh network? > >Does anybody know if this is possible? >

The way I do this is to have two devices back to back - an AP Client device (WAP-11A, CB3 etc) which connects via wireless signal and passes it out through the ethernet port, and then plug a standard AP into the ethernet port, which takes the ethernet feed and acts as a standard AP on a different channel.

Consider the connection as an RJ45 broadband presentation, and then you are simply looking at how to provide a local Wifi connection, the same as you would do to share out an ADSL connection.

>>>I'm experimenting with locustworld meshbox and wrt54g with sveasoft >>>firmware loaded. >>> >>>I'm wondering, is it possible to connect use a wrt54g as a client >>>device connected to a meshbox network? >>> >>>I'd like the wrt54g to kind of act as a repeater, so that clients >>>in a house can use laptops etc, connected back to the wrt54g, >>>which in turn connectes in to the Locustworld mesh network? >>> >>>Does anybody know if this is possible? >>> >>

>>The way I do this is to have two devices back to back - an AP >>Client device (WAP-11A, CB3 etc) which connects via wireless signal >>and passes it out through the ethernet port, and then plug a >>standard AP into the ethernet port, which takes the ethernet feed >>and acts as a standard AP on a different channel. >> >>Consider the connection as an RJ45 broadband presentation, and then >>you are simply looking at how to provide a local Wifi connection, >>the same as you would do to share out an ADSL connection. >>

>In this case, if one user logs in from the AP logs in on the >network, aren't the other users from that AP authenticated >automatically because the meshbox only sees one client connecting?

No, because the MAC addresses of the client devices are transparently passed through. The meshbox therefore sees all the MAC addresses of the client machines, and can therefore authenticate as normal.

=
==== }}}

WAP11
Linksys wap11, ESSID on mesh We use WAP11s for clients that need a wireless network. First tip: use the web interface not the crappy software that comes with it. Default IP of the device is 192.168.1.1.I usually set the first WAP11 up in APClient mode, default static IP, channel to whatever your Mesh uses and ESSID to your Mesh ESSID. Then we link with an RJ45 cable to the second WAP11 in AP mode, default static IP, different channel and ESSID. This is what clients connect to (typically using PheeNet WAP503 or Netgear MA111 USB adapters).I've never been able to get a WAP11 to obtain an IP address via DHCP from a Meshbox DHCP so I don't use it. Set up as described above, the WAP11s will happily pass DHCP to network clients. If you do a sigspy on a Mesh node you'll see the MAC IDs of the clients. I have several client networks working this way. Answ:

We are having some on-going problems getting the Pheenet WAP-011A access point to connect to anything in Client mode.This has included, so far, attempts to connect to a D-Link DI-624 Wireless AP/Router and even another Pheenet WAP-011A in AP mode !! We are due to set a bunch of these up with some MESH boxes being delivered next week. Has anybody any knowledge of these boxes, tips etc. they can pass on that might help ??

Linksys Firmware
Linksys firmware

I'm experimenting with locustworld meshbox and wrt54g with sveasoft >firmware loaded.I'm wondering, is it possible to connect use a wrt54g as a client >device connected to a meshbox network? >I'd like the wrt54g to kind of act as a  repeater, so that clients in a house can use laptops etc, connected back to the wrt54g, which in turn connectes in to the Locustworld mesh network?

The way I do this is to have two devices back to back - an AP Client device (WAP-11A, CB3 etc) which connects via wireless signal and passes it out through the ethernet port, and then plug a standard AP into the ethernet port, which takes the ethernet feed and acts as a standard AP on a different channel.

Consider the connection as an RJ45 broadband presentation, and then you are simply looking at how to provide a local Wifi connection, the same as you would do to share out an ADSL connection.

Wds and Linksys
{{{ - there is no routing between the Linksys and the lwbox, only bridging. check both bridge tables before and after rebooting the linksys. (man brctrl or brctl...don't remember)

Suggestion:

The linksys may only be accepting passive wds links while the lw box actively looks to connect through wds So when you boot the Linksys does nothing, while when you boot the lw it goes out and looks for friends and the Linksys passively accepts a request.. You must enable active wds negotiation for the Linksys or just add the mac address of the LW box to the Linksys' list of wds friends.

>I am currently connecting with WDS only as far as I know. I am not using >tunneling just my ssid, wep and wds. Let me elaborate some, I have a LW node >that is giving out 192.168.170.x as its local ip range. The wiana ip address >is 1.251.125.53 and it is running on 25dev85. The wrt54g is running Alchemy >pre 5.3 and the router address is 192.168.170.2 with it's dhcp turn off. I >have set the WDS settings on the wrt54g to link with the LW node and the >link work fine and anybody connecting to the wrt54g will hit the LW node's >dhcp and get an address. This also register the clients MAC on the LW node >fulfilling all the requirements for bandthwith control and authentication. >The issue arrases when the wrt54g reboots, it can't reconnect with the LW >node. This problem seems to be with the LW node at this point. I can leave >the wrt54g running and reboot the LW node all day without issue and the WDS >link is automatically recreated, but when rebooting the wrt54g something >seems to stick in the LW node. I have watched all the files I know to watch >"AP and WDS in the proc/net/hostap/wlan0 directory" and it looks like they >are functioning correctly but not connection after the original link unless >you reboot the LW node. I will include all info requested below and anything >else I can think of and thanks for the replies. I hope if this works so I >can have a "mesh lite" unit for small clusters of users with out the high >price of a regular node. The wrt54g use a 200 mhz processor with a broadcom >G wireless card. The mesh lite outdoor unit should run about 125 dollars >ready to install and acts as an AP thus increasing your coverage area, this >is my motivation. :O) > >1.251.125.53@meshbox:~# netstat -a >Active Internet connections (servers and established) >Proto Recv-Q Send-Q Local Address          Foreign Address         State >tcp        0      0 *:5280                  *:*                     LISTEN >tcp        0      0 *:51010                 *:*                     LISTEN >tcp        0      0 *:10085                 *:*                     LISTEN >tcp        0      0 *:domain                *:*                     LISTEN >tcp        0      0 *:ssh                   *:*                     LISTEN >tcp        0      0 *:pptp                  *:*                     LISTEN >tcp        0     76 192.168.1.101:ssh       192.168.1.100:3639 >ESTABLISHED >udp        0      0 1.251.125.53:654        *:* >udp        0      0 *:domain                *:* >udp        0      0 *:bootps                *:* >raw        0      0 *:icmp                  *:*                     7 >raw       0      0 1.251.125.53:255        *:*                     7 >Active UNIX domain sockets (servers and established) >Proto RefCnt Flags      Type       State         I-Node Path >unix 9      [ ]         DGRAM                    391    /dev/log >unix 2      [ ]         DGRAM                    43380 >unix 2      [ ]         DGRAM                    13990 >unix 2      [ ]         DGRAM                    3200 >unix 2      [ ]         DGRAM                    2837 >unix 2      [ ]         DGRAM                    1358 >unix 3      [ ]         STREAM     CONNECTED     1067 >unix 3      [ ]         STREAM     CONNECTED     1066 >unix 2      [ ]         DGRAM                    1064 >unix 2      [ ]         DGRAM                    322 >1.251.125.53@meshbox:~# > > >1.251.125.53@meshbox:~# ifconfig >br0      Link encap:Ethernet  HWaddr 00:09:5B:74:01:B7 >         inet addr:1.251.125.53  Bcast:1.255.255.255  Mask:255.0.0.0 >         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 >         RX packets:3653 errors:0 dropped:0 overruns:0 frame:0 >         TX packets:6548 errors:0 dropped:0 overruns:0 carrier:0 >         collisions:0 txqueuelen:0 >         RX bytes:239808 (234.1 Kb)  TX bytes:1070408 (1.0 Mb) > >br0:1    Link encap:Ethernet  HWaddr 00:09:5B:74:01:B7 >         inet addr:192.168.170.1  Bcast:192.168.170.255 Mask:255.255.255.0 >         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 > >eth0     Link encap:Ethernet  HWaddr 00:00:24:C1:FF:94 >         inet addr:192.168.1.101  Bcast:192.168.1.255 Mask:255.255.255.0 >         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 >         RX packets:10340 errors:0 dropped:0 overruns:0 frame:0 >         TX packets:16940 errors:2 dropped:0 overruns:2 carrier:2 >         collisions:0 txqueuelen:100 >         RX bytes:3955816 (3.7 Mb)  TX bytes:3484378 (3.3 Mb) >         Interrupt:11 Base address:0x5000 > >lo       Link encap:Local Loopback >         inet addr:127.0.0.1  Mask:255.0.0.0 >         UP LOOPBACK RUNNING  MTU:16436  Metric:1 >         RX packets:786 errors:0 dropped:0 overruns:0 frame:0 >         TX packets:786 errors:0 dropped:0 overruns:0 carrier:0 >         collisions:0 txqueuelen:0 >         RX bytes:65736 (64.1 Kb)  TX bytes:65736 (64.1 Kb) > >wlan0    Link encap:Ethernet  HWaddr 00:09:5B:74:01:B7 >         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 >         RX packets:0 errors:0 dropped:2741 overruns:0 frame:0 >         TX packets:5432 errors:0 dropped:0 overruns:0 carrier:0 >         collisions:0 txqueuelen:100 >         RX bytes:0 (0.0 b)  TX bytes:543402 (530.6 Kb) >         Interrupt:10 Memory:c4833000-c4834000 > >wlan0wds0 Link encap:Ethernet HWaddr 00:09:5B:74:01:B7 >         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 >         RX packets:3719 errors:0 dropped:518 overruns:0 frame:0 >         TX packets:6499 errors:0 dropped:0 overruns:0 carrier:0 >         collisions:0 txqueuelen:100 >         RX bytes:294910 (287.9 Kb)  TX bytes:1353386 (1.2 Mb) >         Interrupt:10 Memory:c4833000-c4834000 > > > >PING 192.168.170.2 (192.168.170.2): 56 data bytes >64 bytes from 192.168.170.2: icmp_seq=0 ttl=64 time=8.660 ms >64 bytes from 192.168.170.2: icmp_seq=1 ttl=64 time=4.034 ms >64 bytes from 192.168.170.2: icmp_seq=2 ttl=64 time=4.192 ms >--- 192.168.170.2 ping statistics --- >3 packets transmitted, 3 packets received, 0% packet loss >round-trip min/avg/max/stddev = 4.034/5.629/8.660/2.144 ms > > >1.251.125.53@meshbox:~# netstat -rn >Kernel IP routing table >Destination    Gateway         Genmask         Flags   MSS Window irtt >Iface >1.251.125.53   1.251.125.53    255.255.255.255 UGH      40 0 0 br0 >192.168.1.0    0.0.0.0         255.255.255.0   U        40 0 0 >eth0 >192.168.170.0  0.0.0.0         255.255.255.0   U        40 0 0 br0 >1.0.0.0        0.0.0.0         255.0.0.0       U        40 0 0 br0 >1.0.0.0        0.0.0.0         255.0.0.0       U        40 0 0 br0 >10.0.0.0       0.0.0.0         255.0.0.0       U        40 0 0 br0 >127.0.0.0      0.0.0.0         255.0.0.0       U        40 0 0 lo >224.0.0.0      0.0.0.0         240.0.0.0       U        40 0 0 br0 >0.0.0.0        192.168.1.1     0.0.0.0         UG       40 0 0 >eth0 >1.251.125.53@meshbox:~# >1.251.125.53@meshbox:~#

the problem is not in the routing, as there are no routes between the two nodes, just bridges. To see what goes wrong you should do this: make sure both nodes work get a listing of the bridges on both units (brctl -a or -l or check the man page)reboot the linksys See how the bridgetables look look now. It may well be something like a negotiation issue where the Linksys does not actively negotiate a wds connection unless you enter the mac address of the LW box, while the LW box does actively negotiate wds and finds the Linksys passively accepting every time it boots.

found solution for WDS problem but need help on a script
I have found the problem / solution. It seem that when the 54G router restarts it fails to trigger something on the LW side to rejoin. So I did a little snooping around in the mysterious HJ folder and I ran across the wscan script. This kicks of a scan to rejoin between AP's. This rejoins the LW node to the 54G AP and everything is happy again. Now for the help from some of you script guru's. I need an example of a script that will ping an IP address and if it fails then an action is taken. I would set the crontab to kick of this scrip every 5 minutes or so and if it didn't see the 54G ip address it would then call the wscan script in the HJ directory. Can anybody point me in the right direction or send me an example? I must say I love how flexible Linux is :) Now all this is preliminary, I don't know how wscan will effect the node when you have other LW nodes connected and you run wscan, that is tonight's pot of coffee.

> I have watched the LW node after rebooting the 54G router and this is what I > am getting from "dmesg" > > 1.251.125.53@meshbox:~# dmesg > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > handle_ap_item - addr3(BSSID)=00:0f:66:ba:5e:64 not own MAC > 1.251.125.53@meshbox:~# > > The 5e:64 MAC is the 54G router. I can reboot only the LW node and > everything works after that :O( So it looks like something is getting stuck > in LW but I am not sure what.

> > Sorry if you received a msg a few times...something was wrong with my > > computer. If you didn't receive it, > > here's a short recap: > > > > - there is no routing between the Linksys and the lwbox, only bridging. > > check both bridge tables before and after rebooting > > the linksys. (man brctrl or brctl...don't remember) > > > > Suggestion: > > > > The linksys may only be accepting passive wds links while the lw box > > actively looks to connect through wds So when you boot the Linksys does > > nothing, while when you boot the lw it goes out and looks for friends > > and the Linksys passively accepts a request.. You must enable active wds > > negotiation for the Linksys or just add the mac address of the LW box to > > the Linksys' list of wds friends.

> > >I am currently connecting with WDS only as far as I know. I am not using > > >tunneling just my ssid, wep and wds. Let me elaborate some, I have a LW > node > > >that is giving out 192.168.170.x as its local ip range. The wiana ip > address > > >is 1.251.125.53 and it is running on 25dev85. The wrt54g is running > Alchemy > > >pre 5.3 and the router address is 192.168.170.2 with it's dhcp turn off. > I > > >have set the WDS settings on the wrt54g to link with the LW node and the > > >link work fine and anybody connecting to the wrt54g will hit the LW > node's > > >dhcp and get an address. This also register the clients MAC on the LW > node > > >fulfilling all the requirements for bandthwith control and > authentication. > > >The issue arrases when the wrt54g reboots, it can't reconnect with the LW > > >node. This problem seems to be with the LW node at this point. I can > leave > > >the wrt54g running and reboot the LW node all day without issue and the > WDS > > >link is automatically recreated, but when rebooting the wrt54g something > > >seems to stick in the LW node. I have watched all the files I know to > watch > > >"AP and WDS in the proc/net/hostap/wlan0 directory" and it looks like > they > > >are functioning correctly but not connection after the original link > unless > > >you reboot the LW node. I will include all info requested below and > anything > > >else I can think of and thanks for the replies. I hope if this works so I > > >can have a "mesh lite" unit for small clusters of users with out the high > > >price of a regular node. The wrt54g use a 200 mhz processor with a > broadcom > > >G wireless card. The mesh lite outdoor unit should run about 125 dollars > > >ready to install and acts as an AP thus increasing your coverage area, > this > > >is my motivation. :O) }}}