Please advice how to setup WPA Wifi Security with Experimental Firmware

Where I can get nas binary for Experimenttal Firmware and how to make the Startup files

And I have another questions about siproxd

siproxd package : I able to install siproxd ver. 0.5.11 package with depend package libosip2 ver 2.0.9-1, and it work fine with inphonex VOIP service, but when I use another VOIP services such FWD, Fonosip, ... it didn't work fine, with some VOIP device it was busy signal, some it was able to call but now voice stream ...

I have try the new libosip2 ver 2.2.0 from http://openwrt.alphacore.net/experimental/ but siproxd ver 0.5.11 from openwrt download area seem to didn't work with this one

Can you please update the siproxd 0.5.11 with new libosip2 package ver 2.2.0

Thank you
TuanND from VIETNAM

HOWTO setup Wi-Fi Protected Access (WPA) with experimental firmware

After I had problems myself setting up WPA I decided to share my experience with it, in writing down this little HOWTO. I hope this helps a bit.

This was tested on a WRT54GS v1.0 together with an Asus WL500G Deluxe router. Please also read the OpenWrtFaq at [1] and [2].

1. Requirements
- Experimental jffs2 Firmware image (2005.05.25) from [3]. It may also work with squashfs but simpliest is jffs2 because it creates a writable partition on the flash.
- download the nas, S41wpa and hotplug files from [4]. Tip: Use wget on the router to download or transfer the files via scp.
- you must have a working WDS connection (bridged to br0) between the routers without any encryption (disable WEP)

2. Set nvram variables
Set the following nvram variables:

nvram set wl0_auth_mode=psk
nvram set wl0_mode=ap
nvram set wl0_wpa_psk=<key-passpharse>
nvram set wl0_wpa_gtk_rekey=3600
nvram set wl0_ssid=<your ssid>
nvram set wl0_wep=disabled
nvram set wl0_crypto=aes

nvram commit
reboot

Note: wl0_wpa_psk must be a ASCII string >8 and <63 chars, also don't forget to set the lan_ifname / lan_ifnames if not already done. wl0_crypto is working with aes and tkip but I _never_ get it working with aes+tkip combination.

Examples for lan_ifname and lan_ifnames (remember the interfaces may be different on your hardware):

nvram set lan_ifname=br0
nvram set lan_ifnames="vlan0 eth1"

nvram commit
reboot

3. Files
copy the following downloaded files, make links and make them executable as shown below
- cp S41wpa /etc/init.d/S41wpa ; chmod a+x /etc/init.d/S41wpa
- cp nas /usr/sbin/nas ; chmod a+x /usr/sbin/nas
- cd /usr/sbin ; ln -s nas nas4not
- cp hotplug /sbin/hotplug

4. Fire up WPA/nas
Start nas with /etc/init.d/S41wpa or just reboot. ps ax | grep nas should show a nas process up and runnung.
It takes a few secends to exchange the keys. When its up the routers should be pingable again from both sites.

You need to setup nas with this HOWTO on both routers.

That's it.

Links:
[1] http://openwrt.org/OpenWrtFaq#head-874e … c6b52993e2
[2] http://www.bingner.com/openwrt/wpa.html
[3] http://downloads.openwrt.org/experimental/
[4] http://www.bingner.com/openwrt/

(Last edited by olli_04 on 14 Jun 2005, 07:26)

Hi all,
I'm pretty new to Linux and OpenWRT, so hopefully this isn't too much of a newbie question.

Anyways, I've been fighting to get wireless to work properly on my WRT54G v2.2. What I want is 54Mbps wireless running WPA PSK. This is the nvram variables that I have set:

wl0_auth_mode=psk
wl0_mode=ap
wl0_radius_key=preshared_key
wl0_ssid MySSID
wl0_wep=tkip

(I used nvram set <variable_name>=<value> to set those variables)

Then, I called up nas manually:

nas -P /tmp/nas.lan.pid -l br0 -H 34954 -i eth1 -A -m 2 -k <preshared_key> -s MySSID -w 2 -g 3600

in the console. The effect was that I was never returned to the prompt - presumably because it's supposed to run in the background?

However, I now have a WPA network with the correct SSID. What is wrong is that

iwconfig eth1

returns rate of 11Mbps. Also, Windows WZC refuses to associate with the AP. Windows complains that it needs a certificate to authenticate me, and in the wireless settings, 802.1x is checked and greyed out, even though I did not check it when I first configured it.

I'd be really grateful if anyone can help me out with this. Thanks!

(Last edited by kltye on 30 Jun 2005, 03:38)

I was in your position a few days ago, but finally got it working. Here is what worked for me. You didn't say what build of OpenWRT you are using, but let me recommend White Russian Rc1 anyway.

I can see a couple of problems here. You want wl0_wep=disabled and unset wl0_radius_key. Then look at the nvram variables in the link above.

HTH, keep at it, you'll get it.

Ok. When I have some time on the weekand I'll update my HowTo for the Whiterussian RC1 release.

I'll also try to put some screenshots from WINXP Pro in the HowTo.

Yay, I got it working I think I was using a different version of nas which seemed to have -m 4 as radius or something, or maybe it's the wl0_wep nvram setting. Anyways, how about my 11Mbps problem? The rate clients will connect to it is 11Mbps, and iwconfig eth1 also shows 11Mbps. I tried iwconfig eth1 rate 54, or iwconfig eth1 rate 5 (I read somewhere that is uses some numbering scheme for the TX/RX rate).

But meanwhile, a big thank you to everyone who helped

Oh yes, and I am using whiterussian RC1.

Hi kltye,

I just did exactly what you're trying to do yesterday.  Since the wireless drivers in the openwrt kernel and the nas binary (with the S41wpa script) use the existing nvram variables, I had no problems because I had it working with the Linksys firmware.

A good way to find out what the nvram variables are is to install the "HyperWRT" firmware, which is basically the stock firmware with some extra features like a *telnet daemon*.  You can configure the settings you want in HyperWRT, log in via telnet and dump the contents of nvram with "nvram show" and just capture the text with your telnet client.  You can then install OpenWRT (and the nas binary with the S41wpa script), and it will use the settings you had working in HyperWRT.

It's an easy way of getting it to work how you want it by setting it in a GUI, and then reverse-engineering what those settings mean.

Cheers,

Kaldek

A good suggestion, except that it took my 2 days to set up my OpenVPN server on it (with some funky configuration), along with other settings and customizations I did with it. The biggest headache I have now is to enable 54Mbps on it, and stabilize the signal quality coming from it. I just ran netstumbler and found that the signal quality fluctuates like crazy. Of course, since I intend this to be an OpenVPN server first and a wireless AP second, it may not be that big of an issue. Also, the problem is OT since I have WPA working now

Thanks!

I had the same problem....

nvram set wl0_gmode=1
nvram commit
reboot

worked fine for me.

If would be really nice, if you would add your documentation to our wiki.

thx