I realise this topic has appeared here several times, but please forgive me raising it again, as I can't find a definitive answer.
I am using OpenWrt r33030 on TP Link WR703N devices with batman-adv 2012.3.0 for mesh connectivity.
Wireless is the r33030 default ath9k and kmod-mac80211 - 3.3.8+2012-07-16-1
Everything works fine with no encryption on the adhoc interface.
I want to look into using encryption on the mesh interface so that traffic on the mesh is not travelling in the clear.
I am not looking for iron clad security here, more just something to prevent casual snooping.
From reading the OpenWrt documentation, it appears that all that is required to add encryption to the interface is to add the encryption option and key to the adhoc interface definition in "/etc/config/wireless". However it is obviously not that simple.
When I do this, the iwinfo "iwinfo wlan0-1 assoclist" and "... info" commands (see below) show that encryption is active and that the two devices are associated and can see each other, but batctl reports no nodes in range, so clearly that are not actually connected.
I have searched this and other forums, and while there are a lot of similar queries and some indication of success, there doesn't seem to be a definitive recipe to make it work. A lot of discussion also seems to relate to madwifi use rather than mac80211.
Adding the encryption option to the adhoc interface definition in "/etc/config/wireless" results in a "/var/run/wpa_supplicant-wlan0-1.conf" file something like that shown below. Adding various parameters to the interface definition as per forum suggestions results in the parameters appearing in this file, but alas to no good effect.
Can anyone throw any light on this please?
Have I missed some basic documentation that describes how this is meant to work?
Thanks in advance.
config wifi-iface 'ah_0'
option device 'radio0'
option network 'mesh_0'
option encryption 'none'
option bssid '02:CA:FF:EE:BA:BE'
option mode 'adhoc'
option ssid 'mymeshssid'
option disabled '0'
option encryption 'psk'
option key_mgmt 'WPA-NONE'
option proto 'WPA'
option pairwise 'NONE'
option group 'TKIP'
option key 'mypassword'
root@TP-43:~# batctl o
[B.A.T.M.A.N. adv 2012.3.0, MainIF/MAC: wlan0-1/5e:63:bf:d8:eb:0d (bat0)]
Originator last-seen (#/255) Nexthop [outgoingIF]: Potential nexthops ...
No batman nodes in range ...
root@TP-43:~# iwinfo wlan0-1 assoclist
16:E6:E4:E7:6D:53 -35 dBm / -88 dBm (SNR 53) 0 ms ago
RX: 1.0 MBit/s, MCS 0, 20MHz 1038 Pkts.
TX: 1.0 MBit/s, MCS 0, 20MHz 1 Pkts.
root@TP-43:~# iwinfo wlan0-1 info
wlan0-1 ESSID: "mymeshssid"
Access Point: 02:CA:FF:EE:BA:BE
Mode: Ad-Hoc Channel: 1 (2.412 GHz)
Tx-Power: 17 dBm Link Quality: 70/70
Signal: -35 dBm Noise: -88 dBm
Bit Rate: 1.0 MBit/s
Encryption: WPA2 PSK (CCMP)
Type: nl80211 HW Mode(s): 802.11bgn
Hardware: unknown [Generic MAC80211]
TX power offset: unknown
Frequency offset: unknown
Supports VAPs: yes
wlan0-1 IEEE 802.11bgn ESSID:"mymeshssid"
Mode:Ad-Hoc Frequency:2.412 GHz Cell: 02:CA:FF:EE:BA:BE
RTS thr:off Fragment thr:off
wlan0 IEEE 802.11bgn Mode:Master Tx-Power=17 dBm
RTS thr:off Fragment thr:off