OpenWrt Forum Archive

Topic: Using wpad-mesh with AP and Mesh interfaces

The content of this topic has been archived on 5 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
bmoffitt
7 Mar 2018, 23:37

Folks-

I'm trying to set up an authenticated (or even encrypted) mesh using 802.11s. I have done the authenticated mesh with AuthSAE in the past, but, since AuthSAE is deprecated, I wanted to use wpad-mesh instead.

Note: I am using Ubiquiti PicoStation/Bullet hardware.

I built LEDE 17.01.4 with wpad-mesh and hostapd-common. I set up two VAPs (one AP, one mesh) and tested. With no authentication or encryption (no wireless. mesh.key), it works fine. As soon as I add a wireless.mesh.key, the WiFi turns off and I get the following message (many, many times):

Wed Mar  7 21:53:36 2018 daemon.notice hostapd: handle_probe_req: send failed

/etc/config/network:

config interface loopback
    option ifname    lo
    option proto    static
    option ipaddr    127.0.0.1
    option netmask    255.0.0.0

config interface lan
    option ifname    'eth0'
    option type     bridge
    option proto    dhcp
    option ipaddr    172.24.47.47
    option netmask    255.255.255.0
    option hostname 'Test_unit'
    option ip6assign 60

config globals globals
        option ula_prefix auto

(I had previously had it configured with a static address)
/etc/config/wireless:

config wifi-device 'radio0'
    option type 'mac80211'
    option channel '6'
    option phy 'phy0'
    option path 'pci0000:00/0000:00:00.0'
    option hwmode '11g'
    option htmode 'HT20'
    option disabled '0'

config wifi-iface 'AP'
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'this_is_the_SSID'
    option encryption 'psk2+ccmp'
    option key 'this_is_the_key'

config wifi-iface 'mesh'
    option device 'radio0'
    option network 'lan'
    option mode 'mesh'
    option mesh_id 'xxxxxxxxxxx'
    option key 'yyyyyyyyy'
    option encryption 'psk2+ccmp'

I tried not using an "option encryption" line at all and using "option encryption none" - no difference. This points to a problem in authentication, not encryption, I think.

Ideas?

Thanks,

Bill

Post #2
ghoffman
8 Mar 2018, 14:12

uninstall wpad-mini, install  wpad or wpad-mesh and the you dont need authsae

but then you have to use 'option encryption authsae' for encryption on your mesh wifi-iface

Post #3
bmoffitt
8 Mar 2018, 20:21

OK - as noted, I am using wpad-mesh, not wpad-mini or authsae, and the WiFi radio stops working as soon as authentication is turned on (via uci set wireless.mesh.key='yyyyyyyyy' followed by '/etc/init.d/network reload).

Has anyone else ever tested wpad-mesh with both mesh and ap interfaces? I'm not even sure how to debug this problem effectively - not an area I have ever delved into.

Thanks,

Bill

(Last edited by bmoffitt on 8 Mar 2018, 20:21)

Post #4
ghoffman
9 Mar 2018, 02:34

bmoffitt -
your config has option encryption 'psk2+ccmp' in the mesh interface
i was suggesting that you use option encryption 'authsae' in the mesh interface.
or did you already try that? i'm no expert; just saying what worked for me.

(Last edited by ghoffman on 9 Mar 2018, 02:36)

The discussion might have continued from here.