PEAP/MSCHAPV2 wifi client to LAN configuration help needed

Hi all,

I’m totally new to OpenWRT and a NOOB as to what concerns the configuration of it.

I’d like to make the following setup using my Domino with dual ethernet board.

Wifi:

  • Connected as a client to a PEAP/MSCHAPV2 authentication access point as the WAN port of the Domino
 

Dual ethernet board:

  • 1 port as a local access SSH capable LAN port with a fixed IP for (e.g. 192.168.1.1)
  • 1 port as a DHCP enabled LAN port in the range 192.168.1.100 to 192.168.1.199
 

I already figured out I need to remove wpad-mini and install wpad, but that’s about it.

It doesn’t matter what version of OpenWRT needs to be running, I currently have the AR150 firmware on there in the 2.22 version, but reflashing to something else is not a problem

It would be much appreciated if someone could give me instructions on how to proceed with this setup?

Does it connect to the access point successfully?

For LAN settings, it is not so difficult. But I think your configuration has some problems:

1port has IP 192.168.1.1 is OK, but does it need to be dhcp enabled? I mean when PC is connect to this port, do you need to set an IP? Is ssh is the only purpose?

1port has DHCP has no problem. But this has the same subnet as another port. Is this what you want? Or you want it in another subnet?

You will find config like this in /etc/config/network. Changing this section as well as /etc/config/dhcp almost does your job. But it has to be clear.

config interface 'lan'
  option ifname 'eth1'
  option proto 'static'

config interface 'wan'
  option ifname 'eth0'
  option proto 'dhcp'

Thx Alzhao,

but no, it does not connect.

I’m using a freshly installed Domino, firmware 1.3. I removed package wpad-mini, and installed wpad. I reconfigured the wireless to be a client with the following settings in etc/config/wireless. Apart from the below changes (and setting password and timezone), I did not change any setting.

config wifi-device ‘radio0’
option type ‘mac80211’
option path ‘platform/ar933x_wmac’
option htmode ‘HT20’
option disabled ‘0’
option txpower ‘18’
option country ‘BE’
option channel ‘3’
option hwmode ‘11g’

config wifi-iface
option network ‘wwan’
option ssid ‘TelenetWiFree’
option device ‘radio0’
option bssid ‘06:53:7C:14:A0:24’
option encryption ‘wpa2’
option eap_type ‘peap’
option auth ‘MSCHAPV2’
option identity ‘USER’ (USER is filled in with a working login)
option password ‘PASSWORD’ (PASSWORD is filled in with the correct password)
option mode ‘sta’

 

Upon finishing a reboot, the system log shows the following:

Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.480000] wlan0: authenticate with 06:53:7c:14:a0:24
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.500000] wlan0: send auth to 06:53:7c:14:a0:24 (try 1/3)
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.510000] wlan0: authenticated
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.530000] wlan0: associate with 06:53:7c:14:a0:24 (try 1/3)
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.660000] wlan0: associate with 06:53:7c:14:a0:24 (try 2/3)
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 44.880000] wlan0: associate with 06:53:7c:14:a0:24 (try 3/3)
Sun Oct 16 01:56:37 2016 kern.info kernel: [ 45.040000] wlan0: association with 06:53:7c:14:a0:24 timed out

So apparently, it is connecting, it authenticates, but then does not associate as a result of a time out. The password and login are correct and are verified using an android setup.

What am I doing wrong?

Can you set channel to “auto” and remove “option bssid ’06:53:7C:14:A0:24’” and have a try?

Nope, doesn’t work.

I’m reading up on OpenWRT docs, see if I can educate myself. I’ll get back again if that doesn’t work out.

Thx for the help (or if you have any other suggestions, they are of course welcome…:wink: )