How to configure wifi inferface as client

Started by zap, April 20, 2017, 06:17:26 PM

Previous topic - Next topic

zap

Hi,

Recently I purchased a RT5350F Olimex board. It seems to work fine.
By means of the openwrt web interface, I tried to configure the radio interface in order to enable it to connect to my domestic wifi access-point.
To this goal, I followed some suggestions found on the Internet.
The radio correctly associates to my AP and the dhcp client (on the Olimex board) gets IPv4 address, IP gateway and properly configures the Wlan0 interface and updates the routing table. I have checked firewall configuration and it seems OK.
Unfortunately, I cannot ping the other computers present in my network.
I monitored what happened by tcpdumping the LAN. ICMP packet requests arrive to the targetted PC, the latter sends back ICMP replies but these packets are not received by the Olimex board.

Please, may you help me.
Thanks in advance for any hints/suggestions.

Sandro

LubOlimex

Hey,

It seems like the board's firewall rejects incoming traffic. Probably it has to do with OpenWRT's firewall configuration. Read more here: https://wiki.openwrt.org/doc/uci/firewall

It might be faster for people to spot problems if you post the network configurations of the board (/etc/config/wireless, /etc/config/network, /etc/config/switch, /etc/config/firewall, etc). Remember to remove passwords and MAC addresses when posting.

Did you stumble upon this video: https://www.youtube.com/watch?v=-MsywWtN79c ?

Best regards,
Lub/OLIMEX
Technical support and documentation manager at Olimex

zap

Hi Lub,

Thanks for your quick reply.
In the following my configurations files, specifically "network", "wireless", and "firewall". I have no switch configuration file since I removed the bridge interface.

I am looking forward to hearing from you.

Thanks a lot.
Best wishes.

Sandro


---------
/etc/config/network
config interface 'loopback'
   option ifname 'lo'
   option proto 'static'
   option ipaddr '127.0.0.1'
   option netmask '255.0.0.0'

config globals 'globals'
   option ula_prefix 'fdbb:e494:3783::/48'

config interface 'lan'
   option force_link '1'
   option macaddr '2a:96:9a:cb:98:5a'
   option proto 'static'
   option ipaddr '192.168.3.88'
   option netmask '255.255.255.0'
   option ip6assign '60'
   option _orig_ifname 'eth0.1 radio0.network1'
   option _orig_bridge 'true'
   option ifname 'eth0.1'

config interface 'wan'
   option ifname 'eth0.2'
   option force_link '1'
   option macaddr '2a:96:9a:cb:98:5b'
   option proto 'dhcp'

config interface 'wan6'
   option ifname 'eth0.2'
   option proto 'dhcpv6'

config switch
   option name 'rt305x'
   option reset '1'
   option enable_vlan '1'

config switch_vlan
   option device 'rt305x'
   option vlan '1'
   option ports '0 1 2 3 6t'

config switch_vlan
   option device 'rt305x'
   option vlan '2'
   option ports '4 6t'

config interface 'wwan'
   option proto 'dhcp'

----------------------------
/etc/config/wireless
config wifi-device 'radio0'
   option type 'mac80211'
   option hwmode '11g'
   option path '10180000.wmac'
   option htmode 'HT20'
   option country 'IT'
   option channel '6'
   option txpower '4'
   option disabled '0'

config wifi-iface
   option network 'wwan'
   option ssid 'MY_SSID'
   #option encryption 'psk2'
   option encryption 'psk+tkip'
   option device 'radio0'
   option mode 'sta'
   option bssid '28:10:7B:AD:F5:BC'
   option key 'MY_PASS

-----------------------
/etc/config/firewall

config defaults
   option syn_flood '1'
   option input 'ACCEPT'
   option output 'ACCEPT'
   option forward 'REJECT'

config zone
   option name 'lan'
   option input 'ACCEPT'
   option output 'ACCEPT'
   option forward 'ACCEPT'
   option network 'WLAN lan wwan'

config zone
   option name 'wan'
   option output 'ACCEPT'
   option input 'ACCEPT'
   option forward 'ACCEPT'
   option network 'wan wan6'
   option masq '1'
   option mtu_fix '1'

config rule
   option name 'Allow-DHCP-Renew'
   option src 'wan'
   option proto 'udp'
   option dest_port '68'
   option target 'ACCEPT'
   option family 'ipv4'

config rule
   option name 'Allow-Ping'
   option src 'wan'
   option proto 'icmp'
   option icmp_type 'echo-request'
   option family 'ipv4'
   option target 'ACCEPT'

config rule
   option name 'Allow-IGMP'
   option src 'wan'
   option proto 'igmp'
   option family 'ipv4'
   option target 'ACCEPT'

config rule
   option name 'Allow-DHCPv6'
   option src 'wan'
   option proto 'udp'
   option src_ip 'fe80::/10'
   option src_port '547'
   option dest_ip 'fe80::/10'
   option dest_port '546'
   option family 'ipv6'
   option target 'ACCEPT'

config rule
   option name 'Allow-MLD'
   option src 'wan'
   option proto 'icmp'
   option src_ip 'fe80::/10'
   list icmp_type '130/0'
   list icmp_type '131/0'
   list icmp_type '132/0'
   list icmp_type '143/0'
   option family 'ipv6'
   option target 'ACCEPT'

config rule
   option name 'Allow-ICMPv6-Input'
   option src 'wan'
   option proto 'icmp'
   list icmp_type 'echo-request'
   list icmp_type 'echo-reply'
   list icmp_type 'destination-unreachable'
   list icmp_type 'packet-too-big'
   list icmp_type 'time-exceeded'
   list icmp_type 'bad-header'
   list icmp_type 'unknown-header-type'
   list icmp_type 'router-solicitation'
   list icmp_type 'neighbour-solicitation'
   list icmp_type 'router-advertisement'
   list icmp_type 'neighbour-advertisement'
   option limit '1000/sec'
   option family 'ipv6'
   option target 'ACCEPT'

config rule
   option name 'Allow-ICMPv6-Forward'
   option src 'wan'
   option dest '*'
   option proto 'icmp'
   list icmp_type 'echo-request'
   list icmp_type 'echo-reply'
   list icmp_type 'destination-unreachable'
   list icmp_type 'packet-too-big'
   list icmp_type 'time-exceeded'
   list icmp_type 'bad-header'
   list icmp_type 'unknown-header-type'
   option limit '1000/sec'
   option family 'ipv6'
   option target 'ACCEPT'

config include
   option path '/etc/firewall.user'

config rule
   option src 'wan'
   option dest 'lan'
   option proto 'esp'
   option target 'ACCEPT'

config rule
   option src 'wan'
   option dest 'lan'
   option dest_port '500'
   option proto 'udp'
   option target 'ACCEPT'

----------------------------

Syd


You have

/etc/config/network

Quote
config interface 'wwan'
   option proto 'dhcp'

/etc/config/firewall


Quote
config zone
   option name 'wan'
   option output 'ACCEPT'
   option input 'ACCEPT'
   option forward 'ACCEPT'
   option network 'wan wan6'
   option masq '1'
   option mtu_fix '1'


----------------------------------------------------------------

I have


/etc/config/network

Quote

config interface 'wwan'
        option ifname 'wlan0'
        option proto 'dhcp'
        option force_link '1'

/etc/config/firewall


Quote
config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        list network 'wwan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'



----------------------------------------------------------------

if i can help you ...  ???