Access points same SSID, Radius, Help plz
Greetings,
I need help and advice please configuring the following scenario...
3 floors building, 2 AP on first floor, 1 on second floor, 1 on 3rd floor.
i want them all to share same SSID, for user roaming around the building without being disconnected and reconnected to another AP
currently working on window servers 2012.
trying to read about Radius server implementation, but the thing is, i also need guests in the building to have access via their cellphones or personal computers sometimes, when told so ( non domain users)
Can someone plz point me to a solution ? how to get domain users access ? how to have random guests access the AP internet access
thanks
Can u enlighten me plz on what the wireless controller task is here exactly ? i have 3 hp 2920-24G switches on all floor, and from the datasheet, supposedly it supports IEEE
802.1X, can it be used as a wireless controller if configured properly ? also have a fortigate 60D router but only support fortinet AP for management.
Similar Messages
-
Does iOS 6 remember access points by SSID and their associated Wi-Fi frequency?
Just trying to figure out how iOS 6.1.2 handles remembering SSID's and if it associates the frequency(2.4 or 5) to the SSID. I work in a hospital setting. The place is littered with access points with the same SSID on 2.4ghz and 5ghz. There are places in the hospital where the Wi-Fi connection drops out on iOS but remains connected on my other device(android). If I go into settings, Wi Fi, the network is almost always visible but just seems to take forever to resolve, even in those places where it drops out its still visible. Any ideas on what might be causing iOS 6 (ipad mini) to resolve connections so slowly, is it something to do with the frequency or is it too many 'cute girls' to choose from i.e. too many overlapping SSID's in the same frequency.
The reset I wrote about was Settings-Reset-Erase All Content and Settings. Don't bother, I just did that and restored from backup. Still in exactly he same situation. Our iPad 1’s and iPhone 4’s running 5.1 appear to be fine and display everything including album covers. I firmly believe its something in iOS 6 and/or iTunes. Either way, you'll keep knocking yourself out possibly to little avail in my opinion so this is my solution:
My iPad gen 3 is still under warrantee. I'll call Apple Support tomorrow, get a case number and ask them to call. I'm not sure if Apple has been working on this, been made aware of or ??? They keep so secretive about these types of things. I'll let you know what they tell me and keep you in the loop. If you do happen to discover a fix, please let me know. I don't know how busy support will be over the next day or two. We'll see.
I used to be quite a "fanboy" as you put it. We have an iMac, an iPad 1, two iPad 2`s, my iPad 3, and four iPhone 4’s. unfortunately, over the last year or so there has been a noticeable shift in employee attitudes in support and their stores. This surely filters down from above and along with human nature and believing they will always be better than the competition, it breeds arrogance and a shift away from the support of yesterday. I don't know if its because Jobs is no longer around or what, but it does exist. I broke from PC and windows six years ago. While I don't relish the hardware and app penalty of complete change, this update to iOS 6 is bad. Anyway, time will tell.
In the meanwhile, I'll be in touch.
Larry
<Email Edited by Host> -
2 Access Points Same Wireless Network
ok the basics: I have a cable modem hooked up to a linksys router ... the signal does not cover the whole house, so I got a linksys range expander ... set the whole thing up and everything works nice ... except that my PB keeps picking up the weak signal from the main router and doesnt connect to the range expander ... they both have the same security settings and all and they even appear as the same wireless network ... any thoughts on how to make my PB connect to the access point with the best signal?
I don't think that was the question posed. The issue is not how do I increase a particular access point's range, or can I dispense with one of them.
The issue is how to best work with TWO access points on the SAME network. I am very interested in this issue, as I have not been able to get my system to work properly. In short, there is an Airport Express (access point only) in the upstairs family room, and a Motorola (router and access point) in the basement. For those of us who own the new PB's, it is a lost cause to get reception comparable to the iBooks. Literally hundreds of posts exist in this area trying to improve it. So the ability to automatically connect to the highest reception point is a great benefit.
I have a unique IP address to each access point, and the Airport Express is tied to the Motorola router through ethernet. I have tried both devices on the same wireless channel, and each on its own (1 and 11). I have also tried using the same SSID & password for each point, and giving them unique names. In all situations, the result is the same. Once the Mac is connected to a particular access point, it will never switch over to the other one, unless connectivity is completely lost to the first one (i.e. unplug the AE).
This does not meet the 'roaming' idea. The goal is that when I am upstairs, I automaticallly connect to the AE, as it is strongest. When I move downstairs, it should connect to the Motorola, as the signal strength is SIGNIFICANTLY increased (we are running a PB, here). But this never happens. Instead, the PB will choke on internet browsing, because it is connecting to the gateway through a very weak wireless signal upstairs, when an alternate strong one is right next to it !!
Doesn't matter if I sleep in between relocating. All settings are automatic; that is, the Airport will automatically connect to the available networks. What I have to do is click the airport signal meter and choose my access point in order to change.
For those who think this is all acceptable performance, I don't have to do this with my HP work laptop. Windows does not seem to have a problem with proper, correct, and optimized roaming.
Hi-res PB15, 1.5GB Mac OS X (10.4.7) -
i have an access point which is not suppose to be in the native vlan, the port which is connected to the access point has no trunk.
when i checked the native vlan, this error prompted...
%SYS-4-P2_WARN: 1/Tag 1 on packet from <mac add> port 1/3, but port's native vlan is 2
but when i unchecked it, the connection lost between AP & switch...
what actually happened? can anyone plz help me?Hi,
the connected switch a Cisco Switch? If yes do you have configured a "switchport access vlan xx"?
If the connected Switch is not a Cisco i had a problem similiar to yours and fixed it with the setup of the used VLAN (in my case VLAN 10) as Native VLAN in the AP.
Maybe you should setup the Native VLAN to 2 in your AP Config.
I Hope that helps.
Best regards,
Frank -
I lost access to sound Cloud! help plz
I lost access to sound Cloud! help plz
If you're running iOS 6, go to Settings>iCloud, tap Delete Account, then sign back in with the new ID. This deletes the account and your iCloud data from your device, but not from iCloud. Provided you are signing back into the same account, your iCloud data will reappear on your device when you sign back in.
To avoid losing photo stream photos, save them to your camera roll (if not already there) before deleting the account. To do this, open your my photo stream album, tap Edit, tap the photos, tap Share, then tap Save to Camera Roll. -
Router, access point, very CONFUSED. HELP
The Plan:
In my living room I have a modem/router (at&t supplied) which produces wifi for my home. In my family room I have an older version of the Xbox 360 with no wireless capabilities. Without buying a 100 ft (the rooms are not exactly close to each other)ethernet cable and running it under the house, I'd rather find some way to send a wireless signal from a router to a physical (access point/router?) which will be located next to the Xbox that it can hard wire to.
Equipment at my disposal:
WRT54G ver.6
WAP54G ver.2
Question:
Is it possible to do what I want with the equipment I have? The more I dive into websites about it the more confused I get. Access points, client bridge mode, client mode, repeater, etc. I just have no idea what to do, any ideas?Those devices that you have will work but it is not an assurance that those two devices will give you the best performance since those are only wireless-G devices. What you can do is to set the WRT54G v6 as the main router that will broadcast a wireless signal to that other room; set the WAP54G v2 as an access point client so that it will act as the wireless adapter for your Xbox. To test if the router’s signal will reach to that room then you need to use a laptop and check if the laptop could pick the signal.
-
I have just opened ITunes on my Mac and the following error occurred "The iTunes Library.itl file is locked, on a locked disk, or you do not have write permission for this file.". When I setup my Mac I created a shared user area to contain my ITunes library so that I could share it with another user logged onto my Mac. However the error above gives me the impression that the library file is locked... I've checked and it does not seem to be locked under the "get info" fie information. Has anyone come across this before and found a solution?
You also need to make sure you have both read and write permission for the file, or for the whole iTunes folder for that matter. That's also done in Get Info for the file or folder concerned.
Read the part about changing permissions on the iTunes folder in: https://discussions.apple.com/message/11583914 -
i tried disabling windows firewall, and tried to add firefox in firewall also, but none of these works.
You can try to set '''Auto-detect proxy settings for this network''' in '''Tools''' ('''Alt''' + '''T''') > '''Options''' > '''Advanced''' > '''Network''' > '''Settings'''. If it's still not working you may have to contact the network provider.
[https://support.mozilla.org/en-US/kb/Options%20window%20-%20Advanced%20panel?as=u Options > Advanced]
[https://support.mozilla.org/en-US/kb/Options%20window Options] -
Can't HP Officejet pro 8100 do wifi access point?
Yesterday my HP Officejet pro 8100 arrived and I try to connect via wifi. I thinked that It need a infrastructure access point to print via wifi.
When I powered on the printer I osserved that It create an access point autonomously with SSID: HP-Setup-7A-Officejet Pro, with IPv4 address server, etc...
I was very happy and I printed a page with my smartphone samsung s4 connected directly with printer access point (not wifi direct but standard wifi).
Today no changed occurred but I can't use printer with its own access point, but only with an external wifi access point.
Someone can help me, please? It could be an hardware problem?
Thanks,
Luca
P.S. in web server I checked that "access point connectivity" (Punto di accesso wireless connettività in Italian) is checked.
This question was solved.
View Solution.Hello lucait
To print via WiFi you need to have a wireless router setup. Once you have the wireless router setup correctly you will have a SSID and Wepkey that will enable you to add devices to your network. The network will allow all your devices to communicate not just with each other but with the internet. At the moment your printer was not put in a network so instead of broadcasting on a network it is broadcasting on it's own network called HP-Setup-7A-Officejet Pro which is only good for a short period of time to allow you to setup your wireless. I am going to assume you have a wireless network and you are just needing assistance getting the printer setup on that network.
To set your printer up on a network you will need to reset your network defaults so your printer begins to broadcast that HP-Setup-7A-Officejet Pro network again. You can do this buy following the steps on the HP Support document Resetting the Network Settings. Once you have done this you can begin to install the software that came with your printer on your computer. You want to set the printer up wirelessly when the option arrives. The software should configure your printers wireless for you and put it on the network. Once completed you should be able to access your printer from all your devices as long as they are on the network.
I hope this helps resolve your wireless issue. Thank you for posting on the HP Forums. Have a great day!
Please click the "Thumbs Up" on the bottom right of this post to say thank you if you appreciate the support I provide!
Also be sure to mark my post as “Accept as Solution" if you feel my post solved your issue, it will help others who face the same challenge find the same solution.
Dunidar
I work on behalf of HP
Find out a bit more about me by checking out my profile!
"Customers don’t expect you to be perfect. They do expect you to fix things when they go wrong." ~ Donald Porter -
[script] create_ap: Create a NATed or Bridged WiFi Access Point
This script use hostapd + dnsmasq + iptables to create a NATed Access Point OR hostapd + brctl + dhclient to create a bridged Access Point.
The default behavior is a NATed Access Point.
updated script will be here: https://github.com/oblique/create_ap and http://git.2f30.org/create_ap/
Examples
No passphrase (open network):
./create_ap wlan0 eth0 MyAccessPoint
OR
echo -e "MyAccessPoint" | ./create_ap wlan0 eth0
WPA + WPA2 passphrase:
./create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
OR
echo -e "MyAccessPoint\nMyPassPhrase" | ./create_ap wlan0 eth0
AP without Internet sharing:
./create_ap -n wlan0 MyAccessPoint MyPassPhrase
Bridged Internet sharing:
./create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
Internet sharing from the same WiFi interface:
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
Usage
Usage: create_ap [options] <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]]
Options:
-h, --help Show this help
-c <channel> Channel number (default: 1)
-w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)
-n Disable Internet sharing (if you use this, don't pass
the <interface-with-internet> argument)
-m <method> Method for Internet sharing.
Use: 'nat' for NAT (default)
'bridge' for bridging
'none' for no Internet sharing (equivalent to -n)
--hidden Make the Access Point hidden (do not broadcast the SSID)
--ieee80211n Enable IEEE 802.11n (HT)
--ht_capab <HT> HT capabilities (default: [HT40+])
--driver Choose your WiFi adapter driver (default: nl80211)
--no-virt Do not create virtual interface
Non-Bridging Options:
-g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)
-d DNS server will take into account /etc/hosts
Useful informations:
* If you're not using the --no-virt option, then you can create an AP with the same
interface you are getting your Internet connection.
* You can pass your SSID and password through pipe or through arguments (see examples).
Examples:
create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
echo -e 'MyAccessPoint\nMyPassPhrase' | create_ap wlan0 eth0
create_ap wlan0 eth0 MyAccessPoint
echo 'MyAccessPoint' | create_ap wlan0 eth0
create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
create_ap -n wlan0 MyAccessPoint MyPassPhrase
create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
create_ap --driver rtl871xdrv wlan0 eth0 MyAccessPoint MyPassPhrase
Code
#!/bin/bash
# general dependencies:
# bash (to run this script)
# util-linux (for getopt)
# hostapd
# iproute2
# iw
# iwconfig (you only need this if 'iw' can not recognize your adapter)
# haveged (optional)
# dependencies for 'nat' or 'none' Internet sharing method
# dnsmasq
# iptables
# dependencies for 'bridge' Internet sharing method
# bridge-utils
usage() {
echo "Usage: $(basename $0) [options] <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]]"
echo
echo "Options:"
echo " -h, --help Show this help"
echo " -c <channel> Channel number (default: 1)"
echo " -w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)"
echo " -n Disable Internet sharing (if you use this, don't pass"
echo " the <interface-with-internet> argument)"
echo " -m <method> Method for Internet sharing."
echo " Use: 'nat' for NAT (default)"
echo " 'bridge' for bridging"
echo " 'none' for no Internet sharing (equivalent to -n)"
echo " --hidden Make the Access Point hidden (do not broadcast the SSID)"
echo " --ieee80211n Enable IEEE 802.11n (HT)"
echo " --ht_capab <HT> HT capabilities (default: [HT40+])"
echo " --driver Choose your WiFi adapter driver (default: nl80211)"
echo " --no-virt Do not create virtual interface"
echo
echo "Non-Bridging Options:"
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)"
echo " -d DNS server will take into account /etc/hosts"
echo
echo "Useful informations:"
echo " * If you're not using the --no-virt option, then you can create an AP with the same"
echo " interface you are getting your Internet connection."
echo " * You can pass your SSID and password through pipe or through arguments (see examples)."
echo
echo "Examples:"
echo " $(basename $0) wlan0 eth0 MyAccessPoint MyPassPhrase"
echo " echo -e 'MyAccessPoint\nMyPassPhrase' | $(basename $0) wlan0 eth0"
echo " $(basename $0) wlan0 eth0 MyAccessPoint"
echo " echo 'MyAccessPoint' | $(basename $0) wlan0 eth0"
echo " $(basename $0) wlan0 wlan0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) -n wlan0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) --driver rtl871xdrv wlan0 eth0 MyAccessPoint MyPassPhrase"
# it takes 2 arguments
# returns:
# 0 if v1 (1st argument) and v2 (2nd argument) are the same
# 1 if v1 is less than v2
# 2 if v1 is greater than v2
version_cmp() {
[[ ! $1 =~ ^[0-9]+(\.[0-9]+)*$ ]] && die "Wrong version format!"
[[ ! $2 =~ ^[0-9]+(\.[0-9]+)*$ ]] && die "Wrong version format!"
V1=( $(echo $1 | tr '.' ' ') )
V2=( $(echo $2 | tr '.' ' ') )
VN=${#V1[@]}
[[ $VN -lt ${#V2[@]} ]] && VN=${#V2[@]}
for ((x = 0; x < $VN; x++)); do
[[ ${V1[x]} -lt ${V2[x]} ]] && return 1
[[ ${V1[x]} -gt ${V2[x]} ]] && return 2
done
return 0
USE_IWCONFIG=0
is_wifi_interface() {
which iw > /dev/null 2>&1 && iw dev $1 info > /dev/null 2>&1 && return 0
if which iwconfig > /dev/null 2>&1 && iwconfig $1 > /dev/null 2>&1; then
USE_IWCONFIG=1
return 0
fi
return 1
get_phy_device() {
for x in /sys/class/ieee80211/*; do
[[ ! -d "$x" ]] && continue
if [[ "${x##*/}" = "$1" ]]; then
echo $1
return 0
elif [[ -e "$x/device/net/$1" ]]; then
echo ${x##*/}
return 0
elif [[ -e "$x/device/net:$1" ]]; then
echo ${x##*/}
return 0
fi
done
echo "Failed to get phy interface" >&2
return 1
get_adapter_info() {
PHY=$(get_phy_device "$1")
[[ $? -ne 0 ]] && return 1
iw phy $PHY info
can_have_sta_and_ap() {
# iwconfig does not provide this information, assume false
[[ $USE_IWCONFIG -eq 1 ]] && return 1
get_adapter_info "$1" | grep -E '{.* managed.* AP.*}' > /dev/null 2>&1 && return 0
get_adapter_info "$1" | grep -E '{.* AP.* managed.*}' > /dev/null 2>&1 && return 0
return 1
can_have_ap() {
# iwconfig does not provide this information, assume true
[[ $USE_IWCONFIG -eq 1 ]] && return 0
get_adapter_info "$1" | grep -E '\* AP$' > /dev/null 2>&1 && return 0
return 1
can_transmit_to_channel() {
IFACE=$1
CHANNEL=$2
if [[ $USE_IWCONFIG -eq 0 ]]; then
CHANNEL_INFO=$(get_adapter_info ${IFACE} | grep "MHz \[${CHANNEL}\]")
[[ -z "${CHANNEL_INFO}" ]] && return 1
[[ "${CHANNEL_INFO}" == *no\ IR* ]] && return 1
[[ "${CHANNEL_INFO}" == *disabled* ]] && return 1
return 0
else
CHANNEL=$(printf '%02d' ${CHANNEL})
CHANNEL_INFO=$(iwlist ${IFACE} channel | grep "Channel ${CHANNEL} :")
[[ -z "${CHANNEL_INFO}" ]] && return 1
return 0
fi
is_wifi_connected() {
if [[ $USE_IWCONFIG -eq 0 ]]; then
iw dev "$1" link 2>&1 | grep -E '^Connected to' > /dev/null 2>&1 && return 0
else
iwconfig "$1" 2>&1 | grep -E 'Access Point: [0-9a-fA-F]{2}:' > /dev/null 2>&1 && return 0
fi
return 1
get_macaddr() {
ip link show "$1" | grep ether | grep -Eo '([0-9a-f]{2}:){5}[0-9a-f]{2}[[:space:]]' | tr -d '[[:space:]]'
get_avail_bridge() {
for i in {0..100}; do
curr_bridge=$(brctl show | grep "br$i" | cut -s -f1)
if [[ -z $curr_bridge ]]; then
echo "br$i"
return
fi
done
get_new_macaddr() {
OLDMAC=$(get_macaddr "$1")
for i in {20..255}; do
NEWMAC="${OLDMAC%:*}:$(printf %02x $i)"
(ip link | grep "ether ${NEWMAC}" > /dev/null 2>&1) || break
done
echo $NEWMAC
ADDED_UNMANAGED=0
NETWORKMANAGER_CONF=/etc/NetworkManager/NetworkManager.conf
NM_OLDER_VERSION=1
networkmanager_exists() {
which nmcli > /dev/null 2>&1 || return 1
NM_VER=$(nmcli -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
version_cmp $NM_VER 0.9.10
if [[ $? -eq 1 ]]; then
NM_OLDER_VERSION=1
else
NM_OLDER_VERSION=0
fi
return 0
networkmanager_is_running() {
networkmanager_exists || return 1
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
NMCLI_OUT=$(nmcli -t -f RUNNING nm)
else
NMCLI_OUT=$(nmcli -t -f RUNNING g)
fi
[[ "$NMCLI_OUT" == "running" ]]
networkmanager_iface_is_unmanaged() {
nmcli -t -f DEVICE,STATE d | grep -E "^$1:unmanaged$" > /dev/null 2>&1
ADDED_UNMANAGED=
networkmanager_add_unmanaged() {
networkmanager_exists || return 1
[[ -d ${NETWORKMANAGER_CONF%/*} ]] || mkdir -p ${NETWORKMANAGER_CONF%/*}
[[ -f ${NETWORKMANAGER_CONF} ]] || touch ${NETWORKMANAGER_CONF}
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
if [[ -z "$2" ]]; then
MAC=$(get_macaddr "$1")
else
MAC="$2"
fi
[[ -z "$MAC" ]] && return 1
fi
UNMANAGED=$(grep -m1 -Eo '^unmanaged-devices=[[:alnum:]:;,-]*' /etc/NetworkManager/NetworkManager.conf | sed 's/unmanaged-devices=//' | tr ';,' ' ')
WAS_EMPTY=0
[[ -z "$UNMANAGED" ]] && WAS_EMPTY=1
for x in $UNMANAGED; do
[[ $x == "mac:${MAC}" ]] && return 2
[[ $NM_OLDER_VERSION -eq 0 && $x == "interface-name:${1}" ]] && return 2
done
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
UNMANAGED="${UNMANAGED} mac:${MAC}"
else
UNMANAGED="${UNMANAGED} interface-name:${1}"
fi
UNMANAGED=$(echo $UNMANAGED | sed -e 's/^ //')
UNMANAGED="${UNMANAGED// /;}"
UNMANAGED="unmanaged-devices=${UNMANAGED}"
if ! grep -E '^\[keyfile\]' ${NETWORKMANAGER_CONF} > /dev/null 2>&1; then
echo -e "\n\n[keyfile]\n${UNMANAGED}" >> ${NETWORKMANAGER_CONF}
elif [[ $WAS_EMPTY -eq 1 ]]; then
sed -e "s/^\(\[keyfile\].*\)$/\1\n${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
else
sed -e "s/^unmanaged-devices=.*/${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
fi
ADDED_UNMANAGED="${ADDED_UNMANAGED} ${1} "
return 0
networkmanager_rm_unmanaged() {
networkmanager_exists || return 1
[[ ! -f ${NETWORKMANAGER_CONF} ]] && return 1
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
if [[ -z "$2" ]]; then
MAC=$(get_macaddr "$1")
else
MAC="$2"
fi
[[ -z "$MAC" ]] && return 1
fi
UNMANAGED=$(grep -m1 -Eo '^unmanaged-devices=[[:alnum:]:;,-]*' /etc/NetworkManager/NetworkManager.conf | sed 's/unmanaged-devices=//' | tr ';,' ' ')
[[ -z "$UNMANAGED" ]] && return 1
[[ -n "$MAC" ]] && UNMANAGED=$(echo $UNMANAGED | sed -e "s/mac:${MAC}\( \|$\)//g")
UNMANAGED=$(echo $UNMANAGED | sed -e "s/interface-name:${1}\( \|$\)//g")
UNMANAGED=$(echo $UNMANAGED | sed -e 's/ $//')
if [[ -z "$UNMANAGED" ]]; then
sed -e "/^unmanaged-devices=.*/d" -i ${NETWORKMANAGER_CONF}
else
UNMANAGED="${UNMANAGED// /;}"
UNMANAGED="unmanaged-devices=${UNMANAGED}"
sed -e "s/^unmanaged-devices=.*/${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
fi
ADDED_UNMANAGED="${ADDED_UNMANAGED/ ${1} /}"
return 0
networkmanager_rm_unmanaged_if_needed() {
[[ $ADDED_UNMANAGED =~ .*\ ${1}\ .* ]] && networkmanager_rm_unmanaged ${1}
networkmanager_wait_until_unmanaged() {
networkmanager_is_running || return 1
while ! networkmanager_iface_is_unmanaged "$1"; do
sleep 1
done
sleep 2
return 0
CHANNEL=1
GATEWAY=192.168.12.1
WPA_VERSION=1+2
ETC_HOSTS=0
HIDDEN=0
SHARE_METHOD=nat
IEEE80211N=0
HT_CAPAB='[HT40+]'
DRIVER=nl80211
NO_VIRT=0
CONFDIR=
WIFI_IFACE=
VWIFI_IFACE=
INTERNET_IFACE=
BRIDGE_IFACE=
OLD_IP_FORWARD=
OLD_BRIDGE_IPTABLES=
OLD_MACADDR=
cleanup() {
trap "" SIGINT
echo
echo "Doing cleanup..."
# exiting
for x in $CONFDIR/*.pid; do
# even if the $CONFDIR is empty, the for loop will assign
# a value in $x. so we need to check if the value is a file
[[ -f $x ]] && kill -9 $(cat $x)
done
rm -rf $CONFDIR
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ "$SHARE_METHOD" == "nat" ]]; then
iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE > /dev/null 2>&1
iptables -D FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT > /dev/null 2>&1
iptables -D FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT > /dev/null 2>&1
[[ -n $OLD_IP_FORWARD ]] && echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
elif [[ "$SHARE_METHOD" == "bridge" ]]; then
ip link set down $BRIDGE_IFACE
brctl delbr $BRIDGE_IFACE
[[ -n $OLD_BRIDGE_IPTABLES ]] && echo $OLD_BRIDGE_IPTABLES > /proc/sys/net/bridge/bridge-nf-call-iptables
fi
fi
if [[ "$SHARE_METHOD" != "bridge" ]]; then
iptables -D INPUT -p tcp -m tcp --dport 53 -j ACCEPT > /dev/null 2>&1
iptables -D INPUT -p udp -m udp --dport 53 -j ACCEPT > /dev/null 2>&1
iptables -D INPUT -p udp -m udp --dport 67 -j ACCEPT > /dev/null 2>&1
fi
if [[ $NO_VIRT -eq 0 ]]; then
if [[ -n $VWIFI_IFACE ]]; then
ip link set down dev ${VWIFI_IFACE}
ip addr flush ${VWIFI_IFACE}
networkmanager_rm_unmanaged_if_needed ${VWIFI_IFACE} ${OLD_MACADDR}
iw dev ${VWIFI_IFACE} del
fi
else
ip link set down dev ${WIFI_IFACE}
ip addr flush ${WIFI_IFACE}
networkmanager_rm_unmanaged_if_needed ${WIFI_IFACE}
fi
die() {
[[ -n "$1" ]] && echo -e "\nERROR: $1\n" >&2
cleanup
exit 1
clean_exit() {
cleanup
exit 0
# if the user press ctrl+c then execute die()
trap "die" SIGINT
ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt" -n $(basename $0) -- "$@")
[[ $? -ne 0 ]] && exit 1
eval set -- "$ARGS"
while :; do
case "$1" in
-h|--help)
usage >&2
exit 1
--hidden)
shift
HIDDEN=1
-c)
shift
CHANNEL="$1"
shift
-w)
shift
WPA_VERSION="$1"
shift
-g)
shift
GATEWAY="$1"
shift
-d)
shift
ETC_HOSTS=1
-n)
shift
SHARE_METHOD=none
-m)
shift
SHARE_METHOD="$1"
shift
--ieee80211n)
shift
IEEE80211N=1
--ht_capab)
shift
HT_CAPAB="$1"
shift
--driver)
shift
DRIVER="$1"
shift
--no-virt)
shift
NO_VIRT=1
shift
break
esac
done
if [[ $# -lt 1 ]]; then
usage >&2
exit 1
fi
if [[ $(id -u) -ne 0 ]]; then
echo "You must run it as root." >&2
exit 1
fi
WIFI_IFACE=$1
if ! is_wifi_interface ${WIFI_IFACE}; then
echo "ERROR: '${WIFI_IFACE}' is not a WiFi interface" >&2
exit 1
fi
if ! can_have_ap ${WIFI_IFACE}; then
echo "ERROR: Your adapter does not support AP (master) mode" >&2
exit 1
fi
if ! can_have_sta_and_ap ${WIFI_IFACE}; then
if is_wifi_connected ${WIFI_IFACE}; then
echo "ERROR: Your adapter can not be connected to an AP and at the same time transmit as an AP" >&2
exit 1
elif [[ $NO_VIRT -eq 0 ]]; then
echo "WARN: Your adapter does not fully support AP virtual interface, enabling --no-virt" >&2
NO_VIRT=1
fi
fi
if [[ "$SHARE_METHOD" != "nat" && "$SHARE_METHOD" != "bridge" && "$SHARE_METHOD" != "none" ]]; then
echo "ERROR: Wrong Internet sharing method" >&2
echo
usage >&2
exit 1
fi
if [[ "$SHARE_METHOD" == "bridge" ]]; then
OLD_BRIDGE_IPTABLES=$(cat /proc/sys/net/bridge/bridge-nf-call-iptables)
BRIDGE_IFACE=$(get_avail_bridge)
if [[ -z $BRIDGE_IFACE ]]; then
echo "ERROR: No availabe bridges < br100" >&2
exit 1
fi
elif [[ "$SHARE_METHOD" == "nat" ]]; then
OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
fi
if [[ "$SHARE_METHOD" != "none" ]]; then
MIN_REQUIRED_ARGS=2
else
MIN_REQUIRED_ARGS=1
fi
if [[ $# -gt $MIN_REQUIRED_ARGS ]]; then
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ $# -ne 3 && $# -ne 4 ]]; then
usage >&2
exit 1
fi
INTERNET_IFACE=$2
SSID=$3
PASSPHRASE=$4
else
if [[ $# -ne 2 && $# -ne 3 ]]; then
usage >&2
exit 1
fi
SSID=$2
PASSPHRASE=$3
fi
else
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ $# -ne 2 ]]; then
usage >&2
exit 1
fi
INTERNET_IFACE=$2
fi
if tty -s; then
read -p "SSID: " SSID
while :; do
read -p "Passphrase: " -s PASSPHRASE
echo
read -p "Retype passphrase: " -s PASSPHRASE2
echo
if [[ "$PASSPHRASE" != "$PASSPHRASE2" ]]; then
echo "Passphrases do not match."
else
break
fi
done
else
read SSID
read PASSPHRASE
fi
fi
if [[ $NO_VIRT -eq 1 && "$WIFI_IFACE" == "$INTERNET_IFACE" ]]; then
echo -n "ERROR: You can not share your connection from the same" >&2
echo " interface if you are using --no-virt option." >&2
exit 1
fi
CONFDIR=$(mktemp -d /tmp/create_ap.${WIFI_IFACE}.conf.XXXXXXXX)
echo "Config dir: $CONFDIR"
if [[ $NO_VIRT -eq 0 ]]; then
VWIFI_IFACE=${WIFI_IFACE}ap
# in NetworkManager 0.9.10 and above we can set the interface as unmanaged without
# the need of MAC address, so we set it before we create the virtual interface.
if networkmanager_is_running && [[ $NM_OLDER_VERSION -eq 0 ]]; then
echo -n "Network Manager found, set $1 as unmanaged device... "
networkmanager_add_unmanaged ${VWIFI_IFACE}
# do not call networkmanager_wait_until_unmanaged because interface does not
# exist yet
echo "DONE"
fi
WIFI_IFACE_CHANNEL=$(iw dev ${WIFI_IFACE} info | grep channel | awk '{print $2}')
if [[ -n $WIFI_IFACE_CHANNEL && $WIFI_IFACE_CHANNEL -ne $CHANNEL ]]; then
echo "hostapd will fail to use channel $CHANNEL because $WIFI_IFACE is already set to channel $WIFI_IFACE_CHANNEL, fallback to channel $WIFI_IFACE_CHANNEL."
CHANNEL=$WIFI_IFACE_CHANNEL
fi
VIRTDIEMSG="Maybe your WiFi adapter does not fully support virtual interfaces.
Try again with --no-virt."
echo -n "Creating a virtual WiFi interface... "
iw dev ${VWIFI_IFACE} del > /dev/null 2>&1
if iw dev ${WIFI_IFACE} interface add ${VWIFI_IFACE} type __ap; then
# now we can call networkmanager_wait_until_unmanaged
networkmanager_is_running && [[ $NM_OLDER_VERSION -eq 0 ]] && networkmanager_wait_until_unmanaged ${VWIFI_IFACE}
echo "${VWIFI_IFACE} created."
else
VWIFI_IFACE=
die "$VIRTDIEMSG"
fi
OLD_MACADDR=$(get_macaddr ${VWIFI_IFACE})
[[ ${OLD_MACADDR} == $(get_macaddr ${WIFI_IFACE}) ]] && NEW_MACADDR=$(get_new_macaddr ${VWIFI_IFACE})
WIFI_IFACE=${VWIFI_IFACE}
fi
can_transmit_to_channel ${WIFI_IFACE} ${CHANNEL} || die "Your adapter can not transmit to channel ${CHANNEL}."
if networkmanager_is_running && ! networkmanager_iface_is_unmanaged ${WIFI_IFACE}; then
echo -n "Network Manager found, set $1 as unmanaged device... "
networkmanager_add_unmanaged ${WIFI_IFACE}
networkmanager_wait_until_unmanaged ${WIFI_IFACE}
echo "DONE"
fi
[[ $HIDDEN -eq 1 ]] && echo "Access Point's SSID is hidden!"
# hostapd config
cat << EOF > $CONFDIR/hostapd.conf
ssid=${SSID}
interface=${WIFI_IFACE}
driver=${DRIVER}
hw_mode=g
channel=${CHANNEL}
ctrl_interface=$CONFDIR/hostapd_ctrl
ctrl_interface_group=0
ignore_broadcast_ssid=$HIDDEN
EOF
if [[ $IEEE80211N -eq 1 ]]; then
cat << EOF >> $CONFDIR/hostapd.conf
ieee80211n=1
wmm_enabled=1
ht_capab=${HT_CAPAB}
EOF
fi
if [[ -n "$PASSPHRASE" ]]; then
[[ "$WPA_VERSION" == "1+2" || "$WPA_VERSION" == "2+1" ]] && WPA_VERSION=3
cat << EOF >> $CONFDIR/hostapd.conf
wpa=${WPA_VERSION}
wpa_passphrase=$PASSPHRASE
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
EOF
fi
if [[ "$SHARE_METHOD" == "bridge" ]]; then
echo "bridge=${BRIDGE_IFACE}" >> $CONFDIR/hostapd.conf
else
# dnsmasq config (dhcp + dns)
DNSMASQ_VER=$(dnsmasq -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
version_cmp $DNSMASQ_VER 2.63
if [[ $? -eq 1 ]]; then
DNSMASQ_BIND=bind-interfaces
else
DNSMASQ_BIND=bind-dynamic
fi
cat << EOF > $CONFDIR/dnsmasq.conf
interface=${WIFI_IFACE}
${DNSMASQ_BIND}
dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h
dhcp-option=option:router,${GATEWAY}
EOF
[[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf
fi
# initialize WiFi interface
if [[ $NO_VIRT -eq 0 && -n "$NEW_MACADDR" ]]; then
ip link set dev ${WIFI_IFACE} address ${NEW_MACADDR} || die "$VIRTDIEMSG"
fi
ip link set down dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
ip addr flush ${WIFI_IFACE} || die "$VIRTDIEMSG"
if [[ "$SHARE_METHOD" != "bridge" ]]; then
ip link set up dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
ip addr add ${GATEWAY}/24 broadcast ${GATEWAY%.*}.255 dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
fi
# enable Internet sharing
if [[ "$SHARE_METHOD" != "none" ]]; then
echo "Sharing Internet using method: $SHARE_METHOD"
if [[ "$SHARE_METHOD" == "nat" ]]; then
iptables -t nat -I POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE || die
iptables -I FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
iptables -I FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT || die
echo 1 > /proc/sys/net/ipv4/ip_forward || die
elif [[ "$SHARE_METHOD" == "bridge" ]]; then
# disable iptables rules for bridged interfaces
echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables || die
# create and initialize bridged interface
brctl addbr ${BRIDGE_IFACE} || die
brctl addif ${BRIDGE_IFACE} ${INTERNET_IFACE} || die
ip link set dev ${BRIDGE_IFACE} up || die
fi
else
echo "No Internet sharing"
fi
# boost low-entropy
if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
which haveged > /dev/null 2>&1 && {
haveged -w 1024 -p $CONFDIR/haveged.pid
fi
# start dns + dhcp server
if [[ "$SHARE_METHOD" != "bridge" ]]; then
iptables -I INPUT -p tcp -m tcp --dport 53 -j ACCEPT || die
iptables -I INPUT -p udp -m udp --dport 53 -j ACCEPT || die
iptables -I INPUT -p udp -m udp --dport 67 -j ACCEPT || die
dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid || die
fi
# start access point
echo "hostapd command-line interface: hostapd_cli -p $CONFDIR/hostapd_ctrl"
# from now on we exit with 0 on SIGINT
trap "clean_exit" SIGINT
if ! hostapd $CONFDIR/hostapd.conf; then
echo -e "\nError: Failed to run hostapd, maybe a program is interfering." >&2
if networkmanager_is_running; then
echo "If an error like 'n80211: Could not configure driver mode' was thrown" >&2
echo "try running the following before starting create_ap:" >&2
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
echo " nmcli nm wifi off" >&2
else
echo " nmcli r wifi off" >&2
fi
echo " rfkill unblock wlan" >&2
fi
die
fi
clean_exit
Last edited by OBLiQUE (2014-09-02 20:26:22)adam777 wrote:
Thank, just what I was looking for.
Unfortunately, it seems that currently my Intel 5300 card (using the iwlwifi driver), does not support AP mode.
From what I understand, hostapd can be used in bridge mode as well, which should have no compatibility problems.
Can some one point me in the right direction?
* EDIT *
After more attempts, I think I got it wrong and AP mode is indeed required.
Sorry for the late reply, I didn't noticed your message.. Did you got any errors? I have Intel 6205 and it works.
Also if you use NetworkManager, then you have to say to NetworkManager to stop using your interface.
You can do it by editing the /etc/NetworkManager/NetworkManager.conf file and put the following (without the <>):
[keyfile]
unmanaged-devices=mac:<interface's mac address here>
and restart your NetworkManager. Ofcourse after you finish, you have to remove it in order to get your wifi back to working with NetworkManager. -
Strange VLAN issue on aironet access points
I'm setting up some access points for WPA. I've ran into a strange issue. The client VLAN (VLAN that the users will be put into) is 1, and the native VLAN is 10. The RADIUS server is in VLAN 1 (but I have a test RADIUS server in VLAN 10 as well). I can connect from the access point to a RADIUS server in either VLAN, and from the RADIUS servers to the access point as well. When I point to a RADIUS server in VLAN10 authentication works fine. If I point to a RADIUS server that is located in VLAN1, and I put the wireless clients in VLAN10 it works fine. But for some reason when I have the RADIUS server and the clients in VLAN (1) and the native (BVI1) interface in VLAN 10 the authentication packets never seem to get to the RADIUS server. It is as if the authentication is being sources out of the wrong VLAN. I can?t find any docs to say that this isn?t a supported configuration.
Hi Shannon,
have a look here:
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#apconfig
- - - Snipp - - -
Significance of Native VLAN
When you use an IEEE 802.1Q trunk port, all frames are tagged except those on the VLAN configured as the "native VLAN" for the port. Frames on the native VLAN are always transmitted untagged and are normally received untagged. Therefore, when an AP is connected to the switchport, the native VLAN configured on the AP must match the native VLAN configured on the switchport.
Note: If there is a mismatch in the native VLANs, the frames are dropped.
This scenario is better explained with an example. If the native VLAN on the switchport is configured as VLAN 12 and on the AP, the native VLAN is configured as VLAN 1, then when the AP sends a frame on its native VLAN to the switch, the switch considers the frame as belonging to VLAN 12 since the frames from the native VLAN of the AP are untagged. This causes confusion in the network and results in connectivity problems. The same happens when the switchport forwards a frame from its native VLAN to the AP.
- - - Snapp - - -
Best regards,
Frank -
How to configure MSI RG54SE II as Access Point ?
I have an msi router:
Firmware Version:
3.5.2 Build 070402 Rel.60023n
Hardware Version:
RG54SE II v1 081520C2
And i want it to configure it as an access point to a wireless network/ or another access point . Can you help me on how i do this ?
Regards,
DanielHi. I Had a similar problem and found a solution. If you have another device as your primary router then:
1. connect ethernet cable from LAN port of your primary router to LAN port (NOT WAN!) of your RG54SE (I will just call it MSI).
2. go to web interface of MSI
3. if MSI has ip address in wan connection then release it. (Network->WAN) (I set my wan connection type to dynamic ip because there is no option to disable it)
4. in Network->LAN set ip address different from primary router (but in the same subnet) and out of DHCP pool
i.e. if your primary router has ip address 192.168.1.1 and its dhcp pool is 192.168.1.100-199 then you can set local ip address of MSI to 192.168.1.2
5. Disable DHCP on MSI router.
6. If your primary router also has active wi-fi then you must switch MSI wi-fi to another channel, so they do not interfere with each other.
that's it! It's simple and it works! -
Dear All,
I am not expert in wireless and cisco. I need to configure accesspoint 1140 in my network. I have 10 vlans in my network (Switch 2960)
how i can configure accesspoint to used two ssid, one for lan and one for guest this two ssid in separate vlans. I was try like this...
i create vlans on 3750 switch. I connected my accesspoint to switch 2960 (2960 switch is enduser switch). I trunk the port on 2960 switch is connected to access point. I assign ip address to BVI Interface in accesspoint static. i am unable to ping from access point to other vlans, from other vlans to access point.
can any one help to configure access point.
regards.,Basic Wireless LAN Connection Configuration Example
http://www.cisco.com/en/US/customer/tech/tk722/tk809/technologies_configuration_example09186a008055c39a.shtml -
E5 Packet data connection/access point
I was just wondering what this is.
I think I don't need it being as I don't have a "Data Package" set up with AT&T...am I right?
If I'm wrong, what to do next.This would be needed for internet access and mms usage on your phone. Internett access only if you're thinking about surfing on the network. Wlan does not require any data packet connection over the phone network but will be saved as an access point though.
You will also need a packet data connection for using A-gps as it needs a few kb to locate the phone through the network.
But you can use the gps without agps.
So if you don't plan on browsing internett on the phone network, you don't need a packet data connection for that/ acces point.
If you don't need to send mms, you don't need one for that either, but those acces points are separeted from each others.
If you can not send mms, but you want to, you will probably be able to order the settings (accesspoint) from your providers web page. It will usually be in form of a text message sent to your phone. Same for the other access points.
Did this help you in any way or was it just confusing?
A Packet data connection will pretty much be an access point for internet/mms/wap over your network.
Using you wlan will be installed as a access point too, but that will of course be free (or just cost what you pay to have your internett). -
I have two WRT 110 and I am using one as a wireless router and I wish to use one as a wireless access point, but cannot get them to connect. I have tried it manually and using the wireless protected setup. Is there anything that needs to be cofigured in the router to use it as an access point only? Any help or advice would be appreciated.
You can not connect them wirelessly, you must connect via Ethernet cable.
You may go here to find out how to cascade two routers.
Maybe you are looking for
-
Since the iOS7.0.2 update to my iPhone 4S, I can no longer choose use of my Bluetooth device if using the power cord to listen to MUSIC or answer my phone (choice of powercord as 'dock,' speaker, & phone only). Was this former-feature now an oversig
-
Error when Start domain in Weblogic 10.3.3 RedHat 5.0 64Bits
I followed the steps of creating the Domain Patterns, but when I run the start the following error occurs: ./startWebLogic.sh JAVA Memory arguments: -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=256m WLS Start Mode=Dev
-
Hi Frnds, I have a Idoc to file scenario, Iam getting following error in RWB Conversion initialization failed: java.lang.Exception: java.lang.Exception: Error(s) in XML conversion parameters found: Parameter '.fieldFixedLengths' or '.fieldSeparator'
-
Fundamental j2ee classpath question
hi folks -- I have a j2ee project with - a WAR (which has among other things a servlet in it) - a ejb project (which has a stateless session bean in it) I need to call the session bean from the servlet and my servlet code gets a reference to the bean
-
Printing/viewing sql generated data under 9ias
Thanks for your quick response. a quick example of what i am trying to do. Under forms45 Run sqlplus from a .sql file containing spool report.lst select pat_sur,pat_DOb form patient where pat_key >= &start and pat_key <= &end; spool off; exit This is