# wifi card in master mode and wpa

## Paczesiowa

hi,

I followed this http://gentoo-wiki.com/HOWTO_Building_a_Wireless_Access_Point_With_Gentoo

and it's working but I would like to have wpa enabled (or even wpa2 but that's not necesarry)

I found many configs but all of them are wpa or master mode, and I cant figure how to mix them. I tried hostapd with this config: http://madwifi.org/wiki/UserDocs/HostAP but hostapd fails to start because of "wlan0 doesn't exist" which is kinda weird because hostapd is compiled with madwifi flag and it has "interface=ath0" in hostapd.conf so I don't know why does it try to start non-existing wlan0

----------

## mgbowman

I'm trying to do the same thing but also have been unsuccessful. I will post back any findings as running an un-enc AP at work is a huge security risk for me.

--mgb

----------

## Paczesiowa

well I solved it since then so I can help you. do you want wpa-psk or wpa-enterprise? do you use bridging?

----------

## mgbowman

I'm just looking for a simple WPA-PSK using a bridge...

```
gaia ~ # brctl show 

bridge name     bridge id               STP enabled     interfaces

br0             8000.001320b1682c       no              eth0

                                                        ath0

                                                        tap0

                                                        tap1

                                                        tap2

                                                        tap3
```

(Note: The tapX devices are for my OpenVPN end-points.)

I found a good article [linux.com] on setting up hostapd for this but I could never get any of my Windows XP SP2 with the WPA2 hotfix [microsoft.com] installed.

My wireless device is ...

```
gaia ~ # lspci -v

05:01.0 Ethernet controller: Atheros Communications, Inc. AR5006X 802.11abg NIC (rev 01)

        Subsystem: D-Link System Inc D-Link AirPremier AG DWL-AG530 Wireless PCI Adapter

        Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- Stepping- SERR- FastB2B-

        Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR-

        Latency: 168 (2500ns min, 7000ns max), Cache Line Size: 64 bytes

        Interrupt: pin A routed to IRQ 21

        Region 0: Memory at 48000000 (32-bit, non-prefetchable) [size=64K]

        Capabilities: [44] Power Management version 2

                Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-)

                Status: D0 PME-Enable- DSel=0 DScale=2 PME-
```

Was hostapd your solution? If so, I'll post my config and the errors I'm getting when trying to connect.

Thanks for your reply!

--mgb

----------

## Paczesiowa

hostapd.conf

```
bridge=br0

interface=ath0

driver=madwifi

logger_syslog=-1

logger_syslog_level=2

logger_stdout=-1

logger_stdout_level=2

debug=3

ctrl_interface_group=0

macaddr_acl=0

ctrl_interface_group=0

ctrl_interface=/var/run/hostapd

deny_mac_file=/etc/hostapd/hostapd.deny

auth_algs=3

eapol_key_index_workaround=0

eap_server=0

eapol_version=2

own_ip_addr=127.0.0.1

dump_file=/tmp/hostapd.dump

ssid=DOM

wpa=1

wpa_passphrase=BxT3M3CBcQviSwxmlNg6QwZfVjFO5we8aVS2ADCTnlaLogcJ4wOyuR5qAG1EA43

wpa_key_mgmt=WPA-PSK

wpa_pairwise=TKIP
```

etc/conf.d/net

```
config_eth0=( "null" )

config_eth2=( "null" )

config_ath0=( "null" )

modules_ath0=( "iwconfig" )

essid_ath0=( "DOM" )

mode_ath0=( "Master" )

channel_ath0=( "1" )

iwpriv_ath0="mode 3"

bridge_br0=( "ath0" "eth0" "eth2" )

config_br0=( "192.168.0.1/24" )

depend_br0() {

   need net.eth0 net.ath0

}
```

the only thing not working is ath0 doesnt get in ap mode after boot (it worked for 6 months, and broke yesterday) so I have to "wlanconfig ath0 destroy && wlanconfig ath0 create wlandev wifi0 wlanmode ap" manually.

at windows xp clients I had problems when I tried to connect using that "connect" button. it never worked. my guess is it couldn't figure encryption method and tried AES/CCMP by default. So I had to configure network by hand (ssid, encryption, passphrase) and let it autoconnect by it self.

----------

## hillie

Does anyone know how to do this without using hostapd or bridging?

I'm using a box with Shorewall IP Masq.. don't really need bridging or another daemon running on my box.

The reason I say this is coz I have already an open WAP with full internet sharing running with just the ath0 configuration and Shorewall.

I mean if there's no way to do it without hostapd i guess I will have to. also is there a way to use WPA2?

----------

## digitall2000

hi Paczesiowa

on your last post:

at windows xp clients I had problems when I tried to connect using that "connect" button. it never worked. my guess is it couldn't figure encryption method and tried AES/CCMP by default. So I had to configure network by hand (ssid, encryption, passphrase) and let it autoconnect by it self.

would you please explain how you did the "configuring network by hand" on the wireless card?

it would be greatly appreciated

lance

----------

## Chris W

 *Paczesiowa wrote:*   

> 
> 
> the only thing not working is ath0 doesnt get in ap mode after boot (it worked for 6 months, and broke yesterday) so I have to "wlanconfig ath0 destroy && wlanconfig ath0 create wlandev wifi0 wlanmode ap" manually.

  The ath0 interface is created by the ath_pci module at the time it is loaded.  By default the interface will be in station mode---this cannot be changed by the iwconfig tool afterward.  To force it to create an AP interface by default try this line at the end of /etc/modules.d/ath_pci

```

options ath_pci autocreate=ap

```

----------

## Paczesiowa

I had that line. problem was that I had that in two placyes - in /etc/modules.d/ath_pci and /etc/modules.autoload/kernel-2.6 after deleting the latter it started working again.

----------

## richard.scott

I didn't think things through correctly when I started testing with WPA and I was using a wireless nic that had no hardware wpa or wpa2 support! I then found it impossible to setup WPA   :Embarassed: 

I've since changed to a decent atheros card with WPA support and I configured my WPA to work with a phrase and not the key you have. 

I put the following in my /etc/hostap/hostapd.conf

```
interface=ath1

driver=madwifi

logger_syslog=-1

logger_syslog_level=3

logger_stdout=-1

logger_stdout_level=3

debug=0

dump_file=/tmp/hostapd.dump

ctrl_interface=/var/run/hostapd

ctrl_interface_group=0

ssid=QWERTYUIOPASDFGHJKLZXCVBNM

# EAPOL-Key index workaround (set bit7) for WinXP Supplicant

eapol_key_index_workaround=1

macaddr_acl=0

accept_mac_file=/etc/hostapd/hostapd.accept

deny_mac_file=/etc/hostapd/hostapd.deny

auth_algs=3

eapol_key_index_workaround=0

eap_server=0

own_ip_addr=127.0.0.1

wpa=1

wpa_psk_file=/etc/hostapd/hostapd.wpa_psk

wpa_key_mgmt=WPA-PSK

wpa_pairwise=CCMP

wpa_group_rekey=60

wpa_gmk_rekey=3600
```

I have this in my /etc/conf.d/net file for my Atheros based wireless card:

```
config_ath1=( "192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255" )

essid_ath1="QWERTYUIOPASDFGHJKLZXCVBNM"

mode_ath1="master"

channel_ath1="1"

iwpriv_ath1="mode 3"

```

and this in my /etc/modules.d/ath_pci

```
options ath-pci autocreate=ap
```

and I have this in /etc/hostapd/hostapd.wpa_psk

```
# List of WPA PSKs. Each line, except for empty lines and lines starting

# with #, must contain a MAC address and PSK separated with a space.

# Special MAC address 00:00:00:00:00:00 can be used to configure PSKs that

# anyone can use. PSK can be configured as an ASCII passphrase of 8..63

# characters or as a 256-bit hex PSK (64 hex digits).

00:00:00:00:00:00 James Bond aka 007
```

Now, when you connect via a windows clinet you type in James Bond aka 007 as the pass phrase!

----------

