Solved NAT - network not identified

Sub4sub

Sub4sub

I set FreeBSD as the network gateway.
However, the systems on the internal network have no connection.

That's why I didn't check further, but other systems like Android on the local network have no connection.

The configuration is as follows:

/etc/rc.conf

Code: 
hostname="router"
dnsmasq_enable="YES"

ifconfig_re0="inet 192.168.1.46 netmask 255.255.255.0"
defaultrouter="192.168.1.1"

wlans_rtwn0="wlan0"
create_args_wlan0="wlanmode hostap"
ifconfig_wlan0="inet 10.1.1.1 netmask 255.255.255.0"
hostapd_enable="YES"

ifconfig_igb0="inet 10.1.1.1 netmask 255.255.255.0"
#dhcpd_enable="YES"
gateway_enable="YES"

nat on pf:
/etc/pf.conf

Code: 
ext_if="re0"
int_if="igb0"

set skip on lo
nat on $ext_if inet from ! ($ext_if) to any -> ($ext_if)

Dnsmasq
/usr/local/etc/dnsmasq.conf

Code: 
domain-needed
server=208.67.222.222
server=208.67.220.220

dhcp-range=set:igb0,10.1.1.10,10.1.1.200,255.255.255.0,24h
dhcp-option=igb0,option:router,10.1.1.1

dhcp-range=set:wlan0,10.1.1.10,10.1.1.200,255.255.255.0,24h
dhcp-option=wlan0,option:router,10.1.1.1

/var/db/dnsmasq.leases
Code: 
1650906948 0a:50:CE:NZ:OR:ED:ZZ 10.1.1.111 * 01:0a:CE:NZ:OR:ED:ZZ
1650907494 40:6f:CE:NZ:OR:ED:ZZ 10.1.1.190 BLACKBERRY-A293 *
1650906849 00:10:CE:NZ:OR:ED:ZZ 10.1.1.132 DESKTOP-sdxfsd 01:00:CE:NZ:OR:ED:ZZ

Android says connected but no internet
 
I changed to 10.1.2.0/24

Code: 
wlans_rtwn0="wlan0"
create_args_wlan0="wlanmode hostap"
ifconfig_wlan0="inet 10.1.2.1 netmask 255.255.255.0"
hostapd_enable="YES"

Code: 
domain-needed
server=208.67.222.222
server=208.67.220.220

dhcp-range=set:igb0,10.1.1.10,10.1.1.200,255.255.255.0,24h
dhcp-option=igb0,option:router,10.1.1.1

dhcp-range=set:wlan0,10.1.2.10,10.1.2.200,255.255.255.0,24h
dhcp-option=wlan0,option:router,10.1.1.1

something has changed but it still doesn't work

/etc/hostapd.conf
Code: 
interface=wlan0
driver=bsd
#ctrl_interface=/var/run/hostapd
#ctrl_interface_group=wheel
#### IEEE 802.11 related config ####
ssid=YOURSSID
#macaddr_acl=0
#auth_algs=1
#### IEEE 802.1X related config ####
ieee8021x=0
#### WPA/IEEE 802.11i config #####
wpa=1
wpa_passphrase=1234567890
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP TKIP

"the network may be unavailable or temporarily overloaded"

EDIT:

dhcp-option=wlan0,option:router,10.1.1.1

must be set as:

dhcp-option=wlan0,option:router,10.1.2.1

"Limited connection."?

But it works.

docs.freebsd.org

章 31. 進階網路設定

docs.freebsd.org docs.freebsd.org
 
Sub4sub said:
wpa=1
Click to expand...
Increase to =2 Please

Sub4sub said:
wpa_pairwise=CCMP TKIP
Click to expand...
Drop the TKIP. AES is superior.

Sub4sub said:
Code: 
dhcp-range=set:igb0,10.1.1.10,10.1.1.200,255.255.255.0,24h
dhcp-option=igb0,option:router,10.1.1.1

dhcp-range=set:wlan0,10.1.1.10,10.1.1.200,255.255.255.0,24h
dhcp-option=wlan0,option:router,10.1.1.1
Click to expand...
Yes I did not notice that. Same IP range on different adapters is a no go.

You could have created separate subnets for a routed solution instead of bridged.
For instance igb0 10.1.1.1 and
Sub4sub said:
ifconfig_wlan0="inet 10.1.2.1 netmask 255.255.255.0"
Click to expand...
Then set your dnsmasq ranges appropriately.
 
I changed

Code: 
interface=wlan0
driver=bsd
#ctrl_interface=/var/run/hostapd
#ctrl_interface_group=wheel
#### IEEE 802.11 related config ####
ssid=YOURSSID
#macaddr_acl=0
#auth_algs=1
#### IEEE 802.1X related config ####
ieee8021x=0
#### WPA/IEEE 802.11i config #####
wpa=2
wpa_passphrase=1234567890
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP AES

I don't know how to set the bridge.
 
Sub4sub said:
Code: 
wpa_pairwise=CCMP AES
Click to expand...
Use just CCMP here.

You set the IP on the bridge not interfaces of bridge.
Because we use a bridge there is no need for dnsmasq here.
I use DHCP from my upstream router.

/etc/rc.conf
Code: 
#### Wireless AP ####
cloned_interfaces="bridge0"
ifconfig_bridge0="addm igb0 addm wlan0 SYNCDHCP"
wlans_rtwn0="wlan0"
ifconfig_wlan0="up mtu 1500"
create_args_wlan0="wlanmode hostap country US ssid ###### channel ###"
ifconfig_igb0="up"
hostapd_enable="YES"
defaultrouter="192.168.1.1"
gateway_enable="YES"
Note: Replace SYNCDHCP with an IP if you use that. defaultrouter is my upstream connection.

/etc/hostapd.conf
Code: 
# cat /etc/hostapd.conf
interface=wlan0
ssid=######
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
wpa=2
wpa_passphrase=########
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
 
With You, it's like this rule:

Code: 
ifconfig_bridge0="addm igb0 addm wlan0 SYNCDHCP"

Causes a local address to be assigned to one of the two cards.
And I want to do it the other way around.

Maybe PF sense will have it done, I'll take a peek. I have some free disk.
 
Last edited:
You must log in or register to reply here.
Back
Top