I set up my fileserver to be a router and wireless gateway using hostapd and dnsmasq, after I got fed up with Verizon’s crappy Actiontec router.\u00a0 Works great, except for Apple products.\u00a0 Neither Megh’s Mac nor my iPad would connect.<\/p>\n
The various Linux boxes, Android devices, Nintendo Wii, and HP printer connected to it without a problem, so I held out hope that this was a solvable configuration problem and not some fundamental hardware incompatibility.\u00a0 I’ve been running both routers for weeks while I tried to figure this out.<\/p>\n
My iPad has been prompting for a username and password to log into wifi, even though I’m only using WPA Personal.\u00a0 Megh’s Mac refused to connect at all.<\/p>\n
Logging hasn’t been much help, as it fills with messages like this, over and over:<\/p>\n
Oct\u00a0 3 21:30:02 dandelion hostapd: wlp3s6: STA 01:02:03:04:05:06 IEEE 802.11: authentication OK (open system)\nOct\u00a0 3 21:30:02 dandelion hostapd: wlp3s6: STA 01:02:03:04:05:06 IEEE 802.11: authenticated\nOct\u00a0 3 21:30:02 dandelion hostapd: wlp3s6: STA 01:02:03:04:05:06 IEEE 802.11: association OK (aid 2)\nOct\u00a0 3 21:30:02 dandelion hostapd: wlp3s6: STA 01:02:03:04:05:06 IEEE 802.11: associated (aid 2)\nOct\u00a0 3 21:30:11 dandelion hostapd: wlp3s6: STA 01:02:03:04:05:06 IEEE 802.11: deauthenticated due to local deauth request<\/pre>\nNot much indication of what’s wrong there.<\/p>\n
The Server<\/h2>\n
Wireless is provided by an Ralink RT61-based card.\u00a0 I’ve used the same hardware to set up wireless networks before, because I know this chipset can enable master mode.\u00a0 Not all wireless chipsets can.\u00a0 This is the first where I know Apple hardware is in use, though.<\/p>\n
Googling gave me some ideas, but nothing that I found solved the problem.\u00a0 Various posts pointed fingers at hostapd’s integrated EAP server, AES, the wireless hardware itself (oh noes!), and more.<\/p>\n
I started with a basic hostapd config file, no encryption, to rule out hardware issues.<\/p>\n
\/etc\/hostapd\/hostapd.conf<\/strong><\/p>\n
\ndriver=nl80211\nlogger_syslog=1\nlogger_syslog_level=0\nlogger_stdout=-1\nlogger_stdout_level=2\ndump_file=\/tmp\/hostapd.dump\nctrl_interface=\/var\/run\/hostapd\nctrl_interface_group=0\nssid=My crappy wifi name\ncountry_code=US\nhw_mode=g\nchannel=1\nmacaddr_acl=0\ndeny_mac_file=\/etc\/hostapd\/hostapd.deny\nauth_algs=3\nwmm_enabled=0\nap_max_inactivity=600\nieee8021x=0\neap_server=1\nown_ip_addr=127.0.0.1\n<\/pre>\n\/etc\/conf.d\/modules<\/strong><\/p>\n
Apparently, the hardware crypto can be a little flaky with rt61 cards so it’s safer to load it as a module (instead of compiling it into the kernel, so you can unload\/reload it) and disabling hardware crypto at run time.<\/p>\n
modules=\"rt61pci\"\nmodule_rt61pci_args=\"nohwcrypt=1\"<\/pre>\nLike that, everything connected.\u00a0 Hallelujah.<\/p>\n
Now came the fun (if tedious is fun) process of enabling and modifying options until we get an encrypted signal that everything can connect to.\u00a0 The linux-based devices, bless their little electronic souls, seem to be very tolerant about network settings and kept reconnecting no matter what the encryption config was.<\/p>\n
Here’s my final configuration:<\/p>\n
interface=wlp3s6\ndriver=nl80211\nlogger_syslog=1\nlogger_syslog_level=0\nlogger_stdout=-1\nlogger_stdout_level=2\ndump_file=\/tmp\/hostapd.dump\nctrl_interface=\/var\/run\/hostapd\nctrl_interface_group=0\nssid=My crappy wifi name\ncountry_code=US\nhw_mode=g\nchannel=1\nmacaddr_acl=0\ndeny_mac_file=\/etc\/hostapd\/hostapd.deny\nauth_algs=3\nwmm_enabled=0\nap_max_inactivity=600\nieee8021x=0\neap_server=1\nown_ip_addr=127.0.0.1\nwpa=2\nwpa_passphrase=My crappy wifi password\nwpa_key_mgmt=WPA-PSK\nwpa_pairwise=CCMP<\/pre>\nNotes:<\/p>\n
\n
wpa_key_mgmt=WPA-PSK WPA-EAP<\/code> does NOT work with Apple devices, though it does work in general<\/li>\nwpa_pairwise=TKIP<\/code> DOES seem to work, but AES probably provides safer encryption<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"Apple and hostapd The problem I set up my fileserver to be a router and wireless gateway using hostapd and dnsmasq, after I got fed up with Verizon’s crappy Actiontec router.\u00a0 Works great, except for Apple products.\u00a0 Neither Megh’s Mac nor my iPad would connect. The various Linux boxes, Android devices, Nintendo Wii, and HP … Continue reading “Adventures in WiFi”<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","wprm-recipe-roundup-name":"","wprm-recipe-roundup-description":"","advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[9],"tags":[88,89,91,87,90,86],"class_list":["post-578","post","type-post","status-publish","format-standard","hentry","category-linux","tag-apple","tag-hostapd","tag-ios","tag-osx","tag-rt61","tag-wifi"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4o3FW-9k","jetpack-related-posts":[],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/posts\/578","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=578"}],"version-history":[{"count":4,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/posts\/578\/revisions"}],"predecessor-version":[{"id":804,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=\/wp\/v2\/posts\/578\/revisions\/804"}],"wp:attachment":[{"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=578"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=578"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jonesling.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=578"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}