Clients connecting via 5GHz do not get an IP address assigned via DHCP. Also static IP configuration does not work (no communication possible). Tried without and with various encryption options.
All of that works fine via Ethernet LAN ports and via 2.4GHz WIFI, btw!
System Log shows
Mon Apr 10 12:40:59 2023 daemon.info hostapd: wlan1-1: STA de:61:67:99:19:60 IEEE 802.11: associated
Mon Apr 10 12:40:59 2023 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED de:61:67:99:19:60
Mon Apr 10 12:40:59 2023 daemon.info hostapd: wlan1-1: STA de:61:67:99:19:60 WPA: pairwise key handshake completed (RSN)
Mon Apr 10 12:40:59 2023 daemon.notice hostapd: wlan1-1: EAPOL-4WAY-HS-COMPLETED de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.200 de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.200 de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:61:67:99:19:60
Mon Apr 10 12:41:03 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.200 de:61:67:99:19:60
Mon Apr 10 12:41:07 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:61:67:99:19:60
Mon Apr 10 12:41:07 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.200 de:61:67:99:19:60
Mon Apr 10 12:41:14 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:61:67:99:19:60
Mon Apr 10 12:41:14 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.200 de:61:67:99:19:60
Mon Apr 10 12:41:18 2023 daemon.info hostapd: wlan1-1: STA de:61:67:99:19:60 IEEE 802.11: disassociated
Mon Apr 10 12:41:18 2023 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED de:61:67:99:19:60
Mon Apr 10 12:41:18 2023 daemon.info hostapd: wlan1-1: STA de:61:67:99:19:60 IEEE 802.11: disassociated
and also sometimes (don't know if that is related)
Mon Apr 10 08:15:17 2023 kern.err kernel: [120777.585468] ieee80211 phy0: brcmf_psm_watchdog_notify: PSM's watchdog has fired!
The clients (phones, computers) connect via 5GHz but then IP connection does not work. It is fine with 2.4GHz.
I use 22.03.2 and lower (since 22.03.3 and snapshots have boot loop).
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
I did not do much custom config yet, so most is as out-of-the-box from the image:
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option ula_prefix 'XXXXXXXXXX'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
list ports 'eth2'
list ports 'extsw'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
option ipv6 '0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.100.1'
option delegate '0'
option ip6assign '64'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
-------------------------------
root@OpenWrt:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path '18000000.axi/bcma0:7/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '1'
option band '2g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'ildha2g4'
option encryption 'psk2'
option key 'XXXXXXXXX'
config wifi-device 'radio1'
option type 'mac80211'
option path '18000000.axi/bcma0:8/pci0001:00/0001:00:00.0/0001:01:00.0'
option band '5g'
option cell_density '0'
option country 'DE'
option txpower '20'
option htmode 'VHT80'
option channel '36'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'ildha5g'
option key 'XXXXXXXXX'
option disassoc_low_ack '0'
option skip_inactivity_poll '1'
option encryption 'psk2'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid 'OW5'
option encryption 'psk2+ccmp'
option key 'XXXXXXXXX'
option network 'lan'
-------------------------------
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option ip '192.168.100.146'
option mac 'XXXXXXXXX'
option name 'laptop'
option dns '1'
config host
option name 'phone'
option dns '1'
option mac 'XXXXXXXXX'
option ip '192.168.100.169'
-------------------------------
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
option flow_offloading '1'
option flow_offloading_hw '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
This bridge looks wrong.... what is extsw? And eth0 and eth2 doesn't fit with the typical labeling scheme of the ports if your device has lan1-lan4 as explicit port labels (typical of DSA on many devices). These should probably be deleted.
You should probably use psk2 encryption instead of psk2+ccmp
Thanks for the pointers and your fast reply!
There is partial progress:
Using TKIP is the only way i get 5GHz "working". All other options (whatever encryption standard, even without encryption) do not work.
Unfortunately TKIP has max 54mbps. CCMP would unlock full speed.
The bridge config has no impact. Still, I removed eth0 and eth2. extsw is the additional ("external") RTL8365MB that provides 4 more physical Ethernet jacks (see pic in https://openwrt.org/toh/asus/rt-ac88u.
How can i use CCMP with 5GHz? If I use CCMP, clients connect, show up for a short while in the "Associated Stations" list (with good speed), and then disconnect.
As said, all that (e.g. CCMP, high speed) works well with the 2.4GHz interface...
You config is relatively simple... have you considered trying to reset to defaults?
- Make a backup of your current config so you can restore if you like
- reset to defaults
- enable wifi on both bands (set the country code, SSID, encryption type, passcode, and then enable the radios).
- Test.
I cleared NVRAM, made a fresh install of 22.03.2 (22.03.4 has boot loop like 22.03.3), but same result. 5GHz only works with TKIP. 
When choosing anything else (auto, CCMP, no encryption etc.) clients get an IP address for a short while, the entry pops up at the luci web interface cgi-bin/luci/admin/network/wireless (with 144Mbps), and then disappears again (disassociated 26sec later).
Removed odhcp to use dnsmasq only, but that did not help either.
'psk2+tkip' is the only cipher that works:
Thu Apr 27 11:25:44 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: associated
Thu Apr 27 11:25:45 2023 daemon.notice hostapd: wlan1: AP-STA-CONNECTED de:ad:be:ef:01:02
Thu Apr 27 11:25:45 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 WPA: pairwise key handshake completed (RSN)
Thu Apr 27 11:25:45 2023 daemon.notice hostapd: wlan1: EAPOL-4WAY-HS-COMPLETED de:ad:be:ef:01:02
Thu Apr 27 11:25:46 2023 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:25:46 2023 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.100.169 de:ad:be:ef:01:02
all others (example 'psk2+ccmp' here) lead to a weird DHCPREQUEST/DHCPACK ping-pong and a final disassociate (even no cipher):
Thu Apr 27 11:34:07 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: associated
Thu Apr 27 11:34:08 2023 daemon.notice hostapd: wlan1: AP-STA-CONNECTED de:ad:be:ef:01:02
Thu Apr 27 11:34:08 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 WPA: pairwise key handshake completed (RSN)
Thu Apr 27 11:34:08 2023 daemon.notice hostapd: wlan1: EAPOL-4WAY-HS-COMPLETED de:ad:be:ef:01:02
Thu Apr 27 11:34:08 2023 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:08 2023 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:09 2023 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:09 2023 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:11 2023 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:11 2023 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:13 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:ad:be:ef:01:02
Thu Apr 27 11:34:13 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:14 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:ad:be:ef:01:02
Thu Apr 27 11:34:14 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:16 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:ad:be:ef:01:02
Thu Apr 27 11:34:16 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:20 2023 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan) de:ad:be:ef:01:02
Thu Apr 27 11:34:20 2023 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:26 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: disassociated
Thu Apr 27 11:34:26 2023 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED de:ad:be:ef:01:02
Thu Apr 27 11:34:26 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: disassociated
Thu Apr 27 11:34:30 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: associated
Thu Apr 27 11:34:30 2023 daemon.notice hostapd: wlan1: AP-STA-CONNECTED de:ad:be:ef:01:02
Thu Apr 27 11:34:30 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 WPA: pairwise key handshake completed (RSN)
Thu Apr 27 11:34:30 2023 daemon.notice hostapd: wlan1: EAPOL-4WAY-HS-COMPLETED de:ad:be:ef:01:02
Thu Apr 27 11:34:30 2023 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:30 2023 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.100.169 de:ad:be:ef:01:02
Thu Apr 27 11:34:33 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: disassociated
Thu Apr 27 11:34:33 2023 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED de:ad:be:ef:01:02
Thu Apr 27 11:34:33 2023 daemon.info hostapd: wlan1: STA de:ad:be:ef:01:02 IEEE 802.11: disassociated
Tried playing around with wpa_group_rekey and disassoc_low_ack but no luck.
Hi all, is there any active investigation on this? I have the same problem.
No 5ghz wifi since the first installation of 22.03.02
Sorry, no solution from my side. I gave up, sold my Asus RT-ac88u, and bought a second-hand Netgear-XR500 -> works flawlessly with latest firmware.