Hi all,
openwrt version 18.06.1
QCA9880 which uses ath10k
I am trying to setup dynamic VLAN with MAC authentication using freeRadius.
hostapd-phy0.conf
driver=nl80211
...
ieee80211d=1
ieee80211h=1
hw_mode=a
...
ieee80211n=1
ht_coex=0
ht_capab=[HT40+][LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935][DSSS_CCK-40]
vht_oper_chwidth=0
vht_oper_centr_freq_seg0_idx=151
ieee80211ac=1
vht_capab=[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC-1][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]
interface=wlan0
ctrl_interface=/var/run/hostapd
...
wpa_passphrase=secret
...
ssid=testssid
wpa_disable_eapol_key_retries=0
...
macaddr_acl=2
...
dynamic_vlan=2
vlan_bridge=br-vlan
auth_server_addr=10.155.2.2
auth_server_port=1812
auth_server_shared_secret=testing123
acct_server_addr=10.155.2.2
acct_server_port=1813
acct_server_shared_secret=testing123
FreeRadius config:
xxxxxxxxxxxx Cleartext-Password := xxxxxxxxxxxx
Tunnel-Type = "VLAN",
Tunnel-Medium-Type = "IEEE-802",
Tunnel-Private-Group-ID := 4
ifconfig shows:
br-vlan2, br-vlan3, br-vlan4
eth0, eth0.2, eth0.3, eth0.4
wlan0
I am receiving this message and the STA is not receiving any dhcp:
[daemon.info](http://daemon.info) hostapd: wlan0: STA xx:xx:xx:xx:xx:xx RADIUS: Invalid VLAN
4 received from RADIUS server
[daemon.info](http://daemon.info) hostapd: wlan0: STA xx:xx:xx:xx:xx:xx IEEE 802.11: authenticated
[daemon.info](http://daemon.info) hostapd: wlan0: STA xx:xx:xx:xx:xx:xx IEEE 802.11:
associated (aid 1)
daemon.notice hostapd: wlan0: AP-STA-CONNECTED xx:xx:xx:xx:xx:xx
[daemon.info](http://daemon.info) hostapd: wlan0: STA xx:xx:xx:xx:xx:xx RADIUS: starting
accounting session 7E2E6F0F53968240
[daemon.info](http://daemon.info) hostapd: wlan0: STA xx:xx:xx:xx:xx:xx WPA: pairwise key
handshake completed (RSN)
After reading the posts/links below, I tried an experiment.
I manually created vlans on wlan0: wlan0.3, wlan0.4 and then created /etc/config/hostapd.vlan
and populated as so:
3 wlan0.3
4 wlan0.4
* wlan0.#
added the option vlan_file=/etc/config/hostapd.vlan to hostapd config
brctl show
bridge name bridge id STP enabled interfaces
br-vlan2 7fff.aecb3f32cd10 no eth0.2
br-vlan3 7fff.aecb3f33cd11 no eth0.3
wlan0.3
br-vlan4 7fff.aecb3f34cd12 no eth0.4
wlan0.4
Now wlan0.3 and wlan0.4 are created and added to the appropriate bridges.
With this setup I am getting these errors:
daemon.info hostapd: wlan0: STA xx:xx:xx:xx:xx:xx RADIUS: VLAN ID 4
daemon.info hostapd: wlan0: STA xx:xx:xx:xx:xx:xx IEEE 802.11: authenticated
daemon.info hostapd: wlan0: STA xx:xx:xx:xx:xx:xx IEEE 802.11: associated (aid 1)
daemon.notice hostapd: Failed to update VLAN-ID for WPA
daemon.err hostapd: nl80211: NL80211_ATTR_STA_VLAN (addr=xx:xx:xx:xx:xx:xx ifname=wlan0.4 vlan_id=4) failed: -22 (Invalid argument)
Is there any way to tell hostapd to use already created interfaces instead of trying to create new ones?
Any advice?
Thanks
Posts read: