problem with openwrt 18.06.1 with wifi if ( Hide ESSID )
if ( Hide ESSID )
can`t connect to the wifi !
when enter the correct name ( not work )
try in honor 8x
i used TP-Link W8970 ver 1
More than likely your phone or you mis-entering the ESSID and/or password incorrectly. Without logs there's nothing more to say.
From http://www.insanitybit.com/2012/05/30/stealth-ports-or-closed/
Here’s a tip – stop making security a matter of whether the attacker knows you’re there and start making it a matter of whether or not they can get in anyway.
Yes, I can see your "stealth" ESSID as I drive by.
And before you go there, MAC filtering is useless as I can find out one that works as I drive by, and change mine to that in seconds.
2 Likes
try in phone
-rest network ( not work the same problem )
-rest all the setting ( the same )
when enable ESSID with out Hide the connection is work good !
when Hide ESSID again but ESSID store in the phone ( the connection not work !
when try add name manual and Hide ESSID
get ( unable to find "openwrt" connection failed.
the Hide ESSID not with computer Wifi and lumia 950 only with honor 8x !
problem with android or only this device ??????
Hidden SSSID combined with MAC whitelist is known to prevent connection of many mobile clients. Most mobile clients probe with a random MAC for privacy reasons.
Hidden SSID offers no security advantage. It's legitimate use is on private point-to-point links to prevent them cluttering the AP list of users.
As it appears, try manually adding your wifi in android and use the hidden option in advanced config. I have a Nokia 6.1 with me and setting the hidden config in advanced settings works quite well.
Although it would be better to use a visible SSID with a strong password for better management and less power consumption in your mobile phones.
3 Likes
the problem with MAC address filter is enable ( allow list only )
when Hide ESSID can`t connect !
when enable ESSID with MAC address filter all is good and work !
my mobile honor 8x used fixed MAC address not ( random MAC ) !
the old firmware tp-link w8970 official firmware
TD-W8970v1_0.6.0_2.12_up_boot(140613)_2014-06-13_09.17.23.bin
no problem with honor 8x work good with MAC address filter and Hide ESSID.
try other mobile With the same openwrt 18.06.1 is work good !
-lumia 950 ( work )
-sony xperia z5 premium ( work )
-honor 8X ( not work )
I have a couple D-link security cameras that will not connect to wifi unless the SSID is broadcast. You can enter the correct SSID and key, but it does not work. Turn on broadcast and bingo. I consider it a client side bug.
Anyway, this is 2018 and hiding your SSID offers no security advantage whatsoever, so just leave it on.
4 Likes
i think this bugs in openwrt 18.06.1
when
Hide ESSIS & MAC Address Control ( Bugs )
-Hide ESSIS & MAC Address Control ( the router Firmware OpenWRT Cant` Detect some MAC Address in the MAC Address Control )
- Hide ESSIS & without used MAC Address Control ( ALL Is Work OK )
this problem with Honor 8X !
how to fixed it ?
this fixed ?
https://dev.archive.openwrt.org/ticket/14433
The referenced ticket seems to have absolutely nothing to do with this supposed issue. It relates to the Ethernet MAC address and was resolved four years ago.
Without evidence that there is an OpenWrt bug, such as packet capture, the problem is assumed to lie with the operator or the client devices.
not with OpenWrt.
As pointed out multiple times, neither hiding the SSID nor use of MAC filtering provide any meaningful improvement in security.
1 Like
but original tp-link w8970 ver 1 firmware is work good !
honor 8x work with Hide ESSIS & MAC Address Control ( without any problems )
That's because the stock firmware is using older drivers. Hostapd has been recently changed to handle the MAC filter more strictly and not respond to probe requests from disallowed MACs.
In the legitimate use of hidden SSIDs and MAC filters-- private point to point links-- this is actually good. Probe responses should not be sent to stations that are not allowed to connect anyway, and point to point stations have no reason to anonymize themselves with random MACs.
2 Likes
but the honor 8x not used random MACs !
and i allowed MACs of honor 8x !
I've myself used Hide SSID feature in the past for some obvious reasons but I've never used it with mac filter. It doesn't make any sense to me that someone would use both of these at the same time. If I'm hiding SSID then no one can see it (which is wrong) but in any case why create trouble for yourself in the first place when all of this can be a simple thing with just a strong password. You can hide your SSID for any reason and add a strong password so no one can get through if that's what you want.
3 Likes
i make password same as
A05D8AF5D3CA7B8AFF4D6E93B04C5A87
this good ?
or need some symbols ? ( @$#%$% ) ?????
THAT IS HORRIBLE
https://my.norton.com/extspa/idsafe?path=pwd-gen
You can use up to 63 ASCII characters in a WPA2 passphrase.
2 Likes
thank you.
1 Like
May I add that these add security. Being it not much but in a sense they do. Most security is based on obscurity. For example the WPA password encryption can be ultra safe but if you leave it on your front door on a post it it has less meaningful security.
I did have SSID hidden and a ACL active. Just to keep those script kiddies out. Especially on places around schools. There are allot of children tying those online tutorials and these features may be a bridge to far for them.
And just as with locks. You should make your locks harder to pick than your neighbors. Just to keep the opportunists out.
I also encountered this OPs issue recently with my Galaxy A8 after a update. My network ran OpenWRT18 with both features enabled. And it all worked fine. But after the Galaxy A8's update it didn't work anymore. So it seems that even while connecting my phone uses a random mac.
1 Like
Either your password (the PSK) is good - then no amount of brute forcing will crack it within reasonable time, or it isn't. Hidden ESSIDs or MAC access lists don't add to its security in the slightest, those are circumvented trivially - while hacking a good PSK isn't.
3 Likes
As it seems this is not an issue/bug for OpenWrt, just a feature embedded in some devices. OP has listed it as a problem but it's clearly not related to the firmware though. Firmware is doing whatever it's being told by the configuration done by the user.
2 Likes