More wifi, more problems

· by · in Information Security, Internet, Technology, Troubleshooting. ·

So my DWL-G550 arrived today.
“D-Link DWL-G550 High-Powered Wireless-G PCI Adapter” (D-Link Systems, Inc.)
I threw it into the system and it powered up and loaded the correct Atheros modules. Sweet. Progress.

Now all I have to do is get it working on my WPA2 network and I can cvsup, make world, and install various FreeBSD ports. Before you know it, all this hardware will be serving a valuable purpose.

One thing remained. I needed to get MadWifi working with WPA_supplicant under FreeBSD 6.2 without a handy net connection on the BSD box.

A lot of the documentation out there is outdated, convoluted, or not applicable. If you’re looking to get an Atheros card working under BSD, let me sort you out.

First, this is a good reference for WPA supplicant in a WPA2-Personal environment. (Personal meaning you’re not running a authentication service like RADIUS, EAP or LEAP (which is just another kind of EAP by Cisco which is naturally proprietary), or 802.1x, but using PSK [Pre-shared Key] or a certificate.

Sadly, nothing I could do would get me to associate in WPA2, so I had to settle for WPA. My configuration ended up looking like this:

# cat /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
#ap_scan=1

network={
ssid=”my ssid here
key_mgmt=WPA-PSK
# proto=WPA2
pairwise=CCMP TKIP
group=CCMP TKIP
psk=”my password here
}

It is also interesting to note that I could not associate, even after specifying the SSID and PSK, to my wireless network unless I was broadcasting my SSID. Super weird.

WPA2 should work but does not. Perhaps I’ll try again sometime later after cvsuping and seeing if I’m missing a required kernel module.

Second, now that you have your /etc/wpa_supplicant.conf configuration figured out from reading the instructions or from that link I mentioned.

If you were not seeing something like this in your or dmesg console at startup:

ath0: <Atheros 5212> mem 0xfbb00000-0xfbb0ffff irq 17 at device 12.0 on pci0
ath0: Ethernet address: [your mac here]
ath0: mac 7.9 phy 4.5 radio 5.6

you are having problems. The handbook mentions putting the following into /boot/loader.conf. This is mine:

# cat /boot/loader.conf
if_ath_load=”YES”
wlan_wep_load=”YES”
wlan_ccmp_load=”YES”
wlan_tkip_load=”YES”

It would also be a nice touch to put the bssid of your access point in your /etc/rc.conf. Mine looks like this:

# grep bssid /etc/rc.conf
ifconfig_ath0=”WPA bssid my:AP:MAC:HERE DHCP”

The mention of WPA here is all you need to envoke wpa_supplicant on FreeBSD. More information can be found here.

I suggest this on the off chance that someone has a AP with the same SSID, encryption settings, and key as you do. Say if your SSID was “linksys” for instance.

If someone really doesn’t like you, knows everything about your wifi network, and can steal your wireless clients to their AP by providing a wifi signal of higher strength (which could be easily accomplished by RF signal amplifiers and/or antennas). Such a person would also very likely know what to do with your traffic after they had your association. This is why risk adverse networks are still wired no matter how fast the wireless can go.

Since WPA_supplicant is notoriously bizarre and annoying to get working, I hope that I was able to spare you, dear readers, some time at my expense. I know that I wasn’t finding much in useful information, so hopefully this will prove to be somewhat handy.

Technorati Tags: , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s