That's a new one on me. 802.1x/EAP is for connecting to a public wifi AP that supports it AFAIK. There's two places I know of that there is anything related to this: management page and wireless security page...
so.. apparently i have nothing with RADIUS now.. in wireless security forms i have WPA + WPA2Personal + CCMP-128 (AES) in both wlan(0 and 0.1)
In, wlan0.1 i also have "WPA Strict Rekeying" and "Disable EAPOL Key Retries" with Disable radio selected (i don't even know what's this last one and why is disable disable but i didn't touch on this)
In the router management, as i told, i disabled yesterday the 802.1x option..
After save, reboot and tonight turn off i got that RADIUS logs again (i was thinking this was a thing with auths between this and the main router but with today syslog i see by the MACs it's between this router and the equipment connected - my laptop and my phone)
Quote:
Dec 1 15:28:56 xxxx daemon.info process_monitor[2008]: [process_monitor] : set timer: 3600 seconds, callback: ntp_main()
Dec 1 15:28:56 xxxx user.info : [process_monitor] : successfully started
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: auth request, signal -66 (Accepted)
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: authenticated
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: assoc request, signal -66 (Accepted)
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: associated (aid 2)
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 RADIUS: starting accounting session 97F084F6EB7060DC
Dec 1 15:29:16 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 WPA: pairwise key handshake completed (RSN)
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: auth request, signal -67 (Accepted)
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: authenticated
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: assoc request, signal -66 (Accepted)
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: associated (aid 2)
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 RADIUS: starting accounting session 92FD30D34FDDB363
Dec 1 15:29:49 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 WPA: pairwise key handshake completed (RSN)
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: auth request, signal -67 (Accepted)
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: authenticated
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 MLME: assoc request, signal -66 (Accepted)
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 IEEE 802.11: associated (aid 1)
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 RADIUS: starting accounting session 7BBE316C003CAB0E
Dec 1 15:31:53 xxxx daemon.info hostapd: wlan0.1: STA 11:11:11:11:11:11 WPA: pairwise key handshake completed (RSN)
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 MLME: auth request, signal -63 (Accepted)
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 IEEE 802.11: authenticated
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 MLME: assoc request, signal -64 (Accepted)
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 IEEE 802.11: associated (aid 2)
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 RADIUS: starting accounting session 68E49B4931DF9479
Dec 1 15:32:00 xxxx daemon.info hostapd: wlan0.1: STA 22:22:22:22:22:22 WPA: pairwise key handshake completed (RSN)
i was in both equipment wifi config (including advanced options) but there's nothing related to RADIUS option..
Is normal on the Atheros and Marvel routers.
No matter what you set the message appears even with a standard configuration without RADIUS server
oh, ok! one less problem.. tomorrow i'll test it again for several hours to see if the 802.1x enabling was the reason for disconnections and super slow access...
Joined: 18 Oct 2015 Posts: 35 Location: Sioux Falls SD
Posted: Mon Dec 06, 2021 0:53 Post subject:
besteiro wrote:
hey!
about the reset after upgrade i really don't mind of reconfiguring the router from base (i don't use much of the services).. the only thing is about the MAC filter white list.. is there a way to "import" / "export" this from my current config to a new (reset) one?
From the CLI you can get/set the MAC filter list. For example if you're filtering on wlan1 you could use commands like this:
Code:
nvram get wlan1_maclist
nvram set wlan1_maclist="AA:BB:CC:DD:EE:FF AA:BB:CC:DD:EE:F1 AA:BB:CC:DD:EE:F2"
hey!
about the reset after upgrade i really don't mind of reconfiguring the router from base (i don't use much of the services).. the only thing is about the MAC filter white list.. is there a way to "import" / "export" this from my current config to a new (reset) one?
From the CLI you can get/set the MAC filter list. For example if you're filtering on wlan1 you could use commands like this:
Code:
nvram get wlan1_maclist
nvram set wlan1_maclist="AA:BB:CC:DD:EE:FF AA:BB:CC:DD:EE:F1 AA:BB:CC:DD:EE:F2"
thank you! i'll do that.. i usually do a backup in current installed build and do the firmware updates without resetting (and i guess i shouldn't backup from previous builds).. this is very useful!
@kernel-panic69 (and other developers/maintainers), i think those settings significantly improved the router operation..
i guess i'll stick in this build for now... thanks!
Joined: 08 May 2018 Posts: 14221 Location: Texas, USA
Posted: Mon Dec 06, 2021 17:27 Post subject:
ho1Aetoo wrote:
Is normal on the Atheros and Marvel routers.
No matter what you set the message appears even with a standard configuration without RADIUS server
Routers, yes. APs, no. TL-WA* devices generally don't have that log message. Probably due to a difference in which hostapd tree is included in the firmware _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net